linux-api.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: linux-kernel@vger.kernel.org
Cc: Andy Lutomirski <luto@kernel.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Oleg Nesterov <oleg@redhat.com>,
	Andrei Vagin <avagin@virtuozzo.com>,
	Thomas Gleixner <tglx@linutronix.de>, Greg KH <greg@kroah.com>,
	Andrey Vagin <avagin@openvz.org>, Serge Hallyn <serge@hallyn.com>,
	Pavel Emelyanov <xemul@virtuozzo.com>,
	Cyrill Gorcunov <gorcunov@openvz.org>,
	Peter Zijlstra <peterz@infradead.org>, Willy Tarreau <w@1wt.eu>,
	linux-arch@vger.kernel.org, linux-api@vger.kernel.org,
	Linux Containers <containers@lists.linux-foundation.org>,
	Michael Kerrisk <mtk.manpages@gmail.com>
Subject: [PATCH 0/8] signal: Fix sending signals with siginfo
Date: Fri, 30 Jun 2017 07:36:16 -0500	[thread overview]
Message-ID: <87bmp5y7nj.fsf_-_@xmission.com> (raw)
In-Reply-To: <20170616191602.GA10675@1wt.eu> (Willy Tarreau's message of "Fri, 16 Jun 2017 21:16:02 +0200")


Today sending a signal with rt_sigqueueinfo and receving it on
a signalfd does not work reliably.  The issue is that reading
a signalfd instead of returning a siginfo returns a signalfd_siginfo and
the kernel must convert from one to the other.

The kernel does not currently have the code to deduce which union
members of struct siginfo are in use.

In this patchset I fix that by introducing a new function siginfo_layout
that can look at a siginfo and report which union member of struct
nnsiginfo is in use.  Before that I clean up how we populate struct
siginfo.

The siginfo structure has two key members si_signo and si_code.  Some
si_codes are signal specific and for those it takes si_signo and si_code
to indicate the members of siginfo that are valid.  The rest of the
si_code values are signal independent like SI_USER, SI_KERNEL, SI_QUEUE,
and SI_TIMER and only si_code is needed to indicate which members of
siginfo are valid.

At least that is how POSIX documents them, and how common sense would
indicate they should function.  In practice we have been rather sloppy
about maintaining the ABI in linux and we have some exceptions.  We have
a couple of buggy architectures that make SI_USER mean something
different when combined with SIGFPE or SIGTRAP.  Worse we have
fcntl(F_SETSIG) which results in the si_codes POLL_IN, POLL_OUT,
POLL_MSG, POLL_ERR, POLL_PRI, POLL_HUP being sent with any arbitrary
signal, while the values are in a range that overlaps the signal
specific si_codes.

Thankfully the ambiguous cases are for things no sane persion would do
that so we can rectify the situtation.  AKA no one cares so we won't
cause a regression fixing it.

As part of fixing this I stop leaking the __SI_xxxx codes to userspace
and stop storing them in the high 16bits of si_code.  Making the kernel
code fundamentally simpler.  We have already confirmed that the one
application that would see this difference in kernel behavior CRIU won't
be affected by this change as it copies values verbatim from one kernel
interface to another.

Eric

Eric W. Biederman (8):
      signal/alpha: Document a conflict with SI_USER for SIGTRAP
      signal/ia64: Document a conflict with SI_USER with SIGFPE
      signal/sparc: Document a conflict with SI_USER with SIGFPE
      signal/mips: Document a conflict with SI_USER with SIGFPE
      signal/testing: Don't look for __SI_FAULT in userspace
      signal/x86: Fix SIGSYS handling in copy_siginfo_to_user32
      fcntl: Don't use ambiguous SIG_POLL si_codes
      signal: Remove kernel interal si_code magic

 arch/alpha/include/uapi/asm/siginfo.h         |   5 ++
 arch/alpha/kernel/traps.c                     |   6 +-
 arch/arm64/kernel/signal32.c                  |  23 +++---
 arch/blackfin/include/uapi/asm/siginfo.h      |  30 +++++---
 arch/frv/include/uapi/asm/siginfo.h           |   2 +-
 arch/ia64/include/uapi/asm/siginfo.h          |  19 ++---
 arch/ia64/kernel/signal.c                     |  17 ++---
 arch/ia64/kernel/traps.c                      |   4 +-
 arch/mips/include/uapi/asm/siginfo.h          |   9 ++-
 arch/mips/kernel/signal32.c                   |  19 +++--
 arch/mips/kernel/traps.c                      |   2 +-
 arch/parisc/kernel/signal32.c                 |  31 ++++----
 arch/powerpc/kernel/signal_32.c               |  20 +++--
 arch/s390/kernel/compat_signal.c              |  32 ++++----
 arch/sparc/include/uapi/asm/siginfo.h         |   7 +-
 arch/sparc/kernel/signal32.c                  |  16 ++--
 arch/sparc/kernel/traps_32.c                  |   2 +-
 arch/sparc/kernel/traps_64.c                  |   2 +-
 arch/tile/include/uapi/asm/siginfo.h          |   4 +-
 arch/tile/kernel/compat_signal.c              |  18 ++---
 arch/tile/kernel/traps.c                      |   1 -
 arch/x86/kernel/signal_compat.c               |  22 +++---
 fs/fcntl.c                                    |  13 +++-
 fs/signalfd.c                                 |  22 ++----
 include/asm-generic/siginfo.h                 |  22 +++---
 include/linux/signal.h                        |   8 ++
 include/uapi/asm-generic/siginfo.h            | 104 ++++++++++++--------------
 kernel/compat.c                               |   2 -
 kernel/exit.c                                 |   6 +-
 kernel/ptrace.c                               |   6 +-
 kernel/signal.c                               |  72 +++++++++++++-----
 tools/testing/selftests/x86/mpx-mini-test.c   |   3 +-
 tools/testing/selftests/x86/protection_keys.c |  13 ++--
 33 files changed, 302 insertions(+), 260 deletions(-)

