reboot syscall missing 4th arg

[JonathonReinhart]

reboot(2) says that the reboot syscall takes four arguments:

int syscall(SYS_reboot, int magic, int magic2, int cmd, void *arg);

This is confirmed by looking at the kernel syscall implementation:

SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
        void __user *, arg)

However, Musl is not currently passing the fourth argument:

int reboot(int type)
{
    return syscall(SYS_reboot, 0xfee1dead, 672274793, type);
}

The fourth argument, void *arg, is currently only used when cmd is equal to LINUX_REBOOT_CMD_RESTART2 (0xa1b2c3d4). This is not exposed in <sys/reboot.h> as an RB_* constant, but there is nothing stopping a caller from passing it in type.

The syscall implementation does not set extra registers to any fixed value.

So if a user called reboot(0xa1b2c3d4), the kernel would attempt a strncpy_from_user() with a pointer value of whatever is in the 4th syscall register at that time. :warning:

Musl should always pass 0 / NULL.

[JonathonReinhart]

FWIW: Glibc currently only passes 3 args as well:

/* Call kernel with additional two arguments the syscall requires.  */
int
reboot (int howto)
{
  return INLINE_SYSCALL (reboot, 3, (int) 0xfee1dead, 672274793, howto);
}