From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EE5D3C2D0E4 for ; Fri, 20 Nov 2020 23:23:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A11602240C for ; Fri, 20 Nov 2020 23:23:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728124AbgKTXX0 (ORCPT ); Fri, 20 Nov 2020 18:23:26 -0500 Received: from out02.mta.xmission.com ([166.70.13.232]:47774 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727112AbgKTXXZ (ORCPT ); Fri, 20 Nov 2020 18:23:25 -0500 Received: from in02.mta.xmission.com ([166.70.13.52]) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1kgFkN-002S57-V0; Fri, 20 Nov 2020 16:23:19 -0700 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1kgFkM-00EHNf-Q5; Fri, 20 Nov 2020 16:23:19 -0700 From: ebiederm@xmission.com (Eric W. Biederman) To: Peter Collingbourne Cc: Catalin Marinas , Evgenii Stepanov , Kostya Serebryany , Vincenzo Frascino , Dave Martin , Will Deacon , Oleg Nesterov , "James E.J. Bottomley" , Linux ARM , Kevin Brodsky , Andrey Konovalov , linux-api@vger.kernel.org, Helge Deller , David Spickett References: <13cf24d00ebdd8e1f55caf1821c7c29d54100191.1605904350.git.pcc@google.com> Date: Fri, 20 Nov 2020 17:22:58 -0600 In-Reply-To: <13cf24d00ebdd8e1f55caf1821c7c29d54100191.1605904350.git.pcc@google.com> (Peter Collingbourne's message of "Fri, 20 Nov 2020 12:33:45 -0800") Message-ID: <87h7pj1ulp.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1kgFkM-00EHNf-Q5;;;mid=<87h7pj1ulp.fsf@x220.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1/0KlmzXqNFrKXdMr3d8vvafdt449SoUBc= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH v21 1/2] signal: define the SA_EXPOSE_TAGBITS bit in sa_flags X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: linux-api@vger.kernel.org Peter Collingbourne writes: > Architectures that support address tagging, such as arm64, may want to > expose fault address tag bits to the signal handler to help diagnose > memory errors. However, these bits have not been previously set, > and their presence may confuse unaware user applications. Therefore, > introduce a SA_EXPOSE_TAGBITS flag bit in sa_flags that a signal > handler may use to explicitly request that the bits are set. > > The generic signal handler APIs expect to receive tagged addresses. > Architectures may specify how to untag addresses in the case where > SA_EXPOSE_TAGBITS is clear by defining the arch_untagged_si_addr > function. > > Signed-off-by: Peter Collingbourne > Acked-by: "Eric W. Biederman" > Link: https://linux-review.googlesource.com/id/I16dd0ed2081f091fce97be0190cb8caa874c26cb > --- > To be applied on top of: > https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11 I have merged this first patch into signal-for-v5.11 and pushed everything out to linux-next. Eric > include/linux/signal.h | 14 ++++++++++++++ > include/linux/signal_types.h | 2 +- > include/uapi/asm-generic/signal-defs.h | 3 +++ > kernel/signal.c | 24 ++++++++++++++++++++++++ > 4 files changed, 42 insertions(+), 1 deletion(-) > > diff --git a/include/linux/signal.h b/include/linux/signal.h > index b256f9c65661..205526c4003a 100644 > --- a/include/linux/signal.h > +++ b/include/linux/signal.h > @@ -469,4 +469,18 @@ struct seq_file; > extern void render_sigset_t(struct seq_file *, const char *, sigset_t *); > #endif > > +#ifndef arch_untagged_si_addr > +/* > + * Given a fault address and a signal and si_code which correspond to the > + * _sigfault union member, returns the address that must appear in si_addr if > + * the signal handler does not have SA_EXPOSE_TAGBITS enabled in sa_flags. > + */ > +static inline void __user *arch_untagged_si_addr(void __user *addr, > + unsigned long sig, > + unsigned long si_code) > +{ > + return addr; > +} > +#endif > + > #endif /* _LINUX_SIGNAL_H */ > diff --git a/include/linux/signal_types.h b/include/linux/signal_types.h > index a7887ad84d36..68e06c75c5b2 100644 > --- a/include/linux/signal_types.h > +++ b/include/linux/signal_types.h > @@ -78,6 +78,6 @@ struct ksignal { > > #define UAPI_SA_FLAGS \ > (SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_ONSTACK | SA_RESTART | \ > - SA_NODEFER | SA_RESETHAND | __ARCH_UAPI_SA_FLAGS) > + SA_NODEFER | SA_RESETHAND | SA_EXPOSE_TAGBITS | __ARCH_UAPI_SA_FLAGS) > > #endif /* _LINUX_SIGNAL_TYPES_H */ > diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h > index c790f67304ba..fe929e7b77ca 100644 > --- a/include/uapi/asm-generic/signal-defs.h > +++ b/include/uapi/asm-generic/signal-defs.h > @@ -20,6 +20,8 @@ > * so this bit allows flag bit support to be detected from userspace while > * allowing an old kernel to be distinguished from a kernel that supports every > * flag bit. > + * SA_EXPOSE_TAGBITS exposes an architecture-defined set of tag bits in > + * siginfo.si_addr. > * > * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single > * Unix names RESETHAND and NODEFER respectively. > @@ -41,6 +43,7 @@ > /* 0x00000100 used on sparc */ > /* 0x00000200 used on sparc */ > #define SA_UNSUPPORTED 0x00000400 > +#define SA_EXPOSE_TAGBITS 0x00000800 > /* 0x00010000 used on mips */ > /* 0x01000000 used on x86 */ > /* 0x02000000 used on x86 */ > diff --git a/kernel/signal.c b/kernel/signal.c > index 8f34819e80de..26018c59821d 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -2524,6 +2524,26 @@ static int ptrace_signal(int signr, kernel_siginfo_t *info) > return signr; > } > > +static void hide_si_addr_tag_bits(struct ksignal *ksig) > +{ > + switch (siginfo_layout(ksig->sig, ksig->info.si_code)) { > + case SIL_FAULT: > + case SIL_FAULT_MCEERR: > + case SIL_FAULT_BNDERR: > + case SIL_FAULT_PKUERR: > + ksig->info.si_addr = arch_untagged_si_addr( > + ksig->info.si_addr, ksig->sig, ksig->info.si_code); > + break; > + case SIL_KILL: > + case SIL_TIMER: > + case SIL_POLL: > + case SIL_CHLD: > + case SIL_RT: > + case SIL_SYS: > + break; > + } > +} > + > bool get_signal(struct ksignal *ksig) > { > struct sighand_struct *sighand = current->sighand; > @@ -2761,6 +2781,10 @@ bool get_signal(struct ksignal *ksig) > spin_unlock_irq(&sighand->siglock); > > ksig->sig = signr; > + > + if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS)) > + hide_si_addr_tag_bits(ksig); > + > return ksig->sig > 0; > } From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0A72CC5519F for ; Fri, 20 Nov 2020 23:25:00 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 803192240B for ; Fri, 20 Nov 2020 23:24:59 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="BRDYY5YG" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 803192240B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=xmission.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:MIME-Version:Message-ID:In-Reply-To:Date: References:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BPsKTx5QBGPwbpwHgoo7rwK1R1l9vQQL8U33tnHGTFc=; b=BRDYY5YG7riTzF06nvW5OKzdO Ku4LEvIKY7Dl/ijljQENvl9APepl9N6zyYNNGlw0G5Nbl/4/mBWxaVSnWkiqoVCn70XP6czKAJ7w/ s66lzLA/ut6Pd6FL5Uw1sTLgpKGVMx4ounTV1oj4AtXeIxVeEf5S7R+AM+Zi89Xpdrv3sr8OmyvVE RMT3OXmzVP2qoQlau1ZM6CAIEINcZfykqR9RvXfBcWvQ80N4NeMOggzKQ/dzMrpEpsZEmUzl9QlTI OK3B38QutD5pX1QfYhbPjXG44nQPjcgBT4ILn9dLe+2F2LmgDY54wNJGjDxTjIR1Ut2IdMoj9JZQA 3fllCMavg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kgFkV-0006Lv-OP; Fri, 20 Nov 2020 23:23:27 +0000 Received: from out02.mta.xmission.com ([166.70.13.232]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kgFkT-0006LJ-Lp for linux-arm-kernel@lists.infradead.org; Fri, 20 Nov 2020 23:23:26 +0000 Received: from in02.mta.xmission.com ([166.70.13.52]) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1kgFkN-002S57-V0; Fri, 20 Nov 2020 16:23:19 -0700 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1kgFkM-00EHNf-Q5; Fri, 20 Nov 2020 16:23:19 -0700 From: ebiederm@xmission.com (Eric W. Biederman) To: Peter Collingbourne References: <13cf24d00ebdd8e1f55caf1821c7c29d54100191.1605904350.git.pcc@google.com> Date: Fri, 20 Nov 2020 17:22:58 -0600 In-Reply-To: <13cf24d00ebdd8e1f55caf1821c7c29d54100191.1605904350.git.pcc@google.com> (Peter Collingbourne's message of "Fri, 20 Nov 2020 12:33:45 -0800") Message-ID: <87h7pj1ulp.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-XM-SPF: eid=1kgFkM-00EHNf-Q5; ; ; mid=<87h7pj1ulp.fsf@x220.int.ebiederm.org>; ; ; hst=in02.mta.xmission.com; ; ; ip=68.227.160.95; ; ; frm=ebiederm@xmission.com; ; ; spf=neutral X-XM-AID: U2FsdGVkX1/0KlmzXqNFrKXdMr3d8vvafdt449SoUBc= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH v21 1/2] signal: define the SA_EXPOSE_TAGBITS bit in sa_flags X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201120_182325_804679_CF186C7C X-CRM114-Status: GOOD ( 30.44 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Catalin Marinas , Helge Deller , Kevin Brodsky , Oleg Nesterov , linux-api@vger.kernel.org, "James E.J. Bottomley" , Kostya Serebryany , Linux ARM , Andrey Konovalov , David Spickett , Vincenzo Frascino , Will Deacon , Dave Martin , Evgenii Stepanov Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Peter Collingbourne writes: > Architectures that support address tagging, such as arm64, may want to > expose fault address tag bits to the signal handler to help diagnose > memory errors. However, these bits have not been previously set, > and their presence may confuse unaware user applications. Therefore, > introduce a SA_EXPOSE_TAGBITS flag bit in sa_flags that a signal > handler may use to explicitly request that the bits are set. > > The generic signal handler APIs expect to receive tagged addresses. > Architectures may specify how to untag addresses in the case where > SA_EXPOSE_TAGBITS is clear by defining the arch_untagged_si_addr > function. > > Signed-off-by: Peter Collingbourne > Acked-by: "Eric W. Biederman" > Link: https://linux-review.googlesource.com/id/I16dd0ed2081f091fce97be0190cb8caa874c26cb > --- > To be applied on top of: > https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11 I have merged this first patch into signal-for-v5.11 and pushed everything out to linux-next. Eric > include/linux/signal.h | 14 ++++++++++++++ > include/linux/signal_types.h | 2 +- > include/uapi/asm-generic/signal-defs.h | 3 +++ > kernel/signal.c | 24 ++++++++++++++++++++++++ > 4 files changed, 42 insertions(+), 1 deletion(-) > > diff --git a/include/linux/signal.h b/include/linux/signal.h > index b256f9c65661..205526c4003a 100644 > --- a/include/linux/signal.h > +++ b/include/linux/signal.h > @@ -469,4 +469,18 @@ struct seq_file; > extern void render_sigset_t(struct seq_file *, const char *, sigset_t *); > #endif > > +#ifndef arch_untagged_si_addr > +/* > + * Given a fault address and a signal and si_code which correspond to the > + * _sigfault union member, returns the address that must appear in si_addr if > + * the signal handler does not have SA_EXPOSE_TAGBITS enabled in sa_flags. > + */ > +static inline void __user *arch_untagged_si_addr(void __user *addr, > + unsigned long sig, > + unsigned long si_code) > +{ > + return addr; > +} > +#endif > + > #endif /* _LINUX_SIGNAL_H */ > diff --git a/include/linux/signal_types.h b/include/linux/signal_types.h > index a7887ad84d36..68e06c75c5b2 100644 > --- a/include/linux/signal_types.h > +++ b/include/linux/signal_types.h > @@ -78,6 +78,6 @@ struct ksignal { > > #define UAPI_SA_FLAGS \ > (SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_ONSTACK | SA_RESTART | \ > - SA_NODEFER | SA_RESETHAND | __ARCH_UAPI_SA_FLAGS) > + SA_NODEFER | SA_RESETHAND | SA_EXPOSE_TAGBITS | __ARCH_UAPI_SA_FLAGS) > > #endif /* _LINUX_SIGNAL_TYPES_H */ > diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h > index c790f67304ba..fe929e7b77ca 100644 > --- a/include/uapi/asm-generic/signal-defs.h > +++ b/include/uapi/asm-generic/signal-defs.h > @@ -20,6 +20,8 @@ > * so this bit allows flag bit support to be detected from userspace while > * allowing an old kernel to be distinguished from a kernel that supports every > * flag bit. > + * SA_EXPOSE_TAGBITS exposes an architecture-defined set of tag bits in > + * siginfo.si_addr. > * > * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single > * Unix names RESETHAND and NODEFER respectively. > @@ -41,6 +43,7 @@ > /* 0x00000100 used on sparc */ > /* 0x00000200 used on sparc */ > #define SA_UNSUPPORTED 0x00000400 > +#define SA_EXPOSE_TAGBITS 0x00000800 > /* 0x00010000 used on mips */ > /* 0x01000000 used on x86 */ > /* 0x02000000 used on x86 */ > diff --git a/kernel/signal.c b/kernel/signal.c > index 8f34819e80de..26018c59821d 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -2524,6 +2524,26 @@ static int ptrace_signal(int signr, kernel_siginfo_t *info) > return signr; > } > > +static void hide_si_addr_tag_bits(struct ksignal *ksig) > +{ > + switch (siginfo_layout(ksig->sig, ksig->info.si_code)) { > + case SIL_FAULT: > + case SIL_FAULT_MCEERR: > + case SIL_FAULT_BNDERR: > + case SIL_FAULT_PKUERR: > + ksig->info.si_addr = arch_untagged_si_addr( > + ksig->info.si_addr, ksig->sig, ksig->info.si_code); > + break; > + case SIL_KILL: > + case SIL_TIMER: > + case SIL_POLL: > + case SIL_CHLD: > + case SIL_RT: > + case SIL_SYS: > + break; > + } > +} > + > bool get_signal(struct ksignal *ksig) > { > struct sighand_struct *sighand = current->sighand; > @@ -2761,6 +2781,10 @@ bool get_signal(struct ksignal *ksig) > spin_unlock_irq(&sighand->siglock); > > ksig->sig = signr; > + > + if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS)) > + hide_si_addr_tag_bits(ksig); > + > return ksig->sig > 0; > } _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel