From: Sandipan Das <sandipan@linux.ibm.com>
To: Michael Ellerman <mpe@ellerman.id.au>
Cc: linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-mm@kvack.org, linuxram@us.ibm.com,
aneesh.kumar@linux.ibm.com, bauerman@linux.ibm.com,
fweimer@redhat.com, ruscur@russell.cc
Subject: Re: [PATCH] selftests: powerpc: Add test for execute-disabled pkeys
Date: Tue, 26 May 2020 19:33:48 +0530 [thread overview]
Message-ID: <6b73bf3f-0d10-6e8c-acd9-27de53573dec@linux.ibm.com> (raw)
In-Reply-To: <87367mg9h4.fsf@mpe.ellerman.id.au>
Hi Michael,
On 26/05/20 6:05 pm, Michael Ellerman wrote:
> [...]
>> +
>> +/* Override definitions as they might be inconsistent */
>> +#undef PKEY_DISABLE_ACCESS
>> +#define PKEY_DISABLE_ACCESS 0x3
>
> Why would they be inconsistent?
>
The definition in sys/mman.h still uses the value specific to
Intel's implementation i.e. 1, when this should have been 3
for powerpc. I have seen this on Ubuntu 18.04 and 20.04.
>
>> +/* Older distros might not define this */
>> +#ifndef SEGV_PKUERR
>> +#define SEGV_PKUERR 4
>> +#endif
> ...
>> +
>> + /* Restore permissions in order to continue */
>> + switch (fcode) {
>> + case SEGV_ACCERR:
>> + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE)) {
>> + perror("mprotect");
>> + goto fail;
>> + }
>> + break;
>> + case SEGV_PKUERR:
>> + if (sinfo->si_pkey != fpkey)
>> + goto fail;
>
> This doesn't compile on older distros, eg Ubuntu 16.04:
>
> pkey_exec_prot.c: In function 'segv_handler':
> pkey_exec_prot.c:121:12: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
> if (sinfo->si_pkey != fpkey)
> ^
> pkey_exec_prot.c:151:24: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
> pkey_set_rights(sinfo->si_pkey, 0);
> ^
> ../../lib.mk:142: recipe for target '/output/kselftest/powerpc/mm/pkey_exec_prot' failed
>
Thanks for reporting this.
>
> I think a reasonable solution is to use the absence of SEGV_PKUERR to
> basically turn the whole test into a nop at build time, eg:
>
> diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> index b346ad205e68..218257b89fbb 100644
> --- a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> +++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> @@ -30,9 +30,7 @@
> #define PKEY_DISABLE_EXECUTE 0x4
>
> /* Older distros might not define this */
> -#ifndef SEGV_PKUERR
> -#define SEGV_PKUERR 4
> -#endif
> +#ifdef SEGV_PKUERR
>
> #define SYS_pkey_mprotect 386
> #define SYS_pkey_alloc 384
> @@ -319,6 +317,13 @@ static int test(void)
>
> return 0;
> }
> +#else
> +static int test(void)
> +{
> + printf("Test built with old libc lacking pkey support.\n");
> + SKIP_IF(true);
> +}
> +#endif /* SEGV_PKUERR */
>
> int main(void)
> {
>
>
Or can I use this from the pkey tests under selftests/vm?
static inline u32 *siginfo_get_pkey_ptr(siginfo_t *si)
{
#ifdef si_pkey
return &si->si_pkey;
#else
return (u32 *)(((u8 *)si) + si_pkey_offset);
#endif
}
Where si_pkey_offset is 0x20 for powerpc.
- Sandipan
WARNING: multiple messages have this Message-ID (diff)
From: Sandipan Das <sandipan@linux.ibm.com>
To: Michael Ellerman <mpe@ellerman.id.au>
Cc: fweimer@redhat.com, aneesh.kumar@linux.ibm.com,
linuxram@us.ibm.com, linux-mm@kvack.org,
linux-kselftest@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
bauerman@linux.ibm.com
Subject: Re: [PATCH] selftests: powerpc: Add test for execute-disabled pkeys
Date: Tue, 26 May 2020 19:33:48 +0530 [thread overview]
Message-ID: <6b73bf3f-0d10-6e8c-acd9-27de53573dec@linux.ibm.com> (raw)
In-Reply-To: <87367mg9h4.fsf@mpe.ellerman.id.au>
Hi Michael,
On 26/05/20 6:05 pm, Michael Ellerman wrote:
> [...]
