| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 9 Jun 2019 21:18:49 +0800
From: Leo Yan <leo.yan@...aro.org>
To: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
Cc: Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Adrian Hunter <adrian.hunter@...el.com>,
Mathieu Poirier <mathieu.poirier@...aro.org>,
Mike Leach <mike.leach@...aro.org>,
Suzuki K Poulose <suzuki.poulose@....com>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
bpf@...r.kernel.org
Subject: Re: [PATCH v2 3/4] perf augmented_raw_syscalls: Support arm64 raw
syscalls
On Fri, Jun 07, 2019 at 05:58:31PM +0800, Leo Yan wrote:
> Hi Arnaldo,
>
> On Thu, Jun 06, 2019 at 11:44:12AM -0300, Arnaldo Carvalho de Melo wrote:
> > Em Thu, Jun 06, 2019 at 10:12:31PM +0800, Leo Yan escreveu:
> > > Hi Arnaldo,
> > >
> > > On Thu, Jun 06, 2019 at 10:38:38AM -0300, Arnaldo Carvalho de Melo wrote:
> > > > Em Thu, Jun 06, 2019 at 05:48:44PM +0800, Leo Yan escreveu:
> > > > > This patch adds support for arm64 raw syscall numbers so that we can use
> > > > > it on arm64 platform.
> > > > >
> > > > > After applied this patch, we need to specify macro -D__aarch64__ or
> > > > > -D__x86_64__ in compilation option so Clang can use the corresponding
> > > > > syscall numbers for arm64 or x86_64 respectively, other architectures
> > > > > will report failure when compilation.
> > > >
> > > > So, please check what I have in my perf/core branch, I've completely
> > > > removed arch specific stuff from augmented_raw_syscalls.c.
> > > >
> > > > What is done now is use a map to specify what to copy, that same map
> > > > that is used to state which syscalls should be traced.
> > > >
> > > > It uses that tools/perf/arch/arm64/entry/syscalls/mksyscalltbl to figure
> > > > out the mapping of syscall names to ids, just like is done for x86_64
> > > > and other arches, falling back to audit-libs when that syscalltbl thing
> > > > is not present.
> > >
> > > Actually I have noticed mksyscalltbl has been enabled for arm64, and
> > > had to say your approach is much better :)
> > >
> > > Thanks for the info and I will try your patch at my side.
> >
> > That is excellent news! I'm eager to hear from you if this perf+BPF
> > integration experiment works for arm64.
>
> I tested with the lastest perf/core branch which contains the patch:
> 'perf augmented_raw_syscalls: Tell which args are filenames and how
> many bytes to copy' and got the error as below:
>
> # perf trace -e string -e /mnt/linux-kernel/linux-cs-dev/tools/perf/examples/bpf/augmented_raw_syscalls.c
> Error: Invalid syscall access, chmod, chown, creat, futimesat, lchown, link, lstat, mkdir, mknod, newfstatat, open, readlink, rename,
> rmdir, stat, statfs, symlink, truncate, unlink
> Hint: try 'perf list syscalls:sys_enter_*'
> Hint: and: 'man syscalls'
>
> So seems mksyscalltbl has not included completely for syscalls, I
> use below command to generate syscalltbl_arm64[] array and it don't
> include related entries for access, chmod, chown, etc ...
>
> You could refer the generated syscalltbl_arm64 in:
> http://paste.ubuntu.com/p/8Bj7Jkm2mP/
After digging into this issue on Arm64, below is summary info:
- arm64 uses the header include/uapi/linux/unistd.h to define system
call numbers, in this header some system calls are not defined (I
think the reason is these system calls are obsolete at the end) so the
corresponding strings are missed in the array syscalltbl_native,
for arm64 the array is defined in the file:
tools/perf/arch/arm64/include/generated/asm/syscalls.c.
On the other hand, the file tools/perf/trace/strace/groups/string
stores the required system call strings, these system call strings
are based on x86_64 platform but not for arm64, the strings mismatch
with the system call defined in the array syscalltbl_native. This
is the reason why reports the fail: "Error: Invalid syscall access,
chmod, chown, creat, futimesat, lchown, link, lstat, mkdir, mknod,
newfstatat, open, readlink, rename, rmdir, stat, statfs, symlink,
truncate, unlink".
I tried to manually remove these reported strings from
tools/perf/trace/strace/groups/string, then 'perf trace' can work
well.
But I don't know what's a good way to proceed. Seems to me, we can
create a dedicated string file
tools/perf/trace/strace/groups/uapi_string which can be used to
match with system calls definitions in include/uapi/linux/unistd.h.
If there have other more general methods, will be great.
- As a side topic, arm64 also supports aarch32 compat system call
which are defined in header arch/arm64/include/asm/unistd32.h.
For either aarch64 or aarch32 system call, both of them finally will
invoke function el0_svc_common() to handle system call [1]. But so
far we don't distinguish the system call numbers is for aarch64 or
aarch32 and always consider it's aarch64 system call.
I think we can set an extra bit (e.g. use the 16th bit in 32 bits
signed int) to indicate it's a aarch32 compat system call, but not
sure if this is general method or not.
Maybe there have existed solution in other architectures for this,
especially other platforms also should support 32 bits and 64 bits
system calls along with the architecture evoluation, so want to
inquiry firstly to avoid duplicate works.
Thanks a lot for suggestions!
Leo.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm64/kernel/syscall.c#n93
Powered by blists - more mailing lists