Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp914777imu;
        Tue, 20 Nov 2018 08:49:53 -0800 (PST)
X-Google-Smtp-Source: AJdET5dc7jI5jBGh1oOP6obef06E7KavP6yIb/BKI0933OC3cipH70KtPVwiZxgVzkzYQX94kxFm
X-Received: by 2002:a62:8a51:: with SMTP id y78mr2893977pfd.35.1542732593771;
        Tue, 20 Nov 2018 08:49:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542732593; cv=none;
        d=google.com; s=arc-20160816;
        b=wTEe5txzlOW4umks12o2OOPw7nA/+nUq0noMwITD1CzlSs/lhx+aRH4X+QxQxWf9lL
         l8x7kl0peNLqCK3DW32kY7OpgLkyXnKyR39mquPk6UB22ZfAwKJCLyPrXDMoVkR/2vOB
         uN1BjC0gc/fI+/m1FVa0AMlEB/KWGmm9TCL3OkuKWRsw05gniHSuVpCSogyxA05NSGK3
         BR6tNEZ7v9mAmNZrQbZ2UBi8b56Iu/j8upQix5W0mpZS2Mg+eS6x0UJgIhPrBQfkhlHa
         8QK87locYUjKveAeu3J/WUBAQrhgATbE2kh0qrPQB/3Sxx93FSt4Kl/VJn5nDxOfjsvh
         +npA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=WFx1J3inb6v7UEw+P0E/R4x3DL6bkDbfnw8yxHPEfyE=;
        b=SYt5nK3EzIZgNBrdGOXKG5QvhY83C0HoszefB6jmtB4TZv6Ah/B286CDk0hIQbpaHe
         aACWcEr14PeTwGFYR9lbfzNw7l3KbnJ7w6lNZydUVSsQftkM0HlPIdS9vWGwO2+nCYR2
         t03DAmmHWra2cRJm9Id39xiMJdTqP+op871Q8lWsolTea606juiw4RZfTgIeDd+xU7jd
         My83G2YgMDZc09YYKga/eqzRvTrGflBJQARw1xZ5185+YENNKBzQLjfwDY7WtG8MU+4e
         b1lmvDkzgTepLb+e7MlkGe/pc/WMACEVyQr8s5ofVuhsfhFL0aJZKI18azBC5f9zPbY8
         E7ww==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=TLujhgpZ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b10si27651664plz.233.2018.11.20.08.49.38;
        Tue, 20 Nov 2018 08:49:53 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=TLujhgpZ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730142AbeKUDTA (ORCPT <rfc822;zjuysxie86@gmail.com>
        + 99 others); Tue, 20 Nov 2018 22:19:00 -0500
Received: from mail-pl1-f193.google.com ([209.85.214.193]:38202 "EHLO
        mail-pl1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725925AbeKUDTA (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 20 Nov 2018 22:19:00 -0500
Received: by mail-pl1-f193.google.com with SMTP id e5so1265479plb.5
        for <linux-kernel@vger.kernel.org>; Tue, 20 Nov 2018 08:48:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=tycho-ws.20150623.gappssmtp.com; s=20150623;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=WFx1J3inb6v7UEw+P0E/R4x3DL6bkDbfnw8yxHPEfyE=;
        b=TLujhgpZc8+Vk4MHalcSCCHQdHu/Pik1yHrCAHLcRY1OSPbTDkbyAPsK/88k3Cq/sM
         MpydZosT8zqEc8CQnrjCP5URsguZljyKTuw57KaI6gkyPUJV0MNM4e5vX8lvJ2cjaMlY
         Olt+1WyjyD+BbtwQC/H43ZkrRZfyXgdqAm/b3lrrhpCioOxE5VLm58vFv8MHdY+I47Po
         V0YaotEqf4dCsFgiNsu3s83WV2qQoIG7RnMDlIhI3TfPY68kT1spy8/sKOffQ4t/3WJ0
         eCa3o9Pr/oDf9hJctS3uX4OHgDUhLu/eFejObfg7Ne9Zp1f/p9rQ7VY8N9LvUzccFz7M
         vHZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=WFx1J3inb6v7UEw+P0E/R4x3DL6bkDbfnw8yxHPEfyE=;
        b=OhACsEqBr34o9d9ENhB+f4JXW/b0OqvbpPsGMVvlAwtWhEd9IaXMWt3KY+gUz+MhRM
         uSzLDqif735FqavWn5ctzwGXOk0Ls9hXrVw4qzCq+Whcpp7UPuMy9M1u94EKdXA7YGUf
         pMfFagiucnYALkmHb/Z6/FdgSf1qKicBA+IEWQxR8pUBsoaTCI/pohy36xX648KEKcmC
         xAoCVoqSVKAR/fBy19ga7YyiDHC5fdEX5bWcHNIBnWnkLXNcBNBbPEKYNp/Fki7rS3KM
         6/oFjwHA5Z6lTgG5KCFJ45BUE1MPs1qkJkvL1lfD2s202qdkOnjHG22qE2NwxE/Sr3Bh
         R7sg==
X-Gm-Message-State: AA+aEWb7z1xfe7+9doCziYc1Uhc0232AxsIaq6QITmUdSr04U/c1H2fv
        Up6MKR/w4adOa4ztxRBdfHUUNA==
X-Received: by 2002:a17:902:76c2:: with SMTP id j2mr2979554plt.339.1542732535313;
        Tue, 20 Nov 2018 08:48:55 -0800 (PST)
Received: from cisco ([128.107.241.166])
        by smtp.gmail.com with ESMTPSA id u9-v6sm47247001pfm.175.2018.11.20.08.48.53
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Tue, 20 Nov 2018 08:48:54 -0800 (PST)
Date:   Tue, 20 Nov 2018 09:48:52 -0700
From:   Tycho Andersen <tycho@tycho.ws>
To:     Andy Lutomirski <luto@kernel.org>
Cc:     X86 ML <x86@kernel.org>, LKML <linux-kernel@vger.kernel.org>,
        Borislav Petkov <bp@alien8.de>,
        Peter Zijlstra <peterz@infradead.org>,
        Daniel Colascione <dancol@google.com>,
        Florian Weimer <fweimer@redhat.com>,
        Carlos O'Donell <carlos@redhat.com>,
        Rich Felker <dalias@libc.org>
Subject: Re: Cleaning up numbering for new x86 syscalls?
Message-ID: <20181120164852.GC4992@cisco>
References: <CALCETrVPcgKarpTOsdTfODkNA76W04WvW+tNWoOx6+Em0KS04A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CALCETrVPcgKarpTOsdTfODkNA76W04WvW+tNWoOx6+Em0KS04A@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Nov 19, 2018 at 04:22:49PM -0800, Andy Lutomirski wrote:
> Hi all-
> 
> We currently have some giant turds in the way that syscalls are
> numbered.  We have the x86_32 table, which is totally sane other than
> some legacy multiplexers.  Then we have the x86_64 table, which is,
> um, demented:
> 
>  - The numbers don't match x86_32.  I have no idea why.
> 
>  - We use bit 30, which triggers in_x32_syscall().  It should have
> been bit 31, bit I digress.
> 
>  - We have this weird set of extra x32 syscalls that start at 512.
> Who wants to bet whether we have no bugs if someone does syscall with,
> say, nr == 512 (i.e. not 512 | BIT(30)) or nr == (16 | BIT(30))?  The
> latter would be non-compat ioctl with in_x32_syscall() set and hence
> in_compat_syscall() set.
> 
>  - Bloody restart_syscall() has a different number on x86_64 and
> x64_32, which is a big mess.
> 
> I propose we consider some subset of the following:
> 
> 1. Introduce restart_syscall_2().  Make its number be 1024.  Maybe
> someday we could start using it instead of restart_syscall().  The
> only issue I can see is programs that allow restart_syscall() using
> seccomp but don't allow the new variant.
>
> 2. Introduce an outright ban on new syscalls with nr < 1024.
> 
> 3. Introduce an outright ban on the addition of new __x32_compat
> syscalls.  If new compat hacks are needed, they can use
> in_compat_syscall(), thank you very much.
> 
> 4. Modify the wrappers of the __x32_compat entries so that they will
> return -ENOSYS if in_x32_syscall() returns false.

This sounds like a great idea independent of all of this.

> 5. Adjust the scripts so that we only have to wire up new syscalls
> once.  They'll have a nr above 1024, and they'll have the same nr on
> all x86 variants.
> 
> Thoughts?

+1. Who wants to do it? :D

Tycho