>> +
>> +/* Override definitions as they might be inconsistent */
>> +#undef PKEY_DISABLE_ACCESS
>> +#define PKEY_DISABLE_ACCESS 0x3
>
> Why would they be inconsistent?
>
The definition in sys/mman.h still uses the value specific to
Intel's implementation i.e. 1, when this should have been 3
for powerpc. I have seen this on Ubuntu 18.04 and 20.04.
>
>> +/* Older distros might not define this */
>> +#ifndef SEGV_PKUERR
>> +#define SEGV_PKUERR 4
>> +#endif
> ...
>> +
>> + /* Restore permissions in order to continue */
>> + switch (fcode) {
>> + case SEGV_ACCERR:
>> + if (mprotect(insns, pgsize, PROT_READ | PROT_WRITE)) {
>> + perror("mprotect");
>> + goto fail;
>> + }
>> + break;
>> + case SEGV_PKUERR:
>> + if (sinfo->si_pkey != fpkey)
>> + goto fail;
>
> This doesn't compile on older distros, eg Ubuntu 16.04:
>
> pkey_exec_prot.c: In function 'segv_handler':
> pkey_exec_prot.c:121:12: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
> if (sinfo->si_pkey != fpkey)
> ^
> pkey_exec_prot.c:151:24: error: 'siginfo_t {aka struct <anonymous>}' has no member named 'si_pkey'
> pkey_set_rights(sinfo->si_pkey, 0);
> ^
> ../../lib.mk:142: recipe for target '/output/kselftest/powerpc/mm/pkey_exec_prot' failed
>
Thanks for reporting this.
>
> I think a reasonable solution is to use the absence of SEGV_PKUERR to
> basically turn the whole test into a nop at build time, eg:
>
> diff --git a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> index b346ad205e68..218257b89fbb 100644
> --- a/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> +++ b/tools/testing/selftests/powerpc/mm/pkey_exec_prot.c
> @@ -30,9 +30,7 @@
> #define PKEY_DISABLE_EXECUTE 0x4
>
> /* Older distros might not define this */
> -#ifndef SEGV_PKUERR
> -#define SEGV_PKUERR 4
> -#endif
> +#ifdef SEGV_PKUERR
>
> #define SYS_pkey_mprotect 386
> #define SYS_pkey_alloc 384
> @@ -319,6 +317,13 @@ static int test(void)
>
> return 0;
> }
> +#else
> +static int test(void)
> +{
> + printf("Test built with old libc lacking pkey support.\n");
> + SKIP_IF(true);
> +}
> +#endif /* SEGV_PKUERR */
>
> int main(void)
> {
>
>
Or can I use this from the pkey tests under selftests/vm?
static inline u32 *siginfo_get_pkey_ptr(siginfo_t *si)
{
#ifdef si_pkey
return &si->si_pkey;
#else
return (u32 *)(((u8 *)si) + si_pkey_offset);
#endif
}
Where si_pkey_offset is 0x20 for powerpc.
- Sandipan
next prev parent reply other threads:[~2020-05-26 14:04 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-08 16:23 [PATCH] selftests: powerpc: Add test for execute-disabled pkeys Sandipan Das
2020-05-08 16:23 ` Sandipan Das
2020-05-26 12:35 ` Michael Ellerman
2020-05-26 12:35 ` Michael Ellerman
2020-05-26 14:03 ` Sandipan Das [this message]
2020-05-26 14:03 ` Sandipan Das
2020-05-27 0:17 ` Michael Ellerman
2020-05-27 0:17 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6b73bf3f-0d10-6e8c-acd9-27de53573dec@linux.ibm.com \
--to=sandipan@linux.ibm.com \
--cc=aneesh.kumar@linux.ibm.com \
--cc=bauerman@linux.ibm.com \
--cc=fweimer@redhat.com \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=mpe@ellerman.id.au \
--cc=ruscur@russell.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.