lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <37a22693-e33c-f64a-e3d7-febed8e9f195@gmail.com>
Date:   Thu, 13 Jul 2023 23:28:06 +0800
From:   Celeste Liu <coelacanthushex@...il.com>
To:     Guo Ren <guoren@...nel.org>
Cc:     Palmer Dabbelt <palmer@...osinc.com>,
        Paul Walmsley <paul.walmsley@...ive.com>,
        Albert Ou <aou@...s.berkeley.edu>,
        Björn Töpel <bjorn@...osinc.com>,
        Conor Dooley <conor.dooley@...rochip.com>,
        linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Felix Yan <felixonmars@...hlinux.org>,
        Ruizhe Pan <c141028@...il.com>,
        Shiqi Zhang <shiqi@...c.iscas.ac.cn>
Subject: Re: [PATCH] riscv: entry: set a0 prior to syscall_handler


On 2023/7/13 08:00, Guo Ren wrote:
> On Tue, Jul 11, 2023 at 2:22 AM Celeste Liu <coelacanthushex@...il.com> wrote:
>>
>> When we test seccomp with 6.4 kernel, we found errno has wrong value.
>> If we deny NETLINK_AUDIT with EAFNOSUPPORT, after f0bddf50586d, we will
>> get ENOSYS. We got same result with 9c2598d43510 ("riscv: entry: Save a0
>> prior syscall_enter_from_user_mode()").
>>
>> Compared with x86 and loongarch's implementation of this part of the
>> function, we think that regs->a0 = -ENOSYS should be advanced before
>> syscall_handler to fix this problem. We have written the following patch,
>> which can fix this problem after testing. But we don't know enough about
>> this part of the code to explain the root cause. Hope someone can find
>> a reasonable explanation. And we'd like to reword this commit message
>> according to the explanation in v2
>>
>> Fixes: f0bddf50586d ("riscv: entry: Convert to generic entry")
>> Reported-by: Felix Yan <felixonmars@...hlinux.org>
>> Co-developed-by: Ruizhe Pan <c141028@...il.com>
>> Signed-off-by: Ruizhe Pan <c141028@...il.com>
>> Co-developed-by: Shiqi Zhang <shiqi@...c.iscas.ac.cn>
>> Signed-off-by: Shiqi Zhang <shiqi@...c.iscas.ac.cn>
>> Signed-off-by: Celeste Liu <CoelacanthusHex@...il.com>
>> Tested-by: Felix Yan <felixonmars@...hlinux.org>
>> ---
>>  arch/riscv/kernel/traps.c | 3 +--
>>  1 file changed, 1 insertion(+), 2 deletions(-)
>>
>> diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
>> index f910dfccbf5d2..ccadb5ffd063c 100644
>> --- a/arch/riscv/kernel/traps.c
>> +++ b/arch/riscv/kernel/traps.c
>> @@ -301,6 +301,7 @@ asmlinkage __visible __trap_section void do_trap_ecall_u(struct pt_regs *regs)
>>
>>                 regs->epc += 4;
>>                 regs->orig_a0 = regs->a0;
>> +               regs->a0 = -ENOSYS;
> Oh, no. You destroyed the a0 for syscall_handler, right? It's not
> reasonable. Let's see which syscall_handler needs a0=-ENOSYS.

syscall_handler always use orig_a0, not a0.
And I have a mistake in original email, corret one is
syscall_enter_from_user_mode not syscall_handler.

> Could you give out more detail on your test case?
> 
>>
>>                 riscv_v_vstate_discard(regs);
>>
>> @@ -308,8 +309,6 @@ asmlinkage __visible __trap_section void do_trap_ecall_u(struct pt_regs *regs)
>>
>>                 if (syscall < NR_syscalls)
>>                         syscall_handler(regs, syscall);
>> -               else
>> -                       regs->a0 = -ENOSYS;
>>
>>                 syscall_exit_to_user_mode(regs);
>>         } else {
>> --
>> 2.41.0
>>
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