[PATCH] fix: arm64: syscall: use live x0 for syscall_get_arguments() arg0

public inbox for linux-arm-kernel@lists.infradead.org 
 help / color / mirror / Atom feed

From: Yiqi Sun <sunyiqixm@gmail•com>
To: catalin.marinas@arm•com, linux-arm-kernel@lists•infradead.org
Cc: linux-kernel@vger•kernel.org, rmk+kernel@armlinux•org.uk,
	ruanjinjie@huawei•com, will@kernel•org,
	Yiqi Sun <sunyiqixm@gmail•com>
Subject: [PATCH] fix: arm64: syscall: use live x0 for syscall_get_arguments() arg0
Date: Fri, 29 May 2026 14:54:44 +0800	[thread overview]
Message-ID: <20260529065444.1336608-1-sunyiqixm@gmail.com> (raw)

On arm64, seccomp obtains syscall arguments via syscall_get_arguments(),
where arg0 is currently read from regs->orig_x0. However, the syscall
wrapper consumes live arguments from regs->regs[0..5].

A ptracer can modify x0 on syscall-enter stop before seccomp runs,
but cannot update orig_x0 through that interface. This can
leave seccomp checking stale arg0 while the syscall executes with updated
live x0, allowing seccomp bypass when filters depend on arg0.

Make syscall_get_arguments() read arg0 from regs->regs[0], matching the
actual dispatch arguments and removing this desynchronization.

Fixes: f27bb139c387 ("arm64: Miscellaneous library functions")
Signed-off-by: Yiqi Sun <sunyiqixm@gmail•com>
---
 arch/arm64/include/asm/syscall.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/include/asm/syscall.h b/arch/arm64/include/asm/syscall.h
index 5e4c7fc44f73..4bdb4d3ce2b4 100644
--- a/arch/arm64/include/asm/syscall.h
+++ b/arch/arm64/include/asm/syscall.h
@@ -81,7 +81,7 @@ static inline void syscall_get_arguments(struct task_struct *task,
 					 struct pt_regs *regs,
 					 unsigned long *args)
 {
-	args[0] = regs->orig_x0;
+	args[0] = regs->regs[0];
 	args[1] = regs->regs[1];
 	args[2] = regs->regs[2];
 	args[3] = regs->regs[3];
-- 
2.34.1

next             reply	other threads:[~2026-05-29  6:55 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-29  6:54 Yiqi Sun [this message]
2026-06-01 12:43 ` [PATCH] fix: arm64: syscall: use live x0 for syscall_get_arguments() arg0 Will Deacon
2026-06-03  9:07   ` Yiqi Sun

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:5e4c7fc44f7 dfblob:4bdb4d3ce2b )
 OR (
bs:"[PATCH] fix: arm64: syscall: use live x0 for syscall_get_arguments() arg0" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260529065444.1336608-1-sunyiqixm@gmail.com \
    --to=sunyiqixm@gmail$(echo .)com \
    --cc=catalin.marinas@arm$(echo .)com \
    --cc=linux-arm-kernel@lists$(echo .)infradead.org \
    --cc=linux-kernel@vger$(echo .)kernel.org \
    --cc=rmk+kernel@armlinux$(echo .)org.uk \
    --cc=ruanjinjie@huawei$(echo .)com \
    --cc=will@kernel$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox