lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <ZzfB2LfsD0ATjLMv@aurel32.net>
Date: Fri, 15 Nov 2024 22:49:12 +0100
From: Aurelien Jarno <aurelien@...el32.net>
To: Björn Töpel <bjorn@...nel.org>
Cc: Thomas Gleixner <tglx@...utronix.de>,
	Celeste Liu <coelacanthushex@...il.com>,
	Celeste Liu via B4 Relay <devnull+CoelacanthusHex.gmail.com@...nel.org>,
	Paul Walmsley <paul.walmsley@...ive.com>,
	Palmer Dabbelt <palmer@...belt.com>,
	Albert Ou <aou@...s.berkeley.edu>,
	Björn Töpel <bjorn@...osinc.com>,
	Palmer Dabbelt <palmer@...osinc.com>,
	Alexandre Ghiti <alex@...ti.fr>, "Dmitry V. Levin" <ldv@...ace.io>,
	Andrea Bolognani <abologna@...hat.com>,
	Felix Yan <felixonmars@...hlinux.org>,
	Ruizhe Pan <c141028@...il.com>,
	Shiqi Zhang <shiqi@...c.iscas.ac.cn>, Guo Ren <guoren@...nel.org>,
	Yao Zi <ziyao@...root.org>, Han Gao <gaohan@...as.ac.cn>,
	linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH] riscv/entry: get correct syscall number from
 syscall_get_nr()

On 2024-10-28 02:45, Björn Töpel wrote:
> Thanks for helping out to dissect this! Much appreciated!
> 
> Thomas Gleixner <tglx@...utronix.de> writes:
> 
> > Let me look at your failure analysis from your first reply:
> >
> >>  1. strace "tracing": Requires that regs->a0 is not tampered with prior
> >>     ptrace notification
> >> 
> >>     E.g.:
> >>     | # ./strace /
> >>     | execve("/", ["/"], 0x7ffffaac3890 /* 21 vars */) = -1 EACCES (Permission denied)
> >>     | ./strace: exec: Permission denied
> >>     | +++ exited with 1 +++
> >>     | # ./disable_ptrace_get_syscall_info ./strace /
> >>     | execve(0xffffffffffffffda, ["/"], 0x7fffd893ce10 /* 21 vars */) = -1 EACCES (Permission denied)
> >>     | ./strace: exec: Permission denied
> >>     | +++ exited with 1 +++
> >> 
> >>     In the second case, arg0 is prematurely set to -ENOSYS
> >>     (0xffffffffffffffda).
> >
> > That's expected if ptrace_get_syscall_info() is not used. Plain dumping
> > registers will give you the current value on all architectures.
> > ptrace_get_syscall_info() exist exactly for that reason.
> 
> Noted! So this shouldn't be considered as a regression. IOW, the
> existing upstream code is OK for this scenario.

Not however that it breaks some programs, for instance I arrived on this
thread by debugging python-ptrace. I'll try to look at adding support
for ptrace_get_syscall_info(), but I am afraid we will find more broken
programs.

Regards
Aurelien

[1] https://buildd.debian.org/status/fetch.php?pkg=python-ptrace&arch=riscv64&ver=0.9.9-0.1%2Bb2&stamp=1731547088&raw=0

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@...el32.net                     http://aurel32.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