-
-
Save cwshu/823b95ed4c6aebdd0d535ec12a97912c to your computer and use it in GitHub Desktop.
#include "syscalls.h" | |
SYSCALL_DEFINE2(add, int, a, int, b){ | |
return a + b; | |
} |
// partial s2.i, only paste functions related to system call add | |
asmlinkage long sys_add(int a, int b) | |
__attribute__((alias(__stringify(SyS_add)))); | |
static inline long SYSC_add(int a, int b); | |
asmlinkage long SyS_add( | |
__typeof(__builtin_choose_expr((__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)), 0LL, 0L)) a, | |
__typeof(__builtin_choose_expr((__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)), 0LL, 0L)) b); | |
asmlinkage long SyS_add( | |
__typeof(__builtin_choose_expr((__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)), 0LL, 0L)) a, | |
__typeof(__builtin_choose_expr((__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)), 0LL, 0L)) b) { | |
long ret = SYSC_add((int) a, (int) b); | |
(void)BUILD_BUG_ON_ZERO(!(__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)) && sizeof(int) > sizeof(long)), | |
(void)BUILD_BUG_ON_ZERO(!(__same_type((int)0, 0LL) || __same_type((int)0, 0ULL)) && sizeof(int) > sizeof(long)); | |
asmlinkage_protect(2, ret, a, b); | |
return ret; | |
} | |
static inline long SYSC_add(int a, int b){ | |
return a + b; | |
} |
CVE-2009-0029: https://xorl.wordpress.com/2009/04/08/cve-2009-0029-linux-kernel-64bit-abi-signedness-issue/
SYSCALL_DEFINE: http://lxr.free-electrons.com/source/include/linux/syscalls.h?v=4.8#L194
__SC_LONG: http://lxr.free-electrons.com/source/include/linux/syscalls.h?v=4.8#L105
sys_add => SyS_add => SYSC_add
in SyS_add, all parameter type should be declared as long or [unsigned] long long type, by __SC_LONG
原來 Linux Inside 有挖過這邊,不過沒深入講 CVE-2009-0029 的內容:
https://github.com/0xAX/linux-insides/blob/master/SysCall/syscall-1.md#implementation-of-write-system-call
some ref of C Macro:
https://gcc.gnu.org/onlinedocs/cpp/index.html#SEC_Contents
3.4 Stringizing: #
3.5 Concatenation: ##
3.6 Varadic Macro: __VA_ARGS__
I think ch3.5's example is good.
without define CONFIG_FTRACE_SYSCALLS