Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp287649pxk; Wed, 2 Sep 2020 22:47:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxG2d7QRlvlfTOATQcllmAzxIpHNpZv2zCTykOIpQP87hQ/tmhyI7j+/VUdT31XmgoDCaeV X-Received: by 2002:a17:906:4c81:: with SMTP id q1mr468922eju.72.1599112047612; Wed, 02 Sep 2020 22:47:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599112047; cv=none; d=google.com; s=arc-20160816; b=pb82CUMJBTFdUpMW/l/O00NslgQjNAM1QiARvcy0APQDcWj+H8FjG8l47AX18vwfsv uiJuvM7FQwUgnL03fXl7lI1jvI+jksa9pT/+PGoBy2VaH9AznCZcxzBDQCzZ6J9mMnDN qyEQDk/yaiyOLHEZGbT03JBZlzrxRx8Epl9zJJX2CPkY0TdNo9c6m1bygc+bt6sZDF13 xqx1DwATZg72Ww5cT/6jPHszUjDzRVjuOnxVgrfCVC8LkWrQAvFyJxgruSsrUq9f5oMS Zpexcm5XuH6kBmZTX1/RTSdazhS7X7V1jQ3JstGEvtuwdeSzM4NBpCzyZ1il7VeVINtg DK6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=0st22ruAZps59wrAG6uKdLk99WwotqCHBOydjCSev0w=; b=e90ycufnJRnrLKNSgtEyGUG+oqcN9C7GckzKdAHBahqmFOtnCkQgYqwKWX5l+Utg7K Vw+HR3whYs3H1yvoZSdG1YL78TCMccfRMWJmqKb//Ole8rkAHR6fj7yG1mZ/A/ZCpZXJ qCcZcjKh889sTU8Vy3MWHUYxylpJt1N2QdxDAZso5a/ivCK1+pHoDEkWj+bLqIhFRHn8 0SY/8Nhw4ncS/xhTj+L2FJiV6vmBfAbADIwn0afSr2iVZSelOFBAQSaEUMNLMslH4d7K qDsV8TT5ZyknnTpodMl7tW0Jgy8m8C3X9iC53yrsaoCt45TVlzlDUjfe9smd5/SbmteA hMeg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l3si1424905ejd.163.2020.09.02.22.47.02; Wed, 02 Sep 2020 22:47:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726054AbgICFqV (ORCPT + 99 others); Thu, 3 Sep 2020 01:46:21 -0400 Received: from brightrain.aerifal.cx ([216.12.86.13]:49112 "EHLO brightrain.aerifal.cx" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725919AbgICFqU (ORCPT ); Thu, 3 Sep 2020 01:46:20 -0400 Date: Thu, 3 Sep 2020 01:46:18 -0400 From: Rich Felker To: John Paul Adrian Glaubitz Cc: Michael Karcher , linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org, Yoshinori Sato Subject: Re: [PATCH 3/4] sh: Add SECCOMP_FILTER Message-ID: <20200903054617.GW3265@brightrain.aerifal.cx> References: <20200722231322.419642-1-kernel@mkarcher.dialup.fu-berlin.de> <20200722231322.419642-3-kernel@mkarcher.dialup.fu-berlin.de> <20200828155024.GX3265@brightrain.aerifal.cx> <20200828163057.GY3265@brightrain.aerifal.cx> <82b625c2-23cb-69a4-7495-39427430c306@physik.fu-berlin.de> <20200828170259.GZ3265@brightrain.aerifal.cx> <20200829004939.GB3265@brightrain.aerifal.cx> <20200903035603.GV3265@brightrain.aerifal.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200903035603.GV3265@brightrain.aerifal.cx> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 02, 2020 at 11:56:04PM -0400, Rich Felker wrote: > On Sat, Aug 29, 2020 at 01:09:43PM +0200, John Paul Adrian Glaubitz wrote: > > Hi! > > > > On 8/29/20 2:49 AM, Rich Felker wrote: > > > This restored my ability to use strace > > > > I can confirm that. However ... > > > > > and I've written and tested a minimal strace-like hack using > > > SECCOMP_RET_USER_NOTIF that works as > > > expected on both j2 and qemu-system-sh4, so I think the above is > > > correct. > > > > The seccomp live testsuite has regressed. > > > > [...] > > Test 58-live-tsync_notify%%001-00001 result: FAILURE 58-live-tsync_notify 6 ALLOW rc=14 > > This is similar to 51. > > I think the commonality of all the failures is that they deal with > return values set by seccomp filters for blocked syscalls, which are > getting clobbered by ENOSYS from the failed syscall here. So I do need > to keep the code path that jumps over the actual syscall if > do_syscall_trace_enter returns -1, but that means > do_syscall_trace_enter must now be responsible for setting the return > value in non-seccomp failure paths. > > I'll experiment to see what's still needed if that change is made. OK, I think I have an explanation for the mechanism of the bug, and it really is a combination of the 2008 bug (confusion of r0 vs r3) and the SECCOMP_FILTER commit. When the syscall_trace_entry code path is in use, a syscall with argument 5 having value -1 causes do_syscall_trace_enter to return -1 (because it returns regs[0], which contains argument 5), which the change in entry-common.S interprets as a sign to skip the syscall and jump to syscall_exit, and things blow up from there. In particular, SYS_mmap2 is almost always called with -1 as the 5th argument (fd), and this is even more common on nommu where SYS_brk does not work. I'll follow up with a new proposed patch. Rich