From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE02CC433E2 for ; Tue, 8 Sep 2020 15:15:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 90F7F23D6A for ; Tue, 8 Sep 2020 15:15:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730239AbgIHPO5 (ORCPT ); Tue, 8 Sep 2020 11:14:57 -0400 Received: from foss.arm.com ([217.140.110.172]:54986 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730224AbgIHPOV (ORCPT ); Tue, 8 Sep 2020 11:14:21 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B79E1169E; Tue, 8 Sep 2020 08:13:10 -0700 (PDT) Received: from arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D7DE03F73C; Tue, 8 Sep 2020 08:13:08 -0700 (PDT) Date: Tue, 8 Sep 2020 16:13:06 +0100 From: Dave Martin To: Peter Collingbourne Cc: Catalin Marinas , Evgenii Stepanov , Kostya Serebryany , Vincenzo Frascino , Will Deacon , Oleg Nesterov , "Eric W. Biederman" , "James E.J. Bottomley" , linux-parisc@vger.kernel.org, Andrey Konovalov , Kevin Brodsky , David Spickett , Linux ARM , Richard Henderson Subject: Re: [PATCH v10 4/7] signal: define the SA_UNSUPPORTED bit in sa_flags Message-ID: <20200908151306.GU6642@arm.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-parisc-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-parisc@vger.kernel.org On Fri, Aug 21, 2020 at 10:10:14PM -0700, Peter Collingbourne wrote: Nit: no statement of the chage being made (other than in the subject line). > This bit will never be supported in the uapi. The purpose of this flag > bit is to allow userspace to distinguish an old kernel that does not > clear unknown sa_flags bits from a kernel that supports every flag bit. > > In other words, if userspace finds that this bit remains set in > oldact.sa_flags, it means that the kernel cannot be trusted to have > cleared unknown flag bits from sa_flags, so no assumptions about flag > bit support can be made. This isn't quite right? After a single sigaction() call, oact will contain the sa_flags for the previously registered handler. So a second sigaction() call would be needed to find out the newly effective sa_flags. > > Signed-off-by: Peter Collingbourne > --- > View this change in Gerrit: https://linux-review.googlesource.com/q/Ic2501ad150a3a79c1cf27fb8c99be342e9dffbcb > > include/uapi/asm-generic/signal-defs.h | 7 +++++++ > kernel/signal.c | 6 ++++++ > 2 files changed, 13 insertions(+) > > diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h > index 319628058a53..e853cbe8722d 100644 > --- a/include/uapi/asm-generic/signal-defs.h > +++ b/include/uapi/asm-generic/signal-defs.h > @@ -14,6 +14,12 @@ > * SA_RESTART flag to get restarting signals (which were the default long ago) > * SA_NODEFER prevents the current signal from being masked in the handler. > * SA_RESETHAND clears the handler when the signal is delivered. > + * SA_UNSUPPORTED is a flag bit that will never be supported. Kernels from > + * before the introduction of SA_UNSUPPORTED did not clear unknown bits from > + * sa_flags when read using the oldact argument to sigaction and rt_sigaction, > + * so this bit allows flag bit support to be detected from userspace while > + * allowing an old kernel to be distinguished from a kernel that supports every > + * flag bit. > * > * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single > * Unix names RESETHAND and NODEFER respectively. > @@ -42,6 +48,7 @@ > #ifndef SA_RESETHAND > #define SA_RESETHAND 0x80000000 > #endif > +#define SA_UNSUPPORTED 0x00000400 I guess people may debate which bit is chosen, but your consolidation of these definitions should help to reduce the possibility of future collisions. This bit appears unused for now, so I guess I don't have a strong opinion. > #define SA_NOMASK SA_NODEFER > #define SA_ONESHOT SA_RESETHAND > diff --git a/kernel/signal.c b/kernel/signal.c > index f802c82c7bcc..c80e70bde11d 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -3984,6 +3984,12 @@ int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact) > if (oact) > *oact = *k; > > + /* > + * Make sure that we never accidentally claim to support SA_UNSUPPORTED, > + * e.g. by having an architecture use the bit in their uapi. > + */ > + BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED); > + Seems reasonable. With the above rewording in the commit message to clarify that a second sigaction() is needed: Reviewed-by: Dave Martin [...] Cheers ---Dave From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4B1E5C43461 for ; Tue, 8 Sep 2020 15:14:29 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DC38B23C8E for ; Tue, 8 Sep 2020 15:14:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="TA3ssqHR" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DC38B23C8E Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Th3PbyEXeE6JONew6U6OvEmQsw0BJRz0k7wcdDMQ7Oc=; b=TA3ssqHRTxePUQ4VS19KbskcA