Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760656AbcDEWJf (ORCPT ); Tue, 5 Apr 2016 18:09:35 -0400 Received: from mail-bn1on0087.outbound.protection.outlook.com ([157.56.110.87]:35424 "EHLO na01-bn1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1760641AbcDEWJd (ORCPT ); Tue, 5 Apr 2016 18:09:33 -0400 Authentication-Results: arndb.de; dkim=none (message not signed) header.d=none;arndb.de; dmarc=none action=none header.from=caviumnetworks.com; From: Yury Norov To: , , , CC: , , , , , , , , , , , , , , , Subject: [PATCH 01/25] all: syscall wrappers: add documentation Date: Wed, 6 Apr 2016 01:08:23 +0300 Message-ID: <1459894127-17698-2-git-send-email-ynorov@caviumnetworks.com> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1459894127-17698-1-git-send-email-ynorov@caviumnetworks.com> References: <1459894127-17698-1-git-send-email-ynorov@caviumnetworks.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [95.143.213.121] X-ClientProxiedBy: AM2PR03CA0040.eurprd03.prod.outlook.com (10.160.207.50) To CO2PR07MB619.namprd07.prod.outlook.com (10.141.228.151) X-MS-Office365-Filtering-Correlation-Id: aa063969-f580-49c3-7bd3-08d35d9ef56a X-Microsoft-Exchange-Diagnostics: 1;CO2PR07MB619;2:uigSIC9c6JALP974IxJ0Pq+Law9hFf9ll7WRT4Wgwz1KMHvYfXHt8eNIJ6udZVK3nGaglGjlVtZMhtgwIHV/hEwT2jDfANCOIDlKuunCmWLQKrOAFloiCwgXjy40bnCSZmNm+Prd8AwZq7GrVQfFeqFbm9VSQQZRwtniPjOqoPIZB/n2o5XP8Do7B0s3OTZk;3:vGouNim2LS/8Jv9nvuRjO2YjuPzNw53Z+sxPJzfYAqc3nFFsGxNwfgy5UC6Efx4V4Fj/wjBbFNAp/9dMA4YXoOptE2B6X0bfxHhNklLo8v8En+xjjzARNITyo1T9tUpb;25:opDhUC8rtyyWFzrUOx2MaVInN2ILbpg+pQp8CGM1wQDBbRIxKRfiaa33W6Qk4CnscwAinSoo4Iv7LQncwpwkSgF27VBX4TytzsioS71uXCUN3ClbzOKUHACjcj/9glzx5xhJ5ZyKnZBCARdNsb8XgJwES/rnjuwumylb48f7/5bsiRWj54cu3WlSpNcjvRNnkQ4c9u5QPTuPHAmOPXptnLChRT+GLRpXDVuCweGYubzTFae3ISCIPIT17C5G5g1hjJbLEZnidb7bQ1iSiDjk7h0T6fehMCyToeMfeMyvSpDy016sek2Ivc7mWjx7fmiGE7JRc1J9Rlxvty93xKOokJnyPP44d7worMF5JG9w8ZU= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CO2PR07MB619; X-Microsoft-Exchange-Diagnostics: 1;CO2PR07MB619;20:SEhbSrpVd5a9aeETc9WWGFaWW8GChhJHtbHKN7CeYoABBAX2q7GgiTBVQXnGcn6XHJbPhcptLSVI3PHejIYRoy2YjKoA4cci2S3AGrHnDI+mazXMVhu+Qo0DVgFBV3eE4A08Fvs+29e7z6S+w+LpA1iVjzb82kZJcFcQqfMlgeOgZSx439UVV31RpFUVwbsq/PvqqneNPAX5Z0BYVTANkdyZDnagcvB8Z3uruuY4xjPwHT2+83n/+yJ7iZXymz/rRgl7wUH/TWcHgQXAnnQv40D+V7d3h55OZw1+th4vb93k5s+dBI439x26GcyyxRvh0XKciEf3xnllVsUsY5OhFLqZJ48Qw8vS5BPbvwiCTSW7S/L1U2JdJv3K0HtKrjfCBv2jILmkgLgvkemdYhhkSToXSpuGFp0RGdjVfBTGhkv1zdKuGe/nhqf7oTkcJs+fk7bFFQptNE8M6GXam5gcdZlY2dDCCU5FUuFJJsZjj+bivrIpqgD2FLyaqfm10axUwTKh8bTCvCwJ+VX2CqOjWn9JMVOYeswSqrJ0ku4BRD0aB2Nc3GkSNd8wpcQuxocIXtkHzdpyFf5WPJF2UGBcghThBw9LcOByGdagDBUHpKQ= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001);SRVR:CO2PR07MB619;BCL:0;PCL:0;RULEID:;SRVR:CO2PR07MB619; X-Microsoft-Exchange-Diagnostics: 