From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932428AbbBZO0n (ORCPT <rfc822;w@1wt.eu>);
	Thu, 26 Feb 2015 09:26:43 -0500
Received: from smtp3-g21.free.fr ([212.27.42.3]:53233 "EHLO smtp3-g21.free.fr"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S932146AbbBZO0l (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 26 Feb 2015 09:26:41 -0500
Date: Thu, 26 Feb 2015 15:26:21 +0100
From: Sabrina Dubroca <sd@queasysnail.net>
To: Denys Vlasenko <vda.linux@googlemail.com>
Cc: Andy Lutomirski <luto@amacapital.net>,
        Denys Vlasenko <dvlasenk@redhat.com>, Andrey Wagin <avagin@gmail.com>,
        Ingo Molnar <mingo@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Oleg Nesterov <oleg@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Frederic Weisbecker <fweisbec@gmail.com>, X86 ML <x86@kernel.org>,
        Alexei Starovoitov <ast@plumgrid.com>, Will Drewry <wad@chromium.org>,
        Kees Cook <keescook@chromium.org>, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 2/3 v3] x86: entry_64.S: always allocate complete "struct
 pt_regs"
Message-ID: <20150226142621.GA10708@kria>
References: <1423778052-21038-2-git-send-email-dvlasenk@redhat.com>
 <CANaxB-zH5k1cKYMA+tOJxgLhenadJQmdtGktBE6EAUOExsqmEg@mail.gmail.com>
 <54EE1799.2000602@redhat.com>
 <CANaxB-xtTzwAw22LT1wBWD5V4yBcf5yv-YtvvOp3QtXG76hgTg@mail.gmail.com>
 <CALCETrWWHxqZo+aaDrPhJKEORMWG5Fn4-8Hq6B19yNX++GLb5g@mail.gmail.com>
 <54EE3E94.7060208@redhat.com>
 <CALCETrVFzm-nXwJSgjhLuHS6B1HT70Q0CsxybjJUmVAKALL5NA@mail.gmail.com>
 <CAK1hOcN2jjfjNArnD8Uw68GCgHCXui59M3HETYE5YaR_Apxa4A@mail.gmail.com>
 <CAK1hOcPwYYfs7aoJFdpr12j+Ed--BSUr=pu9Ba05brfeeZnyXg@mail.gmail.com>
 <CAK1hOcNBLpQ3b5qsTigX_SR4B_FjB5WzrVfXdVOwX-QtFd0sGQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAK1hOcNBLpQ3b5qsTigX_SR4B_FjB5WzrVfXdVOwX-QtFd0sGQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

2015-02-26, 14:54:33 +0100, Denys Vlasenko wrote:
> On Thu, Feb 26, 2015 at 1:11 PM, Denys Vlasenko
> <vda.linux@googlemail.com> wrote:
> > On Thu, Feb 26, 2015 at 10:55 AM, Denys Vlasenko
> > <vda.linux@googlemail.com> wrote:
> >> On Wed, Feb 25, 2015 at 10:59 PM, Andy Lutomirski <luto@amacapital.net> wrote:
> >> In addition to my previous tests, I ran my home machine with
> >> patched kernel. Unfortunately, it works for me :(
> >>
> >> Will try on yet another machine.
> >
> > And voila, it does happen on another machine :)
> >
> > I'm debugging it right now. Looks like 64-bit syscalls just stop working
> > at some point in new processes. That is, existing process is alive and well,
> > but children get SEGV after fork (most likely on any syscall64 they do,
> > not after fork per se. They eventually manage to kill themselves -
> > not trivial when exit syscall isn't working either - by tripping on HLT insn).
> >
> > 32-bit syscalls (int 80) continue to work. Fork, exec, whatever you want.
> > I have static 32-bit busybox binary and everything works there.
> >
> > Also, any 64-bit process which was under strace continues to work correctly,
> > including forks and execs.
> >
> > This points towards some bug on fast path sysret64 code. Looking for it.
> 
> audit=0 makes crashes disappear.

Ah, yes.

> I found the problem. If syscall_trace_enter_phase1 returns 0,
> I restore %rax from pt_regs->ax, but should restore it from
> pt_regs->orig_ax:
> 
>         call syscall_trace_enter_phase1
>         test %rax, %rax
>         jnz tracesys_phase2             /* if needed, run the slow path */
> -       RESTORE_C_REGS                  /* else restore clobbered regs */
> +       RESTORE_C_REGS_EXCEPT_RAX       /* else restore clobbered regs */
> +       movq ORIG_RAX-ARGOFFSET(%rsp),%rax
>         jmp system_call_fastpath        /*      and return to the fast path */

with s/-ARGOFFSET// on top of next-20150224, that works.

Thanks, Denys.

-- 
Sabrina