16365b842SAndy Lutomirski /* SPDX-License-Identifier: GPL-2.0 */
26365b842SAndy Lutomirski /*
315c82d98SH. Peter Anvin (Intel) * syscall_numbering.c - test calling the x86-64 kernel with various
415c82d98SH. Peter Anvin (Intel) * valid and invalid system call numbers.
515c82d98SH. Peter Anvin (Intel) *
66365b842SAndy Lutomirski * Copyright (c) 2018 Andrew Lutomirski
76365b842SAndy Lutomirski */
86365b842SAndy Lutomirski
96365b842SAndy Lutomirski #define _GNU_SOURCE
106365b842SAndy Lutomirski
116365b842SAndy Lutomirski #include <stdlib.h>
126365b842SAndy Lutomirski #include <stdio.h>
136365b842SAndy Lutomirski #include <stdbool.h>
146365b842SAndy Lutomirski #include <errno.h>
156365b842SAndy Lutomirski #include <unistd.h>
1615c82d98SH. Peter Anvin (Intel) #include <string.h>
1715c82d98SH. Peter Anvin (Intel) #include <fcntl.h>
1815c82d98SH. Peter Anvin (Intel) #include <limits.h>
19*795e2a02SH. Peter Anvin (Intel) #include <signal.h>
20c5c39488SH. Peter Anvin (Intel) #include <sysexits.h>
216365b842SAndy Lutomirski
22*795e2a02SH. Peter Anvin (Intel) #include <sys/ptrace.h>
23*795e2a02SH. Peter Anvin (Intel) #include <sys/user.h>
24*795e2a02SH. Peter Anvin (Intel) #include <sys/wait.h>
25*795e2a02SH. Peter Anvin (Intel) #include <sys/mman.h>
26*795e2a02SH. Peter Anvin (Intel)
27*795e2a02SH. Peter Anvin (Intel) #include <linux/ptrace.h>
28*795e2a02SH. Peter Anvin (Intel)
2915c82d98SH. Peter Anvin (Intel) /* Common system call numbers */
3015c82d98SH. Peter Anvin (Intel) #define SYS_READ 0
3115c82d98SH. Peter Anvin (Intel) #define SYS_WRITE 1
3215c82d98SH. Peter Anvin (Intel) #define SYS_GETPID 39
3315c82d98SH. Peter Anvin (Intel) /* x64-only system call numbers */
3415c82d98SH. Peter Anvin (Intel) #define X64_IOCTL 16
3515c82d98SH. Peter Anvin (Intel) #define X64_READV 19
3615c82d98SH. Peter Anvin (Intel) #define X64_WRITEV 20
3715c82d98SH. Peter Anvin (Intel) /* x32-only system call numbers (without X32_BIT) */
3815c82d98SH. Peter Anvin (Intel) #define X32_IOCTL 514
3915c82d98SH. Peter Anvin (Intel) #define X32_READV 515
4015c82d98SH. Peter Anvin (Intel) #define X32_WRITEV 516
416365b842SAndy Lutomirski
4215c82d98SH. Peter Anvin (Intel) #define X32_BIT 0x40000000
436365b842SAndy Lutomirski
4415c82d98SH. Peter Anvin (Intel) static int nullfd = -1; /* File descriptor for /dev/null */
45*795e2a02SH. Peter Anvin (Intel) static bool with_x32; /* x32 supported on this kernel? */
46*795e2a02SH. Peter Anvin (Intel)
47*795e2a02SH. Peter Anvin (Intel) enum ptrace_pass {
48*795e2a02SH. Peter Anvin (Intel) PTP_NOTHING,
49*795e2a02SH. Peter Anvin (Intel) PTP_GETREGS,
50*795e2a02SH. Peter Anvin (Intel) PTP_WRITEBACK,
51*795e2a02SH. Peter Anvin (Intel) PTP_FUZZRET,
52*795e2a02SH. Peter Anvin (Intel) PTP_FUZZHIGH,
53*795e2a02SH. Peter Anvin (Intel) PTP_INTNUM,
54*795e2a02SH. Peter Anvin (Intel) PTP_DONE
55*795e2a02SH. Peter Anvin (Intel) };
56*795e2a02SH. Peter Anvin (Intel)
57*795e2a02SH. Peter Anvin (Intel) static const char * const ptrace_pass_name[] =
58*795e2a02SH. Peter Anvin (Intel) {
59*795e2a02SH. Peter Anvin (Intel) [PTP_NOTHING] = "just stop, no data read",
60*795e2a02SH. Peter Anvin (Intel) [PTP_GETREGS] = "only getregs",
61*795e2a02SH. Peter Anvin (Intel) [PTP_WRITEBACK] = "getregs, unmodified setregs",
62*795e2a02SH. Peter Anvin (Intel) [PTP_FUZZRET] = "modifying the default return",
63*795e2a02SH. Peter Anvin (Intel) [PTP_FUZZHIGH] = "clobbering the top 32 bits",
64*795e2a02SH. Peter Anvin (Intel) [PTP_INTNUM] = "sign-extending the syscall number",
65*795e2a02SH. Peter Anvin (Intel) };
66*795e2a02SH. Peter Anvin (Intel)
67*795e2a02SH. Peter Anvin (Intel) /*
68*795e2a02SH. Peter Anvin (Intel) * Shared memory block between tracer and test
69*795e2a02SH. Peter Anvin (Intel) */
70*795e2a02SH. Peter Anvin (Intel) struct shared {
71*795e2a02SH. Peter Anvin (Intel) unsigned int nerr; /* Total error count */
72*795e2a02SH. Peter Anvin (Intel) unsigned int indent; /* Message indentation level */
73*795e2a02SH. Peter Anvin (Intel) enum ptrace_pass ptrace_pass;
74*795e2a02SH. Peter Anvin (Intel) bool probing_syscall; /* In probe_syscall() */
75*795e2a02SH. Peter Anvin (Intel) };
76*795e2a02SH. Peter Anvin (Intel) static volatile struct shared *sh;
77c5c39488SH. Peter Anvin (Intel)
offset(void)78c5c39488SH. Peter Anvin (Intel) static inline unsigned int offset(void)
79c5c39488SH. Peter Anvin (Intel) {
80*795e2a02SH. Peter Anvin (Intel) unsigned int level = sh ? sh->indent : 0;
81*795e2a02SH. Peter Anvin (Intel)
82*795e2a02SH. Peter Anvin (Intel) return 8 + level * 4;
83c5c39488SH. Peter Anvin (Intel) }
84c5c39488SH. Peter Anvin (Intel)
85c5c39488SH. Peter Anvin (Intel) #define msg(lvl, fmt, ...) printf("%-*s" fmt, offset(), "[" #lvl "]", \
86c5c39488SH. Peter Anvin (Intel) ## __VA_ARGS__)
87c5c39488SH. Peter Anvin (Intel)
88c5c39488SH. Peter Anvin (Intel) #define run(fmt, ...) msg(RUN, fmt, ## __VA_ARGS__)
89c5c39488SH. Peter Anvin (Intel) #define info(fmt, ...) msg(INFO, fmt, ## __VA_ARGS__)
90c5c39488SH. Peter Anvin (Intel) #define ok(fmt, ...) msg(OK, fmt, ## __VA_ARGS__)
91c5c39488SH. Peter Anvin (Intel)
92c5c39488SH. Peter Anvin (Intel) #define fail(fmt, ...) \
93c5c39488SH. Peter Anvin (Intel) do { \
94c5c39488SH. Peter Anvin (Intel) msg(FAIL, fmt, ## __VA_ARGS__); \
95*795e2a02SH. Peter Anvin (Intel) sh->nerr++; \
96c5c39488SH. Peter Anvin (Intel) } while (0)
97c5c39488SH. Peter Anvin (Intel)
98c5c39488SH. Peter Anvin (Intel) #define crit(fmt, ...) \
99c5c39488SH. Peter Anvin (Intel) do { \
100*795e2a02SH. Peter Anvin (Intel) sh->indent = 0; \
101c5c39488SH. Peter Anvin (Intel) msg(FAIL, fmt, ## __VA_ARGS__); \
102c5c39488SH. Peter Anvin (Intel) msg(SKIP, "Unable to run test\n"); \
103*795e2a02SH. Peter Anvin (Intel) exit(EX_OSERR); \
104c5c39488SH. Peter Anvin (Intel) } while (0)
10515c82d98SH. Peter Anvin (Intel)
106*795e2a02SH. Peter Anvin (Intel) /* Sentinel for ptrace-modified return value */
107*795e2a02SH. Peter Anvin (Intel) #define MODIFIED_BY_PTRACE -9999
108*795e2a02SH. Peter Anvin (Intel)
10915c82d98SH. Peter Anvin (Intel) /*
11015c82d98SH. Peter Anvin (Intel) * Directly invokes the given syscall with nullfd as the first argument
11115c82d98SH. Peter Anvin (Intel) * and the rest zero. Avoids involving glibc wrappers in case they ever
11215c82d98SH. Peter Anvin (Intel) * end up intercepting some system calls for some reason, or modify
11315c82d98SH. Peter Anvin (Intel) * the system call number itself.
11415c82d98SH. Peter Anvin (Intel) */
probe_syscall(int msb,int lsb)115*795e2a02SH. Peter Anvin (Intel) static long long probe_syscall(int msb, int lsb)
1166365b842SAndy Lutomirski {
11715c82d98SH. Peter Anvin (Intel) register long long arg1 asm("rdi") = nullfd;
11815c82d98SH. Peter Anvin (Intel) register long long arg2 asm("rsi") = 0;
11915c82d98SH. Peter Anvin (Intel) register long long arg3 asm("rdx") = 0;
12015c82d98SH. Peter Anvin (Intel) register long long arg4 asm("r10") = 0;
12115c82d98SH. Peter Anvin (Intel) register long long arg5 asm("r8") = 0;
12215c82d98SH. Peter Anvin (Intel) register long long arg6 asm("r9") = 0;
12315c82d98SH. Peter Anvin (Intel) long long nr = ((long long)msb << 32) | (unsigned int)lsb;
12415c82d98SH. Peter Anvin (Intel) long long ret;
1256365b842SAndy Lutomirski
126*795e2a02SH. Peter Anvin (Intel) /*
127*795e2a02SH. Peter Anvin (Intel) * We pass in an extra copy of the extended system call number
128*795e2a02SH. Peter Anvin (Intel) * in %rbx, so we can examine it from the ptrace handler without
129*795e2a02SH. Peter Anvin (Intel) * worrying about it being possibly modified. This is to test
130*795e2a02SH. Peter Anvin (Intel) * the validity of struct user regs.orig_rax a.k.a.
131*795e2a02SH. Peter Anvin (Intel) * struct pt_regs.orig_ax.
132*795e2a02SH. Peter Anvin (Intel) */
133*795e2a02SH. Peter Anvin (Intel) sh->probing_syscall = true;
13415c82d98SH. Peter Anvin (Intel) asm volatile("syscall"
13515c82d98SH. Peter Anvin (Intel) : "=a" (ret)
136*795e2a02SH. Peter Anvin (Intel) : "a" (nr), "b" (nr),
137*795e2a02SH. Peter Anvin (Intel) "r" (arg1), "r" (arg2), "r" (arg3),
13815c82d98SH. Peter Anvin (Intel) "r" (arg4), "r" (arg5), "r" (arg6)
13915c82d98SH. Peter Anvin (Intel) : "rcx", "r11", "memory", "cc");
140*795e2a02SH. Peter Anvin (Intel) sh->probing_syscall = false;
14115c82d98SH. Peter Anvin (Intel)
14215c82d98SH. Peter Anvin (Intel) return ret;
1436365b842SAndy Lutomirski }
1446365b842SAndy Lutomirski
syscall_str(int msb,int start,int end)14515c82d98SH. Peter Anvin (Intel) static const char *syscall_str(int msb, int start, int end)
1466365b842SAndy Lutomirski {
14715c82d98SH. Peter Anvin (Intel) static char buf[64];
14815c82d98SH. Peter Anvin (Intel) const char * const type = (start & X32_BIT) ? "x32" : "x64";
14915c82d98SH. Peter Anvin (Intel) int lsb = start;
1506365b842SAndy Lutomirski
1516365b842SAndy Lutomirski /*
15215c82d98SH. Peter Anvin (Intel) * Improve readability by stripping the x32 bit, but round
15315c82d98SH. Peter Anvin (Intel) * toward zero so we don't display -1 as -1073741825.
1546365b842SAndy Lutomirski */
15515c82d98SH. Peter Anvin (Intel) if (lsb < 0)
15615c82d98SH. Peter Anvin (Intel) lsb |= X32_BIT;
1576365b842SAndy Lutomirski else
15815c82d98SH. Peter Anvin (Intel) lsb &= ~X32_BIT;
15915c82d98SH. Peter Anvin (Intel)
16015c82d98SH. Peter Anvin (Intel) if (start == end)
16115c82d98SH. Peter Anvin (Intel) snprintf(buf, sizeof buf, "%s syscall %d:%d",
16215c82d98SH. Peter Anvin (Intel) type, msb, lsb);
16315c82d98SH. Peter Anvin (Intel) else
16415c82d98SH. Peter Anvin (Intel) snprintf(buf, sizeof buf, "%s syscalls %d:%d..%d",
16515c82d98SH. Peter Anvin (Intel) type, msb, lsb, lsb + (end-start));
16615c82d98SH. Peter Anvin (Intel)
16715c82d98SH. Peter Anvin (Intel) return buf;
1686365b842SAndy Lutomirski }
1696365b842SAndy Lutomirski
_check_for(int msb,int start,int end,long long expect,const char * expect_str)17015c82d98SH. Peter Anvin (Intel) static unsigned int _check_for(int msb, int start, int end, long long expect,
17115c82d98SH. Peter Anvin (Intel) const char *expect_str)
1726365b842SAndy Lutomirski {
17315c82d98SH. Peter Anvin (Intel) unsigned int err = 0;
17415c82d98SH. Peter Anvin (Intel)
175*795e2a02SH. Peter Anvin (Intel) sh->indent++;
176c5c39488SH. Peter Anvin (Intel) if (start != end)
177*795e2a02SH. Peter Anvin (Intel) sh->indent++;
178c5c39488SH. Peter Anvin (Intel)
17915c82d98SH. Peter Anvin (Intel) for (int nr = start; nr <= end; nr++) {