1;CO2PR07MB619;4:7nErMrfiLOW/6dGhx6Qb5RIUAjrvLQ+XFR+cbOcmLiV4MsFB9Vls8B10vovun6v2PQR4DMQdk+psixuPx9xefuhmJetuzFTyKQh6OMKn6kKLtlwTFveWv7cPytaoLK3MdfvHT0fjoLdRcnqNViWq/8j0omHJsWmbL7x040dUjZU871yGdYlUWwlCBITmj9V2BNcmikNUqf1P/2At936WTGG8BOTn4r3G9PUPvDj8KniMD/DnYuMxuVMXB11juDVh3ZfJHriZgSZOJErpjWedBVqaEPHoDEdAwEiD1kezEC3cZx/OfI7X5RZmI9yqpdrglDXzjL1gz4BdBR20cOEcjJ0NuVa8koBDDZwIBIiggIYRNU8gIcOyeOteTbZvQy7m X-Forefront-PRVS: 0903DD1D85 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6069001)(43544003)(76506005)(48376002)(42186005)(189998001)(36756003)(81166005)(19580405001)(19580395003)(92566002)(47776003)(66066001)(50226001)(50466002)(5001770100001)(4326007)(586003)(33646002)(5004730100002)(3846002)(5003940100001)(2950100001)(50986999)(1096002)(229853001)(2201001)(76176999)(5008740100001)(77096005)(6116002)(2906002)(2101003);DIR:OUT;SFP:1101;SCL:1;SRVR:CO2PR07MB619;H:localhost;FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;CO2PR07MB619;23:jC1EfcQgPbqxUzIShwqw3ZynEsheX9GBUuF6YjrYUp?= =?us-ascii?Q?T6MFyVnV5lXxRxdVvAXG3gWWnOMsFT77RMUMfKY374DpOs5UleKX6pHbuG8B?= =?us-ascii?Q?KbC5ugPyabG48vbwGJGdu9yfUEz9eWZt8K5/5TZ3xBu7UoLZQlKeeJEOaSWj?= =?us-ascii?Q?KWMpFOv7wnP0hSIeCSSpoJHSZLg2TPqji53FyTdSP0LFIZBuuQZgtYJTbiIA?= =?us-ascii?Q?N4yQJP9CsfylHNih/Bif5XK5iq11SsODy2XcecUAV1E+yeLP8dSwrnjtUQyK?= =?us-ascii?Q?47Wa0xOidWm2BWo2fm9j+aWiydSdq+SoyvyGuszmap1AOVXGq0aatPEO904C?= =?us-ascii?Q?oQTK5gJQEKDgrMn/i9MS54mBqZ8v30o1PXJ70Ne8YPFW0TWuFNnla3qfE518?= =?us-ascii?Q?aV1WYJw9VzWZ4E3Yz5GnJwP3CuyMZZ2l6JHldr1FYNm9hA9RE4PCCyL8KmPa?= =?us-ascii?Q?TxKXv5PgPJM5e3TrhaCHV7oBCqosAWvmPGkz4XoFmsOZPk1Ihu+gY7hT+rbv?= =?us-ascii?Q?UwlwAgz47j8MKVfuI/g2YLjXto5stVKj+TthphRQxfuZ8gW1VYTdhJsrA8qx?= =?us-ascii?Q?hwc7URahbMVZXivT6fgXerQMCyPpK072VvW0EUPNwMIo4JvNw8BT+JII67Ad?= =?us-ascii?Q?SgzF3d0/2WSR1/pTQGOYLQ3QsgBIzW34mr6zrFmrIs0AYCgCLrIrpfrNf9WO?= =?us-ascii?Q?XRW6ypZkrfjbcc0jVdFV+3CPaU5UdzBFFuEzPgfsGXqy5kP8re/HXWim56Bs?= =?us-ascii?Q?oJfDMD4OfrfJUMhBH2yv3QpSTm4OnOWi668rJ3LrYtUzBgEFDYVGRL1NVN+g?= =?us-ascii?Q?ID51OHPR/rmQ0Om1ULu5EqhS9eXKHOrR5XxhtrxSTdH/KTBaavH1CDgTEyUK?= =?us-ascii?Q?PtTz6d1D1Hi53CcVqXhoT1ZhwH97K+VMkpRE4qDKLxAlPapWXjYpe9pGlUcH?= =?us-ascii?Q?7Hyv1XIltM/1RsApupBNKoqcdXW9Y5sR9VgBVPhw=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;CO2PR07MB619;5:ZO8Kb0qbz3KC96glh4XMm9cJgz1p/8UDKO7tV1Nkxt4gQt0vgh3vu9nxru4za0IZFJB78MzPAXiFi9AjzPlYilwy/81JpL350vC/kH7yBenxciFdlbamRjqvCYTdbhrw9OXLMMVmUKFdteJPmqJOug==;24:wrPiMjWvSp+r/ueAH62atm9q4C11gfg8pnTcqb3fxia3K1HOF163o5AUfxguAM1OCMlv+VsDZhM2FMzfjmxvVwOZ9IlkpvoExB/Bhv3k2GI= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Apr 2016 22:09:28.8452 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR07MB619 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2262 Lines: 51 Signed-off-by: Yury Norov Acked-by: Heiko Carstens --- Documentation/adding-syscalls.txt | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/Documentation/adding-syscalls.txt b/Documentation/adding-syscalls.txt index cc2d4ac..d02a6bd 100644 --- a/Documentation/adding-syscalls.txt +++ b/Documentation/adding-syscalls.txt @@ -341,6 +341,38 @@ To summarize, you need: - instance of __SC_COMP not __SYSCALL in include/uapi/asm-generic/unistd.h +Compatibility System Calls Wrappers +-------------------------------- + +Some architectures prevent 32-bit userspace from access to top halves of 64-bit +registers, but some not. It's not a problem if specific argument is the same +size in kernel and userspace. It also is not a problem if system call is already +handled by compatible routine. Otherwise we'd take care of it. Usually, glibc +and compiler handles register's top halve, but from kernel side, we cannot rely +on it, as malicious code may cause incorrect behaviour and/or security +vulnerabilities. + +For now, only s390 and arm64/ilp32 are affected. + +To clear that top halves, automatic wrappers are introduced. They clear all +required registers before passing control to regular syscall handler. + +If your architecture allows userspace code to access top halves of register, +you need to: + - enable COMPAT_WRAPPER in configuration file; + - declare: "#define __SC_WRAP(nr, sym) [nr] = compat_##sym,", just before + compatible syscall table declaration, if you use generic unistd; or + - declare compat wrappers manually, if you use non-generic syscall table. + The list of unsafe syscalls is in kernel/compat_wrapper. + +If you write new syscall, make sure, its arguments are the same size in both +64- and 32-bits modes. If no, and if there's no explicit compat version for +syscall handler, you need to: + - declare compat version prototype in 'include/linux/compat.h'; + - in 'include/uapi/asm-generic/unistd.h' declare syscall with macro '__SC_WRAP' + instead of '__SYSCALL'; + - add corresponding line to 'kernel/compat_wrapper.c' to let it generate wrapper. + Compatibility System Calls (x86) -------------------------------- -- 2.5.0