lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <9f6fc1db-5579-4aef-8deb-808ae83f3266@arm.com>
Date: Mon, 15 Dec 2025 16:24:31 +0100
From: Kevin Brodsky <kevin.brodsky@....com>
To: Jinjie Ruan <ruanjinjie@...wei.com>, catalin.marinas@....com,
 will@...nel.org, oleg@...hat.com, tglx@...utronix.de, peterz@...radead.org,
 luto@...nel.org, shuah@...nel.org, kees@...nel.org, wad@...omium.org,
 deller@....de, macro@...am.me.uk, charlie@...osinc.com, ldv@...ace.io,
 mark.rutland@....com, song@...nel.org, ryan.roberts@....com,
 ada.coupriediaz@....com, anshuman.khandual@....com, broonie@...nel.org,
 pengcan@...inos.cn, dvyukov@...gle.com,
 linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
 linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v9 03/16] arm64/ptrace: Return early for
 ptrace_report_syscall_entry() error

On 12/12/2025 05:00, Jinjie Ruan wrote:
> On 2025/12/9 21:46, Kevin Brodsky wrote:
>> On 04/12/2025 09:21, Jinjie Ruan wrote:
>>> The generic entry abort the syscall_trace_enter() sequence if
>>> ptrace_report_syscall_entry() errors out, but arm64 not.
>>>
>>> As the ptrace_report_syscall_entry() comment said, the calling arch code
>>> should abort the system call and must prevent normal entry so no system
>>> call is made if ptrace_report_syscall_entry() return nonzero.
>> This patch is now in the right position, which means that arm64 does
>> abort the syscall already without this patch. What we're changing here
>> is that the tracing sequence is interrupted. The comment you're
>> referring to says nothing about tracing so I'm not sure it helps to
>> refer to it.
> I think “must prevent normal entry ”means When ptrace requests
> interception, all subsequent processing, including audit and seccomp,
> should completely bypassed.

Fair enough, let's just make sure the commit message doesn't imply that
arm64 performs a syscall before this patch.

- Kevin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