All of lore.kernel.org
 help / color / mirror / Atom feed
From: Dann Frazier <dann.frazier@canonical.com>
To: Michael Matz <matz@suse.de>
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
	linaro-dev <linaro-dev@lists.linaro.org>,
	"Alex Barcelo" <abarcelo@ac.upc.edu>,
	qemu-devel <qemu-devel@nongnu.org>,
	"linaro-toolchain@lists.linaro.org"
	<linaro-toolchain@lists.linaro.org>,
	"Alexander Graf" <agraf@suse.de>,
	"Wook Wookey" <wookey@linaro.org>,
	"Alex Bennée" <alex.bennee@linaro.org>,
	"Christoffer Dall" <Christoffer.Dall@linaro.org>
Subject: Re: [Qemu-devel] Call for testing QEMU aarch64-linux-user emulation
Date: Thu, 27 Feb 2014 12:47:21 -0700	[thread overview]
Message-ID: <CALdTtnu_FGkH9e7ZYfORup5+=yDq=A-7OA3qkmbDsMPwfoVFog@mail.gmail.com> (raw)
In-Reply-To: <alpine.LNX.2.00.1402271403280.7694@wotan.suse.de>

[Adding Alex Barcelo to the CC]

On Thu, Feb 27, 2014 at 6:20 AM, Michael Matz <matz@suse.de> wrote:
> Hi,
>
> On Wed, 26 Feb 2014, Dann Frazier wrote:
>
>> I've narrowed down the changes that seem to prevent both types of
>> segfaults to the following changes that introduce a wrapper around
>> sigprocmask:
>>
>> https://github.com/susematz/qemu/commit/f1542ae9fe10d5a241fc2624ecaef5f0948e3472
>> https://github.com/susematz/qemu/commit/4e5e1607758841c760cda4652b0ee7a6bc6eb79d
>> https://github.com/susematz/qemu/commit/63eb8d3ea58f58d5857153b0c632def1bbd05781
>>
>> I'm not sure if this is a real fix or just papering over my issue -
>
> It's fixing the issue, but strictly speaking introduces an QoI problem.
> SIGSEGV must not be controllable by the guest, it needs to be always
> deliverable to qemu; that is what's fixed.
>
> The QoI problem introduced is that with the implementation as is, the
> fiddling with SIGSEGV is detectable by the guest.  E.g. if it installs a
> segv handler, blocks segv, then forces a segfault, checks that it didn't
> arrive, then unblocks segv and checks that it now arrives, such testcase
> would be able to detect that in fact it couldn't block SIGSEGV.
>
> Luckily for us, the effect of blocking SIGSEGV and then generating one in
> other ways than kill/sigqueue/raise (e.g. by writing to NULL) are
> undefined, so in practice that QoI issue doesn't matter.
>
> To fix also that latter part it'd need a further per-thread flag
> segv_blocked_p which needs to be checked before actually delivering a
> guest-directed SIGSEGV (in comparison to a qemu-directed SEGV), and
> otherwise requeue it.  That's made a bit complicated when the SEGV was
> process-directed (not thread-directed) because in that case it needs to be
> delivered as long as there's _any_ thread which has it unblocked.  So
> given the above undefinedness for sane uses of SEGVs it didn't seem worth
> the complication of having an undetectable virtualization of SIGSEGV.

Thanks for the explanation.

>> but either way, are these changes reasonable for upstream submission?
>
> IIRC the first two commits (from Alex Barcelo) were submitted once in the
> past, but fell through the cracks.

Alex: are you interested in resubmitting these - or would you like me
to attempt to on your behalf?

 -dann

>
> Ciao,
> Michael.

  reply	other threads:[~2014-02-27 19:47 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-17 13:40 [Qemu-devel] Call for testing QEMU aarch64-linux-user emulation Alex Bennée
2014-02-24 13:01 ` Janne Grunau
2014-02-25 15:54   ` Alex Bennée
2014-02-25 17:11     ` Janne Grunau
2014-03-06 11:40       ` Alex Bennée
2014-03-06 16:04         ` Janne Grunau
2014-02-24 20:58 ` Dann Frazier
2014-02-25  8:39   ` Alex Bennée
2014-02-25  8:49     ` Andreas Färber
2014-02-25 13:33       ` Michael Matz
2014-02-25 13:46         ` Peter Maydell
2014-02-25 14:56           ` Michael Matz
2014-02-28 14:12             ` Alex Bennée
2014-02-28 14:21               ` Peter Maydell
2014-02-28 14:27                 ` Alexander Graf
2014-02-28 14:49                   ` Peter Maydell
2014-02-28 17:08                     ` Alex Bennée
2014-02-28 17:17                       ` Peter Maydell
2014-02-26 22:06     ` Dann Frazier
2014-02-27 13:20       ` Michael Matz
2014-02-27 19:47         ` Dann Frazier [this message]
2014-03-14 14:20         ` Peter Maydell
2014-03-09 23:37     ` Dann Frazier
2014-03-09 23:51       ` Peter Maydell
2014-03-10 11:28         ` Alex Bennée
2014-03-10 11:45           ` Peter Maydell
2014-03-10 13:56           ` Michael Matz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALdTtnu_FGkH9e7ZYfORup5+=yDq=A-7OA3qkmbDsMPwfoVFog@mail.gmail.com' \
    --to=dann.frazier@canonical.com \
    --cc=Christoffer.Dall@linaro.org \
    --cc=abarcelo@ac.upc.edu \
    --cc=agraf@suse.de \
    --cc=alex.bennee@linaro.org \
    --cc=linaro-dev@lists.linaro.org \
    --cc=linaro-toolchain@lists.linaro.org \
    --cc=matz@suse.de \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=wookey@linaro.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.