commit c09249f8d1b84344eca882547afdbffee8c09d14 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

x86-64: fix int $0x80 -ENOSYS return

One of my past fixes to this code introduced a different new bug.
When using 32-bit "int $0x80" entry for a bogus syscall number,
the return value is not correctly set to -ENOSYS. This only happens
when neither syscall-audit nor syscall tracing is enabled (i.e., never
seen if auditd ever started). Test program:

/* gcc -o int80-badsys -m32 -g int80-badsys.c
Run on x86-64 kernel.
Note to reproduce the bug you need auditd never to have started. */

#include <errno.h>
#include <stdio.h>

int
main (void)
{
long res;
asm ("int $0x80" : "=a" (res) : "0" (99999));
printf ("bad syscall returns %ld\n", res);
return res != -ENOSYS;
}

The fix makes the int $0x80 path match the sysenter and syscall paths.

Reported-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Roland McGrath <roland@redhat.com>

Roland McGrath 17 years ago c09249f8 6cec5083

+5 -3

1 changed file

expand all

unified split

arch

x86

ia32

ia32entry.S

+5 -3

arch/x86/ia32/ia32entry.S

··· 418 orl $TS_COMPAT,TI_status(%r10) 419 testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) 420 jnz ia32_tracesys 421 - ia32_do_syscall: 422 cmpl $(IA32_NR_syscalls-1),%eax 423 - ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ 424 IA32_ARG_FIXUP 425 call *ia32_sys_call_table(,%rax,8) # xxx: rip relative 426 ia32_sysret: ··· 435 call syscall_trace_enter 436 LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ 437 RESTORE_REST 438 - jmp ia32_do_syscall 439 END(ia32_syscall) 440 441 ia32_badsys:

··· 418 orl $TS_COMPAT,TI_status(%r10) 419 testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) 420 jnz ia32_tracesys 421 cmpl $(IA32_NR_syscalls-1),%eax 422 + ja ia32_badsys 423 + ia32_do_call: 424 IA32_ARG_FIXUP 425 call *ia32_sys_call_table(,%rax,8) # xxx: rip relative 426 ia32_sysret: ··· 435 call syscall_trace_enter 436 LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ 437 RESTORE_REST 438 + cmpl $(IA32_NR_syscalls-1),%eax 439 + ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ 440 + jmp ia32_do_call 441 END(ia32_syscall) 442 443 ia32_badsys: