Re: Cleaning up numbering for new x86 syscalls?

From: Ingo Molnar
Date: Tue Nov 20 2018 - 02:34:04 EST

Next message: Steffen Klassert: "Re: [PATCH] af_key: fix indentation on declaration statement"
Previous message: Jani Nikula: "Re: [Ksummit-discuss] [RFC PATCH 2/3] MAINTAINERS, Handbook: Subsystem Profile"
In reply to: Andy Lutomirski: "Cleaning up numbering for new x86 syscalls?"
Next in thread: Bernd Petrovitsch: "Re: Cleaning up numbering for new x86 syscalls?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Andy Lutomirski <luto@xxxxxxxxxx> wrote:

> Hi all-
>
> We currently have some giant turds in the way that syscalls are
> numbered. We have the x86_32 table, which is totally sane other than
> some legacy multiplexers. Then we have the x86_64 table, which is,
> um, demented:
>
> - The numbers don't match x86_32. I have no idea why.
>
> - We use bit 30, which triggers in_x32_syscall(). It should have
> been bit 31, bit I digress.
>
> - We have this weird set of extra x32 syscalls that start at 512.
> Who wants to bet whether we have no bugs if someone does syscall with,
> say, nr == 512 (i.e. not 512 | BIT(30)) or nr == (16 | BIT(30))? The
> latter would be non-compat ioctl with in_x32_syscall() set and hence
> in_compat_syscall() set.
>
> - Bloody restart_syscall() has a different number on x86_64 and
> x64_32, which is a big mess.
>
> I propose we consider some subset of the following:
>
> 1. Introduce restart_syscall_2(). Make its number be 1024. Maybe
> someday we could start using it instead of restart_syscall(). The
> only issue I can see is programs that allow restart_syscall() using
> seccomp but don't allow the new variant.
>
> 2. Introduce an outright ban on new syscalls with nr < 1024.

Also let's make sure it results in a build error or boot panic if someone
tries.

> 3. Introduce an outright ban on the addition of new __x32_compat
> syscalls. If new compat hacks are needed, they can use
> in_compat_syscall(), thank you very much.

Here too build-time and runtime enforcement would be nice.

> 4. Modify the wrappers of the __x32_compat entries so that they will
> return -ENOSYS if in_x32_syscall() returns false.
>
> 5. Adjust the scripts so that we only have to wire up new syscalls
> once. They'll have a nr above 1024, and they'll have the same nr on
> all x86 variants.
>
> Thoughts?

Fully agreed:

6. Is x32 even used in practice? I still think it was a mistake to add it
and some significant distributions like Fedora are not enabling it.

Barring any sane way to phase out x32 support I'd suggest we implement
all your suggestions.

Thanks,

Ingo

Next message: Steffen Klassert: "Re: [PATCH] af_key: fix indentation on declaration statement"
Previous message: Jani Nikula: "Re: [Ksummit-discuss] [RFC PATCH 2/3] MAINTAINERS, Handbook: Subsystem Profile"
In reply to: Andy Lutomirski: "Cleaning up numbering for new x86 syscalls?"
Next in thread: Bernd Petrovitsch: "Re: Cleaning up numbering for new x86 syscalls?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]