| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Nov 2018 06:55:29 -0800
From: Andy Lutomirski <luto@...nel.org>
To: "Dmitry V. Levin" <ldv@...linux.org>
Cc: Andrew Lutomirski <luto@...nel.org>,
Elvira Khabirova <lineprinter@...linux.org>,
Kees Cook <keescook@...omium.org>,
Sasha Levin <sasha.levin@...cle.com>,
Linux API <linux-api@...r.kernel.org>,
Jann Horn <jannh@...gle.com>, Oleg Nesterov <oleg@...hat.com>,
Steven Rostedt <rostedt@...dmis.org>,
Ingo Molnar <mingo@...hat.com>,
LKML <linux-kernel@...r.kernel.org>,
Eugene Syromiatnikov <esyr@...hat.com>,
strace-devel@...ts.strace.io
Subject: Re: [RFC PATCH v2] ptrace: add PTRACE_GET_SYSCALL_INFO request
On Wed, Nov 21, 2018 at 3:56 PM Dmitry V. Levin <ldv@...linux.org> wrote:
>
> On Wed, Nov 21, 2018 at 02:56:57PM -0800, Andy Lutomirski wrote:
> > Please cc linux-api@...r.kernel.org for future versions.
> >
> > On Wed, Nov 21, 2018 at 7:58 AM Elvira Khabirova wrote:
> > >
> > > struct ptrace_syscall_info {
> > > __u8 op; /* 0 for entry, 1 for exit */
> >
> > Can you add proper defines, like:
> >
> > #define PTRACE_SYSCALL_ENTRY 0
> > #define PTRACE_SYSCALL_EXIT 1
> > #define PTRACE_SYSCALL_SECCOMP 2
> >
> > and make seccomp work from the start? I'd rather we don't merge an
> > implementation that doesn't work for seccomp and then have to rework
> > it later.
>
> What's the difference between PTRACE_EVENT_SECCOMP and syscall-entry-stop
> with regards to PTRACE_GET_SYSCALL_INFO request? At least they have the
> same entry_info to return.
I'm not sure there's any material difference.
>
> As long as implementation (ab)uses ptrace_message to tell one kind of stop
> from another, it can distinguish syscall-entry-stop and syscall-exit-stop
> from each other and from many other kinds of stops, but it cannot
> distinguish PTRACE_EVENT_SECCOMP from e.g. PTRACE_EVENT_EXIT.
Hmm. PTRACE_GET_SYSCALL_INFO should fail for PTRACE_EVENT_EXIT, I think.
>
> > > __u8 __pad0[7];
> > > union {
> > > struct {
> > > __s32 nr;
> >
> > __u64 please. Syscall numbers are, as a practical matter, 64 bits.
> > Admittedly, the actual effects of setting the high bits are unclear,
> > and seccomp has issues with it, but let's not perpetuate the problem.
>
> I agree. Although the implementation uses syscall_get_nr()
> which returns int, this could potentially be fixed in the future.
Agreed. Although if we ever start using those high bits, things will
get confusing.
>
> > > __u32 arch;
> > > __u64 instruction_pointer;
> > > __u64 args[6];
> > > } entry_info;
> > > struct {
> > > __s64 rval;
> > > __u8 is_error;
> > > __u8 __pad1[7];
> > > } exit_info;
> > > };
> > > };
> >
> > Should seccomp events use entry_info or should they just literally
> > supply seccomp_data?
>
> It certainly can use entry_info.
> I'd prefer to avoid using in uapi/linux/ptrace.h those types
> that are defined in uapi/linux/seccomp.h.
Makes sense to me. Also, it's possible in principle to extend
seccomp_data with other fields that are only generated if they're
read, so passing struct seccomp_data to userspace as a struct may be
the wrong thing to do.
Powered by blists - more mailing lists