From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
To: Michael Schmitz <schmitzmic@gmail.com>, geert@linux-m68k.org
Cc: linux-m68k@vger.kernel.org, schwab@linux-m68k.org,
Greg Ungerer <gerg@linux-m68k.org>
Subject: Re: [PATCH] m68k/kernel - wire up syscall_trace_enter/leave for m68k
Date: Mon, 27 Jul 2020 23:09:09 +0200 [thread overview]
Message-ID: <a02bfdb3-95d4-4375-e069-186a95be3921@physik.fu-berlin.de> (raw)
In-Reply-To: <5d98d276-c867-7f9b-f5b5-048e5e70ee3c@gmail.com>
On 7/27/20 10:48 PM, Michael Schmitz wrote:
> On 27/07/20 10:03 PM, John Paul Adrian Glaubitz wrote:
>> Hi Michael!
>>
>> On 7/27/20 6:19 AM, Michael Schmitz wrote:
>>> m68k (other than Coldfire) uses syscall_trace for both trace entry
>>> and trace exit. Seccomp support requires separate entry points for
>>> trace entry and exit which are already provided for Coldfire.
>>>
>>> Replace syscall_trace by syscall_trace_enter and syscall_trace_leave
>>> in preparation for seccomp support. Check return code of
>>> syscall_trace_enter(), and skip syscall if nonzero. Return code
>>> will be left at what had been set by by ptrace or seccomp.
>> Correct me if I'm wrong, but shouldn't the skip happen when the return
>> code is -1? At least that's what we're doing on SuperH and that seems
>> to be what other architectures are doing as well.
>
> What other non-zero return codes do you expect syscall_trace_enter() to set, and what should the action in entry.S be?
I just don't think we should do it any different than the other architectures
which explicitly compare the return value against -1, i.e. RISC-V and PA-RISC.
> (Note that according to my reading, your SH patch does not actually do what your description says. If syscall_trace_enter() returns a positive non-zero value, that value is _not_ used as changed syscall number. SH uses r3 for the syscall number, not r0).
You are right, of course. I somehow mixed that up. You're right, it checks
the return value of syscall_trace_enter and it should skip the syscall
if syscall_trace_enter returns -1.
> As far as I can see, any non-zero return code should abort the syscall, so I just test for that (for simplicity). Our use of the tracehook_report_syscall_entry() return code (directly passed back from syscall_trace_enter()) doesn't leave much choice there, see comment in include/linux/tracehook.h.
My point is to stay consistent with the other architectures.
> If later on seccomp needs any specific action, it should be easy enough to change the syscall number (offset PT_OFF_ORIG_D0 on the stack) or syscall return code (offset PT_OFF_D0). There's code in kernel/ptrace.c to do that AFAICS.
>
> Changing the behaviour of syscall_trace_enter() to match what other architectures do (return changed syscall number, not error code) is beyond the scope of this patch. I suspect the capability to change syscall numbers from ptrace code does predate the seccomp filter approach, and as m68k has never used it in the past, I don't see a point to add this now.
Yes, I agree and my previous comment in this regard was wrong.
>> Also, shouldn't that part of the change not be part of the patch that
>> adds support for SECCOMP filter like in [1]? I don't think it makes
>> sense to add the return code check unless the rest of SECCOMP filter
>> has been implemented.
>
> After replacing syscall_trace() by syscall_trace_enter() and syscall_trace_leave(), there is a return code provided by syscall_trace_enter() which we must check, hence I added the check at the same time as replacing syscall_trace() for non-Coldfire m68k.
>
> (I note that the same check should probably be added to coldfire/entry.S.)
Do we actually need to check the return value unless we implement SECCOMP_FILTER?
(Which no doubt we will do ;-)).
> I can't test any of the later seccomp related stuff, so I'd rather leave that bit to someone else who can.
I will work on the necessary changes for libseccomp this week, so that we can test
whether the libseccomp live tests pass correctly on a patched kernel.
Adrian
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer - glaubitz@debian.org
`. `' Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
next prev parent reply other threads:[~2020-07-27 21:09 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-23 10:03 syscall_trace_enter and syscall_trace_leave for m68k w/MMU John Paul Adrian Glaubitz
2020-07-23 22:56 ` Michael Schmitz
2020-07-25 1:48 ` [PATCH RFC] m68k/kernel - wire up syscall_trace_enter/leave for m68k Michael Schmitz
2020-07-26 1:28 ` [PATCH RFC v2] " Michael Schmitz
2020-07-27 4:19 ` [PATCH] " Michael Schmitz
2020-07-27 10:03 ` John Paul Adrian Glaubitz
2020-07-27 20:48 ` Michael Schmitz
2020-07-27 21:09 ` John Paul Adrian Glaubitz [this message]
2020-08-26 11:18 ` Geert Uytterhoeven
2020-08-26 11:50 ` John Paul Adrian Glaubitz
2020-08-26 11:23 ` Geert Uytterhoeven
2020-08-26 11:27 ` John Paul Adrian Glaubitz
2020-08-26 12:32 ` Geert Uytterhoeven
2020-08-26 12:35 ` John Paul Adrian Glaubitz
2020-08-26 12:38 ` Geert Uytterhoeven
2020-08-26 12:42 ` John Paul Adrian Glaubitz
2020-08-26 14:22 ` Geert Uytterhoeven
2020-08-27 0:08 ` Michael Schmitz
2020-08-27 9:19 ` Geert Uytterhoeven
2020-08-27 19:29 ` Michael Schmitz
2020-08-28 8:58 ` Geert Uytterhoeven
2021-06-14 22:11 ` Michael Schmitz
2021-06-14 23:04 ` John Paul Adrian Glaubitz
2021-06-14 23:14 ` Michael Schmitz
2021-06-15 7:51 ` Geert Uytterhoeven
2021-06-15 20:32 ` Michael Schmitz
2021-06-16 0:27 ` Michael Schmitz
2020-08-05 12:23 ` syscall_trace_enter and syscall_trace_leave for m68k w/MMU Greg Ungerer
2020-08-05 12:36 ` John Paul Adrian Glaubitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a02bfdb3-95d4-4375-e069-186a95be3921@physik.fu-berlin.de \
--to=glaubitz@physik.fu-berlin.de \
--cc=geert@linux-m68k.org \
--cc=gerg@linux-m68k.org \
--cc=linux-m68k@vger.kernel.org \
--cc=schmitzmic@gmail.com \
--cc=schwab@linux-m68k.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).