18015c82d98SH. Peter Anvin (Intel) long long ret = probe_syscall(msb, nr);
18115c82d98SH. Peter Anvin (Intel)
18215c82d98SH. Peter Anvin (Intel) if (ret != expect) {
183c5c39488SH. Peter Anvin (Intel) fail("%s returned %lld, but it should have returned %s\n",
18415c82d98SH. Peter Anvin (Intel) syscall_str(msb, nr, nr),
18515c82d98SH. Peter Anvin (Intel) ret, expect_str);
18615c82d98SH. Peter Anvin (Intel) err++;
18715c82d98SH. Peter Anvin (Intel) }
18815c82d98SH. Peter Anvin (Intel) }
18915c82d98SH. Peter Anvin (Intel)
190c5c39488SH. Peter Anvin (Intel) if (start != end)
191*795e2a02SH. Peter Anvin (Intel) sh->indent--;
192c5c39488SH. Peter Anvin (Intel)
19315c82d98SH. Peter Anvin (Intel) if (err) {
19415c82d98SH. Peter Anvin (Intel) if (start != end)
195c5c39488SH. Peter Anvin (Intel) fail("%s had %u failure%s\n",
19615c82d98SH. Peter Anvin (Intel) syscall_str(msb, start, end),
197c5c39488SH. Peter Anvin (Intel) err, err == 1 ? "s" : "");
19815c82d98SH. Peter Anvin (Intel) } else {
199c5c39488SH. Peter Anvin (Intel) ok("%s returned %s as expected\n",
20015c82d98SH. Peter Anvin (Intel) syscall_str(msb, start, end), expect_str);
20115c82d98SH. Peter Anvin (Intel) }
20215c82d98SH. Peter Anvin (Intel)
203*795e2a02SH. Peter Anvin (Intel) sh->indent--;
204c5c39488SH. Peter Anvin (Intel)
20515c82d98SH. Peter Anvin (Intel) return err;
20615c82d98SH. Peter Anvin (Intel) }
20715c82d98SH. Peter Anvin (Intel)
20815c82d98SH. Peter Anvin (Intel) #define check_for(msb,start,end,expect) \
20915c82d98SH. Peter Anvin (Intel) _check_for(msb,start,end,expect,#expect)
21015c82d98SH. Peter Anvin (Intel)
check_zero(int msb,int nr)21115c82d98SH. Peter Anvin (Intel) static bool check_zero(int msb, int nr)
21215c82d98SH. Peter Anvin (Intel) {
21315c82d98SH. Peter Anvin (Intel) return check_for(msb, nr, nr, 0);
21415c82d98SH. Peter Anvin (Intel) }
21515c82d98SH. Peter Anvin (Intel)
check_enosys(int msb,int nr)21615c82d98SH. Peter Anvin (Intel) static bool check_enosys(int msb, int nr)
21715c82d98SH. Peter Anvin (Intel) {
21815c82d98SH. Peter Anvin (Intel) return check_for(msb, nr, nr, -ENOSYS);
21915c82d98SH. Peter Anvin (Intel) }
22015c82d98SH. Peter Anvin (Intel)
2216365b842SAndy Lutomirski /*
2226365b842SAndy Lutomirski * Anyone diagnosing a failure will want to know whether the kernel
22315c82d98SH. Peter Anvin (Intel) * supports x32. Tell them. This can also be used to conditionalize
22415c82d98SH. Peter Anvin (Intel) * tests based on existence or nonexistence of x32.
2256365b842SAndy Lutomirski */
test_x32(void)22615c82d98SH. Peter Anvin (Intel) static bool test_x32(void)
22715c82d98SH. Peter Anvin (Intel) {
22815c82d98SH. Peter Anvin (Intel) long long ret;
229c5c39488SH. Peter Anvin (Intel) pid_t mypid = getpid();
23015c82d98SH. Peter Anvin (Intel)
231c5c39488SH. Peter Anvin (Intel) run("Checking for x32 by calling x32 getpid()\n");
23215c82d98SH. Peter Anvin (Intel) ret = probe_syscall(0, SYS_GETPID | X32_BIT);
23315c82d98SH. Peter Anvin (Intel)
234*795e2a02SH. Peter Anvin (Intel) sh->indent++;
23515c82d98SH. Peter Anvin (Intel) if (ret == mypid) {
236c5c39488SH. Peter Anvin (Intel) info("x32 is supported\n");
237c5c39488SH. Peter Anvin (Intel) with_x32 = true;
23815c82d98SH. Peter Anvin (Intel) } else if (ret == -ENOSYS) {
239c5c39488SH. Peter Anvin (Intel) info("x32 is not supported\n");
240c5c39488SH. Peter Anvin (Intel) with_x32 = false;
2416365b842SAndy Lutomirski } else {
242*795e2a02SH. Peter Anvin (Intel) fail("x32 getpid() returned %lld, but it should have returned either %lld or -ENOSYS\n", ret, (long long)mypid);
243c5c39488SH. Peter Anvin (Intel) with_x32 = false;
24415c82d98SH. Peter Anvin (Intel) }
245*795e2a02SH. Peter Anvin (Intel) sh->indent--;
246c5c39488SH. Peter Anvin (Intel) return with_x32;
2476365b842SAndy Lutomirski }
2486365b842SAndy Lutomirski
test_syscalls_common(int msb)24915c82d98SH. Peter Anvin (Intel) static void test_syscalls_common(int msb)
25015c82d98SH. Peter Anvin (Intel) {
251*795e2a02SH. Peter Anvin (Intel) enum ptrace_pass pass = sh->ptrace_pass;
