From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752399AbbHMIav (ORCPT <rfc822;w@1wt.eu>);
	Thu, 13 Aug 2015 04:30:51 -0400
Received: from mail-vk0-f45.google.com ([209.85.213.45]:35990 "EHLO
	mail-vk0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752332AbbHMIar (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 13 Aug 2015 04:30:47 -0400
MIME-Version: 1.0
From: David Drysdale <drysdale@google.com>
Date: Thu, 13 Aug 2015 09:30:26 +0100
Message-ID: <CAHse=S8UeYVJqRBx-_wf=jeDERTJxzM=YRH5izBpQnrCHOxcDA@mail.gmail.com>
Subject: [Regression v4.2 ?] 32-bit seccomp-BPF returned errno values wrong in VM?
To: Kees Cook <keescook@chromium.org>, Denys Vlasenko <dvlasenk@redhat.com>,
        Andy Lutomirski <luto@amacapital.net>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Will Drewry <wad@chromium.org>, Ingo Molnar <mingo@kernel.org>
Cc: Alok Kataria <akataria@vmware.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Borislav Petkov <bp@alien8.de>, Alexei Starovoitov <ast@plumgrid.com>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Oleg Nesterov <oleg@redhat.com>,
        Steven Rostedt <rostedt@goodmis.org>, X86 ML <x86@kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi folks,

I've got an odd regression with the v4.2 rc kernel, and I wondered if anyone
else could reproduce it.

The problem occurs with a seccomp-bpf filter program that's set up to return
an errno value -- an errno of 1 is always returned instead of what's in the
filter, plus other oddities (selftest output below).

The problem seems to need a combination of circumstances to occur:

 - The seccomp-bpf userspace program needs to be 32-bit, running against a
   64-bit kernel -- I'm testing with seccomp_bpf from
   tools/testing/selftests/seccomp/, built via 'CFLAGS=-m32 make'.

 - The kernel needs to be running as a VM guest -- it occurs inside my
   VMware Fusion host, but not if I run on bare metal.  Kees tells me he
   cannot repro with a kvm guest though.

Bisecting indicates that the commit that induces the problem is
3f5159a9221f19b0, "x86/asm/entry/32: Update -ENOSYS handling to match the
64-bit logic", included in all the v4.2-rc* candidates.

Apologies if I've just got something odd with my local setup, but the
bisection was unequivocal enough that I thought it worth reporting...

Thanks,
David


seccomp_bpf failure outputs:

seccomp_bpf.c:533:global.ERRNO_valid:Expected 7 (7) ==
(*__errno_location ()) (1)
seccomp_bpf.c:560:global.ERRNO_zero:Expected 0 (0) == read(0, ((void
*)0), 0) (4294967295)
seccomp_bpf.c:587:global.ERRNO_capped:Expected 4095 (4095) ==
(*__errno_location ()) (1)
seccomp_bpf.c:905:precedence.errno_is_third:Expected 0 (0) ==
syscall(20) (4294967295)
seccomp_bpf.c:925:precedence.errno_is_third_in_any_order:Expected 0
(0) == syscall(20) (4294967295)