       reply	other threads:[~2017-06-30 12:36 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <87lgot2loq.fsf@xmission.com>
     [not found] ` <87zid90vye.fsf_-_@xmission.com>
     [not found]   ` <20170615225426.GP31671@ZenIV.linux.org.uk>
     [not found]     ` <87poe4zrs1.fsf@xmission.com>
     [not found]       ` <CA+55aFxpv+gchzs7AYgSC8feAOV=B6mjFgBVm4Kx+83J2CNE-w@mail.gmail.com>
     [not found]         ` <87poe3vsa9.fsf@xmission.com>
     [not found]           ` <CALCETrX=SquyR8JZqHDNx=_FQKQo-0u9AxfdUwJs_hujVO2A-g@mail.gmail.com>
     [not found]             ` <87h8zfua59.fsf@xmission.com>
     [not found]               ` <CALCETrWPBn31Dye=81r2ZMainNOnDy5c_QxbU2uRjnJs0ie=Zg@mail.gmail.com>
     [not found]                 ` <87r2yjsuwl.fsf@xmission.com>
     [not found]                   ` <20170616191602.GA10675@1wt.eu>
2017-06-30 12:36                     ` Eric W. Biederman [this message]
2017-07-18 14:04                       ` [PATCH v2 0/7] signal: Fix sending signals with siginfo Eric W. Biederman
2017-07-18 14:06                         ` [PATCH 1/7] signal/alpha: Document a conflict with SI_USER for SIGTRAP Eric W. Biederman
     [not found]                           ` <20170718140651.15973-1-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-18 18:22                             ` Richard Henderson
2017-07-18 14:06                         ` [PATCH 4/7] signal/mips: Document a conflict with SI_USER with SIGFPE Eric W. Biederman
2017-08-07 16:18                           ` Maciej W. Rozycki
2017-08-07 17:41                             ` Linus Torvalds
2017-08-07 19:55                               ` Ralf Baechle
2017-08-08 15:29                             ` Eric W. Biederman
2017-08-08 23:19                               ` Maciej W. Rozycki
     [not found]                         ` <87o9shg7t7.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-18 14:06                           ` [PATCH 2/7] signal/ia64: " Eric W. Biederman
2017-07-18 14:06                           ` [PATCH 3/7] signal/sparc: " Eric W. Biederman
2017-07-18 14:06                           ` [PATCH 5/7] signal/testing: Don't look for __SI_FAULT in userspace Eric W. Biederman
2017-07-18 14:06                           ` [PATCH 6/7] fcntl: Don't use ambiguous SIG_POLL si_codes Eric W. Biederman
     [not found]                             ` <20170718140651.15973-6-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-20 16:16                               ` Oleg Nesterov
2017-07-21  2:33                                 ` Eric W. Biederman
2017-07-18 14:06                           ` [PATCH 7/7] signal: Remove kernel interal si_code magic Eric W. Biederman
     [not found]                             ` <20170718140651.15973-7-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-18 16:57                               ` Linus Torvalds
     [not found]                                 ` <CA+55aFyKsmf+BpYjcH30MGpHTDJ=zgYPx6kwyEB9CXXFxj_xsw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-07-18 17:27                                   ` Eric W. Biederman
     [not found]                                     ` <878tjlbqpt.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-22 20:25                                       ` Simplfying copy_siginfo_to_user Eric W. Biederman
     [not found]                                         ` <8760ek5ics.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-07-24 17:43                                           ` Linus Torvalds
     [not found]                                             ` <CA+55aFyH5W2doo9vxXta_-pXfNXqQ19d7z48k1hmfAot+aJvMw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-07-24 19:01                                               ` Eric W. Biederman
2017-07-25  1:37                                             ` Al Viro
2017-07-31 16:37                                               ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87bmp5y7nj.fsf_-_@xmission.com \
    --to=ebiederm@xmission.com \
    --cc=avagin@openvz.org \
    --cc=avagin@virtuozzo.com \
    --cc=containers@lists.linux-foundation.org \
    --cc=gorcunov@openvz.org \
    --cc=greg@kroah.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mtk.manpages@gmail.com \
    --cc=oleg@redhat.com \
    --cc=peterz@infradead.org \
    --cc=serge@hallyn.com \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    --cc=viro@zeniv.linux.org.uk \
    --cc=w@1wt.eu \
    --cc=xemul@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).