lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 27 Jun 2024 11:02:21 +0800
From: zhouquan@...as.ac.cn
To: linux-riscv@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	linux-kselftest@...r.kernel.org
Cc: oleg@...hat.com,
	paul.walmsley@...ive.com,
	palmer@...belt.com,
	aou@...s.berkeley.edu,
	andy.chiu@...ive.com,
	shuah@...nel.org,
	charlie@...osinc.com,
	zhouquan@...as.ac.cn
Subject: [PATCH v1 0/2] riscv: Expose orig_a0 to userspace for ptrace to set the actual a0

From: Quan Zhou <zhouquan@...as.ac.cn>

Due to the path that modifies a0 in syscall_enter_from_user_mode before the
actual execution of syscall_handler [1], the kernel currently saves a0 to
orig_a0 at the entry point of do_trap_ecall_u as an original copy of a0.
Once the syscall is interrupted and later resumed, the restarted syscall
will use orig_a0 to continue execution.

The above rules generally apply except for ptrace(PTRACE_SETREGSET,),
where the kernel will ignore the tracer's setting of tracee/a0 and
will restart with the tracee/orig_a0. For the current kernel implementation
of ptrace, projects like CRIU/Proot will encounter issues where the a0
setting becomes ineffective when performing ptrace(PTRACE_SETREGSET,).

Here is a suggested solution, expose orig_a0 to userspace so that ptrace
can choose whether to set orig_a0 based on the actual scenario. In fact,
x86/orig_eax and loongArch/orig_a0 have adopted similar solutions.

[1] link:
https://lore.kernel.org/lkml/20230403-crisping-animosity-04ed8a45c625@spud/T/

---
Changes from RFC->v1:
- Rebased on Linux 6.10-rc5.
- Updated the patch description.
- Adjust MAX_REG_OFFSET to match the new bottom of pt_regs (Charlie).
- Simplify selftest to verify if a0 can be set (Charlie).
- Fix .gitignore error (Charlie).

---
RFC link:
https://lore.kernel.org/all/cover.1718693532.git.zhouquan@iscas.ac.cn/

Quan Zhou (2):
  riscv: Expose orig_a0 in the user_regs_struct structure
  riscv: selftests: Add a ptrace test to verify syscall parameter
    modification

 arch/riscv/include/asm/ptrace.h              |   7 +-
 arch/riscv/include/uapi/asm/ptrace.h         |   2 +
 tools/testing/selftests/riscv/Makefile       |   2 +-
 tools/testing/selftests/riscv/abi/.gitignore |   1 +
 tools/testing/selftests/riscv/abi/Makefile   |  12 ++
 tools/testing/selftests/riscv/abi/ptrace.c   | 124 +++++++++++++++++++
 6 files changed, 144 insertions(+), 4 deletions(-)
 create mode 100644 tools/testing/selftests/riscv/abi/.gitignore
 create mode 100644 tools/testing/selftests/riscv/abi/Makefile
 create mode 100644 tools/testing/selftests/riscv/abi/ptrace.c


base-commit: f2661062f16b2de5d7b6a5c42a9a5c96326b8454
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