Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp296257pxk; Wed, 2 Sep 2020 23:06:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxsR3nUtKY7cKEYmqpH63cVjkv/g3jBvsuz61ImYv2F6R3ulVMipISwWhtfBZkgYaSueN2u X-Received: by 2002:a50:ef11:: with SMTP id m17mr1390446eds.251.1599113182543; Wed, 02 Sep 2020 23:06:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599113182; cv=none; d=google.com; s=arc-20160816; b=fWT0A/hBc17DGsXC/2fHMHQdyHqb5bjgcDCxG4lQPtZ8wwugYNZWA2IBLX/z1QG3gp YSbJsdyQpbOZR7HiIkSifEI8SwXL5gyImAWu3QAnpp2oSeAFPOlVqNU10qBriPt0QtXJ YAo6B228dUtvbWVW7hTJozY5TOb2lphfGZJOwwCWckwKI/cbYQYDkEoFICW7DE6yhuwb ho9frZgtLAQ5qfG4lhh5q3ZR+QzcM+5eM1zHEbY4UB7D2VP9cZtu5jlCVGzhbQa6W1yi XCkVdyORqqAFxHBoD1LC8lrZ7UYjGFHSeRQw+EVGWFgrcdYThxT6PMhUQYdy8WXcyyYx oggg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:from:references:cc:to:subject; bh=MeS82l4TfyjK94AjVsGjpszpY96hBGlZGB7Tv6GOTDY=; b=Nct4nRrJCILsFittCENQsnlmZOV5gN1kwmpllIueRWfOtHyYme25iN2uPfABonRWeK Vb4O/nu9zBiuDxID8Zhi62+qkCAYNCT4pgSe8Z4NZH7SFX936mp9sm/qus5pYyAunUeT zRfWq/aEES+q+ztnw4bO/zj6Ev5GuQRzZw3AHzaj7hCTeBK6Hc6wQ8dKs9UizNkVIG7S ZamYZ0ZoXtAZq4U68aZN1U5MMQUHX0fAqAgFZE1caw7Hk2jnPr9SFXdMgV4gXzVcU30p 1zGOIn/yU4us+0MaSeJwGgtIdieXUB1j8h4Dwt2haHYl3Zyn2wL3KCnxMc6Drylu05ZD B5sQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h6si1343291ejc.567.2020.09.02.23.05.59; Wed, 02 Sep 2020 23:06:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726389AbgICGEt (ORCPT + 99 others); Thu, 3 Sep 2020 02:04:49 -0400 Received: from outpost1.zedat.fu-berlin.de ([130.133.4.66]:53861 "EHLO outpost1.zedat.fu-berlin.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725967AbgICGEs (ORCPT ); Thu, 3 Sep 2020 02:04:48 -0400 Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost.zedat.fu-berlin.de (Exim 4.93) with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (envelope-from ) id 1kDiMY-000Zlf-Im; Thu, 03 Sep 2020 08:04:46 +0200 Received: from p57bd95bc.dip0.t-ipconnect.de ([87.189.149.188] helo=[192.168.178.139]) by inpost2.zedat.fu-berlin.de (Exim 4.93) with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (envelope-from ) id 1kDiMY-00065W-BR; Thu, 03 Sep 2020 08:04:46 +0200 Subject: Re: [PATCH 3/4] sh: Add SECCOMP_FILTER To: Rich Felker Cc: Michael Karcher , linux-sh@vger.kernel.org, linux-kernel@vger.kernel.org, Yoshinori Sato References: <20200722231322.419642-1-kernel@mkarcher.dialup.fu-berlin.de> <20200722231322.419642-3-kernel@mkarcher.dialup.fu-berlin.de> <20200828155024.GX3265@brightrain.aerifal.cx> <20200828163057.GY3265@brightrain.aerifal.cx> <82b625c2-23cb-69a4-7495-39427430c306@physik.fu-berlin.de> <20200828170259.GZ3265@brightrain.aerifal.cx> <20200829004939.GB3265@brightrain.aerifal.cx> <20200903035603.GV3265@brightrain.aerifal.cx> <20200903054617.GW3265@brightrain.aerifal.cx> From: John Paul Adrian Glaubitz Autocrypt: addr=glaubitz@physik.fu-berlin.de; keydata= mQINBE3JE9wBEADMrYGNfz3oz6XLw9XcWvuIxIlPWoTyw9BxTicfGAv0d87wngs9U+d52t/R EggPePf34gb7/k8FBY1IgyxnZEB5NxUb1WtW0M3GUxpPx6gBZqOm7SK1ZW3oSORw+T7Aezl3 Zq4Nr4Nptqx7fnLpXfRDs5iYO/GX8WuL8fkGS/gIXtxKewd0LkTlb6jq9KKq8qn8/BN5YEKq JlM7jsENyA5PIe2npN3MjEg6p+qFrmrzJRuFjjdf5vvGfzskrXCAKGlNjMMA4TgZvugOFmBI /iSyV0IOaj0uKhes0ZNX+lQFrOB4j6I5fTBy7L/T3W/pCWo3wVkknNYa8TDYT73oIZ7Aimv+ k7OzRfnxsSOAZT8Re1Yt8mvzr6FHVFjr/VdyTtO5JgQZ6LEmvo4Ro+2ByBmCHORCQ0NJhD1U 3avjGfvfslG999W0WEZLTeaGkBAN1yG/1bgGAytQQkD9NsVXqBy7S3LVv9bB844ysW5Aj1nv tgIz14E2WL8rbpfjJMXi7B5ha6Lxf3rFOgxpr6ZoEn+bGG4hmrO+/ReA4SerfMqwSTnjZsZv xMJsx2B9c8DaZE8GsA4I6lsihbJmXhw8i7Cta8Dx418wtEbXhL6m/UEk60O7QD1VBgGqDMnJ DFSlvKa9D+tZde/kHSNmQmLLzxtDbNgBgmR0jUlmxirijnm8bwARAQABtFRKb2huIFBhdWwg QWRyaWFuIEdsYXViaXR6IChGcmVpZSBVbml2ZXJzaXRhZXQgQmVybGluKSA8Z2xhdWJpdHpA cGh5c2lrLmZ1LWJlcmxpbi5kZT6JAlEEEwEIADsCGwMFCwkIBwMFFQoJCAsFFgIDAQACHgEC F4AWIQRi/4p1hOApVpVGAAZ0Jjs39bX5EwUCWhQoUgIZAQAKCRB0Jjs39bX5Ez/ID/98r9c4 WUSgOHVPSMVcOVziMOi+zPWfF1OhOXW+atpTM4LSSp66196xOlDFHOdNNmO6kxckXAX9ptvp Bc0mRxa7OrC168fKzqR7P75eTsJnVaOu+uI/vvgsbUIosYdkkekCxDAbYCUwmzNotIspnFbx iSPMNrpw7Ud/yQkS9TDYeXnrZDhBp7p5+naWCD/yMvh7yVCA4Ea8+xDVoX+kjv6EHJrwVupO pMa39cGs2rKYZbWTazcflKH+bXG3FHBrwh9XRjA6A1CTeC/zTVNgGF6wvw/qT2x9tS7WeeZ1 jvBCJub2cb07qIfuvxXiGcYGr+W4z9GuLCiWsMmoff/Gmo1aeMZDRYKLAZLGlEr6zkYh1Abt iz0YLqIYVbZAnf8dCjmYhuwPq77IeqSjqUqI2Cb0oOOlwRKVWDlqAeo0Bh8DrvZvBAojJf4H nQZ/pSz0yaRed/0FAmkVfV+1yR6BtRXhkRF6NCmguSITC96IzE26C6n5DBb43MR7Ga/mof4M UufnKADNG4qz57CBwENHyx6ftWJeWZNdRZq10o0NXuCJZf/iulHCWS/hFOM5ygfONq1Vsj2Z DSWvVpSLj+Ufd2QnmsnrCr1ZGcl72OC24AmqFWJY+IyReHWpuABEVZVeVDQooJ0K4yqucmrF R7HyH7oZGgR0CgYHCI+9yhrXHrQpyLkCDQRNyRQuARAArCaWhVbMXw9iHmMH0BN/TuSmeKtV h/+QOT5C5Uw+XJ3A+OHr9rB+SpndJEcDIhv70gLrpEuloXhZI9VYazfTv6lrkCZObXq/NgDQ Mnu+9E/E/PE9irqnZZOMWpurQRh41MibRii0iSr+AH2IhRL6CN2egZID6f93Cdu7US53ZqIx bXoguqGB2CK115bcnsswMW9YiVegFA5J9dAMsCI9/6M8li+CSYICi9gq0LdpODdsVfaxmo4+ xYFdXoDN33b8Yyzhbh/I5gtVIRpfL+Yjfk8xAsfz78wzifSDckSB3NGPAXvs6HxKc50bvf+P 6t2tLpmB/KrpozlZazq16iktY97QulyEY9JWCiEgDs6EKb4wTx+lUe4yS9eo95cBV+YlL+BX kJSAMyxgSOy35BeBaeUSIrYqfHpbNn6/nidwDhg/nxyJs8mPlBvHiCLwotje2AhtYndDEhGQ KEtEaMQEhDi9MsCGHe+00QegCv3FRveHwzGphY1YlRItLjF4TcFz1SsHn30e7uLTDe/pUMZU Kd1xU73WWr0NlWG1g49ITyaBpwdv/cs/RQ5laYYeivnag81TcPCDbTm7zXiwo53aLQOZj4u3 gSQvAUhgYTQUstMdkOMOn0PSIpyVAq3zrEFEYf7bNSTcdGrgwCuCBe4DgI3Vu4LOoAeI428t 2dj1K1EAEQEAAYkCHwQYAQgACQUCTckULgIbDAAKCRB0Jjs39bX5E683EAC1huywL4BlxTj7 FTm7FiKd5/KEH5/oaxLQN26mn8yRkP/L3xwiqXxdd0hnrPyUe8mUOrSg7KLMul+pSRxPgaHA xt1I1hQZ30cJ1j/SkDIV2ImSf75Yzz5v72fPiYLq9+H3qKZwrgof9yM/s0bfsSX/GWyFatvo Koo+TgrE0rmtQw82vv7/cbDAYceQm1bRB8Nr8agPyGXYcjohAj7NJcra4hnu1wUw3yD05p/B Rntv7NvPWV3Oo7DKCWIS4RpEd6I6E+tN3GCePqROeK1nDv+FJWLkyvwLigfNaCLro6/292YK VMdBISNYN4s6IGPrXGGvoDwo9RVo6kBhlYEfg6+2eaPCwq40IVfKbYNwLLB2MR2ssL4yzmDo OR3rQFDPj+QcDvH4/0gCQ+qRpYATIegS8zU5xQ8nPL8lba9YNejaOMzw8RB80g+2oPOJ3Wzx oMsmw8taUmd9TIw/bJ2VO1HniiJUGUXCqoeg8homvBOQ0PmWAWIwjC6nf6CIuIM4Egu2I5Kl jEF9ImTPcYZpw5vhdyPwBdXW2lSjV3EAqknWujRgcsm84nycuJnImwJptR481EWmtuH6ysj5 YhRVGbQPfdsjVUQfZdRdkEv4CZ90pdscBi1nRqcqANtzC+WQFwekDzk2lGqNRDg56s+q0KtY scOkTAZQGVpD/8AaLH4v1w== Message-ID: Date: Thu, 3 Sep 2020 08:04:44 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <20200903054617.GW3265@brightrain.aerifal.cx> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Original-Sender: glaubitz@physik.fu-berlin.de X-Originating-IP: 87.189.149.188 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/3/20 7:46 AM, Rich Felker wrote: > > OK, I think I have an explanation for the mechanism of the bug, and it > really is a combination of the 2008 bug (confusion of r0 vs r3) and > the SECCOMP_FILTER commit. When the syscall_trace_entry code path is > in use, a syscall with argument 5 having value -1 causes > do_syscall_trace_enter to return -1 (because it returns regs[0], which > contains argument 5), which the change in entry-common.S interprets as > a sign to skip the syscall and jump to syscall_exit, and things blow > up from there. In particular, SYS_mmap2 is almost always called with > -1 as the 5th argument (fd), and this is even more common on nommu > where SYS_brk does not work. > > I'll follow up with a new proposed patch. I'm not sure whether we need another revision of your first patch. Your previous analysis was at least right regarding the tests 51 and 58 but those have been fixed now. But there were two other tests failing, weren't there? I have to recheck later, I just got up (it's 8 AM CEST). Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaubitz@debian.org `. `' Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913