From: Dominik Brodowski <linux@dominikbrodowski.net>
To: David Laight <David.Laight@ACULAB.COM>
Cc: Matthew Wilcox <willy@infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"viro@ZenIV.linux.org.uk" <viro@ZenIV.linux.org.uk>,
"torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
"arnd@arndb.de" <arnd@arndb.de>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"hmclauchlan@fb.com" <hmclauchlan@fb.com>,
"tautschn@amazon.co.uk" <tautschn@amazon.co.uk>,
Amir Goldstein <amir73il@gmail.com>,
Andi Kleen <ak@linux.intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
Christoph Hellwig <hch@infradead.org>,
Darren Hart <dvhart@infradead.org>,
"David S . Miller" <davem@davemloft.net>,
"Eric W . Biederman" <ebiederm@xmission.com>,
"H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@kernel.org>,
Jaswinder Singh <jaswinder@infradead.org>,
Jeff Dike <jdike@addtoit.com>, Jiri Slaby <jslaby@suse.com>,
"kexec@lists.infradead.org" <kexec@lists.infradead.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"Luis R . Rodriguez" <mcgrof@kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
"user-mode-linux-devel@lists.sourceforge.net"
<user-mode-linux-devel@lists.sourceforge.net>,
"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH 000/109] remove in-kernel calls to syscalls
Date: Thu, 29 Mar 2018 16:55:26 +0200 [thread overview]
Message-ID: <20180329145526.GA1414@isilmar-4.linta.de> (raw)
In-Reply-To: <07438b1e94ff42a184adb7134a680069@AcuMS.aculab.com>
On Thu, Mar 29, 2018 at 02:46:44PM +0000, David Laight wrote:
> From: Dominik Brodowski
> > Sent: 29 March 2018 15:42
> > On Thu, Mar 29, 2018 at 07:20:27AM -0700, Matthew Wilcox wrote:
> > > On Thu, Mar 29, 2018 at 01:22:37PM +0200, Dominik Brodowski wrote:
> > > > At least on 64-bit x86, it will likely be a hard requirement from v4.17
> > > > onwards to not call system call functions in the kernel: It is better to
> > > > use use a different calling convention for system calls there, where
> > > > struct pt_regs is decoded on-the-fly in a syscall wrapper which then hands
> > > > processing over to the actual syscall function. This means that only those
> > > > parameters which are actually needed for a specific syscall are passed on
> > > > during syscall entry, instead of filling in six CPU registers with random
> > > > user space content all the time (which may cause serious trouble down the
> > > > call chain).[*]
> > >
> > > How do we stop new ones from springing up? Some kind of linker trick
> > > like was used to, er, "dissuade" people from using gets()?
> >
> > Once the patches which modify the syscall calling convention are merged,
> > it won't compile on 64-bit x86, but bark loudly. That should frighten anyone.
> > Meow.
>
> Should be pretty easy to ensure the prototypes aren't in any normal header.
That's exactly why the compile will fail.
> Renaming the global symbols (to not match the function name) will make it
> much harder to call them as well.
That still depends on the exact design of the patchset, which is still under
review.
Thanks,
Dominik
prev parent reply other threads:[~2018-03-29 14:55 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-29 11:22 Dominik Brodowski
2018-03-29 11:23 ` [PATCH 044/109] mm: add kernel_migrate_pages() helper, move compat syscall to mm/mempolicy.c Dominik Brodowski
2018-03-29 11:23 ` [PATCH 045/109] mm: add kernel_move_pages() helper, move compat syscall to mm/migrate.c Dominik Brodowski
2018-03-29 11:23 ` [PATCH 046/109] mm: add kernel_mbind() helper; remove in-kernel call to syscall Dominik Brodowski
2018-03-29 11:23 ` [PATCH 047/109] mm: add kernel_[sg]et_mempolicy() helpers; remove in-kernel calls to syscalls Dominik Brodowski
2018-03-29 11:24 ` [PATCH 096/109] mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64() Dominik Brodowski
2018-03-29 11:24 ` [PATCH 097/109] mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff() Dominik Brodowski
2018-03-29 11:24 ` [PATCH 098/109] mm: add ksys_readahead() helper; remove in-kernel calls to sys_readahead() Dominik Brodowski
2018-03-29 14:20 ` [PATCH 000/109] remove in-kernel calls to syscalls Matthew Wilcox
2018-03-29 14:42 ` Dominik Brodowski
2018-03-29 14:46 ` David Laight
2018-03-29 14:55 ` Dominik Brodowski [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180329145526.GA1414@isilmar-4.linta.de \
--to=linux@dominikbrodowski.net \
--cc=David.Laight@ACULAB.COM \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=amir73il@gmail.com \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=dvhart@infradead.org \
--cc=ebiederm@xmission.com \
--cc=hch@infradead.org \
--cc=hmclauchlan@fb.com \
--cc=hpa@zytor.com \
--cc=jaswinder@infradead.org \
--cc=jdike@addtoit.com \
--cc=jslaby@suse.com \
--cc=kexec@lists.infradead.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=mingo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=tautschn@amazon.co.uk \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=user-mode-linux-devel@lists.sourceforge.net \
--cc=viro@ZenIV.linux.org.uk \
--cc=willy@infradead.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox