From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Peter Zijlstra <peterz@infradead.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@kernel.org>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 5.4 019/107] rseq: Unregister rseq for clone CLONE_VM
Date: Fri, 24 Jan 2020 09:16:49 -0500 [thread overview]
Message-ID: <20200124141817.28793-19-sashal@kernel.org> (raw)
In-Reply-To: <20200124141817.28793-1-sashal@kernel.org>
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
[ Upstream commit 463f550fb47bede3a5d7d5177f363a6c3b45d50b ]
It has been reported by Google that rseq is not behaving properly
with respect to clone when CLONE_VM is used without CLONE_THREAD.
It keeps the prior thread's rseq TLS registered when the TLS of the
thread has moved, so the kernel can corrupt the TLS of the parent.
The approach of clearing the per task-struct rseq registration
on clone with CLONE_THREAD flag is incomplete. It does not cover
the use-case of clone with CLONE_VM set, but without CLONE_THREAD.
Here is the rationale for unregistering rseq on clone with CLONE_VM
flag set:
1) CLONE_THREAD requires CLONE_SIGHAND, which requires CLONE_VM to be
set. Therefore, just checking for CLONE_VM covers all CLONE_THREAD
uses. There is no point in checking for both CLONE_THREAD and
CLONE_VM,
2) There is the possibility of an unlikely scenario where CLONE_SETTLS
is used without CLONE_VM. In order to be an issue, it would require
that the rseq TLS is in a shared memory area.
I do not plan on adding CLONE_SETTLS to the set of clone flags which
unregister RSEQ, because it would require that we also unregister RSEQ
on set_thread_area(2) and arch_prctl(2) ARCH_SET_FS for completeness.
So rather than doing a partial solution, it appears better to let
user-space explicitly perform rseq unregistration across clone if
needed in scenarios where CLONE_VM is not set.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20191211161713.4490-3-mathieu.desnoyers@efficios.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
include/linux/sched.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 775503573ed70..b968d736833bb 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1915,11 +1915,11 @@ static inline void rseq_migrate(struct task_struct *t)
/*
* If parent process has a registered restartable sequences area, the
- * child inherits. Only applies when forking a process, not a thread.
+ * child inherits. Unregister rseq for a clone with CLONE_VM set.
*/
static inline void rseq_fork(struct task_struct *t, unsigned long clone_flags)
{
- if (clone_flags & CLONE_THREAD) {
+ if (clone_flags & CLONE_VM) {
t->rseq = NULL;
t->rseq_sig = 0;
t->rseq_event_mask = 0;
--
2.20.1
next prev parent reply other threads:[~2020-01-24 14:38 UTC|newest]
Thread overview: 141+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-24 14:16 [PATCH AUTOSEL 5.4 001/107] batman-adv: Fix DAT candidate selection on little endian systems Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 002/107] clk: sunxi-ng: v3s: Fix incorrect number of hw_clks Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 003/107] ARM: dts: meson8: fix the size of the PMU registers Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 004/107] dt-bindings: reset: meson8b: fix duplicate reset IDs Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 005/107] arm64: dts: meson-sm1-sei610: add gpio bluetooth interrupt Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 006/107] ARM: OMAP2+: Fix ti_sysc_find_one_clockdomain to check for to_clk_hw_omap Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 007/107] bus: ti-sysc: Fix iterating over clocks Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 008/107] ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 009/107] ARM: dts: am57xx-beagle-x15/am57xx-idk: Remove "gpios" for endpoint dt nodes Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 010/107] ARM: dts: beagle-x15-common: Model 5V0 regulator Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 011/107] soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 012/107] tools lib traceevent: Fix memory leakage in filter_event Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 013/107] ARM: dts: imx6q-dhcom: fix rtc compatible Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 014/107] arm64: dts: ls1028a: fix endian setting for dcfg Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 015/107] arm64: dts: imx8mm: Change SDMA1 ahb clock for imx8mm Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 016/107] ARM: dts: imx7ulp: fix reg of cpu node Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 017/107] ARM: dts: imx6q-dhcom: Fix SGTL5000 VDDIO regulator connection Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 018/107] arm64: dts: imx8mq-librem5-devkit: use correct interrupt for the magnetometer Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` Sasha Levin [this message]
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 020/107] locking/lockdep: Fix buffer overrun problem in stack_trace[] Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 021/107] efi/earlycon: Fix write-combine mapping on x86 Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 022/107] clk: Don't try to enable critical clocks if prepare failed Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 023/107] clk: sunxi-ng: sun8i-r: Fix divider on APB0 clock Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 024/107] clk: sunxi-ng: h6-r: Fix AR100/R_APB2 parent order Sasha Levin
2020-01-24 14:16 ` Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 025/107] mac80211: mesh: restrict airtime metric to peered established plinks Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 026/107] x86/resctrl: Fix potential memory leak Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 027/107] clk: qcom: gcc-sdm845: Add missing flag to votable GDSCs Sasha Levin
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 028/107] clk: mmp2: Fix the order of timer mux parents Sasha Levin
2020-01-24 21:08 ` Lubomir Rintel
2020-01-24 14:16 ` [PATCH AUTOSEL 5.4 029/107] ASoC: rt5640: Fix NULL dereference on module unload Sasha Levin
2020-01-24 14:16 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 030/107] ARM: dts: imx6q-icore-mipi: Use 1.5 version of i.Core MX6DL Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 031/107] ARM: dts: imx6qdl-sabresd: Remove incorrect power supply assignment Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 032/107] ARM: dts: imx6sx-sdb: " Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 033/107] ARM: dts: imx6sl-evk: " Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 034/107] ARM: dts: imx6sll-evk: " Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 035/107] ARM: dts: imx7: Fix Toradex Colibri iMX7S 256MB NAND flash support Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 036/107] s390/zcrypt: move ap device reset from bus to driver code Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 037/107] s390/setup: Fix secure ipl message Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 038/107] i40e: Fix virtchnl_queue_select bitmap validation Sasha Levin
