From: Andy Lutomirski <luto@amacapital.net>
To: Alexei Starovoitov <ast@plumgrid.com>
Cc: David Miller <davem@davemloft.net>,
Daniel Borkmann <dborkman@redhat.com>,
Network Development <netdev@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Eric Paris <eparis@redhat.com>,
James Morris <james.l.morris@oracle.com>,
Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH] seccomp: fix populating a0-a5 syscall args in 32-bit x86 BPF
Date: Tue, 15 Apr 2014 10:46:29 -0700 [thread overview]
Message-ID: <CALCETrUwC1ufd8ud5SgS1MyFpqgHse2-poSxjcx7hBSraPYA0Q@mail.gmail.com> (raw)
In-Reply-To: <CAMEtUux-ekQdx2M0e=py81zvAGWo4r6Upxmwfvcrv739kSH_oQ@mail.gmail.com>
On Mon, Apr 14, 2014 at 11:31 PM, Alexei Starovoitov <ast@plumgrid.com> wrote:
> On Mon, Apr 14, 2014 at 1:28 PM, Andy Lutomirski <luto@amacapital.net> wrote:
>> On Mon, Apr 14, 2014 at 1:24 PM, David Miller <davem@davemloft.net> wrote:
>>> From: Andy Lutomirski <luto@amacapital.net>
>>> Date: Mon, 14 Apr 2014 13:13:45 -0700
>>>
>>>> I think this description is wrong. (unsigned long *) &sd->args[1] is
>>>> the right location, at least on 32-bit little-endian architectures.
>>>
>>> It absolutely is not.
>>
>> Huh? It's a pointer to the right address, but the type is wrong.
>>
>> The changelog says "on 32-bit x86 (or any other 32bit arch), it would
>> result in storing a0-a5 at wrong offsets in args[] member". Unless
>> I'm mistaken, this is incorrect: a0-a5 are are the correct offsets,
>> but they are stored with the wrong type, so the other bits in there
>> are garbage.
>
> agree. your above description is more correct than the log.
> We were focusing on the bug itself and the log came a bit misleading
> as a result of multiple iterations back and forth between me and Daniel.
>
> also the log says:
> "gcc is clever and optimizes the copy away in other cases, e.g. x86_64"
> since we actually checked assembler, so the fix doesn't pessimize
> 64-bit architectures :)
> This function is in critical path for seccomp, so performance definitely
> matters.
Yeah, I'm not entirely sure what I was thinking when I wrote that
part. The new code should actually be much better than the old code
for weird architectures like ia-64.
For reference, ia-64 uses the unwinder (!) to look up arguments, so
the fewer times it gets invoked, the better.
--Andy
next prev parent reply other threads:[~2014-04-15 17:46 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-14 19:02 [PATCH] seccomp: fix populating a0-a5 syscall args in 32-bit x86 BPF Daniel Borkmann
2014-04-14 20:13 ` Andy Lutomirski
2014-04-14 20:24 ` David Miller
2014-04-14 20:28 ` Andy Lutomirski
2014-04-15 6:31 ` Alexei Starovoitov
2014-04-15 17:46 ` Andy Lutomirski [this message]
2014-04-15 22:52 ` Linus Torvalds
2014-04-15 23:17 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrUwC1ufd8ud5SgS1MyFpqgHse2-poSxjcx7hBSraPYA0Q@mail.gmail.com \
--to=luto@amacapital.net \
--cc=ast@plumgrid.com \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=eparis@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.