lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 23 Dec 2020 21:38:06 -0700
From:   Tycho Andersen <tycho@...ho.pizza>
To:     Palmer Dabbelt <palmer@...belt.com>
Cc:     Christoph Hellwig <hch@...radead.org>, schwab@...e.de,
        david.abdurachmanov@...ive.com, linux-riscv@...ts.infradead.org,
        linux-kernel@...r.kernel.org,
        Paul Walmsley <paul.walmsley@...ive.com>
Subject: Re: [PATCH] riscv: return -ENOSYS for syscall -1

On Wed, Dec 23, 2020 at 06:54:43PM -0800, Palmer Dabbelt wrote:
> On Wed, 23 Dec 2020 00:24:04 PST (-0800), Christoph Hellwig wrote:
> > On Tue, Dec 22, 2020 at 09:22:19AM -0700, Tycho Andersen wrote:
> > > On Mon, Dec 21, 2020 at 11:52:00PM +0100, Andreas Schwab wrote:
> > > > Properly return -ENOSYS for syscall -1 instead of leaving the return value
> > > > uninitialized.  This fixes the strace teststuite.
> > > >
> > > > Fixes: 5340627e3fe0 ("riscv: add support for SECCOMP and SECCOMP_FILTER")
> > > > Signed-off-by: Andreas Schwab <schwab@...e.de>
> > > > ---
> > > >  arch/riscv/kernel/entry.S | 9 +--------
> > > >  1 file changed, 1 insertion(+), 8 deletions(-)
> > > >
> > > > diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S
> > > > index 524d918f3601..d07763001eb0 100644
> > > > --- a/arch/riscv/kernel/entry.S
> > > > +++ b/arch/riscv/kernel/entry.S
> > > > @@ -186,14 +186,7 @@ check_syscall_nr:
> > > >  	 * Syscall number held in a7.
> > > >  	 * If syscall number is above allowed value, redirect to ni_syscall.
> > > >  	 */
> > > > -	bge a7, t0, 1f
> > > > -	/*
> > > > -	 * Check if syscall is rejected by tracer, i.e., a7 == -1.
> > > > -	 * If yes, we pretend it was executed.
> > > > -	 */
> > > > -	li t1, -1
> > > > -	beq a7, t1, ret_from_syscall_rejected
> > > > -	blt a7, t1, 1f
> > > > +	bgeu a7, t0, 1f
> > > 
> > > IIUC, this is all dead code anyway for the path where seccomp actually
> > > rejects the syscall, since it should do the rejection directly in
> > > handle_syscall_trace_enter(), which is called above this hunk. So it
> > > seems good to me.
> > 
> > That change really needs to be documented in the commit log, or even
> > better split into a separate patch (still documented of course!).
> 
> Unless I'm missing something, this is already how it works already?

Yes, agreed. My musing was mostly just that this is dead code that
probably should have been in removed in af33d2433b03 ("riscv: fix
seccomp reject syscall code path"), but was overlooked. Maybe this
could use a Fixes: tag for that too.

Tycho

Powered by blists - more mailing lists