All of lore.kernel.org
 help / color / mirror / Atom feed
From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
	Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
	Max Filippov <jcmvbkbc@gmail.com>,
	Michael Ellerman <mpe@ellerman.id.au>,
	Christian Brauner <christian@brauner.io>,
	Andy Lutomirski <luto@amacapital.net>,
	Will Drewry <wad@chromium.org>,
	linux-kselftest@vger.kernel.org, linux-mips@vger.kernel.org,
	linux-xtensa@linux-xtensa.org,
	linux-arm-kernel@lists.infradead.org,
	linuxppc-dev@lists.ozlabs.org
Subject: [PATCH 11/15] selftests/seccomp: Remove SYSCALL_NUM_RET_SHARE_REG in favor of SYSCALL_RET_SET
Date: Sat, 12 Sep 2020 04:08:16 -0700	[thread overview]
Message-ID: <20200912110820.597135-12-keescook@chromium.org> (raw)
In-Reply-To: <20200912110820.597135-1-keescook@chromium.org>

Instead of special-casing the specific case of shared registers, create
a default SYSCALL_RET_SET() macro (mirroring SYSCALL_NUM_SET()), that
writes to the SYSCALL_RET register. For architectures that can't set the
return value (for whatever reason), they can define SYSCALL_RET_SET()
without an associated SYSCALL_RET() macro. This also paves the way for
architectures that need to do special things to set the return value
(e.g. powerpc).

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 2790d9cd50f4..623953a53032 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -1753,8 +1753,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 #elif defined(__s390__)
 # define ARCH_REGS		s390_regs
 # define SYSCALL_NUM(_regs)	(_regs).gprs[2]
-# define SYSCALL_RET(_regs)	(_regs).gprs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__mips__)
 # include <asm/unistd_nr_n32.h>
 # include <asm/unistd_nr_n64.h>
@@ -1776,8 +1776,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		else					\
 			(_regs).regs[2] = _nr;		\
 	} while (0)
-# define SYSCALL_RET(_regs)	(_regs).regs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__xtensa__)
 # define ARCH_REGS		struct user_pt_regs
 # define SYSCALL_NUM(_regs)	(_regs).syscall
@@ -1804,9 +1804,26 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		SYSCALL_NUM(_regs) = (_nr);	\
 	} while (0)
 #endif
+/*
+ * Most architectures can change the syscall return value by just
+ * writing to the SYSCALL_RET register. This is the default if not
+ * defined above. If an architecture cannot set the return value
+ * (for example when the syscall and return value register is
+ * shared), report it with TH_LOG() in an arch-specific definition
+ * of SYSCALL_RET_SET() above, and leave SYSCALL_RET undefined.
+ */
+#if !defined(SYSCALL_RET) && !defined(SYSCALL_RET_SET)
+# error "One of SYSCALL_RET or SYSCALL_RET_SET is needed for this arch"
+#endif
+#ifndef SYSCALL_RET_SET
+# define SYSCALL_RET_SET(_regs, _val)		\
+	do {					\
+		SYSCALL_RET(_regs) = (_val);	\
+	} while (0)
+#endif
 
 /* When the syscall return can't be changed, stub out the tests for it. */
-#ifdef SYSCALL_NUM_RET_SHARE_REG
+#ifndef SYSCALL_RET
 # define EXPECT_SYSCALL_RETURN(val, action)	EXPECT_EQ(-1, action)
 #else
 # define EXPECT_SYSCALL_RETURN(val, action)		\
@@ -1870,11 +1887,7 @@ void change_syscall(struct __test_metadata *_metadata,
 
 	/* If syscall is skipped, change return value. */
 	if (syscall == -1)
-#ifdef SYSCALL_NUM_RET_SHARE_REG
-		TH_LOG("Can't modify syscall return on this architecture");
-#else
-		SYSCALL_RET(regs) = result;
-#endif
+		SYSCALL_RET_SET(regs, result);
 
 	/* Flush any register changes made. */
 	if (memcmp(&orig, &regs, sizeof(orig)) != 0)
-- 
2.25.1


WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
	Will Drewry <wad@chromium.org>, Kees Cook <keescook@chromium.org>,
	linux-xtensa@linux-xtensa.org, linux-mips@vger.kernel.org,
	Andy Lutomirski <luto@amacapital.net>,
	Max Filippov <jcmvbkbc@gmail.com>,
	linux-arm-kernel@lists.infradead.org,
	linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
	Christian Brauner <christian@brauner.io>
Subject: [PATCH 11/15] selftests/seccomp: Remove SYSCALL_NUM_RET_SHARE_REG in favor of SYSCALL_RET_SET
Date: Sat, 12 Sep 2020 04:08:16 -0700	[thread overview]
Message-ID: <20200912110820.597135-12-keescook@chromium.org> (raw)
In-Reply-To: <20200912110820.597135-1-keescook@chromium.org>

Instead of special-casing the specific case of shared registers, create
a default SYSCALL_RET_SET() macro (mirroring SYSCALL_NUM_SET()), that
writes to the SYSCALL_RET register. For architectures that can't set the
return value (for whatever reason), they can define SYSCALL_RET_SET()
without an associated SYSCALL_RET() macro. This also paves the way for
architectures that need to do special things to set the return value
(e.g. powerpc).

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 2790d9cd50f4..623953a53032 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -1753,8 +1753,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 #elif defined(__s390__)
 # define ARCH_REGS		s390_regs
 # define SYSCALL_NUM(_regs)	(_regs).gprs[2]
-# define SYSCALL_RET(_regs)	(_regs).gprs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__mips__)
 # include <asm/unistd_nr_n32.h>
 # include <asm/unistd_nr_n64.h>
@@ -1776,8 +1776,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		else					\
 			(_regs).regs[2] = _nr;		\
 	} while (0)
-# define SYSCALL_RET(_regs)	(_regs).regs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__xtensa__)
 # define ARCH_REGS		struct user_pt_regs
 # define SYSCALL_NUM(_regs)	(_regs).syscall
@@ -1804,9 +1804,26 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		SYSCALL_NUM(_regs) = (_nr);	\
 	} while (0)
 #endif
+/*
+ * Most architectures can change the syscall return value by just
+ * writing to the SYSCALL_RET register. This is the default if not
+ * defined above. If an architecture cannot set the return value
+ * (for example when the syscall and return value register is
+ * shared), report it with TH_LOG() in an arch-specific definition
+ * of SYSCALL_RET_SET() above, and leave SYSCALL_RET undefined.
+ */
+#if !defined(SYSCALL_RET) && !defined(SYSCALL_RET_SET)
+# error "One of SYSCALL_RET or SYSCALL_RET_SET is needed for this arch"
+#endif
+#ifndef SYSCALL_RET_SET
+# define SYSCALL_RET_SET(_regs, _val)		\
+	do {					\
+		SYSCALL_RET(_regs) = (_val);	\
+	} while (0)
+#endif
 
 /* When the syscall return can't be changed, stub out the tests for it. */
-#ifdef SYSCALL_NUM_RET_SHARE_REG
+#ifndef SYSCALL_RET
 # define EXPECT_SYSCALL_RETURN(val, action)	EXPECT_EQ(-1, action)
 #else
 # define EXPECT_SYSCALL_RETURN(val, action)		\
@@ -1870,11 +1887,7 @@ void change_syscall(struct __test_metadata *_metadata,
 
 	/* If syscall is skipped, change return value. */
 	if (syscall == -1)
-#ifdef SYSCALL_NUM_RET_SHARE_REG
-		TH_LOG("Can't modify syscall return on this architecture");
-#else
-		SYSCALL_RET(regs) = result;
-#endif
+		SYSCALL_RET_SET(regs, result);
 
 	/* Flush any register changes made. */
 	if (memcmp(&orig, &regs, sizeof(orig)) != 0)
-- 
2.25.1


WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
	Will Drewry <wad@chromium.org>, Kees Cook <keescook@chromium.org>,
	linux-xtensa@linux-xtensa.org,
	Michael Ellerman <mpe@ellerman.id.au>,
	linux-mips@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
	Max Filippov <jcmvbkbc@gmail.com>,
	linux-arm-kernel@lists.infradead.org,
	linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
	Christian Brauner <christian@brauner.io>
Subject: [PATCH 11/15] selftests/seccomp: Remove SYSCALL_NUM_RET_SHARE_REG in favor of SYSCALL_RET_SET
Date: Sat, 12 Sep 2020 04:08:16 -0700	[thread overview]
Message-ID: <20200912110820.597135-12-keescook@chromium.org> (raw)
In-Reply-To: <20200912110820.597135-1-keescook@chromium.org>

Instead of special-casing the specific case of shared registers, create
a default SYSCALL_RET_SET() macro (mirroring SYSCALL_NUM_SET()), that
writes to the SYSCALL_RET register. For architectures that can't set the
return value (for whatever reason), they can define SYSCALL_RET_SET()
without an associated SYSCALL_RET() macro. This also paves the way for
architectures that need to do special things to set the return value
(e.g. powerpc).

