diff --git a/sys/amd64/amd64/trap.c b/sys/amd64/amd64/trap.c --- a/sys/amd64/amd64/trap.c +++ b/sys/amd64/amd64/trap.c @@ -1033,7 +1033,7 @@ } if (sa->code >= p->p_sysent->sv_size) - sa->callp = &p->p_sysent->sv_table[0]; + sa->callp = &nosys_sysent; else sa->callp = &p->p_sysent->sv_table[sa->code]; diff --git a/sys/amd64/linux/linux_sysvec.c b/sys/amd64/linux/linux_sysvec.c --- a/sys/amd64/linux/linux_sysvec.c +++ b/sys/amd64/linux/linux_sysvec.c @@ -159,7 +159,7 @@ if (sa->code >= p->p_sysent->sv_size) /* nosys */ - sa->callp = &p->p_sysent->sv_table[p->p_sysent->sv_size - 1]; + sa->callp = &nosys_sysent; else sa->callp = &p->p_sysent->sv_table[sa->code]; @@ -701,7 +701,7 @@ .sv_fixlimit = NULL, .sv_maxssiz = NULL, .sv_flags = SV_ABI_LINUX | SV_LP64 | SV_SHP | SV_SIG_DISCIGN | - SV_SIG_WAITNDQ | SV_TIMEKEEP, + SV_SIG_WAITNDQ | SV_TIMEKEEP | SV_NOSYS_NOSIG, .sv_set_syscall_retval = linux_set_syscall_retval, .sv_fetch_syscall_args = linux_fetch_syscall_args, .sv_syscallnames = linux_syscallnames, diff --git a/sys/amd64/linux32/linux32_sysvec.c b/sys/amd64/linux32/linux32_sysvec.c --- a/sys/amd64/linux32/linux32_sysvec.c +++ b/sys/amd64/linux32/linux32_sysvec.c @@ -531,7 +531,7 @@ if (sa->code >= p->p_sysent->sv_size) /* nosys */ - sa->callp = &p->p_sysent->sv_table[p->p_sysent->sv_size - 1]; + sa->callp = &nosys_sysent; else sa->callp = &p->p_sysent->sv_table[sa->code]; @@ -799,7 +799,7 @@ .sv_fixlimit = linux32_fixlimit, .sv_maxssiz = &linux32_maxssiz, .sv_flags = SV_ABI_LINUX | SV_ILP32 | SV_IA32 | SV_SHP | - SV_SIG_DISCIGN | SV_SIG_WAITNDQ | SV_TIMEKEEP, + SV_SIG_DISCIGN | SV_SIG_WAITNDQ | SV_TIMEKEEP | SV_NOSYS_NOSIG, .sv_set_syscall_retval = linux32_set_syscall_retval, .sv_fetch_syscall_args = linux32_fetch_syscall_args, .sv_syscallnames = linux32_syscallnames, diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -159,6 +159,10 @@ SYSCTL_INT(_kern, OID_AUTO, lognosys, CTLFLAG_RWTUN, &kern_lognosys, 0, "Log invalid syscalls"); +static int kern_signosys = 1; +SYSCTL_INT(_kern, OID_AUTO, signosys, CTLFLAG_RWTUN, &kern_signosys, 0, + "Send SIGSYS on return from invalid syscall"); + __read_frequently bool sigfastblock_fetch_always = false; SYSCTL_BOOL(_kern, OID_AUTO, sigfastblock_fetch_always, CTLFLAG_RWTUN, &sigfastblock_fetch_always, 0, @@ -2686,7 +2690,8 @@ audited = AUDIT_SYSCALL_ENTER(sc, td) != 0; if (!sy_thr_static) { - error = syscall_thread_enter(td, se); + error = syscall_thread_enter(td, &se); + sy_thr_static = (se->sy_thrcnt & SY_THR_STATIC) != 0; if (error != 0) { tsr->ts_ret.sr_error = error; return; @@ -4218,9 +4223,11 @@ p = td->td_proc; - PROC_LOCK(p); - tdsignal(td, SIGSYS); - PROC_UNLOCK(p); + if (SV_PROC_FLAG(p, SV_NOSYS_NOSIG) == 0 && kern_signosys) { + PROC_LOCK(p); + tdsignal(td, SIGSYS); + PROC_UNLOCK(p); + } if (kern_lognosys == 1 || kern_lognosys == 3) { uprintf("pid %d comm %s: nosys %d\n", p->p_pid, p->p_comm, td->td_sa.code); diff --git a/sys/kern/kern_syscalls.c b/sys/kern/kern_syscalls.c --- a/sys/kern/kern_syscalls.c +++ b/sys/kern/kern_syscalls.c @@ -61,6 +61,17 @@ return (nosys(td, args)); } +struct sysent nosys_sysent = { + .sy_call = (sy_call_t *)nosys, + .sy_systrace_args_func = NULL, + .sy_narg = 0, + .sy_flags = SYF_CAPENABLED, + .sy_auevent = AUE_NULL, + .sy_entry = 0, /* DTRACE_IDNONE */ + .sy_return = 0, + .sy_thrcnt = SY_THR_STATIC, +}; + static void syscall_thread_drain(struct sysent *se) { @@ -78,19 +89,21 @@ } int -syscall_thread_enter(struct thread *td, struct sysent *se) +syscall_thread_enter(struct thread *td, struct sysent **se) { uint32_t cnt, oldcnt; - KASSERT((se->sy_thrcnt & SY_THR_STATIC) == 0, + KASSERT(((*se)->sy_thrcnt & SY_THR_STATIC) == 0, ("%s: not a static syscall", __func__)); do { - oldcnt = se->sy_thrcnt; - if ((oldcnt & (SY_THR_DRAINING | SY_THR_ABSENT)) != 0) - return (ENOSYS); + oldcnt = (*se)->sy_thrcnt; + if ((oldcnt & (SY_THR_DRAINING | SY_THR_ABSENT)) != 0) { + *se = &nosys_sysent; + return (0); + } cnt = oldcnt + SY_THR_INCR; - } while (atomic_cmpset_acq_32(&se->sy_thrcnt, oldcnt, cnt) == 0); + } while (atomic_cmpset_acq_32(&(*se)->sy_thrcnt, oldcnt, cnt) == 0); return (0); } diff --git a/sys/kern/subr_syscall.c b/sys/kern/subr_syscall.c --- a/sys/kern/subr_syscall.c +++ b/sys/kern/subr_syscall.c @@ -144,7 +144,8 @@ AUDIT_SYSCALL_ENTER(sa->code, td) || !sy_thr_static)) { if (!sy_thr_static) { - error = syscall_thread_enter(td, se); + error = syscall_thread_enter(td, &se); + sy_thr_static = (se->sy_thrcnt & SY_THR_STATIC) != 0; if (error != 0) { td->td_errno = error; goto retval; diff --git a/sys/sys/sysent.h b/sys/sys/sysent.h --- a/sys/sys/sysent.h +++ b/sys/sys/sysent.h @@ -164,7 +164,7 @@ #define SV_IA32 0x004000 /* Intel 32-bit executable. */ #define SV_AOUT 0x008000 /* a.out executable. */ #define SV_SHP 0x010000 /* Shared page. */ -#define SV_AVAIL1 0x020000 /* Unused */ +#define SV_NOSYS_NOSIG 0x020000 /* No SIGSYS for non-existing syscall */ #define SV_TIMEKEEP 0x040000 /* Shared page timehands. */ #define SV_ASLR 0x080000 /* ASLR allowed. */ #define SV_RNG_SEED_VER 0x100000 /* random(4) reseed generation. */ @@ -191,6 +191,7 @@ extern struct sysentvec aout_sysvec; extern struct sysent sysent[]; extern const char *syscallnames[]; +extern struct sysent nosys_sysent; struct nosys_args { register_t dummy; @@ -319,7 +320,7 @@ int lkmnosys(struct thread *, struct nosys_args *); int lkmressys(struct thread *, struct nosys_args *); -int syscall_thread_enter(struct thread *td, struct sysent *se); +int syscall_thread_enter(struct thread *td, struct sysent **se); void syscall_thread_exit(struct thread *td, struct sysent *se); int shared_page_alloc(int size, int align); diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -48,6 +48,7 @@ ATF_TESTS_C+= unix_socketpair_test ATF_TESTS_C+= waitpid_nohang ATF_TESTS_C+= pdeathsig +ATF_TESTS_C+= sigsys ATF_TESTS_SH+= coredump_phnum_test ATF_TESTS_SH+= sonewconn_overflow diff --git a/tests/sys/kern/sigsys.c b/tests/sys/kern/sigsys.c new file mode 100644 --- /dev/null +++ b/tests/sys/kern/sigsys.c @@ -0,0 +1,66 @@ +/*- + * Copyright (c) 2023 The FreeBSD Foundation + * + * SPDX-License-Identifier: BSD-2-Clause + * + * This software were developed by Konstantin Belousov + * under sponsorship from the FreeBSD Foundation. + */ + +#include + +#include +#include +#include +#include +#include +#include + +int sigsys_cnt; + +static void +sigsys_handler(int signo, siginfo_t *si, void *ucp) +{ + sigsys_cnt++; +} + +ATF_TC(sigsys_test); + +ATF_TC_HEAD(sigsys_test, tc) +{ + atf_tc_set_md_var(tc, "descr", + "Testing delivery of SIGSYS on invalid syscalls"); +} + +ATF_TC_BODY(sigsys_test, tc) +{ + struct sigaction sa; + + memset(&sa, 0, sizeof(sa)); + sa.sa_sigaction = sigsys_handler; + sa.sa_flags = SA_SIGINFO; + ATF_REQUIRE(sigaction(SIGSYS, &sa, NULL) == 0); + + ATF_REQUIRE(syscall(273) == -1); /* reserved */ + atomic_signal_fence(memory_order_seq_cst); + ATF_REQUIRE(sigsys_cnt == 1); + + ATF_REQUIRE(syscall(440) == -1); /* SYS_kse_switchin */ + atomic_signal_fence(memory_order_seq_cst); + ATF_REQUIRE(sigsys_cnt == 2); + + /* Hope this is enough for say next two months */ + ATF_REQUIRE(syscall(3000000) == -1); + atomic_signal_fence(memory_order_seq_cst); + ATF_REQUIRE(sigsys_cnt == 3); + + ATF_REQUIRE(syscall(SYS_afs3_syscall) == -1); + atomic_signal_fence(memory_order_seq_cst); + ATF_REQUIRE(sigsys_cnt == 4); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, sigsys_test); + return (atf_no_error()); +}