Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2456404rwd; Fri, 26 May 2023 06:55:04 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5zIdCTx5+5+GLiy13d0FalexY3vHoa9KewRhcxieF7GQ1IjVA6ld9GZ8gTC2QO/BWMR5cK X-Received: by 2002:a17:90a:664f:b0:255:47fd:9ab2 with SMTP id f15-20020a17090a664f00b0025547fd9ab2mr2713288pjm.12.1685109304059; Fri, 26 May 2023 06:55:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685109304; cv=none; d=google.com; s=arc-20160816; b=oUQQ1Majn9yJUXODnTh7BzrkHHrcnD0jM5EGHPz3QM9EeHCAcMayAdvPe2e4WMqjuk UH0+8OkTUTKFUmiEf7CXe4w3+J6jiiJFhdQ/yMEkmwTNs2B23BFkUKqCGYzKRMl7MEd6 0Rtozb1NNXSuDaAAFOqz49rp2elm+sGiAmE1+Zr+bZ6DPpH621ktkuw+Lz19Ma2Q7iK7 WjyyhxQ7QBGHTAMEXZqEzqpkOWZQPPbaWg48FYP56CpGcSJ64gRyGz+tdQVThNDvrHge Rat61SM4iYWEr7l6xk1WnqKjAVKjf7FJ+DC5bRDWoGcmdwwch0p2Q1Ent8ttcdlOioZp SErg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=6yvhh592Q06cVFtClLtKEZXEcpjQOvzte1sHIMrItU0=; b=FQRJM0vghFQEfcfGW7sqY+/zOLBDkjUHBE3ZXrgYVwI8wWsV5B+kb2QmCRpWBpuALP R/3pkfY4idF4LlvqZUYIHpsdi6WlBMUvRotab2/GPYfx1eK09iAQY7yWaMzJgOOAFFzE kgTLjW3+VITLQuszzj2w8iRlJWXjMYP19IV7P+ZIssLE/MeO8rGWx2cs3a6Ocof+QyDQ Tgar/biM7B/itW6X3dHYCyuuTchDBPitZ0EAuVae+eZqRXX+Hg0OYGwJvU5qFZgilZY1 7EiZRGGw/vht2BEu1Y7Lj8PEfW2vfQfMEYjdLqtff3gSwStNzCsFosHhntEY8M284e0K Tx8Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=EnHyiSYB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m23-20020a638c17000000b0051b70ce7dd2si3678147pgd.80.2023.05.26.06.54.51; Fri, 26 May 2023 06:55:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=EnHyiSYB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243612AbjEZN2X (ORCPT + 99 others); Fri, 26 May 2023 09:28:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33662 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236925AbjEZN2V (ORCPT ); Fri, 26 May 2023 09:28:21 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72DC8B2 for ; Fri, 26 May 2023 06:28:20 -0700 (PDT) Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 2215B21B0A; Fri, 26 May 2023 13:28:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1685107699; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=6yvhh592Q06cVFtClLtKEZXEcpjQOvzte1sHIMrItU0=; b=EnHyiSYBs4ZUIosM4GKx272iFBJk01FgNBO4hiXNEc/pK8MFYCztsoVfNu7sK6AzbMJ9gI P2e0uQ0j5TxEm3Bz7B3p4aFvPbk/78CtclTYWnyAAdfSGBQDeEMvI8a/vvTBO4TRTXw0Ic RFbCOl9e8OUiTZO2eGm70gjlN6e8Q+0= Received: from imap1.suse-dmz.suse.de (imap1.suse-dmz.suse.de [192.168.254.73]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap1.suse-dmz.suse.de (Postfix) with ESMTPS id CB67613684; Fri, 26 May 2023 13:28:18 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap1.suse-dmz.suse.de with ESMTPSA id qlW8LvKzcGSNaAAAGKfGzw (envelope-from ); Fri, 26 May 2023 13:28:18 +0000 From: Nikolay Borisov To: x86@kernel.org Cc: linux-kernel@vger.kernel.org, mhocko@suse.cz, Nikolay Borisov Subject: [RFC PATCH] x86/entry: Disable ia32 syscalls and introduce a boot time toggle Date: Fri, 26 May 2023 16:28:06 +0300 Message-Id: <20230526132806.1475900-1-nik.borisov@suse.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Distributions would like to reduce their attack surface as much as possible but at the same time they have to cater to a wide variety of legacy software. One such avenue where distros have to strike a balance is the support for 32bit syscalls on a 64bit kernel. Ideally the compat support should be disabled for the majority of the time, yet in the few cases where it might be needed it'd be good if there is some toggle which would allow users to turn on back compat support. This patch aims to cater for this use case by disabling ia32 syscalls and introducing a boot time parameter 'ia32_enabled' which if set to 'true' brings backs 32bit syscall support. Signed-off-by: Nikolay Borisov --- Rather than being a final implementation I'd like this to serve as a conversation starter and agree on a final solution that's acceptable to everyone. arch/x86/entry/common.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c index 6c2826417b33..6063727a75fe 100644 --- a/arch/x86/entry/common.c +++ b/arch/x86/entry/common.c @@ -19,6 +19,7 @@ #include #include #include +#include #ifdef CONFIG_XEN_PV #include @@ -96,6 +97,20 @@ static __always_inline int syscall_32_enter(struct pt_regs *regs) return (int)regs->orig_ax; } +int ia32_enabled = 0; + +static int __init ia32_enabled_parsecmdline(char *arg) +{ + if (!strcmp(arg, "true")) + ia32_enabled = 1; + else + pr_crit("Unsupported ia32_enabled=%s, ia32 syscalls disabled\n", + arg); + + return 0; +} +early_param("ia32_enabled", ia32_enabled_parsecmdline); + /* * Invoke a 32-bit syscall. Called with IRQs on in CONTEXT_KERNEL. */ @@ -107,7 +122,7 @@ static __always_inline void do_syscall_32_irqs_on(struct pt_regs *regs, int nr) */ unsigned int unr = nr; - if (likely(unr < IA32_NR_syscalls)) { + if (likely(unr < IA32_NR_syscalls) && ia32_enabled) { unr = array_index_nospec(unr, IA32_NR_syscalls); regs->ax = ia32_sys_call_table[unr](regs); } else if (nr != -1) { -- 2.34.1