| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jan 2023 13:41:20 +0700
From: Ammar Faizi <ammarfaizi2@...weeb.org>
To: "H. Peter Anvin" <hpa@...or.com>
Cc: x86 Mailing List <x86@...nel.org>,
Dave Hansen <dave.hansen@...el.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Xin Li <xin3.li@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Cooper <Andrew.Cooper3@...rix.com>,
Brian Gerst <brgerst@...il.com>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>,
Shuah Khan <shuah@...nel.org>, Ingo Molnar <mingo@...nel.org>,
Andy Lutomirski <luto@...nel.org>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Linux Kselftest Mailing List
<linux-kselftest@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH v2 2/2] selftests/x86: sysret_rip: Add more syscall
tests with respect to `%rcx` and `%r11`
On Mon, Jan 23, 2023 at 10:16:01PM -0800, H. Peter Anvin wrote:
> On 1/23/23 18:27, Ammar Faizi wrote:
> > Test that:
> >
> > - "syscall" in a FRED system doesn't clobber %rcx and %r11.
> > - "syscall" in a non-FRED system sets %rcx=%rip and %r11=%rflags.
> >
> > Test them out with a trivial system call like __NR_getppid and friends
> > which are extremely likely to return with SYSRET on an IDT system; check
> > that it returns a nonnegative value and then save the result.
> >
>
> "Nonnegative" here should be "valid"; it is an implementation detail that
> the error value is -1.
Copy-paste error, will fix that!
> However, you are not checking that you don't get a mix of REGS_SAVED and
> REGS_SYSRET, which is a major part of the point.
Good point!
What do you think of adding this on top of patch #1?
diff --git a/tools/testing/selftests/x86/sysret_rip.c b/tools/testing/selftests/x86/sysret_rip.c
index 75c72d34dbc5840c..3da827713831acbc 100644
--- a/tools/testing/selftests/x86/sysret_rip.c
+++ b/tools/testing/selftests/x86/sysret_rip.c
@@ -47,11 +47,14 @@ static const unsigned long rcx_sentinel = 0x5ca1ab1e0b57ac1e;
static const unsigned long rflags_sentinel = 0x200a93;
enum regs_ok {
- REGS_ERROR = -1, /* Invalid register contents */
- REGS_SAVED = 0, /* Registers properly preserved */
- REGS_SYSRET = 1 /* Registers match syscall/sysret */
+ REGS_INIT_VAL = -2, /* For init value checker, never returned */
+ REGS_ERROR = -1, /* Invalid register contents */
+ REGS_SAVED = 0, /* Registers properly preserved */
+ REGS_SYSRET = 1 /* Registers match syscall/sysret */
};
+static enum regs_ok regs_ok_state = REGS_INIT_VAL;
+
/*
* Returns:
* 0 = %rcx and %r11 preserved.
@@ -86,6 +89,7 @@ static long do_syscall(long nr_syscall, unsigned long arg1, unsigned long arg2,
register unsigned long r9 asm("%r9");
register void *rsp asm("%rsp");
unsigned long rcx, rbx;
+ enum regs_ok ret;
r11 = r11_sentinel;
rcx = rcx_sentinel;
@@ -124,7 +128,14 @@ static long do_syscall(long nr_syscall, unsigned long arg1, unsigned long arg2,
* - "syscall" in a non-FRED system sets %rcx=%rip and %r11=%rflags.
*
*/
- assert(check_regs_result(r11, rcx, rbx) != REGS_ERROR);
+ ret = check_regs_result(r11, rcx, rbx);
+ assert(ret != REGS_ERROR);
+
+ if (regs_ok_state == REGS_INIT_VAL)
+ regs_ok_state = ret;
+ else
+ assert(ret == regs_ok_state);
+
return nr_syscall;
}
--
Ammar Faizi
Powered by blists - more mailing lists