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 tools/testing/selftests/seccomp/seccomp_bpf.c | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 2790d9cd50f4..623953a53032 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -1753,8 +1753,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 #elif defined(__s390__)
 # define ARCH_REGS		s390_regs
 # define SYSCALL_NUM(_regs)	(_regs).gprs[2]
-# define SYSCALL_RET(_regs)	(_regs).gprs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__mips__)
 # include <asm/unistd_nr_n32.h>
 # include <asm/unistd_nr_n64.h>
@@ -1776,8 +1776,8 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		else					\
 			(_regs).regs[2] = _nr;		\
 	} while (0)
-# define SYSCALL_RET(_regs)	(_regs).regs[2]
-# define SYSCALL_NUM_RET_SHARE_REG
+# define SYSCALL_RET_SET(_regs, _val)			\
+		TH_LOG("Can't modify syscall return on this architecture")
 #elif defined(__xtensa__)
 # define ARCH_REGS		struct user_pt_regs
 # define SYSCALL_NUM(_regs)	(_regs).syscall
@@ -1804,9 +1804,26 @@ TEST_F(TRACE_poke, getpid_runs_normally)
 		SYSCALL_NUM(_regs) = (_nr);	\
 	} while (0)
 #endif
+/*
+ * Most architectures can change the syscall return value by just
+ * writing to the SYSCALL_RET register. This is the default if not
+ * defined above. If an architecture cannot set the return value
+ * (for example when the syscall and return value register is
+ * shared), report it with TH_LOG() in an arch-specific definition
+ * of SYSCALL_RET_SET() above, and leave SYSCALL_RET undefined.
+ */
+#if !defined(SYSCALL_RET) && !defined(SYSCALL_RET_SET)
+# error "One of SYSCALL_RET or SYSCALL_RET_SET is needed for this arch"
+#endif
+#ifndef SYSCALL_RET_SET
+# define SYSCALL_RET_SET(_regs, _val)		\
+	do {					\
+		SYSCALL_RET(_regs) = (_val);	\
+	} while (0)
+#endif
 
 /* When the syscall return can't be changed, stub out the tests for it. */
-#ifdef SYSCALL_NUM_RET_SHARE_REG
+#ifndef SYSCALL_RET
 # define EXPECT_SYSCALL_RETURN(val, action)	EXPECT_EQ(-1, action)
 #else
 # define EXPECT_SYSCALL_RETURN(val, action)		\
@@ -1870,11 +1887,7 @@ void change_syscall(struct __test_metadata *_metadata,
 
 	/* If syscall is skipped, change return value. */
 	if (syscall == -1)
-#ifdef SYSCALL_NUM_RET_SHARE_REG
-		TH_LOG("Can't modify syscall return on this architecture");
-#else
-		SYSCALL_RET(regs) = result;
-#endif
+		SYSCALL_RET_SET(regs, result);
 
 	/* Flush any register changes made. */
 	if (memcmp(&orig, &regs, sizeof(orig)) != 0)
-- 
2.25.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply	other threads:[~2020-09-12 11:10 UTC|newest]

