lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250129141513.GA21809@strace.io>
Date: Wed, 29 Jan 2025 16:15:14 +0200
From: "Dmitry V. Levin" <ldv@...ace.io>
To: Nicholas Piggin <npiggin@...il.com>
Cc: Oleg Nesterov <oleg@...hat.com>,
	Eugene Syromyatnikov <evgsyr@...il.com>,
	Mike Frysinger <vapier@...too.org>,
	Renzo Davoli <renzo@...unibo.it>,
	Davide Berardi <berardi.dav@...il.com>,
	strace-devel@...ts.strace.io,
	Madhavan Srinivasan <maddy@...ux.ibm.com>,
	Christophe Leroy <christophe.leroy@...roup.eu>,
	linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH 0/2] powerpc: change syscall error return scheme

Hi,

On Wed, Jan 29, 2025 at 11:21:41PM +1000, Nicholas Piggin wrote:
> Hi,
> 
> I've been toying with the seccomp vs syscall return value problems, and
> wonder if something like this approach could give us a simpler alternative.
> Basically all the core code uses -errno return value, then we convert it
> to the powerpc convention at the last minute when returning.
> 
> This seems to pass the seccomp_bpf test cases when applied with the set
> syscall info ptrace patches
> 
> https://lore.kernel.org/lkml/20250113171054.GA589@strace.io/
> 
> With patch 1 of that series reverted.
> 
> One concern is working out exact details of what tracers can see and
> trying to ensure it doesn't break some corner case.

Does the strace test suite also pass with your changes?
My bet is it doesn't pass because do_syscall_trace_leave() is called
with a different state of struct pt_regs.

As I wrote yesterday, the traditional powerpc sc syscall return ABI is
exposed to user space not just when returning to user space, but, besides
that, at syscall exit tracepoint (trace_sys_exit), ptrace syscall exit
stop (ptrace_report_syscall_exit), and PTRACE_EVENT_SECCOMP stop
(__secure_computing).

There could be other points where this is exposed.  For example, on many
architectures the tracer can specify syscall error return value also at
ptrace syscall entry stop (ptrace_report_syscall_entry), but powerpc does
not implement this.


-- 
ldv

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