Linux-m68k Archive on lore.kernel.org
 help / color / Atom feed
From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
To: Michael Schmitz <schmitzmic@gmail.com>, geert@linux-m68k.org
Cc: linux-m68k@vger.kernel.org, schwab@linux-m68k.org,
	Greg Ungerer <gerg@linux-m68k.org>
Subject: Re: [PATCH] m68k/kernel - wire up syscall_trace_enter/leave for m68k
Date: Mon, 27 Jul 2020 23:09:09 +0200
Message-ID: <a02bfdb3-95d4-4375-e069-186a95be3921@physik.fu-berlin.de> (raw)
In-Reply-To: <5d98d276-c867-7f9b-f5b5-048e5e70ee3c@gmail.com>

On 7/27/20 10:48 PM, Michael Schmitz wrote:
> On 27/07/20 10:03 PM, John Paul Adrian Glaubitz wrote:
>> Hi Michael!
>>
>> On 7/27/20 6:19 AM, Michael Schmitz wrote:
>>> m68k (other than Coldfire) uses syscall_trace for both trace entry
>>> and trace exit. Seccomp support requires separate entry points for
>>> trace entry and exit which are already provided for Coldfire.
>>>
>>> Replace syscall_trace by syscall_trace_enter and syscall_trace_leave
>>> in preparation for seccomp support. Check return code of
>>> syscall_trace_enter(), and skip syscall if nonzero. Return code
>>> will be left at what had been set by by ptrace or seccomp.
>> Correct me if I'm wrong, but shouldn't the skip happen when the return
>> code is -1? At least that's what we're doing on SuperH and that seems
>> to be what other architectures are doing as well.
> 
> What other non-zero return codes do you expect syscall_trace_enter() to set, and what should the action in entry.S be?

I just don't think we should do it any different than the other architectures
which explicitly compare the return value against -1, i.e. RISC-V and PA-RISC.

> (Note that according to my reading, your SH patch does not actually do what your description says. If syscall_trace_enter() returns a positive non-zero value, that value is _not_ used as changed syscall number. SH uses r3 for the syscall number, not r0).

You are right, of course. I somehow mixed that up. You're right, it checks
the return value of syscall_trace_enter and it should skip the syscall
if syscall_trace_enter returns -1.

> As far as I can see, any non-zero return code should abort the syscall, so I just test for that (for simplicity). Our use of the tracehook_report_syscall_entry() return code (directly passed back from syscall_trace_enter()) doesn't leave much choice there, see comment in include/linux/tracehook.h.

My point is to stay consistent with the other architectures.

> If later on seccomp needs any specific action, it should be easy enough to change the syscall number (offset PT_OFF_ORIG_D0 on the stack) or syscall return code (offset PT_OFF_D0). There's code in kernel/ptrace.c to do that AFAICS.
> 
> Changing the behaviour of syscall_trace_enter() to match what other architectures do (return changed syscall number, not error code) is beyond the scope of this patch. I suspect the capability to change syscall numbers from ptrace code does predate the seccomp filter approach, and as m68k has never used it in the past, I don't see a point to add this now.

Yes, I agree and my previous comment in this regard was wrong.

>> Also, shouldn't that part of the change not be part of the patch that
>> adds support for SECCOMP filter like in [1]? I don't think it makes
>> sense to add the return code check unless the rest of SECCOMP filter
>> has been implemented.
> 
> After replacing syscall_trace() by syscall_trace_enter() and syscall_trace_leave(), there is a return code provided by syscall_trace_enter() which we must check, hence I added the check at the same time as replacing syscall_trace() for non-Coldfire m68k.
> 
> (I note that the same check should probably be added to coldfire/entry.S.)
Do we actually need to check the return value unless we implement SECCOMP_FILTER?
(Which no doubt we will do ;-)). 

> I can't test any of the later seccomp related stuff, so I'd rather leave that bit to someone else who can.

I will work on the necessary changes for libseccomp this week, so that we can test
whether the libseccomp live tests pass correctly on a patched kernel.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@debian.org
`. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

  reply index

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-23 10:03 syscall_trace_enter and syscall_trace_leave for m68k w/MMU John Paul Adrian Glaubitz
2020-07-23 22:56 ` Michael Schmitz
2020-07-25  1:48 ` [PATCH RFC] m68k/kernel - wire up syscall_trace_enter/leave for m68k Michael Schmitz
2020-07-26  1:28 ` [PATCH RFC v2] " Michael Schmitz
2020-07-27  4:19 ` [PATCH] " Michael Schmitz
2020-07-27 10:03   ` John Paul Adrian Glaubitz
2020-07-27 20:48     ` Michael Schmitz
2020-07-27 21:09       ` John Paul Adrian Glaubitz [this message]
2020-08-26 11:18         ` Geert Uytterhoeven
2020-08-26 11:50           ` John Paul Adrian Glaubitz
2020-08-26 11:23   ` Geert Uytterhoeven
2020-08-26 11:27     ` John Paul Adrian Glaubitz
2020-08-26 12:32       ` Geert Uytterhoeven
2020-08-26 12:35         ` John Paul Adrian Glaubitz
2020-08-26 12:38           ` Geert Uytterhoeven
2020-08-26 12:42             ` John Paul Adrian Glaubitz
2020-08-26 14:22               ` Geert Uytterhoeven
2020-08-27  0:08     ` Michael Schmitz
2020-08-27  9:19       ` Geert Uytterhoeven
2020-08-27 19:29         ` Michael Schmitz
2020-08-28  8:58           ` Geert Uytterhoeven
2020-08-05 12:23 ` syscall_trace_enter and syscall_trace_leave for m68k w/MMU Greg Ungerer
2020-08-05 12:36   ` John Paul Adrian Glaubitz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a02bfdb3-95d4-4375-e069-186a95be3921@physik.fu-berlin.de \
    --to=glaubitz@physik.fu-berlin.de \
    --cc=geert@linux-m68k.org \
    --cc=gerg@linux-m68k.org \
    --cc=linux-m68k@vger.kernel.org \
    --cc=schmitzmic@gmail.com \
    --cc=schwab@linux-m68k.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-m68k Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-m68k/0 linux-m68k/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-m68k linux-m68k/ https://lore.kernel.org/linux-m68k \
		linux-m68k@vger.kernel.org linux-m68k@lists.linux-m68k.org
	public-inbox-index linux-m68k

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-m68k


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git