252*795e2a02SH. Peter Anvin (Intel)
253c5c39488SH. Peter Anvin (Intel) run("Checking some common syscalls as 64 bit\n");
25415c82d98SH. Peter Anvin (Intel) check_zero(msb, SYS_READ);
25515c82d98SH. Peter Anvin (Intel) check_zero(msb, SYS_WRITE);
2566365b842SAndy Lutomirski
257c5c39488SH. Peter Anvin (Intel) run("Checking some 64-bit only syscalls as 64 bit\n");
25815c82d98SH. Peter Anvin (Intel) check_zero(msb, X64_READV);
25915c82d98SH. Peter Anvin (Intel) check_zero(msb, X64_WRITEV);
26015c82d98SH. Peter Anvin (Intel)
261c5c39488SH. Peter Anvin (Intel) run("Checking out of range system calls\n");
262*795e2a02SH. Peter Anvin (Intel) check_for(msb, -64, -2, -ENOSYS);
263*795e2a02SH. Peter Anvin (Intel) if (pass >= PTP_FUZZRET)
264*795e2a02SH. Peter Anvin (Intel) check_for(msb, -1, -1, MODIFIED_BY_PTRACE);
265*795e2a02SH. Peter Anvin (Intel) else
266*795e2a02SH. Peter Anvin (Intel) check_for(msb, -1, -1, -ENOSYS);
26715c82d98SH. Peter Anvin (Intel) check_for(msb, X32_BIT-64, X32_BIT-1, -ENOSYS);
26815c82d98SH. Peter Anvin (Intel) check_for(msb, -64-X32_BIT, -1-X32_BIT, -ENOSYS);
26915c82d98SH. Peter Anvin (Intel) check_for(msb, INT_MAX-64, INT_MAX-1, -ENOSYS);
27015c82d98SH. Peter Anvin (Intel) }
27115c82d98SH. Peter Anvin (Intel)
test_syscalls_with_x32(int msb)27215c82d98SH. Peter Anvin (Intel) static void test_syscalls_with_x32(int msb)
27315c82d98SH. Peter Anvin (Intel) {
27415c82d98SH. Peter Anvin (Intel) /*
27515c82d98SH. Peter Anvin (Intel) * Syscalls 512-547 are "x32" syscalls. They are
27615c82d98SH. Peter Anvin (Intel) * intended to be called with the x32 (0x40000000) bit
27715c82d98SH. Peter Anvin (Intel) * set. Calling them without the x32 bit set is
27815c82d98SH. Peter Anvin (Intel) * nonsense and should not work.
27915c82d98SH. Peter Anvin (Intel) */
280c5c39488SH. Peter Anvin (Intel) run("Checking x32 syscalls as 64 bit\n");
28115c82d98SH. Peter Anvin (Intel) check_for(msb, 512, 547, -ENOSYS);
28215c82d98SH. Peter Anvin (Intel)
283c5c39488SH. Peter Anvin (Intel) run("Checking some common syscalls as x32\n");
28415c82d98SH. Peter Anvin (Intel) check_zero(msb, SYS_READ | X32_BIT);
28515c82d98SH. Peter Anvin (Intel) check_zero(msb, SYS_WRITE | X32_BIT);
28615c82d98SH. Peter Anvin (Intel)
287c5c39488SH. Peter Anvin (Intel) run("Checking some x32 syscalls as x32\n");
28815c82d98SH. Peter Anvin (Intel) check_zero(msb, X32_READV | X32_BIT);
28915c82d98SH. Peter Anvin (Intel) check_zero(msb, X32_WRITEV | X32_BIT);
29015c82d98SH. Peter Anvin (Intel)
291c5c39488SH. Peter Anvin (Intel) run("Checking some 64-bit syscalls as x32\n");
29215c82d98SH. Peter Anvin (Intel) check_enosys(msb, X64_IOCTL | X32_BIT);
29315c82d98SH. Peter Anvin (Intel) check_enosys(msb, X64_READV | X32_BIT);
29415c82d98SH. Peter Anvin (Intel) check_enosys(msb, X64_WRITEV | X32_BIT);
29515c82d98SH. Peter Anvin (Intel) }
29615c82d98SH. Peter Anvin (Intel)
test_syscalls_without_x32(int msb)29715c82d98SH. Peter Anvin (Intel) static void test_syscalls_without_x32(int msb)
29815c82d98SH. Peter Anvin (Intel) {
299c5c39488SH. Peter Anvin (Intel) run("Checking for absence of x32 system calls\n");
30015c82d98SH. Peter Anvin (Intel) check_for(msb, 0 | X32_BIT, 999 | X32_BIT, -ENOSYS);
30115c82d98SH. Peter Anvin (Intel) }
30215c82d98SH. Peter Anvin (Intel)
test_syscall_numbering(void)30315c82d98SH. Peter Anvin (Intel) static void test_syscall_numbering(void)
30415c82d98SH. Peter Anvin (Intel) {
30515c82d98SH. Peter Anvin (Intel) static const int msbs[] = {
30615c82d98SH. Peter Anvin (Intel) 0, 1, -1, X32_BIT-1, X32_BIT, X32_BIT-1, -X32_BIT, INT_MAX,
30715c82d98SH. Peter Anvin (Intel) INT_MIN, INT_MIN+1
30815c82d98SH. Peter Anvin (Intel) };
309*795e2a02SH. Peter Anvin (Intel)
310*795e2a02SH. Peter Anvin (Intel) sh->indent++;
31115c82d98SH. Peter Anvin (Intel)
31215c82d98SH. Peter Anvin (Intel) /*
31315c82d98SH. Peter Anvin (Intel) * The MSB is supposed to be ignored, so we loop over a few
31415c82d98SH. Peter Anvin (Intel) * to test that out.
