From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/12773 Path: news.gmane.org!.POSTED!not-for-mail From: Szabolcs Nagy Newsgroups: gmane.linux.lib.musl.general Subject: Re: [PATCH 0/9] linux v4.16 update Date: Sat, 28 Apr 2018 23:39:59 +0200 Message-ID: <20180428213958.GV4418@port70.net> References: <20180428195656.GU4418@port70.net> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="2hMgfIw2X+zgXrFs" X-Trace: blaine.gmane.org 1524951488 19645 195.159.176.226 (28 Apr 2018 21:38:08 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 28 Apr 2018 21:38:08 +0000 (UTC) User-Agent: Mutt/1.9.1 (2017-09-22) To: musl@lists.openwall.com Original-X-From: musl-return-12789-gllmg-musl=m.gmane.org@lists.openwall.com Sat Apr 28 23:38:04 2018 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1fCXXf-000525-Su for gllmg-musl@m.gmane.org; Sat, 28 Apr 2018 23:38:04 +0200 Original-Received: (qmail 14208 invoked by uid 550); 28 Apr 2018 21:40:12 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 14179 invoked from network); 28 Apr 2018 21:40:11 -0000 Mail-Followup-To: musl@lists.openwall.com Content-Disposition: inline In-Reply-To: <20180428195656.GU4418@port70.net> Xref: news.gmane.org gmane.linux.lib.musl.general:12773 Archived-At: --2hMgfIw2X+zgXrFs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline * Szabolcs Nagy [2018-04-28 21:56:56 +0200]: > the ptrace.h change is probably not ok > (glibc added struct __ptrace_seccomp_metadata > instead of the kernel struct seccomp_metadata, > but the same is true for ptrace_peeksiginfo_args > where musl currently follows linux instead of > glibc, maybe that should be fixed?). > i created a patch that follows the glibc api. > the last patch is an unfinished proposal to add > some new syscalls glibc already has, but i ran > into some issues so comments are welcome. > i fixed up a few issues there, i'm still not sure about pkey*. attached v2 of these two patches. --2hMgfIw2X+zgXrFs Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0006-sys-ptrace.h-add-PTRACE_SECCOMP_GET_METADATA-from-li.patch" >From ffeb39f15a7b1558534b26556e6fc19f40b1b3d9 Mon Sep 17 00:00:00 2001 From: Szabolcs Nagy Date: Sat, 28 Apr 2018 16:23:23 +0000 Subject: [PATCH 6/9] sys/ptrace.h: add PTRACE_SECCOMP_GET_METADATA from linux v4.16 to get seccomp state for checkpoint restore. added in linux commit 26500475ac1b499d8636ff281311d633909f5d20 struct tag follows the glibc api and ptrace_peeksiginfo_args got changed too accordingly. --- include/sys/ptrace.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/include/sys/ptrace.h b/include/sys/ptrace.h index d9d45408..f501ff08 100644 --- a/include/sys/ptrace.h +++ b/include/sys/ptrace.h @@ -40,6 +40,7 @@ extern "C" { #define PTRACE_GETSIGMASK 0x420a #define PTRACE_SETSIGMASK 0x420b #define PTRACE_SECCOMP_GET_FILTER 0x420c +#define PTRACE_SECCOMP_GET_METADATA 0x420d #define PT_READ_I PTRACE_PEEKTEXT #define PT_READ_D PTRACE_PEEKDATA @@ -86,12 +87,17 @@ extern "C" { #define