From: Sami Tolvanen <samitolvanen@google.com>
To: Andy Lutomirski <luto@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H . Peter Anvin" <hpa@zytor.com>,
Kees Cook <keescook@chromium.org>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
Sami Tolvanen <samitolvanen@google.com>
Subject: [RESEND PATCH v2 4/5] x86: use the correct function type for sys_ni_syscall
Date: Tue, 8 Oct 2019 15:40:48 -0700 [thread overview]
Message-ID: <20191008224049.115427-5-samitolvanen@google.com> (raw)
In-Reply-To: <20191008224049.115427-1-samitolvanen@google.com>
Use the correct function type for sys_ni_syscall in system
call tables to fix indirect call mismatches with Control-Flow
Integrity (CFI) checking.
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
---
arch/x86/entry/syscall_32.c | 8 +++-----
arch/x86/entry/syscall_64.c | 14 ++++++++++----
arch/x86/entry/syscalls/syscall_32.tbl | 4 ++--
3 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/arch/x86/entry/syscall_32.c b/arch/x86/entry/syscall_32.c
index aa3336a7cb15..7d17b3addbbb 100644
--- a/arch/x86/entry/syscall_32.c
+++ b/arch/x86/entry/syscall_32.c
@@ -10,13 +10,11 @@
#ifdef CONFIG_IA32_EMULATION
/* On X86_64, we use struct pt_regs * to pass parameters to syscalls */
#define __SYSCALL_I386(nr, sym, qual) extern asmlinkage long sym(const struct pt_regs *);
-
-/* this is a lie, but it does not hurt as sys_ni_syscall just returns -EINVAL */
-extern asmlinkage long sys_ni_syscall(const struct pt_regs *);
-
+#define __sys_ni_syscall __ia32_sys_ni_syscall
#else /* CONFIG_IA32_EMULATION */
#define __SYSCALL_I386(nr, sym, qual) extern asmlinkage long sym(unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long);
extern asmlinkage long sys_ni_syscall(unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long);
+#define __sys_ni_syscall sys_ni_syscall
#endif /* CONFIG_IA32_EMULATION */
#include <asm/syscalls_32.h>
@@ -29,6 +27,6 @@ __visible const sys_call_ptr_t ia32_sys_call_table[__NR_syscall_compat_max+1] =
* Smells like a compiler bug -- it doesn't work
* when the & below is removed.
*/
- [0 ... __NR_syscall_compat_max] = &sys_ni_syscall,
+ [0 ... __NR_syscall_compat_max] = &__sys_ni_syscall,
#include <asm/syscalls_32.h>
};
diff --git a/arch/x86/entry/syscall_64.c b/arch/x86/entry/syscall_64.c
index b1bf31713374..adf619a856e8 100644
--- a/arch/x86/entry/syscall_64.c
+++ b/arch/x86/entry/syscall_64.c
@@ -4,11 +4,17 @@
#include <linux/linkage.h>
#include <linux/sys.h>
#include <linux/cache.h>
+#include <linux/syscalls.h>
#include <asm/asm-offsets.h>
#include <asm/syscall.h>
-/* this is a lie, but it does not hurt as sys_ni_syscall just returns -EINVAL */
-extern asmlinkage long sys_ni_syscall(const struct pt_regs *);
+extern asmlinkage long sys_ni_syscall(void);
+
+SYSCALL_DEFINE0(ni_syscall)
+{
+ return sys_ni_syscall();
+}
+
#define __SYSCALL_64(nr, sym, qual) extern asmlinkage long sym(const struct pt_regs *);
#define __SYSCALL_X32(nr, sym, qual) __SYSCALL_64(nr, sym, qual)
#include <asm/syscalls_64.h>
@@ -23,7 +29,7 @@ asmlinkage const sys_call_ptr_t sys_call_table[__NR_syscall_max+1] = {
* Smells like a compiler bug -- it doesn't work
* when the & below is removed.
*/
- [0 ... __NR_syscall_max] = &sys_ni_syscall,
+ [0 ... __NR_syscall_max] = &__x64_sys_ni_syscall,
#include <asm/syscalls_64.h>
};
@@ -40,7 +46,7 @@ asmlinkage const sys_call_ptr_t x32_sys_call_table[__NR_syscall_x32_max+1] = {
* Smells like a compiler bug -- it doesn't work
* when the & below is removed.