31515c82d98SH. Peter Anvin (Intel) */
31615c82d98SH. Peter Anvin (Intel) for (size_t i = 0; i < sizeof(msbs)/sizeof(msbs[0]); i++) {
31715c82d98SH. Peter Anvin (Intel) int msb = msbs[i];
318c5c39488SH. Peter Anvin (Intel) run("Checking system calls with msb = %d (0x%x)\n",
31915c82d98SH. Peter Anvin (Intel) msb, msb);
32015c82d98SH. Peter Anvin (Intel)
321*795e2a02SH. Peter Anvin (Intel) sh->indent++;
322c5c39488SH. Peter Anvin (Intel)
32315c82d98SH. Peter Anvin (Intel) test_syscalls_common(msb);
32415c82d98SH. Peter Anvin (Intel) if (with_x32)
32515c82d98SH. Peter Anvin (Intel) test_syscalls_with_x32(msb);
32615c82d98SH. Peter Anvin (Intel) else
32715c82d98SH. Peter Anvin (Intel) test_syscalls_without_x32(msb);
328c5c39488SH. Peter Anvin (Intel)
329*795e2a02SH. Peter Anvin (Intel) sh->indent--;
330*795e2a02SH. Peter Anvin (Intel) }
331*795e2a02SH. Peter Anvin (Intel)
332*795e2a02SH. Peter Anvin (Intel) sh->indent--;
333*795e2a02SH. Peter Anvin (Intel) }
334*795e2a02SH. Peter Anvin (Intel)
syscall_numbering_tracee(void)335*795e2a02SH. Peter Anvin (Intel) static void syscall_numbering_tracee(void)
336*795e2a02SH. Peter Anvin (Intel) {
337*795e2a02SH. Peter Anvin (Intel) enum ptrace_pass pass;
338*795e2a02SH. Peter Anvin (Intel)
339*795e2a02SH. Peter Anvin (Intel) if (ptrace(PTRACE_TRACEME, 0, 0, 0)) {
340*795e2a02SH. Peter Anvin (Intel) crit("Failed to request tracing\n");
341*795e2a02SH. Peter Anvin (Intel) return;
342*795e2a02SH. Peter Anvin (Intel) }
343*795e2a02SH. Peter Anvin (Intel) raise(SIGSTOP);
344*795e2a02SH. Peter Anvin (Intel)
345*795e2a02SH. Peter Anvin (Intel) for (sh->ptrace_pass = pass = PTP_NOTHING; pass < PTP_DONE;
346*795e2a02SH. Peter Anvin (Intel) sh->ptrace_pass = ++pass) {
347*795e2a02SH. Peter Anvin (Intel) run("Running tests under ptrace: %s\n", ptrace_pass_name[pass]);
348*795e2a02SH. Peter Anvin (Intel) test_syscall_numbering();
349*795e2a02SH. Peter Anvin (Intel) }
350*795e2a02SH. Peter Anvin (Intel) }
351*795e2a02SH. Peter Anvin (Intel)
mess_with_syscall(pid_t testpid,enum ptrace_pass pass)352*795e2a02SH. Peter Anvin (Intel) static void mess_with_syscall(pid_t testpid, enum ptrace_pass pass)
353*795e2a02SH. Peter Anvin (Intel) {
354*795e2a02SH. Peter Anvin (Intel) struct user_regs_struct regs;
355*795e2a02SH. Peter Anvin (Intel)
356*795e2a02SH. Peter Anvin (Intel) sh->probing_syscall = false; /* Do this on entry only */
357*795e2a02SH. Peter Anvin (Intel)
358*795e2a02SH. Peter Anvin (Intel) /* For these, don't even getregs */
359*795e2a02SH. Peter Anvin (Intel) if (pass == PTP_NOTHING || pass == PTP_DONE)
360*795e2a02SH. Peter Anvin (Intel) return;
361*795e2a02SH. Peter Anvin (Intel)
362*795e2a02SH. Peter Anvin (Intel) ptrace(PTRACE_GETREGS, testpid, NULL, ®s);
363*795e2a02SH. Peter Anvin (Intel)
364*795e2a02SH. Peter Anvin (Intel) if (regs.orig_rax != regs.rbx) {
365*795e2a02SH. Peter Anvin (Intel) fail("orig_rax %#llx doesn't match syscall number %#llx\n",
366*795e2a02SH. Peter Anvin (Intel) (unsigned long long)regs.orig_rax,
367*795e2a02SH. Peter Anvin (Intel) (unsigned long long)regs.rbx);
368*795e2a02SH. Peter Anvin (Intel) }
369*795e2a02SH. Peter Anvin (Intel)
370*795e2a02SH. Peter Anvin (Intel) switch (pass) {
371*795e2a02SH. Peter Anvin (Intel) case PTP_GETREGS:
372*795e2a02SH. Peter Anvin (Intel) /* Just read, no writeback */
373*795e2a02SH. Peter Anvin (Intel) return;
374*795e2a02SH. Peter Anvin (Intel) case PTP_WRITEBACK:
375*795e2a02SH. Peter Anvin (Intel) /* Write back the same register state verbatim */
376*795e2a02SH. Peter Anvin (Intel) break;
377*795e2a02SH. Peter Anvin (Intel) case PTP_FUZZRET:
378*795e2a02SH. Peter Anvin (Intel) regs.rax = MODIFIED_BY_PTRACE;
379*795e2a02SH. Peter Anvin (Intel) break;
380*795e2a02SH. Peter Anvin (Intel) case PTP_FUZZHIGH:
381*795e2a02SH. Peter Anvin (Intel) regs.rax = MODIFIED_BY_PTRACE;
382*795e2a02SH. Peter Anvin (Intel) regs.orig_rax = regs.orig_rax | 0xffffffff00000000ULL;
383*795e2a02SH. Peter Anvin (Intel) break;
384*795e2a02SH. Peter Anvin (Intel) case PTP_INTNUM:
385*795e2a02SH. Peter Anvin (Intel) regs.rax = MODIFIED_BY_PTRACE;
386*795e2a02SH. Peter Anvin (Intel) regs.orig_rax = (int)regs.orig_rax;
387*795e2a02SH. Peter Anvin (Intel) break;
388*795e2a02SH. Peter Anvin (Intel) default:
389*795e2a02SH. Peter Anvin (Intel) crit("invalid ptrace_pass\n");
390*795e2a02SH. Peter Anvin (Intel) break;
391*795e2a02SH. Peter Anvin (Intel) }
392*795e2a02SH. Peter Anvin (Intel)
393*795e2a02SH. Peter Anvin (Intel) ptrace(PTRACE_SETREGS, testpid, NULL, ®s);
394*795e2a02SH. Peter Anvin (Intel) }
395*795e2a02SH. Peter Anvin (Intel)
syscall_numbering_tracer(pid_t testpid)396*795e2a02SH. Peter Anvin (Intel) static void syscall_numbering_tracer(pid_t testpid)
397*795e2a02SH. Peter Anvin (Intel) {
398*795e2a02SH. Peter Anvin (Intel) int wstatus;
399*795e2a02SH. Peter Anvin (Intel)
400*795e2a02SH. Peter Anvin (Intel) do {
401*795e2a02SH. Peter Anvin (Intel) pid_t wpid = waitpid(testpid, &wstatus, 0);
402*795e2a02SH. Peter Anvin (Intel) if (wpid < 0 && errno != EINTR)
403*795e2a02SH. Peter Anvin (Intel) break;
404*795e2a02SH. Peter Anvin (Intel) if (wpid != testpid)
405*795e2a02SH. Peter Anvin (Intel) continue;
406*795e2a02SH. Peter Anvin (Intel) if (!WIFSTOPPED(wstatus))
407*795e2a02SH. Peter Anvin (Intel) break; /* Thread exited? */
408*795e2a02SH. Peter Anvin (Intel)
409*795e2a02SH. Peter Anvin (Intel) if (sh->probing_syscall && WSTOPSIG(wstatus) == SIGTRAP)
410*795e2a02SH. Peter Anvin (Intel) mess_with_syscall(testpid, sh->ptrace_pass);
411*795e2a02SH. Peter Anvin (Intel) } while (sh->ptrace_pass != PTP_DONE &&
412*795e2a02SH. Peter Anvin (Intel) !ptrace(PTRACE_SYSCALL, testpid, NULL, NULL));
413*795e2a02SH. Peter Anvin (Intel)
414*795e2a02SH. Peter Anvin (Intel) ptrace(PTRACE_DETACH, testpid, NULL, NULL);
415*795e2a02SH. Peter Anvin (Intel)
416*795e2a02SH. Peter Anvin (Intel) /* Wait for the child process to terminate */
417*795e2a02SH. Peter Anvin (Intel) while (waitpid(testpid, &wstatus, 0) != testpid || !WIFEXITED(wstatus))
418*795e2a02SH. Peter Anvin (Intel) /* wait some more */;
419*795e2a02SH. Peter Anvin (Intel) }
420*795e2a02SH. Peter Anvin (Intel)
test_traced_syscall_numbering(void)421*795e2a02SH. Peter Anvin (Intel) static void test_traced_syscall_numbering(void)
422*795e2a02SH. Peter Anvin (Intel) {
423*795e2a02SH. Peter Anvin (Intel) pid_t testpid;
424*795e2a02SH. Peter Anvin (Intel)
