Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

syscalls2 x64 and ARM64 do not support 32-bit syscalls #1525

Open
lacraig2 opened this issue Aug 20, 2024 · 4 comments
Open

syscalls2 x64 and ARM64 do not support 32-bit syscalls #1525

lacraig2 opened this issue Aug 20, 2024 · 4 comments

Comments

@lacraig2
Copy link
Member

This seems to have been a deliberate choice. I'd like to know if anyone has strong feelings about it.

If not, I'd propose we add support for it.

If people do care about it I think it'd be fine to add an argument to syscalls2 for one functionality or the other.

@LauraLMann it looks like git blame has you adding this so I want to make sure to get your input.

panda/panda/plugins/syscalls2/syscalls2.cpp

Lines 1044 to 1059 in 1b4c51b

else if (buf[0]== 0xCD && buf[1] == syscalls_profile->syscall_interrupt_number) {
#if defined(TARGET_X86_64)
LOG_WARNING("32-bit system call (int 0x80) found in 64-bit replay - ignoring\n");
return 0;
#else
return pc;
#endif
}
// Check if the instruction is sysenter (0F 34)
else if (buf[0]== 0x0F && buf[1] == 0x34) {
#if defined(TARGET_X86_64)
LOG_WARNING("32-bit sysenter found in 64-bit replay - ignoring\n");
return 0;
#else
return pc;
#endif

@LauraLMann
Copy link
Collaborator

Yes @lacraig2 , you can blame me for that. We didn't need it for what we were doing at the time, and I couldn't think of an easy way to implement it, so I put in those warnings instead.
As long as adding it doesn't break our regression tests, I can't imagine why we would have a problem with adding 32-bit system calls in syscalls2 x64. What do you think, @MarkMankins ?

@LauraLMann
Copy link
Collaborator

I have a vague recollection of thinking we'd have to support flipping back and forth between 64-bit syscalls and 32-bit syscalls in the same recording, but I may misunderstand how they really work. (I also recall reading a lot of manuals to try to figure out what was going on.)
It sounds like you are instead thinking @lacraig2 that the use cases would only involve one or the other, not both at the same time, if you can set at plugin startup time which bitness of system calls you are interested in for a 64-bit guest. Do I understand you right?

@MarkMankins
Copy link
Collaborator

This would be a nice feature to have.

@lacraig2
Copy link
Member Author

It sounds like you are instead thinking @lacraig2 that the use cases would only involve one or the other, not both at the same time, if you can set at plugin startup time which bitness of system calls you are interested in for a 64-bit guest. Do I understand you right?

I'm interested in handling any syscall that is valid for the target architecture in question in any order they are presented. On a 64-bit guest that means handling the backwards compatible 32-bit versions.

The prototypical case is actually MIPS64 which handles 3 separate ABIs by switching on the syscall number.
https://github.com/panda-re/panda/blob/dev/panda%2Fplugins%2Fsyscalls2%2Fsyscalls2.cpp#L904

It looks like ARM64 and x86_64 both overlap with their 32-bit syscall numbers so that won't work here, but we'd need something that basically carried the ABI type with the syscall request and dispatched the proper enter/return type.

@lacraig2 lacraig2 changed the title syscalls2 x64 doesn't support 32-bit syscalls syscalls2 x64 and ARM64 do not support 32-bit syscalls Aug 20, 2024
@lacraig2 lacraig2 mentioned this issue Oct 21, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lacraig2 @MarkMankins @LauraLMann