Thread overview: 117+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-12 11:08 [PATCH 00/15] selftests/seccomp: Refactor change_syscall() Kees Cook
2020-09-12 11:08 ` Kees Cook
2020-09-12 11:08 ` Kees Cook
2020-09-12 11:08 ` [PATCH 01/15] selftests/seccomp: Refactor arch register macros to avoid xtensa special case Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 15:51   ` Christian Brauner
2020-09-15 15:51     ` Christian Brauner
2020-09-15 15:51     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 02/15] selftests/seccomp: Provide generic syscall setting macro Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 15:53   ` Christian Brauner
2020-09-15 15:53     ` Christian Brauner
2020-09-15 15:53     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 03/15] selftests/seccomp: mips: Define SYSCALL_NUM_SET macro Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 15:55   ` Christian Brauner
2020-09-15 15:55     ` Christian Brauner
2020-09-15 15:55     ` Christian Brauner
2020-09-18 22:00     ` Kees Cook
2020-09-18 22:00       ` Kees Cook
2020-09-18 22:00       ` Kees Cook
2020-09-12 11:08 ` [PATCH 04/15] selftests/seccomp: arm: " Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 15:56   ` Christian Brauner
2020-09-15 15:56     ` Christian Brauner
2020-09-15 15:56     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 05/15] selftests/seccomp: arm64: " Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 15:58   ` Christian Brauner
2020-09-15 15:58     ` Christian Brauner
2020-09-15 15:58     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 06/15] selftests/seccomp: mips: Remove O32-specific macro Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:00   ` Christian Brauner
2020-09-15 16:00     ` Christian Brauner
2020-09-15 16:00     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 07/15] selftests/seccomp: Remove syscall setting #ifdefs Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:01   ` Christian Brauner
2020-09-15 16:01     ` Christian Brauner
2020-09-15 16:01     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 08/15] selftests/seccomp: Convert HAVE_GETREG into ARCH_GETREG/ARCH_SETREG Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:03   ` Christian Brauner
2020-09-15 16:03     ` Christian Brauner
2020-09-15 16:03     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 09/15] selftests/seccomp: Convert REGSET calls " Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:05   ` Christian Brauner
2020-09-15 16:05     ` Christian Brauner
2020-09-15 16:05     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 10/15] selftests/seccomp: Avoid redundant register flushes Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:08   ` Christian Brauner
2020-09-15 16:08     ` Christian Brauner
2020-09-15 16:08     ` Christian Brauner
2020-09-12 11:08 ` Kees Cook [this message]
2020-09-12 11:08   ` [PATCH 11/15] selftests/seccomp: Remove SYSCALL_NUM_RET_SHARE_REG in favor of SYSCALL_RET_SET Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:11   ` Christian Brauner
2020-09-15 16:11     ` Christian Brauner
2020-09-15 16:11     ` Christian Brauner
2020-09-12 11:08 ` [PATCH 12/15] selftests/seccomp: powerpc: Fix seccomp return value testing Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-14  3:38   ` Michael Ellerman
2020-09-14  3:38     ` Michael Ellerman
2020-09-14  3:38     ` Michael Ellerman
2020-09-12 11:08 ` [PATCH 13/15] selftests/seccomp: powerpc: Set syscall return during ptrace syscall exit Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-14  5:47   ` Michael Ellerman
2020-09-14  5:47     ` Michael Ellerman
2020-09-14  5:47     ` Michael Ellerman
2020-09-14 20:20     ` Kees Cook
2020-09-14 20:20       ` Kees Cook
2020-09-14 20:20       ` Kees Cook
2020-09-12 11:08 ` [PATCH 14/15] selftests/clone3: Avoid OS-defined clone_args Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:25   ` Christian Brauner
2020-09-15 16:25     ` Christian Brauner
2020-09-15 16:25     ` Christian Brauner
2020-09-18 22:00     ` Kees Cook
2020-09-18 22:00       ` Kees Cook
2020-09-18 22:00       ` Kees Cook
2020-09-12 11:08 ` [PATCH 15/15] selftests/seccomp: Use __NR_mknodat instead of __NR_mknod Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-12 11:08   ` Kees Cook
2020-09-15 16:16   ` Christian Brauner
2020-09-15 16:16     ` Christian Brauner
2020-09-15 16:16     ` Christian Brauner
2020-09-14 12:15 ` [PATCH 00/15] selftests/seccomp: Refactor change_syscall() Michael Ellerman
2020-09-14 12:15   ` Michael Ellerman
2020-09-14 12:15   ` Michael Ellerman
2020-09-14 20:32   ` Kees Cook
2020-09-14 20:32     ` Kees Cook
2020-09-14 20:32     ` Kees Cook
2020-09-15 11:12     ` Max Filippov
2020-09-15 11:12       ` Max Filippov
2020-09-15 11:12       ` Max Filippov
2020-09-15 12:52     ` Michael Ellerman
2020-09-15 12:52       ` Michael Ellerman
2020-09-15 12:52       ` Michael Ellerman
2020-09-15  8:45 ` Max Filippov
2020-09-15  8:45   ` Max Filippov
2020-09-15  8:45   ` Max Filippov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200912110820.597135-12-keescook@chromium.org \
    --to=keescook@chromium.org \
    --cc=cascardo@canonical.com \
    --cc=christian@brauner.io \
    --cc=jcmvbkbc@gmail.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=linux-mips@vger.kernel.org \
    --cc=linux-xtensa@linux-xtensa.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=luto@amacapital.net \
    --cc=mpe@ellerman.id.au \
    --cc=wad@chromium.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.