| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jul 2023 23:28:06 +0800
From: Celeste Liu <coelacanthushex@...il.com>
To: Guo Ren <guoren@...nel.org>
Cc: Palmer Dabbelt <palmer@...osinc.com>,
Paul Walmsley <paul.walmsley@...ive.com>,
Albert Ou <aou@...s.berkeley.edu>,
Björn Töpel <bjorn@...osinc.com>,
Conor Dooley <conor.dooley@...rochip.com>,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
Felix Yan <felixonmars@...hlinux.org>,
Ruizhe Pan <c141028@...il.com>,
Shiqi Zhang <shiqi@...c.iscas.ac.cn>
Subject: Re: [PATCH] riscv: entry: set a0 prior to syscall_handler
On 2023/7/13 08:00, Guo Ren wrote:
> On Tue, Jul 11, 2023 at 2:22 AM Celeste Liu <coelacanthushex@...il.com> wrote:
>>
>> When we test seccomp with 6.4 kernel, we found errno has wrong value.
>> If we deny NETLINK_AUDIT with EAFNOSUPPORT, after f0bddf50586d, we will
>> get ENOSYS. We got same result with 9c2598d43510 ("riscv: entry: Save a0
>> prior syscall_enter_from_user_mode()").
>>
>> Compared with x86 and loongarch's implementation of this part of the
>> function, we think that regs->a0 = -ENOSYS should be advanced before
>> syscall_handler to fix this problem. We have written the following patch,
>> which can fix this problem after testing. But we don't know enough about
>> this part of the code to explain the root cause. Hope someone can find
>> a reasonable explanation. And we'd like to reword this commit message
>> according to the explanation in v2
>>
>> Fixes: f0bddf50586d ("riscv: entry: Convert to generic entry")
>> Reported-by: Felix Yan <felixonmars@...hlinux.org>
>> Co-developed-by: Ruizhe Pan <c141028@...il.com>
>> Signed-off-by: Ruizhe Pan <c141028@...il.com>
>> Co-developed-by: Shiqi Zhang <shiqi@...c.iscas.ac.cn>
>> Signed-off-by: Shiqi Zhang <shiqi@...c.iscas.ac.cn>
>> Signed-off-by: Celeste Liu <CoelacanthusHex@...il.com>
>> Tested-by: Felix Yan <felixonmars@...hlinux.org>
>> ---
>> arch/riscv/kernel/traps.c | 3 +--
>> 1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
>> index f910dfccbf5d2..ccadb5ffd063c 100644
>> --- a/arch/riscv/kernel/traps.c
>> +++ b/arch/riscv/kernel/traps.c
>> @@ -301,6 +301,7 @@ asmlinkage __visible __trap_section void do_trap_ecall_u(struct pt_regs *regs)
>>
>> regs->epc += 4;
>> regs->orig_a0 = regs->a0;
>> + regs->a0 = -ENOSYS;
> Oh, no. You destroyed the a0 for syscall_handler, right? It's not
> reasonable. Let's see which syscall_handler needs a0=-ENOSYS.
syscall_handler always use orig_a0, not a0.
And I have a mistake in original email, corret one is
syscall_enter_from_user_mode not syscall_handler.
> Could you give out more detail on your test case?
>
>>
>> riscv_v_vstate_discard(regs);
>>
>> @@ -308,8 +309,6 @@ asmlinkage __visible __trap_section void do_trap_ecall_u(struct pt_regs *regs)
>>
>> if (syscall < NR_syscalls)
>> syscall_handler(regs, syscall);
>> - else
>> - regs->a0 = -ENOSYS;
>>
>> syscall_exit_to_user_mode(regs);
>> } else {
>> --
>> 2.41.0
>>
>
>
Powered by blists - more mailing lists