Linux-m68k Archive on lore.kernel.org
 help / color / Atom feed
From: Michael Schmitz <schmitzmic@gmail.com>
To: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>,
	geert@linux-m68k.org
Cc: linux-m68k@vger.kernel.org, schwab@linux-m68k.org,
	Greg Ungerer <gerg@linux-m68k.org>
Subject: Re: [PATCH] m68k/kernel - wire up syscall_trace_enter/leave for m68k
Date: Tue, 28 Jul 2020 08:48:24 +1200
Message-ID: <5d98d276-c867-7f9b-f5b5-048e5e70ee3c@gmail.com> (raw)
In-Reply-To: <13c91e87-7e26-1bc6-8ac0-68a790ee99cd@physik.fu-berlin.de>

Hi Adrian,

On 27/07/20 10:03 PM, John Paul Adrian Glaubitz wrote:
> Hi Michael!
>
> On 7/27/20 6:19 AM, Michael Schmitz wrote:
>> m68k (other than Coldfire) uses syscall_trace for both trace entry
>> and trace exit. Seccomp support requires separate entry points for
>> trace entry and exit which are already provided for Coldfire.
>>
>> Replace syscall_trace by syscall_trace_enter and syscall_trace_leave
>> in preparation for seccomp support. Check return code of
>> syscall_trace_enter(), and skip syscall if nonzero. Return code
>> will be left at what had been set by by ptrace or seccomp.
> Correct me if I'm wrong, but shouldn't the skip happen when the return
> code is -1? At least that's what we're doing on SuperH and that seems
> to be what other architectures are doing as well.

What other non-zero return codes do you expect syscall_trace_enter() to 
set, and what should the action in entry.S be?

(Note that according to my reading, your SH patch does not actually do 
what your description says. If syscall_trace_enter() returns a positive 
non-zero value, that value is _not_ used as changed syscall number. SH 
uses r3 for the syscall number, not r0).

As far as I can see, any non-zero return code should abort the syscall, 
so I just test for that (for simplicity). Our use of the 
tracehook_report_syscall_entry() return code (directly passed back from 
syscall_trace_enter()) doesn't leave much choice there, see comment in 
include/linux/tracehook.h.

If later on seccomp needs any specific action, it should be easy enough 
to change the syscall number (offset PT_OFF_ORIG_D0 on the stack) or 
syscall return code (offset PT_OFF_D0). There's code in kernel/ptrace.c 
to do that AFAICS.

Changing the behaviour of syscall_trace_enter() to match what other 
architectures do (return changed syscall number, not error code) is 
beyond the scope of this patch. I suspect the capability to change 
syscall numbers from ptrace code does predate the seccomp filter 
approach, and as m68k has never used it in the past, I don't see a point 
to add this now.

> Also, shouldn't that part of the change not be part of the patch that
> adds support for SECCOMP filter like in [1]? I don't think it makes
> sense to add the return code check unless the rest of SECCOMP filter
> has been implemented.

After replacing syscall_trace() by syscall_trace_enter() and 
syscall_trace_leave(), there is a return code provided by 
syscall_trace_enter() which we must check, hence I added the check at 
the same time as replacing syscall_trace() for non-Coldfire m68k.

(I note that the same check should probably be added to coldfire/entry.S.)

I can't test any of the later seccomp related stuff, so I'd rather leave 
that bit to someone else who can.

Cheers,

     Michael

>
> Adrian
>
>> [1] https://github.com/glaubitz/linux/commit/2fa1e7b9ba5150bc12adaddc017d5a6b79f363e7

  reply index

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-23 10:03 syscall_trace_enter and syscall_trace_leave for m68k w/MMU John Paul Adrian Glaubitz
2020-07-23 22:56 ` Michael Schmitz
2020-07-25  1:48 ` [PATCH RFC] m68k/kernel - wire up syscall_trace_enter/leave for m68k Michael Schmitz
2020-07-26  1:28 ` [PATCH RFC v2] " Michael Schmitz
2020-07-27  4:19 ` [PATCH] " Michael Schmitz
2020-07-27 10:03   ` John Paul Adrian Glaubitz
2020-07-27 20:48     ` Michael Schmitz [this message]
2020-07-27 21:09       ` John Paul Adrian Glaubitz
2020-08-05 12:23 ` syscall_trace_enter and syscall_trace_leave for m68k w/MMU Greg Ungerer
2020-08-05 12:36   ` John Paul Adrian Glaubitz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5d98d276-c867-7f9b-f5b5-048e5e70ee3c@gmail.com \
    --to=schmitzmic@gmail.com \
    --cc=geert@linux-m68k.org \
    --cc=gerg@linux-m68k.org \
    --cc=glaubitz@physik.fu-berlin.de \
    --cc=linux-m68k@vger.kernel.org \
    --cc=schwab@linux-m68k.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-m68k Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-m68k/0 linux-m68k/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-m68k linux-m68k/ https://lore.kernel.org/linux-m68k \
		linux-m68k@vger.kernel.org linux-m68k@lists.linux-m68k.org
	public-inbox-index linux-m68k

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-m68k


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git