From nobody Sun Feb 8 19:48:54 2026 Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7EE522EFDAD for ; Thu, 18 Sep 2025 07:39:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758181170; cv=none; b=WT0dJzDdWABll/prbGFHYIyt424GbVbzJDSjRUVpJpSUwKu4gEQzVwWWilGDtVlngEI5bZBdozGkLLf3K/JIF7RroKMjKIwSfI1OgmqhJredS2kYez2hA93WDiwHRcl7ExfmZ/8/6DMgeOcwKTf9/Df/zx8L/7LRc8Z1TpkxfkY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758181170; c=relaxed/simple; bh=+Waag5s2KV4AtkQ8FWm0y4/xw2uolW4OhcFUtzX2NSU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=d/n0qI6YUGLqyJsC4WRkDwY/VMSazGk9L3e0bqwlZidbTzB4NWVKVxOdT2+BJdAOs4ZsMejuuNZJNYS5SAJFFHrLxQNWNdYwizoBtm7RId7fShrVM3CPwYBqzGYRvwVOvrjXdtFEqdLwOfeWg5prATbcivNkBXZcj0sLsvptdo0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=YgRAr/nZ; arc=none smtp.client-ip=209.85.215.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="YgRAr/nZ" Received: by mail-pg1-f180.google.com with SMTP id 41be03b00d2f7-b54c707374fso385004a12.1 for ; Thu, 18 Sep 2025 00:39:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1758181167; x=1758785967; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=V2ZhXR0YE7Nfxy83gEc2kisuCO87If9KaW5qC95ko0I=; b=YgRAr/nZpCjqMKGVp2LbGeOZ/liDKaB3FS/HHXuMGfVTgtQyyHRBOyOg7pAoMaM9uy SlQrHQUvx4CJ5IhLzfLFzP0gw04GKR2Cc77fItoZI4/qHaBYGBmmRfXU6t8zs1SKivty 8WqeS85UUZsJ2s/bsUQNevWurUBGt9Wzmph9s8vMD6XzBcZ1s6hH/IgiHIs84HkB86bD s7P4UarJMfpZi2xs/oUzC4AbA3MT9M/ugxTh3/9XgE6QYWSTSw2+7YHz72hqFf/9MoOC ZcX9dofCMJIOXskeOAo9jgU7nOQcjU8Ny6MFJvdA/mBj7ILjgb4lXVb11HX/fQapoHrI naXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758181167; x=1758785967; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=V2ZhXR0YE7Nfxy83gEc2kisuCO87If9KaW5qC95ko0I=; b=HBqXDjDVsnHVw0cXmxnt78+Q0nw15TwPmpNrLWlTKPQIFEljBRoaQfffJDevZmghO7 nKvKmitJFVLpbuJYsJRkYe3Eac4+nlEV2dOaunlRpVfvMlYR1Mgk4aLHlBsm1TqxT0jL thunoRjSiC0fWwA+vgHOKURoTh/MBXrpuYje5OtsP7BunCVvARxBd14stp3nIiZbY4Ex tNb7HcynCgmnq6ZQFZ1CvJjH+2crTdzqNuNSTwS3+3yxLeJo6QgzGaQCJQ1VF0NdsAfZ FQUIZw0PEb7hOlw70d2M67UoJjY2fjs2EUANpM/8RvDqJeplRofo7oUbOem+VEEzJbDj 41Uw== X-Forwarded-Encrypted: i=1; AJvYcCVLY2KPg4oF32D4jCajq61onT5oWo6HK1aMQzmLUkq2nRifwvPtw7HCUxXrnS/mVxvGxHaYoE5Bt/1OOtQ=@vger.kernel.org X-Gm-Message-State: AOJu0Ywja9pi7o4GbxreDgPESneAqf4k2KkL8nm7DTeWU/JQ/6A9Qe9d 4jmxm3gJQPKvDbnMi9LfIa/O01UCIgf8/EQ3dvL3sEn3pjD6S9lqfFX9 X-Gm-Gg: ASbGncsbvt3WOiHNqKsvQQWWd0RCMN72zvJsPW7L68ItWwBT3KwE/HgokGcKj5pJ7HE FKGPIICg3Rv/qYcdxPT38gTsYylacOIGyXWG45C1Vp2z61PrHC/PNSMVMl5VHIQdClExQE2L7NK BJzkWxBJPrWZC2n+u4zT/0+9WypZdsQjSc2PghoNQ6gVpfI8D4q3zo00jFUH3cocE+4n/fbDEa1 XpXIQdcmeUzYiSySQSS6IJeapk06WWrnGn8Bhh0mnjIhoLktEatoc2QFS0mRo7xyy5/yJVmygel ptAuLm7VxlyThsH+qLeBJ43fxtU7TuCb9VLCTh3ry2THpQhvrvTCs6ls7vAgXiQtV5O1eEea2m0 wbu2w4U9kqjbTqKM99FHFfAK+kBcSeYzsHSS+U7fcSPWuUJOg7fKQMZ9BPUqlg3ZiSCYacBlR9u CPddHrPXBoEY4= X-Google-Smtp-Source: AGHT+IHjSWiyqEzb5MNMMYKGgtg1QZjldXLgQ13c89UclmrpwhpwSkHln8AQ8xL2QwO/QKq/4gg/ng== X-Received: by 2002:a17:903:1a2d:b0:267:b6f9:2ce with SMTP id d9443c01a7336-268138fe357mr58795445ad.41.1758181166670; Thu, 18 Sep 2025 00:39:26 -0700 (PDT) Received: from ikb-h07-29-noble.in.iijlab.net ([202.214.97.5]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-269802e079esm16857425ad.91.2025.09.18.00.39.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Sep 2025 00:39:25 -0700 (PDT) Received: by ikb-h07-29-noble.in.iijlab.net (Postfix, from userid 1010) id 325C51062108; Thu, 18 Sep 2025 16:39:24 +0900 (JST) From: Hajime Tazaki To: linux-um@lists.infradead.org Cc: thehajime@gmail.com, ricarkol@google.com, Liam.Howlett@oracle.com, linux-kernel@vger.kernel.org Subject: [PATCH RESEND v11 07/13] um: nommu: configure fs register on host syscall invocation Date: Thu, 18 Sep 2025 16:39:02 +0900 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" As userspace on UML/!MMU also need to configure %fs register when it is running to correctly access thread structure, host syscalls implemented in os-Linux drivers may be puzzled when they are called. Thus it has to configure %fs register via arch_prctl(SET_FS) on every host syscalls. Signed-off-by: Hajime Tazaki Signed-off-by: Ricardo Koller --- arch/um/include/shared/os.h | 6 +++ arch/um/os-Linux/process.c | 6 +++ arch/um/os-Linux/start_up.c | 21 +++++++++ arch/x86/um/nommu/do_syscall_64.c | 37 ++++++++++++++++ arch/x86/um/nommu/syscalls_64.c | 71 +++++++++++++++++++++++++++++++ 5 files changed, 141 insertions(+) diff --git a/arch/um/include/shared/os.h b/arch/um/include/shared/os.h index 1251f08e26d0..7c6a8bc0447c 100644 --- a/arch/um/include/shared/os.h +++ b/arch/um/include/shared/os.h @@ -189,6 +189,7 @@ extern void check_host_supports_tls(int *supports_tls, = int *tls_min); extern void get_host_cpu_features( void (*flags_helper_func)(char *line), void (*cache_helper_func)(char *line)); +extern int host_has_fsgsbase; =20 /* mem.c */ extern int create_mem_file(unsigned long long len); @@ -213,6 +214,11 @@ extern int os_protect_memory(void *addr, unsigned long= len, extern int os_unmap_memory(void *addr, int len); extern int os_drop_memory(void *addr, int length); extern int can_drop_memory(void); +extern int os_arch_prctl(int pid, int option, unsigned long *arg); +#ifndef CONFIG_MMU +extern long long host_fs; +#endif + =20 void os_set_pdeathsig(void); =20 diff --git a/arch/um/os-Linux/process.c b/arch/um/os-Linux/process.c index bc598e661ec6..0a1d078dce19 100644 --- a/arch/um/os-Linux/process.c +++ b/arch/um/os-Linux/process.c @@ -16,6 +16,7 @@ #include #include #include +#include /* For SYS_xxx definitions */ #include #include #include @@ -177,6 +178,11 @@ int __init can_drop_memory(void) return ok; } =20 +int os_arch_prctl(int pid, int option, unsigned long *arg2) +{ + return syscall(SYS_arch_prctl, option, arg2); +} + void init_new_thread_signals(void) { set_handler(SIGSEGV); diff --git a/arch/um/os-Linux/start_up.c b/arch/um/os-Linux/start_up.c index 4e1f05360c49..55dd92bd2a0b 100644 --- a/arch/um/os-Linux/start_up.c +++ b/arch/um/os-Linux/start_up.c @@ -20,6 +20,8 @@ #include #include #include +#include +#include #include #include #include @@ -36,6 +38,8 @@ #include #include "internal.h" =20 +int host_has_fsgsbase; + static void ptrace_child(void) { int ret; @@ -459,6 +463,20 @@ __uml_setup("seccomp=3D", uml_seccomp_config, " This is insecure and should only be used with a trusted userspace\n\n" ); =20 +static void __init check_fsgsbase(void) +{ + unsigned long auxv =3D getauxval(AT_HWCAP2); + + os_info("Checking FSGSBASE instructions..."); + if (auxv & HWCAP2_FSGSBASE) { + host_has_fsgsbase =3D 1; + os_info("OK\n"); + } else { + host_has_fsgsbase =3D 0; + os_info("disabled\n"); + } +} + void __init os_early_checks(void) { int pid; @@ -484,6 +502,9 @@ void __init os_early_checks(void) using_seccomp =3D 0; check_ptrace(); =20 + /* probe fsgsbase instruction */ + check_fsgsbase(); + pid =3D start_ptraced_child(); if (init_pid_registers(pid)) fatal("Failed to initialize default registers"); diff --git a/arch/x86/um/nommu/do_syscall_64.c b/arch/x86/um/nommu/do_sysca= ll_64.c index 292d7c578622..9bc630995df9 100644 --- a/arch/x86/um/nommu/do_syscall_64.c +++ b/arch/x86/um/nommu/do_syscall_64.c @@ -2,10 +2,38 @@ =20 #include #include +#include +#include #include #include #include =20 +static int os_x86_arch_prctl(int pid, int option, unsigned long *arg2) +{ + if (!host_has_fsgsbase) + return os_arch_prctl(pid, option, arg2); + + switch (option) { + case ARCH_SET_FS: + wrfsbase(*arg2); + break; + case ARCH_SET_GS: + wrgsbase(*arg2); + break; + case ARCH_GET_FS: + *arg2 =3D rdfsbase(); + break; + case ARCH_GET_GS: + *arg2 =3D rdgsbase(); + break; + default: + pr_warn("%s: unsupported option: 0x%x", __func__, option); + break; + } + + return 0; +} + __visible void do_syscall_64(struct pt_regs *regs) { int syscall; @@ -13,6 +41,9 @@ __visible void do_syscall_64(struct pt_regs *regs) syscall =3D PT_SYSCALL_NR(regs->regs.gp); UPT_SYSCALL_NR(®s->regs) =3D syscall; =20 + /* set fs register to the original host one */ + os_x86_arch_prctl(0, ARCH_SET_FS, (void *)host_fs); + if (likely(syscall < NR_syscalls)) { unsigned long ret; =20 @@ -29,4 +60,10 @@ __visible void do_syscall_64(struct pt_regs *regs) =20 /* handle tasks and signals at the end */ interrupt_end(); + + /* restore back fs register to userspace configured one */ + os_x86_arch_prctl(0, ARCH_SET_FS, + (void *)(current->thread.regs.regs.gp[FS_BASE + / sizeof(unsigned long)])); + } diff --git a/arch/x86/um/nommu/syscalls_64.c b/arch/x86/um/nommu/syscalls_6= 4.c index d56027ebc651..19d23686fc5b 100644 --- a/arch/x86/um/nommu/syscalls_64.c +++ b/arch/x86/um/nommu/syscalls_64.c @@ -13,8 +13,70 @@ #include /* XXX This should get the constants from libc */ #include #include +#include +#include #include "syscalls.h" =20 +/* + * The guest libc can change FS, which confuses the host libc. + * In fact, changing FS directly is not supported (check + * man arch_prctl). So, whenever we make a host syscall, + * we should be changing FS to the original FS (not the + * one set by the guest libc). This original FS is stored + * in host_fs. + */ +long long host_fs =3D -1; + +long arch_prctl(struct task_struct *task, int option, + unsigned long __user *arg2) +{ + long ret =3D -EINVAL; + unsigned long *ptr =3D arg2, tmp; + + switch (option) { + case ARCH_SET_FS: + if (host_fs =3D=3D -1) + os_arch_prctl(0, ARCH_GET_FS, (void *)&host_fs); + ret =3D 0; + break; + case ARCH_SET_GS: + ret =3D 0; + break; + case ARCH_GET_FS: + case ARCH_GET_GS: + ptr =3D &tmp; + break; + } + + ret =3D os_arch_prctl(0, option, ptr); + if (ret) + return ret; + + switch (option) { + case ARCH_SET_FS: + current->thread.regs.regs.gp[FS_BASE / sizeof(unsigned long)] =3D + (unsigned long) arg2; + break; + case ARCH_SET_GS: + current->thread.regs.regs.gp[GS_BASE / sizeof(unsigned long)] =3D + (unsigned long) arg2; + break; + case ARCH_GET_FS: + ret =3D put_user(current->thread.regs.regs.gp[FS_BASE / sizeof(unsigned = long)], arg2); + break; + case ARCH_GET_GS: + ret =3D put_user(current->thread.regs.regs.gp[GS_BASE / sizeof(unsigned = long)], arg2); + break; + } + + return ret; +} + +SYSCALL_DEFINE2(arch_prctl, int, option, unsigned long, arg2) +{ + return arch_prctl(current, option, (unsigned long __user *) arg2); +} + void arch_set_stack_to_current(void) { current_top_of_stack =3D task_top_of_stack(current); @@ -48,3 +110,12 @@ SYSCALL_DEFINE6(mmap, unsigned long, addr, unsigned lon= g, len, =20 return ksys_mmap_pgoff(addr, len, prot, flags, fd, off >> PAGE_SHIFT); } + +static int __init um_nommu_setup_hostfs(void) +{ + /* initialize the host_fs value at boottime */ + os_arch_prctl(0, ARCH_GET_FS, (void *)&host_fs); + + return 0; +} +arch_initcall(um_nommu_setup_hostfs); --=20 2.43.0