From patchwork Thu May 14 19:35:53 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell King - ARM Linux <linux@arm.linux.org.uk>
X-Patchwork-Id: 6409581
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
X-Original-To: patchwork-linux-arm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 99214C0432
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu, 14 May 2015 19:38:47 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id C42332047B
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu, 14 May 2015 19:38:45 +0000 (UTC)
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.9])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id D010220452
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Thu, 14 May 2015 19:38:44 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
	id 1Ysyvl-0001Ti-Nw; Thu, 14 May 2015 19:36:30 +0000
Received: from pandora.arm.linux.org.uk
	([2001:4d48:ad52:3201:214:fdff:fe10:1be6])
	by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat
	Linux)) id 1Ysyve-0001Ln-VF
	for linux-arm-kernel@lists.infradead.org;
	Thu, 14 May 2015 19:36:24 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=arm.linux.org.uk; s=pandora-2014;
	h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date;
	bh=fy+1yM1tsm9nGjZxw/lYUTjp/OSWkUxYJtMNX3D3v5M=;
	b=KvF4A11AiNGdctuLQKRLrY/RYQ7NSUEGC/lvSG2nKwKPUgXvuN9cuqiCq+dbM4Vss93phskePSz3q+QQnJuyDFoJ+zREUZZVavjd6BaLKKd1u0bqAwwjskkVv3E4/N6WmPS7sDqnmpr6l11pWAZ8MAEjsZ+l/vmP2OLWr4RDMq4=;
Received: from n2100.arm.linux.org.uk
	([2001:4d48:ad52:3201:214:fdff:fe10:4f86]:34438)
	by pandora.arm.linux.org.uk with esmtpsa
	(TLSv1:DHE-RSA-AES256-SHA:256)
	(Exim 4.82_1-5b7a7c0-XX) (envelope-from <linux@arm.linux.org.uk>)
	id 1YsyvE-0001yt-Q5; Thu, 14 May 2015 20:35:56 +0100
Received: from linux by n2100.arm.linux.org.uk with local (Exim 4.76)
	(envelope-from <linux@n2100.arm.linux.org.uk>)
	id 1YsyvB-0001DK-FT; Thu, 14 May 2015 20:35:53 +0100
Date: Thu, 14 May 2015 20:35:53 +0100
From: Russell King - ARM Linux <linux@arm.linux.org.uk>
To: Josh Stone <jistone@redhat.com>
Subject: Re: arm syscall fast path can miss a ptrace syscall-exit
Message-ID: <20150514193553.GD2067@n2100.arm.linux.org.uk>
References: <5554F3E4.8020307@redhat.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <5554F3E4.8020307@redhat.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20150514_123623_550878_AD23BD8B 
X-CRM114-Status: GOOD (  15.86  )
X-Spam-Score: -0.1 (/)
Cc: linux-arm-kernel@lists.infradead.org
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED, T_DKIM_INVALID, T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

On Thu, May 14, 2015 at 12:13:40PM -0700, Josh Stone wrote:
> I've discovered a case where both arm and arm64 will miss a ptrace
> syscall-exit that they should report.  If the syscall is entered without
> TIF_SYSCALL_TRACE set, then it goes on the fast path.  It's then
> possible to have TIF_SYSCALL_TRACE added in the middle of the syscall,
> but ret_fast_syscall doesn't check this flag again.

Yes, we assume that if TIF_SYSCALL_TRACE was not set before the call, it
isn't set after.  That appears to be an invalid assumption.

Here's a patch for ARM - untested atm.

There's still a possible hole - if we exit the syscall, then do "work"
before returning (such as reschedling to another process), and _then_
have syscall tracing enabled, we won't trace the exit.  I think that's
acceptable as I see no difference between that and having restored
state for userspace, and then immediately processing an interrupt and
scheduling on the IRQ exit path.

 arch/arm/kernel/entry-common.S | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index f8ccc21fa032..4e7f40c577e6 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -33,7 +33,9 @@ ret_fast_syscall:
  UNWIND(.fnstart	)
  UNWIND(.cantunwind	)
 	disable_irq				@ disable interrupts
-	ldr	r1, [tsk, #TI_FLAGS]
+	ldr	r1, [tsk, #TI_FLAGS]		@ re-check for syscall tracing
+	tst	r1, #_TIF_SYSCALL_WORK
+	bne	__sys_trace_return
 	tst	r1, #_TIF_WORK_MASK
 	bne	fast_work_pending
 	asm_trace_hardirqs_on