2012-03-05 11:49:33 +00:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2012 ARM Ltd.
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
#ifndef __ASM_SYSCALL_H
|
|
|
|
#define __ASM_SYSCALL_H
|
|
|
|
|
2014-07-04 07:28:30 +00:00
|
|
|
#include <uapi/linux/audit.h>
|
|
|
|
#include <linux/compat.h>
|
2012-03-05 11:49:33 +00:00
|
|
|
#include <linux/err.h>
|
|
|
|
|
arm64: implement syscall wrappers
To minimize the risk of userspace-controlled values being used under
speculation, this patch adds pt_regs based syscall wrappers for arm64,
which pass the minimum set of required userspace values to syscall
implementations. For each syscall, a wrapper which takes a pt_regs
argument is automatically generated, and this extracts the arguments
before calling the "real" syscall implementation.
Each syscall has three functions generated:
* __do_<compat_>sys_<name> is the "real" syscall implementation, with
the expected prototype.
* __se_<compat_>sys_<name> is the sign-extension/narrowing wrapper,
inherited from common code. This takes a series of long parameters,
casting each to the requisite types required by the "real" syscall
implementation in __do_<compat_>sys_<name>.
This wrapper *may* not be necessary on arm64 given the AAPCS rules on
unused register bits, but it seemed safer to keep the wrapper for now.
* __arm64_<compat_>_sys_<name> takes a struct pt_regs pointer, and
extracts *only* the relevant register values, passing these on to the
__se_<compat_>sys_<name> wrapper.
The syscall invocation code is updated to handle the calling convention
required by __arm64_<compat_>_sys_<name>, and passes a single struct
pt_regs pointer.
The compiler can fold the syscall implementation and its wrappers, such
that the overhead of this approach is minimized.
Note that we play games with sys_ni_syscall(). It can't be defined with
SYSCALL_DEFINE0() because we must avoid the possibility of error
injection. Additionally, there are a couple of locations where we need
to call it from C code, and we don't (currently) have a
ksys_ni_syscall(). While it has no wrapper, passing in a redundant
pt_regs pointer is benign per the AAPCS.
When ARCH_HAS_SYSCALL_WRAPPER is selected, no prototype is defines for
sys_ni_syscall(). Since we need to treat it differently for in-kernel
calls and the syscall tables, the prototype is defined as-required.
The wrappers are largely the same as their x86 counterparts, but
simplified as we don't have a variety of compat calling conventions that
require separate stubs. Unlike x86, we have some zero-argument compat
syscalls, and must define COMPAT_SYSCALL_DEFINE0() to ensure that these
are also given an __arm64_compat_sys_ prefix.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Dominik Brodowski <linux@dominikbrodowski.net>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2018-07-11 13:56:56 +00:00
|
|
|
typedef long (*syscall_fn_t)(struct pt_regs *regs);
|
2018-07-11 13:56:42 +00:00
|
|
|
|
|
|
|
extern const syscall_fn_t sys_call_table[];
|
2012-03-05 11:49:33 +00:00
|
|
|
|
2018-07-11 13:56:45 +00:00
|
|
|
#ifdef CONFIG_COMPAT
|
|
|
|
extern const syscall_fn_t compat_sys_call_table[];
|
|
|
|
#endif
|
|
|
|
|
2012-03-05 11:49:33 +00:00
|
|
|
static inline int syscall_get_nr(struct task_struct *task,
|
|
|
|
struct pt_regs *regs)
|
|
|
|
{
|
|
|
|
return regs->syscallno;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void syscall_rollback(struct task_struct *task,
|
|
|
|
struct pt_regs *regs)
|
|
|
|
{
|
|
|
|
regs->regs[0] = regs->orig_x0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static inline long syscall_get_error(struct task_struct *task,
|
|
|
|
struct pt_regs *regs)
|
|
|
|
{
|
|
|
|
unsigned long error = regs->regs[0];
|
|
|
|
return IS_ERR_VALUE(error) ? error : 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline long syscall_get_return_value(struct task_struct *task,
|
|
|
|
struct pt_regs *regs)
|
|
|
|
{
|
|
|
|
return regs->regs[0];
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void syscall_set_return_value(struct task_struct *task,
|
|
|
|
struct pt_regs *regs,
|
|
|
|
int error, long val)
|
|
|
|
{
|
|
|
|
regs->regs[0] = (long) error ? error : val;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define SYSCALL_MAX_ARGS 6
|
|
|
|
|
|
|
|
static inline void syscall_get_arguments(struct task_struct *task,
|
|
|
|
struct pt_regs *regs,
|
|
|
|
unsigned int i, unsigned int n,
|
|
|
|
unsigned long *args)
|
|
|
|
{
|
2013-10-03 05:47:44 +00:00
|
|
|
if (n == 0)
|
|
|
|
return;
|
|
|
|
|
2012-03-05 11:49:33 +00:00
|
|
|
if (i + n > SYSCALL_MAX_ARGS) {
|
|
|
|
unsigned long *args_bad = args + SYSCALL_MAX_ARGS - i;
|
|
|
|
unsigned int n_bad = n + i - SYSCALL_MAX_ARGS;
|
|
|
|
pr_warning("%s called with max args %d, handling only %d\n",
|
|
|
|
__func__, i + n, SYSCALL_MAX_ARGS);
|
|
|
|
memset(args_bad, 0, n_bad * sizeof(args[0]));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (i == 0) {
|
|
|
|
args[0] = regs->orig_x0;
|
|
|
|
args++;
|
|
|
|
i++;
|
|
|
|
n--;
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(args, ®s->regs[i], n * sizeof(args[0]));
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void syscall_set_arguments(struct task_struct *task,
|
|
|
|
struct pt_regs *regs,
|
|
|
|
unsigned int i, unsigned int n,
|
|
|
|
const unsigned long *args)
|
|
|
|
{
|
2013-10-03 05:47:44 +00:00
|
|
|
if (n == 0)
|
|
|
|
return;
|
|
|
|
|
2012-03-05 11:49:33 +00:00
|
|
|
if (i + n > SYSCALL_MAX_ARGS) {
|
|
|
|
pr_warning("%s called with max args %d, handling only %d\n",
|
|
|
|
__func__, i + n, SYSCALL_MAX_ARGS);
|
|
|
|
n = SYSCALL_MAX_ARGS - i;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (i == 0) {
|
|
|
|
regs->orig_x0 = args[0];
|
|
|
|
args++;
|
|
|
|
i++;
|
|
|
|
n--;
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(®s->regs[i], args, n * sizeof(args[0]));
|
|
|
|
}
|
|
|
|
|
2014-07-04 07:28:30 +00:00
|
|
|
/*
|
|
|
|
* We don't care about endianness (__AUDIT_ARCH_LE bit) here because
|
|
|
|
* AArch64 has the same system calls both on little- and big- endian.
|
|
|
|
*/
|
|
|
|
static inline int syscall_get_arch(void)
|
|
|
|
{
|
|
|
|
if (is_compat_task())
|
|
|
|
return AUDIT_ARCH_ARM;
|
|
|
|
|
|
|
|
return AUDIT_ARCH_AARCH64;
|
|
|
|
}
|
|
|
|
|
2012-03-05 11:49:33 +00:00
|
|
|
#endif /* __ASM_SYSCALL_H */
|