• Dmitry V. Levin's avatar
    parisc: Fix ptrace syscall number modification · 594b5b09
    Dmitry V. Levin authored
    commit b7dc5a07 upstream.
    
    Commit 910cd32e ("parisc: Fix and enable seccomp filter support")
    introduced a regression in ptrace-based syscall tampering: when tracer
    changes syscall number to -1, the kernel fails to initialize %r28 with
    -ENOSYS and subsequently fails to return the error code of the failed
    syscall to userspace.
    
    This erroneous behaviour could be observed with a simple strace syscall
    fault injection command which is expected to print something like this:
    
    $ strace -a0 -ewrite -einject=write:error=enospc echo hello
    write(1, "hello\n", 6) = -1 ENOSPC (No space left on device) (INJECTED)
    write(2, "echo: ", 6) = -1 ENOSPC (No space left on device) (INJECTED)
    write(2, "write error", 11) = -1 ENOSPC (No space left on device) (INJECTED)
    write(2, "\n", 1) = -1 ENOSPC (No space left on device) (INJECTED)
    +++ exited with 1 +++
    
    After commit 910cd32e it loops printing
    something like this instead:
    
    write(1, "hello\n", 6../strace: Failed to tamper with process 12345: unexpectedly got no error (return value 0, error 0)
    ) = 0 (INJECTED)
    
    This bug was found by strace test suite.
    
    Fixes: 910cd32e ("parisc: Fix and enable seccomp filter support")
    Cc: stable@vger.kernel.org # v4.5+
    Signed-off-by: 's avatarDmitry V. Levin <ldv@altlinux.org>
    Tested-by: 's avatarHelge Deller <deller@gmx.de>
    Signed-off-by: 's avatarHelge Deller <deller@gmx.de>
    Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    594b5b09
ptrace.c 21.4 KB