Re: [PATCH] ARM: ptrace: Restore syscall skipping and restart while tracing

From: Arnd Bergmann
Date: Thu Aug 10 2023 - 16:10:38 EST

Next message: Arnd Bergmann: "Re: [PATCH v2 2/2] ARM: ptrace: Restore syscall skipping for tracers"
Previous message: kernel test robot: "ld.lld: error: undefined symbol: ptp_clock_register"
In reply to: Kees Cook: "Re: [PATCH] ARM: ptrace: Restore syscall skipping and restart while tracing"
Next in thread: Kees Cook: "Re: [PATCH] ARM: ptrace: Restore syscall skipping and restart while tracing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 10, 2023, at 21:32, Kees Cook wrote:
> On Wed, Aug 09, 2023 at 09:47:24PM +0200, Arnd Bergmann wrote:
>
>> If the local_restart code has to store the syscall number
>> for an EABI-only kernel, wouldn't it have to also do this
>> for a kernel with OABI-only or OABI_COMPAT support?
>
> This is the part I wasn't sure about. Initially I was thinking it didn't
> matter because it's only a problem for a seccomp tracer, but I realize
> it might be exposed to a PTRACE tracer too. I was only able to test with
> EABI since seccomp is disabled for OABI_COMPAT.
>
> Anyway, syscall restart is done this way:
>
> movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE)
>
> Can a EABI call restart an OABI syscall? I think so?

There are very few differences between oabi and eabi syscalls, I
think it basically comes down to

- the syscall number, and register in which it is passed to the kernel
- a few syscalls that exist for OABI backward compatibility and were
deprecated before EABI was added
- a few syscalls that pass a struct with different alignment rules
- epoll_wait() uses a runtime check for the output format

It also seems like the __NR_restart_syscall path is only relevant
for syscalls using restart_block for restarting, and that means
it's only poll(), futex(), nanosleep(), clock_nanosleep() and their
time64 counterparts. All of these are handled by the same entry
points for OABI and EABI, i.e. there is no overlap with the
exceptions above. Crucially, epoll does not use restart_block,
unlike poll().

> So maybe we just need to add:
>
> str scno, [tsk, #TI_ABI_SYSCALL] @ store scno for syscall restart
>
> after that instead of moving it like I did originally?

Yes, I think that works!

For pure EABI and pure OABI kernels, this just does the right thing,
storing a plain __NR_restart_syscall in the field without an ABI
marker. For an OABI compat task running on an EABI kernel, it will
call the EABI version of restart_syscall(), but that is exactly
the same as the OABI version, as shown above.

Arnd

Next message: Arnd Bergmann: "Re: [PATCH v2 2/2] ARM: ptrace: Restore syscall skipping for tracers"
Previous message: kernel test robot: "ld.lld: error: undefined symbol: ptp_clock_register"
In reply to: Kees Cook: "Re: [PATCH] ARM: ptrace: Restore syscall skipping and restart while tracing"
Next in thread: Kees Cook: "Re: [PATCH] ARM: ptrace: Restore syscall skipping and restart while tracing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]