2020-01-24 14:17 ` [Intel-wired-lan] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 039/107] ixgbevf: Remove limit of 10 entries for unicast filter list Sasha Levin
2020-01-24 14:17 ` [Intel-wired-lan] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 040/107] ixgbe: Fix calculation of queue with VFs and flow director on interface flap Sasha Levin
2020-01-24 14:17 ` [Intel-wired-lan] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 041/107] igb: Fix SGMII SFP module discovery for 100FX/LX Sasha Levin
2020-01-24 14:17 ` [Intel-wired-lan] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 042/107] iavf: remove current MAC address filter on VF reset Sasha Levin
2020-01-24 14:17 ` [Intel-wired-lan] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 043/107] ASoC: stm32: sai: fix possible circular locking Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 044/107] bpf/sockmap: Read psock ingress_msg before sk_receive_queue Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 045/107] sh_eth: check sh_eth_cpu_data::dual_port when dumping registers Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 046/107] ASoC: stm32: dfsdm: fix 16 bits record Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 047/107] net: bpf: Don't leak time wait and request sockets Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 048/107] net: stmmac: selftests: Update status when disabling RSS Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 049/107] net: stmmac: tc: Do not setup flower filtering if RSS is enabled Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 050/107] bpftool: Fix printing incorrect pointer in btf_dump_ptr Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 051/107] platform/x86: GPD pocket fan: Allow somewhat lower/higher temperature limits Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 052/107] platform/x86: intel_pmc_core: update Comet Lake platform driver Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 053/107] ASoC: SOF: Intel: fix HDA codec driver probe with multiple controllers Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 054/107] ASoC: hdac_hda: Fix error in driver removal after failed probe Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 055/107] ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 056/107] ASoC: sti: fix possible sleep-in-atomic Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 057/107] ASoC: msm8916-wcd-analog: Fix MIC BIAS Internal1 Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 058/107] ASoC: msm8916-wcd-digital: Reset RX interpolation path after use Sasha Levin
2020-01-24 14:17 ` [alsa-devel] " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 059/107] netfilter: fix a use-after-free in mtype_destroy() Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 060/107] netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 061/107] qmi_wwan: Add support for Quectel RM500Q Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 062/107] NFC: pn533: fix bulk-message timeout Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 063/107] parisc: Use proper printk format for resource_size_t Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 064/107] lkdtm/bugs: fix build error in lkdtm_UNSET_SMEP Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 065/107] ptp: free ptp device pin descriptors properly Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 066/107] net: usb: lan78xx: limit size of local TSO packets Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 067/107] r8152: add missing endpoint sanity check Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 068/107] wireless: fix enabling channel 12 for custom regulatory domain Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 069/107] cfg80211: Fix radar event during another phy CAC Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 070/107] mac80211: Fix TKIP replay protection immediately after key setup Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 071/107] wireless: wext: avoid gcc -O3 warning Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 072/107] cfg80211: check for set_wiphy_params Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 073/107] tick/sched: Annotate lockless access to last_jiffies_update Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 074/107] Revert "gpio: thunderx: Switch to GPIOLIB_IRQCHIP" Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 075/107] mlxsw: spectrum: Do not modify cloned SKBs during xmit Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 076/107] mlxsw: switchx2: " Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 077/107] selftests: mlxsw: qos_mc_aware: Fix mausezahn invocation Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 078/107] mlxsw: spectrum: Wipe xstats.backlog of down ports Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 079/107] i2c: iop3xx: Fix memory leak in probe error path Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 080/107] Fix built-in early-load Intel microcode alignment Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 081/107] hv_netvsc: Fix memory leak when removing rndis device Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 082/107] bpf: Fix incorrect verifier simulation of ARSH under ALU32 Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 083/107] net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 084/107] net: stmmac: selftests: Make it work in Synopsys AXS101 boards Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 085/107] net: stmmac: selftests: Mark as fail when received VLAN ID != expected Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 086/107] scsi: storvsc: Correctly set number of hardware queues for IDE disk Sasha Levin
2020-01-24 14:17 ` Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 087/107] scsi: mptfusion: Fix double fetch bug in ioctl Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 088/107] net: hns3: pad the short frame before sending to the hardware Sasha Levin
2020-01-24 14:17 ` [PATCH AUTOSEL 5.4 089/107] net: ethernet: ave: Avoid lockdep warning Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 090/107] netfilter: nf_tables: store transaction list locally while requesting module Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 091/107] netfilter: nft_tunnel: fix null-attribute check Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 092/107] netfilter: nft_tunnel: ERSPAN_VERSION must not be null Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 093/107] netfilter: nf_tables: remove WARN and add NLA_STRING upper limits Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 094/107] netfilter: nf_tables: fix flowtable list del corruption Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 095/107] netfilter: nat: fix ICMP header corruption on ICMP errors Sasha Levin
2020-01-24 14:18 ` [PATCH AUTOSEL 5.4 096/107] net: hns: fix soft lockup when there is not enough memory Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200124141817.28793-19-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.