| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ba8450ad-e5ab-4b4f-868f-9b0da274f406@arm.com>
Date: Tue, 18 Nov 2025 18:12:05 +0100
From: Kevin Brodsky <kevin.brodsky@....com>
To: Jinjie Ruan <ruanjinjie@...wei.com>, catalin.marinas@....com,
will@...nel.org, oleg@...hat.com, tglx@...utronix.de, peterz@...radead.org,
luto@...nel.org, shuah@...nel.org, kees@...nel.org, wad@...omium.org,
akpm@...ux-foundation.org, ldv@...ace.io, macro@...am.me.uk, deller@....de,
mark.rutland@....com, song@...nel.org, mbenes@...e.cz, ryan.roberts@....com,
ada.coupriediaz@....com, anshuman.khandual@....com, broonie@...nel.org,
pengcan@...inos.cn, dvyukov@...gle.com, kmal@...k.li, lihongbo22@...wei.com,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v7 05/11] arm64/ptrace: Handle
ptrace_report_syscall_entry() error
On 17/11/2025 14:30, Jinjie Ruan wrote:
> The generic entry handle error of ptrace_report_syscall_entry(), but
> arm64 not.
This suggests that arm64 ignores the error completely, which isn't the
case: no syscall will be performed, but tracing will still occur as normal.
What this patch seems to be doing is to abort the _enter sequence if
ptrace_report_syscall_entry() errors out. The commit title and message
should be reworded accordingly.
> As the comment said, the calling arch code should abort the system
Which comment?
> call and must prevent normal entry so no system call is
> made if ptrace_report_syscall_entry() return nonzero.
This is already the case since we're calling forget_syscall().
> In preparation for moving arm64 over to the generic entry code,
> return early if ptrace_report_syscall_entry() encounters an error.
>
> Signed-off-by: Jinjie Ruan <ruanjinjie@...wei.com>
> ---
> arch/arm64/kernel/ptrace.c | 16 +++++++++++-----
> 1 file changed, 11 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c
> index 95984bbf53db..707951ad5d24 100644
> --- a/arch/arm64/kernel/ptrace.c
> +++ b/arch/arm64/kernel/ptrace.c
> @@ -2317,10 +2317,10 @@ enum ptrace_syscall_dir {
> PTRACE_SYSCALL_EXIT,
> };
>
> -static void report_syscall_enter(struct pt_regs *regs)
> +static int report_syscall_enter(struct pt_regs *regs)
> {
> - int regno;
> unsigned long saved_reg;
> + int regno, ret;
>
> /*
> * We have some ABI weirdness here in the way that we handle syscall
> @@ -2342,9 +2342,13 @@ static void report_syscall_enter(struct pt_regs *regs)
> saved_reg = regs->regs[regno];
> regs->regs[regno] = PTRACE_SYSCALL_ENTER;
>
> - if (ptrace_report_syscall_entry(regs))
> + ret = ptrace_report_syscall_entry(regs);
> + if (ret)
> forget_syscall(regs);
The generic syscall_trace_enter() doesn't do this (i.e. setting
regs->syscallno to NO_SYSCALL). Is that an oversight or do we just not
need it? In principle this does have a visible effect (e.g. via
REGSET_SYSTEM_CALL).
- Kevin
> +
> regs->regs[regno] = saved_reg;
> +
> + return ret;
> }
>
> static void report_syscall_exit(struct pt_regs *regs)
> @@ -2374,9 +2378,11 @@ static void report_syscall_exit(struct pt_regs *regs)
>
> int syscall_trace_enter(struct pt_regs *regs, long syscall, unsigned long flags)
> {
> + int ret;
> +
> if (flags & (_TIF_SYSCALL_EMU | _TIF_SYSCALL_TRACE)) {
> - report_syscall_enter(regs);
> - if (flags & _TIF_SYSCALL_EMU)
> + ret = report_syscall_enter(regs);
> + if (ret || (flags & _TIF_SYSCALL_EMU))
> return NO_SYSCALL;
> }
>
Powered by blists - more mailing lists