425*795e2a02SH. Peter Anvin (Intel) /* Launch the test thread; this thread continues as the tracer thread */
426*795e2a02SH. Peter Anvin (Intel) testpid = fork();
427*795e2a02SH. Peter Anvin (Intel)
428*795e2a02SH. Peter Anvin (Intel) if (testpid < 0) {
429*795e2a02SH. Peter Anvin (Intel) crit("Unable to launch tracer process\n");
430*795e2a02SH. Peter Anvin (Intel) } else if (testpid == 0) {
431*795e2a02SH. Peter Anvin (Intel) syscall_numbering_tracee();
432*795e2a02SH. Peter Anvin (Intel) _exit(0);
433*795e2a02SH. Peter Anvin (Intel) } else {
434*795e2a02SH. Peter Anvin (Intel) syscall_numbering_tracer(testpid);
43515c82d98SH. Peter Anvin (Intel) }
43615c82d98SH. Peter Anvin (Intel) }
43715c82d98SH. Peter Anvin (Intel)
main(void)43815c82d98SH. Peter Anvin (Intel) int main(void)
43915c82d98SH. Peter Anvin (Intel) {
440*795e2a02SH. Peter Anvin (Intel) unsigned int nerr;
441*795e2a02SH. Peter Anvin (Intel)
44215c82d98SH. Peter Anvin (Intel) /*
44315c82d98SH. Peter Anvin (Intel) * It is quite likely to get a segfault on a failure, so make
44415c82d98SH. Peter Anvin (Intel) * sure the message gets out by setting stdout to nonbuffered.
44515c82d98SH. Peter Anvin (Intel) */
44615c82d98SH. Peter Anvin (Intel) setvbuf(stdout, NULL, _IONBF, 0);
44715c82d98SH. Peter Anvin (Intel)
44815c82d98SH. Peter Anvin (Intel) /*
44915c82d98SH. Peter Anvin (Intel) * Harmless file descriptor to work on...
45015c82d98SH. Peter Anvin (Intel) */
45115c82d98SH. Peter Anvin (Intel) nullfd = open("/dev/null", O_RDWR);
45215c82d98SH. Peter Anvin (Intel) if (nullfd < 0) {
453c5c39488SH. Peter Anvin (Intel) crit("Unable to open /dev/null: %s\n", strerror(errno));
45415c82d98SH. Peter Anvin (Intel) }
45515c82d98SH. Peter Anvin (Intel)
456*795e2a02SH. Peter Anvin (Intel) /*
457*795e2a02SH. Peter Anvin (Intel) * Set up a block of shared memory...
458*795e2a02SH. Peter Anvin (Intel) */
459*795e2a02SH. Peter Anvin (Intel) sh = mmap(NULL, sysconf(_SC_PAGE_SIZE), PROT_READ|PROT_WRITE,
460*795e2a02SH. Peter Anvin (Intel) MAP_ANONYMOUS|MAP_SHARED, 0, 0);
461*795e2a02SH. Peter Anvin (Intel) if (sh == MAP_FAILED) {
462*795e2a02SH. Peter Anvin (Intel) crit("Unable to allocated shared memory block: %s\n",
463*795e2a02SH. Peter Anvin (Intel) strerror(errno));
464*795e2a02SH. Peter Anvin (Intel) }
465*795e2a02SH. Peter Anvin (Intel)
466*795e2a02SH. Peter Anvin (Intel) with_x32 = test_x32();
467*795e2a02SH. Peter Anvin (Intel)
468*795e2a02SH. Peter Anvin (Intel) run("Running tests without ptrace...\n");
46915c82d98SH. Peter Anvin (Intel) test_syscall_numbering();
470*795e2a02SH. Peter Anvin (Intel)
471*795e2a02SH. Peter Anvin (Intel) test_traced_syscall_numbering();
472*795e2a02SH. Peter Anvin (Intel)
473*795e2a02SH. Peter Anvin (Intel) nerr = sh->nerr;
47415c82d98SH. Peter Anvin (Intel) if (!nerr) {
475c5c39488SH. Peter Anvin (Intel) ok("All system calls succeeded or failed as expected\n");
47615c82d98SH. Peter Anvin (Intel) return 0;
47715c82d98SH. Peter Anvin (Intel) } else {
478c5c39488SH. Peter Anvin (Intel) fail("A total of %u system call%s had incorrect behavior\n",
47915c82d98SH. Peter Anvin (Intel) nerr, nerr != 1 ? "s" : "");
48015c82d98SH. Peter Anvin (Intel) return 1;
48115c82d98SH. Peter Anvin (Intel) }
4826365b842SAndy Lutomirski }
483