Commit Graph

3 Commits

Author SHA1 Message Date
Thomas Gleixner
2025cf9e19 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288
Based on 1 normalized pattern(s):

  this program is free software you can redistribute it and or modify
  it under the terms and conditions of the gnu general public license
  version 2 as published by the free software foundation this program
  is distributed in the hope it will be useful but without any
  warranty without even the implied warranty of merchantability or
  fitness for a particular purpose see the gnu general public license
  for more details

extracted by the scancode license scanner the SPDX license identifier

  GPL-2.0-only

has been chosen to replace the boilerplate/reference in 263 file(s).

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Allison Randal <allison@lohutok.net>
Reviewed-by: Alexios Zavras <alexios.zavras@intel.com>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190529141901.208660670@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-05 17:36:37 +02:00
Andy Lutomirski
8bb2610bc4 x86/entry/64/compat: Preserve r8-r11 in int $0x80
32-bit user code that uses int $80 doesn't care about r8-r11.  There is,
however, some 64-bit user code that intentionally uses int $0x80 to invoke
32-bit system calls.  From what I've seen, basically all such code assumes
that r8-r15 are all preserved, but the kernel clobbers r8-r11.  Since I
doubt that there's any code that depends on int $0x80 zeroing r8-r11,
change the kernel to preserve them.

I suspect that very little user code is broken by the old clobber, since
r8-r11 are only rarely allocated by gcc, and they're clobbered by function
calls, so they only way we'd see a problem is if the same function that
invokes int $0x80 also spills something important to one of these
registers.

The current behavior seems to date back to the historical commit
"[PATCH] x86-64 merge for 2.6.4".  Before that, all regs were
preserved.  I can't find any explanation of why this change was made.

Update the test_syscall_vdso_32 testcase as well to verify the new
behavior, and it strengthens the test to make sure that the kernel doesn't
accidentally permute r8..r15.

Suggested-by: Denys Vlasenko <dvlasenk@redhat.com>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Link: https://lkml.kernel.org/r/d4c4d9985fbe64f8c9e19291886453914b48caee.1523975710.git.luto@kernel.org
2018-04-27 17:07:58 +02:00
Denys Vlasenko
c25be94f28 x86/asm/entry/32, selftests: Add 'test_syscall_vdso' test
This new test checks that all x86 registers are preserved across
32-bit syscalls. It tests syscalls through VDSO (if available)
and through INT 0x80, normally and under ptrace.

If kernel is a 64-bit one, high registers (r8..r15) are poisoned
before the syscall is called and are checked afterwards.

They must be either preserved, or cleared to zero (but r11 is
special); r12..15 must be preserved for INT 0x80.

EFLAGS is checked for changes too, but change there is not
considered to be a bug (paravirt kernels do not preserve
arithmetic flags).

Run-tested on 64-bit kernel:

	$ ./test_syscall_vdso_32
	[RUN]	Executing 6-argument 32-bit syscall via VDSO
	[OK]	Arguments are preserved across syscall
	[NOTE]	R11 has changed:0000000000200ed7 - assuming clobbered by
	SYSRET insn [OK]	R8..R15 did not leak kernel data
	[RUN]	Executing 6-argument 32-bit syscall via INT 80
	[OK]	Arguments are preserved across syscall
	[OK]	R8..R15 did not leak kernel data
	[RUN]	Running tests under ptrace
	[RUN]	Executing 6-argument 32-bit syscall via VDSO
	[OK]	Arguments are preserved across syscall
	[OK]	R8..R15 did not leak kernel data
	[RUN]	Executing 6-argument 32-bit syscall via INT 80
	[OK]	Arguments are preserved across syscall
	[OK]	R8..R15 did not leak kernel data

On 32-bit paravirt kernel:

	$ ./test_syscall_vdso_32
	[NOTE]	Not a 64-bit kernel, won't test R8..R15 leaks
	[RUN]	Executing 6-argument 32-bit syscall via VDSO
	[WARN]	Flags before=0000000000200ed7 id 0 00 o d i s z 0 a 0 p 1 c
	[WARN]	Flags  after=0000000000200246 id 0 00 i z 0 0 p 1
	[WARN]	Flags change=0000000000000c91 0 00 o d s 0 a 0 0 c
	[OK]	Arguments are preserved across syscall
	[RUN]	Executing 6-argument 32-bit syscall via INT 80
	[OK]	Arguments are preserved across syscall
	[RUN]	Running tests under ptrace
	[RUN]	Executing 6-argument 32-bit syscall via VDSO
	[OK]	Arguments are preserved across syscall
	[RUN]	Executing 6-argument 32-bit syscall via INT 80
	[OK]	Arguments are preserved across syscall

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Cc: Alexei Starovoitov <ast@plumgrid.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Shuah Khan <shuahkh@osg.samsung.com>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Drewry <wad@chromium.org>
Cc: linux-kernel@vger.kernel.org
Link: http://lkml.kernel.org/r/1442427809-2027-1-git-send-email-dvlasenk@redhat.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-09-18 09:40:48 +02:00