OBIqYOFWfrelFpSd29+BuJLGCeMx3JrRXcUueNkoq1whZmwlFRZvYsB6AeYswNC+rQF2r8vjyNnn3 1XFxnOUJykXbedBoytJwJ4PA9fpTda8qJL57kNHthhYF+BELmVf/Pqdoeix2pX1qz3U71tmkeBaEE IM342Bt6SWpE7VevUujGgqaZSbucJPNe2d6rCo0EAoVIW0cGLzAbo1c+rFwy1qK/DVQICbqk8tAcx Vuu5u76ughGkY91RZXPgBimkWnt5u0SHBNb2GlMGAio/3MVR47S9NlFogSyA7kRBBNMPJRGLwFk9O 2WWhaQKZA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kFfJ5-0007f3-IM; Tue, 08 Sep 2020 15:13:15 +0000 Received: from foss.arm.com ([217.140.110.172]) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kFfJ1-0007ds-F6 for linux-arm-kernel@lists.infradead.org; Tue, 08 Sep 2020 15:13:12 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B79E1169E; Tue, 8 Sep 2020 08:13:10 -0700 (PDT) Received: from arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D7DE03F73C; Tue, 8 Sep 2020 08:13:08 -0700 (PDT) Date: Tue, 8 Sep 2020 16:13:06 +0100 From: Dave Martin To: Peter Collingbourne Subject: Re: [PATCH v10 4/7] signal: define the SA_UNSUPPORTED bit in sa_flags Message-ID: <20200908151306.GU6642@arm.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200908_111311_595954_C217F746 X-CRM114-Status: GOOD ( 28.33 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Linux ARM , linux-parisc@vger.kernel.org, Catalin Marinas , Kevin Brodsky , Oleg Nesterov , "James E.J. Bottomley" , Kostya Serebryany , "Eric W. Biederman" , Andrey Konovalov , David Spickett , Vincenzo Frascino , Will Deacon , Evgenii Stepanov , Richard Henderson Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Fri, Aug 21, 2020 at 10:10:14PM -0700, Peter Collingbourne wrote: Nit: no statement of the chage being made (other than in the subject line). > This bit will never be supported in the uapi. The purpose of this flag > bit is to allow userspace to distinguish an old kernel that does not > clear unknown sa_flags bits from a kernel that supports every flag bit. > > In other words, if userspace finds that this bit remains set in > oldact.sa_flags, it means that the kernel cannot be trusted to have > cleared unknown flag bits from sa_flags, so no assumptions about flag > bit support can be made. This isn't quite right? After a single sigaction() call, oact will contain the sa_flags for the previously registered handler. So a second sigaction() call would be needed to find out the newly effective sa_flags. > > Signed-off-by: Peter Collingbourne > --- > View this change in Gerrit: https://linux-review.googlesource.com/q/Ic2501ad150a3a79c1cf27fb8c99be342e9dffbcb > > include/uapi/asm-generic/signal-defs.h | 7 +++++++ > kernel/signal.c | 6 ++++++ > 2 files changed, 13 insertions(+) > > diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h > index 319628058a53..e853cbe8722d 100644 > --- a/include/uapi/asm-generic/signal-defs.h > +++ b/include/uapi/asm-generic/signal-defs.h > @@ -14,6 +14,12 @@ > * SA_RESTART flag to get restarting signals (which were the default long ago) > * SA_NODEFER prevents the current signal from being masked in the handler. > * SA_RESETHAND clears the handler when the signal is delivered. > + * SA_UNSUPPORTED is a flag bit that will never be supported. Kernels from > + * before the introduction of SA_UNSUPPORTED did not clear unknown bits from > + * sa_flags when read using the oldact argument to sigaction and rt_sigaction, > + * so this bit allows flag bit support to be detected from userspace while > + * allowing an old kernel to be distinguished from a kernel that supports every > + * flag bit. > * > * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single > * Unix names RESETHAND and NODEFER respectively. > @@ -42,6 +48,7 @@ > #ifndef SA_RESETHAND > #define SA_RESETHAND 0x80000000 > #endif > +#define SA_UNSUPPORTED 0x00000400 I guess people may debate which bit is chosen, but your consolidation of these definitions should help to reduce the possibility of future collisions. This bit appears unused for now, so I guess I don't have a strong opinion. > #define SA_NOMASK SA_NODEFER > #define SA_ONESHOT SA_RESETHAND > diff --git a/kernel/signal.c b/kernel/signal.c > index f802c82c7bcc..c80e70bde11d 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -3984,6 +3984,12 @@ int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact) > if (oact) > *oact = *k; > > + /* > + * Make sure that we never accidentally claim to support SA_UNSUPPORTED, > + * e.g. by having an architecture use the bit in their uapi. > + */ > + BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED); > + Seems reasonable. With the above rewording in the commit message to clarify that a second sigaction() is needed: Reviewed-by: Dave Martin [...] Cheers ---Dave _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel