All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andy Lutomirski <luto@amacapital.net>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Denys Vlasenko <dvlasenk@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
	Jan Kratochvil <jan.kratochvil@redhat.com>,
	Pedro Alves <palves@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>, X86 ML <x86@kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 1/1] get_nr_restart_syscall() should return __NR_ia32_restart_syscall if __USER32_CS
Date: Tue, 28 Mar 2017 10:10:30 -0700	[thread overview]
Message-ID: <CALCETrX=LNAAV115kn+QbTH73VFa7tH10yOH332t5WPNWEu+pQ@mail.gmail.com> (raw)
In-Reply-To: <20170328162736.GA3983@redhat.com>

On Tue, Mar 28, 2017 at 9:27 AM, Oleg Nesterov <oleg@redhat.com> wrote:
> On 03/28, Andy Lutomirski wrote:
>>
>> On Tue, Mar 28, 2017 at 7:54 AM, Oleg Nesterov <oleg@redhat.com> wrote:
>> > get_nr_restart_syscall() checks TS_I386_REGS_POKED but this bit is only
>> > set if debugger is 32-bit. If a 64-bit debugger restores the registers
>> > of a 32-bit debugee outside of syscall exit path get_nr_restart_syscall()
>> > wrongly returns __NR_restart_syscall.
>>
>> I had sent a patch that introduced a new syscall nr, but it's not
>> quite safe because it could break seccomp-using programs.
>
> Ah, indeed...

This is, in theory, solvable.  It would be ugly and would pollute seccomp a bit.

>
>> But your
>> patch here is also screwy.
>
> Yes, yes, it doesn't try to solve all possible problems, I even mentioned
> this in the changelog.
>
>> How about we store the syscall arch to be restored in task_struct
>> along with restart_block?
>
> Yes, perhaps we will have to finally do this. Not really nice too.
>
>> the way there without heuristics as nasty as yours.
>
> I agree it will be better, but I refuse to treat them as mine checks ;)

:)

>
>> P.S. __USER32_CS is the wrong check even if we used your approach.
>> user_64bit_regs() is much better.
>
> Yes, thanks.  If only I understood what cs == pv_info.extra_user_64bit_cs
> actually means...
>

It means that, if Linux is a Xen PV guest, the GDT contains a bunch of
entries supplied by Xen and outside of Linux's control, and one of
those entries is a 64-bit DPL=3 code segment.  On the one hand, it's
annoying.  On the other hand, it serves a real purpose
performance-wise.

--Andy

  reply	other threads:[~2017-03-28 17:10 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-28 14:54 [PATCH 0/1] get_nr_restart_syscall() should return __NR_ia32_restart_syscall if __USER32_CS Oleg Nesterov
2017-03-28 14:54 ` [PATCH 1/1] " Oleg Nesterov
2017-03-28 15:03   ` Andy Lutomirski
2017-03-28 16:27     ` Oleg Nesterov
2017-03-28 17:10       ` Andy Lutomirski [this message]
2017-03-29 15:05       ` Oleg Nesterov
2017-03-29 16:59         ` Andy Lutomirski
2017-03-30 15:28           ` Oleg Nesterov
2017-03-30 18:36             ` Andy Lutomirski
2017-03-29 16:33 ` syscall_get_error() && TS_ checks Oleg Nesterov
2017-03-29 16:45   ` Linus Torvalds
2017-03-29 16:55     ` Oleg Nesterov
2017-03-29 16:59       ` Linus Torvalds
2017-03-29 17:04         ` Oleg Nesterov
2017-03-29 17:16           ` Linus Torvalds
2017-03-29 18:50             ` Oleg Nesterov
2017-03-29 18:56               ` Linus Torvalds
2017-03-30 13:51                 ` Oleg Nesterov
2017-03-30 15:49                   ` Oleg Nesterov
2017-03-30 17:46                     ` Linus Torvalds
2017-03-30 18:23                       ` Andy Lutomirski
2017-03-30 18:35                         ` Linus Torvalds
2017-03-30 18:59                           ` Andy Lutomirski
2017-03-30 19:11                             ` Linus Torvalds
2017-03-30 19:21                               ` Andy Lutomirski
2017-03-30 19:29                                 ` Linus Torvalds
2017-03-29 16:56     ` Andy Lutomirski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALCETrX=LNAAV115kn+QbTH73VFa7tH10yOH332t5WPNWEu+pQ@mail.gmail.com' \
    --to=luto@amacapital.net \
    --cc=akpm@linux-foundation.org \
    --cc=dvlasenk@redhat.com \
    --cc=hpa@zytor.com \
    --cc=jan.kratochvil@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=oleg@redhat.com \
    --cc=palves@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.