From: Andy Lutomirski <luto@kernel.org>
To: "H. J. Lu" <hjl.tools@gmail.com>
Cc: Andrew Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>,
Florian Weimer <fweimer@redhat.com>,
Mike Frysinger <vapier@gentoo.org>, Rich Felker <dalias@libc.org>,
x32@buildd.debian.org, Arnd Bergmann <arnd@arndb.de>,
Will Deacon <will.deacon@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: Can we drop upstream Linux x32 support?
Date: Mon, 10 Dec 2018 21:35:02 -0800 [thread overview]
Message-ID: <CALCETrU5xw61=me1YcTO3VPzjNEZahMPpi-20-oiSGs+CHcj4g@mail.gmail.com> (raw)
In-Reply-To: <CAMe9rOp0m5sn59AsD2F2i2Ad2tb7ufPU1mMg-vUOfh+TnGMeaw@mail.gmail.com>
On Mon, Dec 10, 2018 at 7:15 PM H.J. Lu <hjl.tools@gmail.com> wrote:
>
> On Mon, Dec 10, 2018 at 5:23 PM Andy Lutomirski <luto@kernel.org> wrote:
> >
> > Hi all-
> >
> > I'm seriously considering sending a patch to remove x32 support from
> > upstream Linux. Here are some problems with it:
> >
> > 1. It's not entirely clear that it has users. As far as I know, it's
> > supported on Gentoo and Debian, and the Debian popcon graph for x32
> > has been falling off dramatically. I don't think that any enterprise
> > distro has ever supported x32.
>
> I have been posting x32 GCC results for years:
>
> https://gcc.gnu.org/ml/gcc-testresults/2018-12/msg01358.html
Right. My question wasn't whether x32 had developers -- it was
whether it had users. If the only users are a small handful of people
who keep the toolchain and working and some people who benchmark it,
then I think the case for keeping it in upstream Linux is a bit weak.
>
> > 2. The way that system calls work is very strange. Most syscalls on
> > x32 enter through their *native* (i.e. not COMPAT_SYSCALL_DEFINE)
> > entry point, and this is intentional. For example, adjtimex() uses
> > the native entry, not the compat entry, because x32's struct timex
> > matches the x86_64 layout. But a handful of syscalls have separate
>
> This becomes less an issue with 64-bit time_t.
>
> > entry points -- these are the syscalls starting at 512. These enter
> > throuh the COMPAT_SYSCALL_DEFINE entry points.
> >
> > The x32 syscalls that are *not* in the 512 range violate all semblance
> > of kernel syscall convention. In the syscall handlers,
> > in_compat_syscall() returns true, but the COMPAT_SYSCALL_DEFINE entry
> > is not invoked. This is nutty and risks breaking things when people
> > refactor their syscall implementations. And no one tests these
> > things. Similarly, if someone calls any of the syscalls below 512 but
> > sets bit 31 in RAX, then the native entry will be called with
> > in_compat_set().
> >
> > Conversely, if you call a syscall in the 512 range with bit 31
> > *clear*, then the compat entry is set with in_compat_syscall()
> > *clear*. This is also nutty.
>
> This is to share syscalls between LP64 and ILP32 (x32) in x86-64 kernel.
>
I tried to understand what's going on. As far as I can tell, most of
the magic is the fact that __kernel_long_t and __kernel_ulong_t are
64-bit as seen by x32 user code. This means that a decent number of
uapi structures are the same on x32 and x86_64. Syscalls that only
use structures like this should route to the x86_64 entry points. But
the implementation is still highly dubious -- in_compat_syscall() will
be *true* in such system calls, which means that, if someone changes:
SYSCALL_DEFINE1(some_func, struct some_struct __user *, ptr)
{
/* x32 goes here, but it's entirely non-obvious unless you read the
x86 syscall table */
native impl;
}
COMPAT_SYSCALL_DEFINE1(some_func, struct compat_some_struct __user *, ptr)
{
compat impl;
}
to the Obviously Equivalent (tm):
SYSCALL_DEFINE1(some_func, struct some_struct __user *, ptr)
{
struct some_struct kernel_val;
if (in_compat_syscall()) {
get_compat_some_struct(&kernel_val, ptr);
} else {
copy_from_user(&kernel_val, ptr, sizeof(struct some_struct));
}
do the work;
}
then x32 breaks.
And I don't even know how x32 is supposed to support some hypothetical
syscall like this:
long sys_nasty(struct adjtimex *a, struct iovec *b);
where one argument has x32 and x86_64 matching but the other has x32
and x86_32 matching.
This whole thing seems extremely fragile.
next prev parent reply other threads:[~2018-12-11 5:35 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-11 1:23 Can we drop upstream Linux x32 support? Andy Lutomirski
2018-12-11 1:40 ` Linus Torvalds
2018-12-11 2:22 ` hpa
2018-12-11 8:16 ` Florian Weimer
2018-12-11 21:53 ` Thorsten Glaser
2018-12-11 23:22 ` Andy Lutomirski
2018-12-11 23:35 ` Thorsten Glaser
2018-12-11 23:55 ` Arnd Bergmann
2018-12-12 2:24 ` Andy Lutomirski
2018-12-12 2:33 ` Thorsten Glaser
2018-12-12 9:04 ` Arnd Bergmann
2018-12-12 18:14 ` Joseph Myers
2018-12-12 18:50 ` Ivan Ivanov
2018-12-12 19:12 ` Andy Lutomirski
2018-12-12 19:18 ` Ivan Ivanov
2018-12-12 16:39 ` Andy Lutomirski
2018-12-12 16:52 ` Rich Felker
2018-12-12 18:03 ` Andy Lutomirski
2018-12-13 12:40 ` Catalin Marinas
2018-12-13 15:57 ` Rich Felker
2018-12-13 16:04 ` Florian Weimer
2018-12-13 16:28 ` Rich Felker
2018-12-14 11:42 ` Florian Weimer
2018-12-14 16:13 ` Rich Felker
2018-12-13 18:42 ` Joseph Myers
2018-12-15 4:53 ` Thorsten Glaser
2018-12-11 23:38 ` Rich Felker
2018-12-11 23:40 ` Maciej W. Rozycki
2018-12-13 14:38 ` Olof Johansson
2018-12-13 15:46 ` Lance Richardson
2018-12-13 16:11 ` Richard Purdie
2018-12-11 3:14 ` H.J. Lu
2018-12-11 5:35 ` Andy Lutomirski [this message]
2018-12-11 9:02 ` Arnd Bergmann
2018-12-11 11:32 ` Catalin Marinas
2018-12-11 11:37 ` Florian Weimer
2018-12-11 11:52 ` Catalin Marinas
2018-12-11 5:46 ` Christian Brauner
2018-12-11 10:29 ` John Paul Adrian Glaubitz
2018-12-11 10:37 ` Florian Weimer
2018-12-11 10:44 ` John Paul Adrian Glaubitz
2018-12-11 21:59 ` Thorsten Glaser
2018-12-11 23:33 ` Rich Felker
2018-12-13 5:03 ` Kevin Easton
2018-12-13 9:05 ` Richard Weinberger
2018-12-13 9:37 ` Sven Hartrumpf
2018-12-13 9:57 ` Adam Borowski
2018-12-13 18:50 ` Sven Hartrumpf
2018-12-13 12:12 ` Kevin Easton
2018-12-14 14:38 ` David Laight
2018-12-14 15:17 ` Richard Weinberger
2018-12-13 16:02 ` Rich Felker
2018-12-14 14:13 ` Bernd Petrovitsch
2018-12-14 16:17 ` Rich Felker
2018-12-14 16:29 ` Bernd Petrovitsch
2018-12-14 16:38 ` Florian Weimer
2018-12-14 16:55 ` Rich Felker
2018-12-14 18:58 ` Andy Lutomirski
2018-12-14 19:59 ` Lance Richardson
2018-12-14 20:13 ` Linus Torvalds
2018-12-14 21:27 ` Andy Lutomirski
2018-12-14 21:16 ` Thomas Schöbel-Theuer
2018-12-14 21:24 ` Andy Lutomirski
2018-12-14 21:41 ` Thomas Schöbel-Theuer
2018-12-15 7:41 ` Thomas Schoebel-Theuer
2018-12-15 15:30 ` Andy Lutomirski
2019-01-09 12:41 ` Florian Weimer
2019-01-09 16:02 ` Rich Felker
2019-01-22 13:34 ` Enrico Weigelt, metux IT consult
2018-12-11 20:38 Shawn Rutledge
2018-12-12 0:00 ` Maciej W. Rozycki
2018-12-12 9:12 Steven Newbury
2018-12-12 10:48 ` Thorsten Glaser
2018-12-12 13:27 ` Steven Newbury
2018-12-12 14:01 ` Rich Felker
2018-12-12 14:46 ` Steven Newbury
2018-12-12 16:05 ` Rich Felker
2018-12-13 16:17 tedheadster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALCETrU5xw61=me1YcTO3VPzjNEZahMPpi-20-oiSGs+CHcj4g@mail.gmail.com' \
--to=luto@kernel.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=dalias@libc.org \
--cc=fweimer@redhat.com \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=vapier@gentoo.org \
--cc=will.deacon@arm.com \
--cc=x32@buildd.debian.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).