On 21/12/2015 10:00, Richard Weinberger wrote:
> [sending the mail again, Thunderbird crashed :-\]
>
> Am 21.12.2015 um 09:49 schrieb Mickaël Salaün:
>>
>> On 21/12/2015 01:20, Richard Weinberger wrote:
>>> Am 21.12.2015 um 01:03 schrieb Mickaël Salaün:
>>>> diff --git a/arch/um/kernel/skas/syscall.c b/arch/um/kernel/skas/syscall.c
>>>> index 1683b8e..65f0d1a 100644
>>>> --- a/arch/um/kernel/skas/syscall.c
>>>> +++ b/arch/um/kernel/skas/syscall.c
>>>> @@ -7,6 +7,7 @@
>>>> #include <linux/ptrace.h>
>>>> #include <kern_util.h>
>>>> #include <sysdep/ptrace.h>
>>>> +#include <sysdep/ptrace_user.h>
>>>> #include <sysdep/syscalls.h>
>>>> #include <os.h>
>>>>
>>>> @@ -16,12 +17,16 @@ void handle_syscall(struct uml_pt_regs *r)
>>>> long result;
>>>> int syscall;
>>>>
>>>> + /* Save the syscall register. */
>>>> + UPT_SYSCALL_NR(r) = PT_SYSCALL_NR(r->gp);
>>>> +
>>>> if (syscall_trace_enter(regs)) {
>>>> result = -ENOSYS;
>>>> goto out;
>>>> }
>>>>
>>>> - syscall = get_syscall(r);
>>>> + /* Get the syscall after being potentially updated with ptrace. */
>>>> + syscall = UPT_SYSCALL_NR(r);
>>>
>>> Doesn't this break the support for changing syscall numbers using
>>> PTRACE_SETREGS?
>>
>> The logic is unchanged except updating the UPT_SYSCALL_NR before
>> syscall_trace_enter(). I did my last tests with the x86_32 subarchitecture
>> and all tests (from selftest/seccomp), including PTRACE_SETREGS for syscall
>> numbers tests, passed. However, 2 of this tests still fail for x86_64 (only).
>
> No, the logic is different.
> syscall_trace_enter(regs) enters the ptrace() path and here registers can be
> changed.
> Hence "syscall = UPT_SYSCALL_NR(r);" will see the old syscall number.
> UPT_SYSCALL_NR() returns the syscall number before the ptrace() path...The thing is, PTRACE_SETREGS give access to *orig_ax* in the user_regs_struct from arch/x86/include/asm/user_*.h and selftest/seccomp only update this (virtual) register, not the EAX/RAX. Am I missing something? Mickaël
signature.asc
Description: OpenPGP digital signature