*/
- [0 ... __NR_syscall_x32_max] = &sys_ni_syscall,
+ [0 ... __NR_syscall_x32_max] = &__x64_sys_ni_syscall,
#include <asm/syscalls_64.h>
};
diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl
index 2de75fda1d20..15908eb9b17e 100644
--- a/arch/x86/entry/syscalls/syscall_32.tbl
+++ b/arch/x86/entry/syscalls/syscall_32.tbl
@@ -124,7 +124,7 @@
110 i386 iopl sys_iopl __ia32_sys_iopl
111 i386 vhangup sys_vhangup __ia32_sys_vhangup
112 i386 idle
-113 i386 vm86old sys_vm86old sys_ni_syscall
+113 i386 vm86old sys_vm86old __ia32_sys_ni_syscall
114 i386 wait4 sys_wait4 __ia32_compat_sys_wait4
115 i386 swapoff sys_swapoff __ia32_sys_swapoff
116 i386 sysinfo sys_sysinfo __ia32_compat_sys_sysinfo
@@ -177,7 +177,7 @@
163 i386 mremap sys_mremap __ia32_sys_mremap
164 i386 setresuid sys_setresuid16 __ia32_sys_setresuid16
165 i386 getresuid sys_getresuid16 __ia32_sys_getresuid16
-166 i386 vm86 sys_vm86 sys_ni_syscall
+166 i386 vm86 sys_vm86 __ia32_sys_ni_syscall
167 i386 query_module
168 i386 poll sys_poll __ia32_sys_poll
169 i386 nfsservctl
--
2.23.0.581.g78d2f28ef7-goog
next prev parent reply other threads:[~2019-10-08 22:41 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-13 21:00 [PATCH 0/4] x86: fix syscall function type mismatches Sami Tolvanen
2019-09-13 21:00 ` [PATCH 1/4] x86: use the correct function type in SYSCALL_DEFINE0 Sami Tolvanen
2019-09-13 22:33 ` Andy Lutomirski
2019-09-13 21:00 ` [PATCH 2/4] x86: use the correct function type for sys32_(rt_)sigreturn Sami Tolvanen
2019-09-13 22:44 ` Andy Lutomirski
2019-09-13 23:29 ` Sami Tolvanen
2019-09-13 21:00 ` [PATCH 3/4] x86: use the correct function type for sys_ni_syscall Sami Tolvanen
2019-09-13 22:45 ` Andy Lutomirski
2019-09-13 23:26 ` Sami Tolvanen
2019-09-14 0:27 ` Andy Lutomirski
2019-09-16 20:43 ` Will Deacon
2019-09-13 21:00 ` [PATCH 4/4] x86: fix function types in COND_SYSCALL Sami Tolvanen
2019-09-13 22:46 ` Andy Lutomirski
2019-09-13 23:28 ` Sami Tolvanen
2019-09-14 0:28 ` Andy Lutomirski
2019-09-17 22:44 ` Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 0/5] x86: fix syscall function type mismatches Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 1/5] x86: use the correct function type in SYSCALL_DEFINE0 Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 2/5] x86/syscalls: Wire up COMPAT_SYSCALL_DEFINE0 Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 3/5] x86: use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 4/5] x86: use the correct function type for sys_ni_syscall Sami Tolvanen
2019-09-18 22:46 ` [PATCH v2 5/5] x86: fix function types in COND_SYSCALL Sami Tolvanen
2019-10-08 22:40 ` [RESEND PATCH v2 0/5] x86: fix syscall function type mismatches Sami Tolvanen
2019-10-08 22:40 ` [RESEND PATCH v2 1/5] x86: use the correct function type in SYSCALL_DEFINE0 Sami Tolvanen
2019-10-11 11:22 ` [tip: x86/entry] syscalls/x86: Use " tip-bot2 for Sami Tolvanen
2019-10-08 22:40 ` [RESEND PATCH v2 2/5] x86/syscalls: Wire up COMPAT_SYSCALL_DEFINE0 Sami Tolvanen
2019-10-11 11:22 ` [tip: x86/entry] syscalls/x86: " tip-bot2 for Andy Lutomirski
2019-10-08 22:40 ` [RESEND PATCH v2 3/5] x86: use COMPAT_SYSCALL_DEFINE0 for IA32 (rt_)sigreturn Sami Tolvanen
2019-10-11 11:22 ` [tip: x86/entry] syscalls/x86: Use " tip-bot2 for Sami Tolvanen
2019-10-08 22:40 ` Sami Tolvanen [this message]
2019-10-11 11:22 ` [tip: x86/entry] syscalls/x86: Use the correct function type for sys_ni_syscall tip-bot2 for Sami Tolvanen
2019-10-08 22:40 ` [RESEND PATCH v2 5/5] x86: fix function types in COND_SYSCALL Sami Tolvanen
2019-10-11 11:22 ` [tip: x86/entry] syscalls/x86: Fix " tip-bot2 for Sami Tolvanen
2019-10-10 18:17 ` [RESEND PATCH v2 0/5] x86: fix syscall function type mismatches Andy Lutomirski
2019-10-11 10:50 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191008224049.115427-5-samitolvanen@google.com \
--to=samitolvanen@google.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).