PTRACE_PEEKSIGINFO_SHARED 1 -struct ptrace_peeksiginfo_args { +struct __ptrace_peeksiginfo_args { uint64_t off; uint32_t flags; int32_t nr; }; +struct __ptrace_seccomp_metadata { + uint64_t filter_off; + uint64_t flags; +}; + long ptrace(int, ...); #ifdef __cplusplus -- 2.16.3 --2hMgfIw2X+zgXrFs Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0009-RFC-add-memfd_create-mlock2-pkey_-apis.patch" >From 3484c45dbf59d0a6ee97b742d98e9f31f5384c17 Mon Sep 17 00:00:00 2001 From: Szabolcs Nagy Date: Sat, 28 Apr 2018 17:25:41 +0000 Subject: [PATCH 9/9] [RFC] add memfd_create, mlock2, pkey_* apis memfd_create (linux v3.17) mlock2 (linux v4.4) pkey_alloc (linux v4.9) pkey_free (linux v4.9) pkey_mprotect (linux v4.9) pkey_get (glibc 2.27) pkey_set (glibc 2.27) notes: - pkey_alloc type is inconsistent between the linux manual and glibc (unsigned int vs unsigned long args), this patch follows glibc. - pkey_get / pkey_set are glibc apis, not syscalls. (not implement for now on any targets). - moved MLOCK_ONFAULT under _GNU_SOURCE following glibc. - mlock2 and pkey_mprotect have fallbacks. --- arch/powerpc/bits/mman.h | 4 ++++ arch/powerpc64/bits/mman.h | 4 ++++ include/sys/mman.h | 24 +++++++++++++++++++++--- src/linux/memfd_create.c | 8 ++++++++ src/linux/mlock2.c | 11 +++++++++++ src/linux/pkey_alloc.c | 22 ++++++++++++++++++++++ src/linux/pkey_get.c | 9 +++++++++ src/linux/pkey_mprotect.c | 15 +++++++++++++++ src/linux/pkey_set.c | 9 +++++++++ 9 files changed, 103 insertions(+), 3 deletions(-) create mode 100644 src/linux/memfd_create.c create mode 100644 src/linux/mlock2.c create mode 100644 src/linux/pkey_alloc.c create mode 100644 src/linux/pkey_get.c create mode 100644 src/linux/pkey_mprotect.c create mode 100644 src/linux/pkey_set.c diff --git a/arch/powerpc/bits/mman.h b/arch/powerpc/bits/mman.h index b3a675a8..23e18eb1 100644 --- a/arch/powerpc/bits/mman.h +++ b/arch/powerpc/bits/mman.h @@ -12,3 +12,7 @@ #define MCL_FUTURE 0x4000 #undef MCL_ONFAULT #define MCL_ONFAULT 0x8000 + +#ifdef _GNU_SOURCE +#define PKEY_DISABLE_EXECUTE 0x4 +#endif diff --git a/arch/powerpc64/bits/mman.h b/arch/powerpc64/bits/mman.h index b3a675a8..23e18eb1 100644 --- a/arch/powerpc64/bits/mman.h +++ b/arch/powerpc64/bits/mman.h @@ -12,3 +12,7 @@ #define MCL_FUTURE 0x4000 #undef MCL_ONFAULT #define MCL_ONFAULT 0x8000 + +#ifdef _GNU_SOURCE +#define PKEY_DISABLE_EXECUTE 0x4 +#endif diff --git a/include/sys/mman.h b/include/sys/mman.h index 302ad134..aea40452 100644 --- a/include/sys/mman.h +++ b/include/sys/mman.h @@ -93,6 +93,20 @@ extern "C" { #define MADV_SOFT_OFFLINE 101 #endif +#ifdef _GNU_SOURCE +#define MREMAP_MAYMOVE 1 +#define MREMAP_FIXED 2 + +#define PKEY_DISABLE_ACCESS 0x1 +#define PKEY_DISABLE_WRITE 0x2 + +#define MLOCK_ONFAULT 0x01 + +#define MFD_CLOEXEC 0x0001U +#define MFD_ALLOW_SEALING 0x0002U +#define MFD_HUGETLB 0x0004U +#endif + #include void *mmap (void *, size_t, int, int, int, off_t); @@ -109,14 +123,18 @@ int mlockall (int); int munlockall (void); #ifdef _GNU_SOURCE -#define MREMAP_MAYMOVE 1 -#define MREMAP_FIXED 2 void *mremap (void *, size_t, size_t, int, ...); int remap_file_pages (void *, size_t, int, size_t, int); +int memfd_create (const char *, unsigned); +int mlock2 (const void *, size_t, unsigned); +int pkey_alloc (unsigned, unsigned); +int pkey_free (int); +int pkey_mprotect (void *, size_t, int, int); +int pkey_get (int); +int pkey_set (int, unsigned); #endif #if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) -#define MLOCK_ONFAULT 0x01 int madvise (void *, size_t, int); int mincore (void *, size_t, unsigned char *); #endif diff --git a/src/linux/memfd_create.c b/src/linux/memfd_create.c new file mode 100644 index 00000000..1649fe55 --- /dev/null +++ b/src/linux/memfd_create.c @@ -0,0 +1,8 @@ +#define _GNU_SOURCE 1 +#include +#include "syscall.h" + +int memfd_create(const char *name, unsigned flags) +{ + return syscall(SYS_memfd_create, name, flags); +} diff --git a/src/linux/mlock2.c b/src/linux/mlock2.c new file mode 100644 index 00000000..e1235c46 --- /dev/null +++ b/src/linux/mlock2.c @@ -0,0 +1,11 @@ +#define _GNU_SOURCE 1 +#include +#include +#include "syscall.h" + +int mlock2(const void *addr, size_t len, unsigned flags) +{ + if (flags == 0) + return mlock(addr, len); + return syscall(SYS_mlock2, addr, len, flags); +} diff --git a/src/linux/pkey_alloc.c b/src/linux/pkey_alloc.c new file mode 100644 index 00000000..8027cd12 --- /dev/null +++ b/src/linux/pkey_alloc.c @@ -0,0 +1,22 @@ +#define _GNU_SOURCE 1 +#include +#include +#include "syscall.h" + +int pkey_alloc(unsigned flags, unsigned access) +{ +#ifdef SYS_pkey_alloc + return syscall(SYS_pkey_alloc, flags, access); +#else + return __syscall_ret(-ENOSYS); +#endif +} + +int pkey_free(int pkey) +{ +#ifdef SYS_pkey_free + return syscall(SYS_pkey_free, pkey); +#else + return __syscall_ret(-ENOSYS); +#endif +} diff --git a/src/linux/pkey_get.c b/src/linux/pkey_get.c new file mode 100644 index 00000000..d583fa9c --- /dev/null +++ b/src/linux/pkey_get.c @@ -0,0 +1,9 @@ +#define _GNU_SOURCE 1 +#include +#include +#include "syscall.h" + +int pkey_get(int pkey) +{ + return __syscall_ret(-ENOSYS); +} diff --git a/src/linux/pkey_mprotect.c b/src/linux/pkey_mprotect.c new file mode 100644 index 00000000..0a1f97ad --- /dev/null +++ b/src/linux/pkey_mprotect.c @@ -0,0 +1,15 @@ +#define _GNU_SOURCE 1 +#include +#include +#include "syscall.h" + +int pkey_mprotect(void *addr, size_t len, int prot, int pkey) +{ + if (pkey == -1) + return mprotect(addr, len, prot); +#ifdef SYS_pkey_mprotect + return syscall(SYS_pkey_mprotect, addr, len, prot, pkey); +#else + return __syscall_ret(-ENOSYS); +#endif +} diff --git a/src/linux/pkey_set.c b/src/linux/pkey_set.c new file mode 100644 index 00000000..addf8da5 --- /dev/null +++ b/src/linux/pkey_set.c @@ -0,0 +1,9 @@ +#define _GNU_SOURCE 1 +#include +#include +#include "syscall.h" + +int pkey_set(int pkey, unsigned access) +{ + return __syscall_ret(-ENOSYS); +} -- 2.16.3 --2hMgfIw2X+zgXrFs--