[PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Pi-Hsun Shih]

For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
-ENOSYS instead of raising SIGILL. Mirror this behavior for compat
syscalls in arm64.

Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
syscalls")
Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
---
 arch/arm64/kernel/syscall.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
index 8f3371415642ad..95fd8c7ec8a171 100644
--- a/arch/arm64/kernel/syscall.c
+++ b/arch/arm64/kernel/syscall.c
@@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
 {
 #ifdef CONFIG_COMPAT
 	long ret;
-	if (is_compat_task()) {
+	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
 		ret = compat_arm_syscall(regs);
 		if (ret != -ENOSYS)
 			return ret;
-- 
2.20.1.415.g653613c723-goog

[PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Pi-Hsun Shih]

For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
-ENOSYS instead of raising SIGILL. Mirror this behavior for compat
syscalls in arm64.

Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
syscalls")
Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
---
 arch/arm64/kernel/syscall.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
index 8f3371415642ad..95fd8c7ec8a171 100644
--- a/arch/arm64/kernel/syscall.c
+++ b/arch/arm64/kernel/syscall.c
@@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
 {
 #ifdef CONFIG_COMPAT
 	long ret;
-	if (is_compat_task()) {
+	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
 		ret = compat_arm_syscall(regs);
 		if (ret != -ENOSYS)
 			return ret;
-- 
2.20.1.415.g653613c723-goog


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Dave Martin]

On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> syscalls in arm64.
> 
> Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> syscalls")
> Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> ---
>  arch/arm64/kernel/syscall.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> index 8f3371415642ad..95fd8c7ec8a171 100644
> --- a/arch/arm64/kernel/syscall.c
> +++ b/arch/arm64/kernel/syscall.c
> @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
>  {
>  #ifdef CONFIG_COMPAT
>  	long ret;
> -	if (is_compat_task()) {
> +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {

compat_arm_syscall() ignores all bits r7 except for bits [15:0].

So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
also match in this code I've misunderstood something.)

The gating check in arch/arm/kernel/trapc.s:arm_syscall() is

	if ((no >> 16) != (__ARM_NR_BASE>> 16))

I would expect that arm64 needs a similar check somewhere.  Is the check
already present?  I may have missed it.


Cheers
---Dave

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Dave Martin]

On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> syscalls in arm64.
> 
> Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> syscalls")
> Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> ---
>  arch/arm64/kernel/syscall.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> index 8f3371415642ad..95fd8c7ec8a171 100644
> --- a/arch/arm64/kernel/syscall.c
> +++ b/arch/arm64/kernel/syscall.c
> @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
>  {
>  #ifdef CONFIG_COMPAT
>  	long ret;
> -	if (is_compat_task()) {
> +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {

compat_arm_syscall() ignores all bits r7 except for bits [15:0].

So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
also match in this code I've misunderstood something.)

The gating check in arch/arm/kernel/trapc.s:arm_syscall() is

	if ((no >> 16) != (__ARM_NR_BASE>> 16))

I would expect that arm64 needs a similar check somewhere.  Is the check
already present?  I may have missed it.


Cheers
---Dave

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Will Deacon]

On Thu, Jan 03, 2019 at 11:50:12AM +0000, Dave Martin wrote:
> On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> > For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> > instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> > -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> > syscalls in arm64.
> > 
> > Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> > syscalls")
> > Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> > ---
> >  arch/arm64/kernel/syscall.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> > index 8f3371415642ad..95fd8c7ec8a171 100644
> > --- a/arch/arm64/kernel/syscall.c
> > +++ b/arch/arm64/kernel/syscall.c
> > @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
> >  {
> >  #ifdef CONFIG_COMPAT
> >  	long ret;
> > -	if (is_compat_task()) {
> > +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
> 
> compat_arm_syscall() ignores all bits r7 except for bits [15:0].
> 
> So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
> same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
> also match in this code I've misunderstood something.)
> 
> The gating check in arch/arm/kernel/trapc.s:arm_syscall() is
> 
> 	if ((no >> 16) != (__ARM_NR_BASE>> 16))
> 
> I would expect that arm64 needs a similar check somewhere.  Is the check
> already present?  I may have missed it.

When not using OABI, __ARM_NR_BASE is zero, so I think the 32-bit semantics
for non-OABI are:

	0       - 399		: Invoke syscall via syscall table
	400     - 0xeffff	: -ENOSYS (to be allocated in future)
	0xf0000 - 0xfffff	: Private syscall or -ENOSYS if not allocated
	> 0xfffff		: SIGILL

so for arm64 compat, we need to do the following:

	1. Ensure we only SIGILL for that last region
	2. Don't pull the syscall number directly from pt_regs, since it
	   may have been changed by a tracer
	3. Hook up compat_sys_io_pgetevents

Patches incoming...

