For the record, this is the entire patch necessary to do the
sync_cores() system call -- and no potential interactions with security
frameworks or whatnot, simply because no security-sensitive operations
are performed of any kind.
Comments/opinions appreciated.
-hpa
>From c0246c43c30453e4f88a314e437d4504e6a36c08 Mon Sep 17 00:00:00 2001
From: "H. Peter Anvin" <[email protected]>
Date: Wed, 27 Nov 2013 13:57:29 -0800
Subject: [PATCH] x86: Add a sync_cores() system call for user space code
patching
Add a system call to synchronize all processors (guarantee execution
of a serializing instruction on all processors before execution
resumes) so that user space can do INT3-style patching, or any other
kind of patching that it wants to do.
Signed-off-by: H. Peter Anvin <[email protected]>
---
arch/x86/kernel/alternative.c | 15 +++++++++++++++
arch/x86/syscalls/syscall_32.tbl | 1 +
arch/x86/syscalls/syscall_64.tbl | 1 +
3 files changed, 17 insertions(+)
diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index df94598ad05a..8227eee42114 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -12,6 +12,7 @@
#include <linux/stop_machine.h>
#include <linux/slab.h>
#include <linux/kdebug.h>
+#include <linux/syscalls.h>
#include <asm/alternative.h>
#include <asm/sections.h>
#include <asm/pgtable.h>
@@ -676,3 +677,17 @@ void *text_poke_bp(void *addr, const void *opcode, size_t len, void *handler)
return addr;
}
+/**
+ * sys_sync_cores() -- synchronize cores for userspace patching
+ *
+ * This function provides the core synchronization operation
+ * so that userspace can do int3 breakpoint patching.
+ *
+ * Everything else can be handled in userspace.
+ */
+SYSCALL_DEFINE0(sync_cores)
+{
+ on_each_cpu(do_sync_core, NULL, 1);
+
+ return 0;
+}
diff --git a/arch/x86/syscalls/syscall_32.tbl b/arch/x86/syscalls/syscall_32.tbl
index aabfb8380a1c..acfdfe2b95e7 100644
--- a/arch/x86/syscalls/syscall_32.tbl
+++ b/arch/x86/syscalls/syscall_32.tbl
@@ -357,3 +357,4 @@
348 i386 process_vm_writev sys_process_vm_writev compat_sys_process_vm_writev
349 i386 kcmp sys_kcmp
350 i386 finit_module sys_finit_module
+351 i386 sync_cores sys_sync_cores
diff --git a/arch/x86/syscalls/syscall_64.tbl b/arch/x86/syscalls/syscall_64.tbl
index 38ae65dfd14f..6556f1e6e920 100644
--- a/arch/x86/syscalls/syscall_64.tbl
+++ b/arch/x86/syscalls/syscall_64.tbl
@@ -320,6 +320,7 @@
311 64 process_vm_writev sys_process_vm_writev
312 common kcmp sys_kcmp
313 common finit_module sys_finit_module
+314 common sync_cores sys_sync_cores
#
# x32-specific system call numbers start at 512 to avoid cache impact
--
1.8.3.1
