Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp1103528pxb;
        Thu, 23 Sep 2021 18:35:33 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyatCgm8Tj0c0vBcX6eby3FNI9hVvyP6FE1BISj6/vWA0iads1524KDXCsNZWgbFk9dGp4D
X-Received: by 2002:a05:6638:f12:: with SMTP id h18mr6873465jas.107.1632447333657;
        Thu, 23 Sep 2021 18:35:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1632447333; cv=none;
        d=google.com; s=arc-20160816;
        b=T42Zc0FpHqFCIRZfah9eAJ5Dx+MFOZBwE+1A779ZksIq9L8V96xej/PkiAurndCWNa
         lS/rrssNPTecxD9YYRzTVCx1E3OhnSvRoA3ewUsaLrmWkBlGPIjAngJY5/p0/tISTqSI
         hYka1cUjAc9Xi22UX0eOSOIPsUcz2T784Gs2DL36ghGP4UdVpmmnL4ySEFLBWHMytawA
         kr5kZbieIqofuS9JXGOw32nENVRjPGQa5SKBkvaiA+xSlmFRx3RnqfkxrjhVy4Imnigu
         tTrYsjx9YoX8PcQJIlnJOyPTR9tn0TZvVxvf5Yzt19ol8FkDsOffrecUrhnOeNONu/jE
         KPCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=/qOMIGogA1Xc3Ag/KoL2LzA/JNtrZrCrXRfeTJqQ6sY=;
        b=XNf8wzfWPQyGXCvrRsOS2x7XE79GzbYBZW0QgZJ8xbm1n7Ul6YplF7Ooz5H+uvlc70
         1QNCJFDF9k62QDPSOEg0/IZvr9jCfEfDETYY879ZK7MlttDhC8nQhuJJlTC30xx13kFy
         gah/RMETnzAlbhwIxi7p7N4g1si3g3WWwN1T5cU5Zu7xRWdKON6S5pDyNhkHN3ZzoTSF
         NCTIQrkmqYF8VITxXg8cbxE3cWHw2FQBZEJrIrYAvX2Q9TlyWXc8799zuK40InixPgnn
         SYb2VoHouiFy5jc8UgHwEJRysJDB9tnD8i9qcH3IpUxsh+4DFwvWcPguIyHUOPG1+/hi
         c9rw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id b8si9748350ios.12.2021.09.23.18.35.22;
        Thu, 23 Sep 2021 18:35:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243765AbhIXBfm (ORCPT <rfc822;llc123456a@gmail.com> + 99 others);
        Thu, 23 Sep 2021 21:35:42 -0400
Received: from shells.gnugeneration.com ([66.240.222.126]:38040 "EHLO
        shells.gnugeneration.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S240863AbhIXBfm (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 23 Sep 2021 21:35:42 -0400
Received: by shells.gnugeneration.com (Postfix, from userid 1000)
        id C77451A56019; Thu, 23 Sep 2021 18:34:08 -0700 (PDT)
Date:   Thu, 23 Sep 2021 18:34:08 -0700
From:   Vito Caputo <vcaputo@pengaru.com>
To:     Kees Cook <keescook@chromium.org>
Cc:     Jann Horn <jannh@google.com>, Thomas Gleixner <tglx@linutronix.de>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>, Jens Axboe <axboe@kernel.dk>,
        Mark Rutland <mark.rutland@arm.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Stefan Metzmacher <metze@samba.org>,
        Andy Lutomirski <luto@kernel.org>,
        Lai Jiangshan <laijs@linux.alibaba.com>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        "Kenta.Tada@sony.com" <Kenta.Tada@sony.com>,
        Daniel Bristot de Oliveira <bristot@redhat.com>,
        Michael =?utf-8?B?V2Vpw58=?= <michael.weiss@aisec.fraunhofer.de>,
        Anand K Mistry <amistry@google.com>,
        Alexey Gladkov <legion@kernel.org>,
        Michal Hocko <mhocko@suse.com>, Helge Deller <deller@gmx.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Andrea Righi <andrea.righi@canonical.com>,
        Ohhoon Kwon <ohoono.kwon@samsung.com>,
        Kalesh Singh <kaleshsingh@google.com>,
        YiFei Zhu <yifeifz2@illinois.edu>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        linux-kernel@vger.kernel.org, x86@kernel.org,
        linux-fsdevel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] proc: Disable /proc/$pid/wchan
Message-ID: <20210924013408.mqw42x4lhqeq5ios@shells.gnugeneration.com>
References: <20210923233105.4045080-1-keescook@chromium.org>
 <20210923234917.pqrxwoq7yqnvfpwu@shells.gnugeneration.com>
 <CAG48ez0Rtv5kqHWw368Ym3GkKodPA+JETOAN+=c2KPa3opENSA@mail.gmail.com>
 <20210924002230.sijoedia65hf5bj7@shells.gnugeneration.com>
 <202109231814.FD09DBAD3@keescook>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <202109231814.FD09DBAD3@keescook>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Sep 23, 2021 at 06:16:16PM -0700, Kees Cook wrote:
> On Thu, Sep 23, 2021 at 05:22:30PM -0700, Vito Caputo wrote:
> > Instead of unwinding stacks maybe the kernel should be sticking an
> > entrypoint address in the current task struct for get_wchan() to
> > access, whenever userspace enters the kernel?
> 
> wchan is supposed to show where the kernel is at the instant the
> get_wchan() happens. (i.e. recording it at syscall entry would just
> always show syscall entry.)
> 

And you have the syscall # onhand when performing the syscall entry,
no?

The point is, if the alternative is to always get 0 from
/proc/PID/wchan when a process is sitting in ioctl(), I'd be perfectly
happy to get back sys_ioctl.  I'm under the impression there's quite a
bit of vendor-specific flexibility here in terms of how precise WCHAN
is.

If it's possible to preserve the old WCHAN precision I'm all for it.
But if we've become so paranoid about leaking anything about the
kernel to userspace that this is untenable, even if it just spits out
the syscall being performed that has value.

Regards,
Vito Caputo