Will

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Will Deacon]

On Thu, Jan 03, 2019 at 11:50:12AM +0000, Dave Martin wrote:
> On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> > For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> > instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> > -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> > syscalls in arm64.
> > 
> > Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> > syscalls")
> > Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> > ---
> >  arch/arm64/kernel/syscall.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> > index 8f3371415642ad..95fd8c7ec8a171 100644
> > --- a/arch/arm64/kernel/syscall.c
> > +++ b/arch/arm64/kernel/syscall.c
> > @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
> >  {
> >  #ifdef CONFIG_COMPAT
> >  	long ret;
> > -	if (is_compat_task()) {
> > +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
> 
> compat_arm_syscall() ignores all bits r7 except for bits [15:0].
> 
> So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
> same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
> also match in this code I've misunderstood something.)
> 
> The gating check in arch/arm/kernel/trapc.s:arm_syscall() is
> 
> 	if ((no >> 16) != (__ARM_NR_BASE>> 16))
> 
> I would expect that arm64 needs a similar check somewhere.  Is the check
> already present?  I may have missed it.

When not using OABI, __ARM_NR_BASE is zero, so I think the 32-bit semantics
for non-OABI are:

	0       - 399		: Invoke syscall via syscall table
	400     - 0xeffff	: -ENOSYS (to be allocated in future)
	0xf0000 - 0xfffff	: Private syscall or -ENOSYS if not allocated
	> 0xfffff		: SIGILL

so for arm64 compat, we need to do the following:

	1. Ensure we only SIGILL for that last region
	2. Don't pull the syscall number directly from pt_regs, since it
	   may have been changed by a tracer
	3. Hook up compat_sys_io_pgetevents

Patches incoming...

Will

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Will Deacon]

On Thu, Jan 03, 2019 at 04:51:44PM +0000, Will Deacon wrote:
> On Thu, Jan 03, 2019 at 11:50:12AM +0000, Dave Martin wrote:
> > On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> > > For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> > > instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> > > -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> > > syscalls in arm64.
> > > 
> > > Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> > > syscalls")
> > > Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> > > ---
> > >  arch/arm64/kernel/syscall.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> > > index 8f3371415642ad..95fd8c7ec8a171 100644
> > > --- a/arch/arm64/kernel/syscall.c
> > > +++ b/arch/arm64/kernel/syscall.c
> > > @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
> > >  {
> > >  #ifdef CONFIG_COMPAT
> > >  	long ret;
> > > -	if (is_compat_task()) {
> > > +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
> > 
> > compat_arm_syscall() ignores all bits r7 except for bits [15:0].
> > 
> > So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
> > same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
> > also match in this code I've misunderstood something.)
> > 
> > The gating check in arch/arm/kernel/trapc.s:arm_syscall() is
> > 
> > 	if ((no >> 16) != (__ARM_NR_BASE>> 16))
> > 
> > I would expect that arm64 needs a similar check somewhere.  Is the check
> > already present?  I may have missed it.
> 
> When not using OABI, __ARM_NR_BASE is zero, so I think the 32-bit semantics
> for non-OABI are:
> 
> 	0       - 399		: Invoke syscall via syscall table
> 	400     - 0xeffff	: -ENOSYS (to be allocated in future)
> 	0xf0000 - 0xfffff	: Private syscall or -ENOSYS if not allocated
> 	> 0xfffff		: SIGILL

Bah, 0xfffff should be 0xf07ff in the last two lines here.

Will

Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

[Will Deacon]

On Thu, Jan 03, 2019 at 04:51:44PM +0000, Will Deacon wrote:
> On Thu, Jan 03, 2019 at 11:50:12AM +0000, Dave Martin wrote:
> > On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> > > For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> > > instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> > > -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> > > syscalls in arm64.
> > > 
> > > Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> > > syscalls")
> > > Signed-off-by: Pi-Hsun Shih <pihsun@chromium.org>
> > > ---
> > >  arch/arm64/kernel/syscall.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> > > index 8f3371415642ad..95fd8c7ec8a171 100644
> > > --- a/arch/arm64/kernel/syscall.c
> > > +++ b/arch/arm64/kernel/syscall.c
> > > @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
> > >  {
> > >  #ifdef CONFIG_COMPAT
> > >  	long ret;
> > > -	if (is_compat_task()) {
> > > +	if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
> > 
> > compat_arm_syscall() ignores all bits r7 except for bits [15:0].
> > 
> > So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
> > same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
> > also match in this code I've misunderstood something.)
> > 
> > The gating check in arch/arm/kernel/trapc.s:arm_syscall() is
> > 
> > 	if ((no >> 16) != (__ARM_NR_BASE>> 16))
> > 
> > I would expect that arm64 needs a similar check somewhere.  Is the check
> > already present?  I may have missed it.
> 
> When not using OABI, __ARM_NR_BASE is zero, so I think the 32-bit semantics
> for non-OABI are:
> 
> 	0       - 399		: Invoke syscall via syscall table
> 	400     - 0xeffff	: -ENOSYS (to be allocated in future)
> 	0xf0000 - 0xfffff	: Private syscall or -ENOSYS if not allocated
> 	> 0xfffff		: SIGILL

Bah, 0xfffff should be 0xf07ff in the last two lines here.

Will

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel