linux-arm-kernel.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Peter Collingbourne <pcc@google.com>,
	Helge Deller <deller@gmx.de>,
	Kevin Brodsky <kevin.brodsky@arm.com>,
	Oleg Nesterov <oleg@redhat.com>,
	linux-api@vger.kernel.org,
	"James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>,
	Kostya Serebryany <kcc@google.com>,
	Linux ARM <linux-arm-kernel@lists.infradead.org>,
	Andrey Konovalov <andreyknvl@google.com>,
	David Spickett <david.spickett@linaro.org>,
	Vincenzo Frascino <vincenzo.frascino@arm.com>,
	Will Deacon <will@kernel.org>, Dave Martin <Dave.Martin@arm.com>,
	Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH v16 6/6] arm64: expose FAR_EL1 tag bits in siginfo
Date: Mon, 16 Nov 2020 15:55:05 -0600	[thread overview]
Message-ID: <87d00dge6e.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <X7LMfrl/vQ8vA+Va@trantor> (Catalin Marinas's message of "Mon, 16 Nov 2020 19:01:18 +0000")

Catalin Marinas <catalin.marinas@arm.com> writes:

> On Thu, Nov 12, 2020 at 06:53:36PM -0800, Peter Collingbourne wrote:
>> diff --git a/Documentation/arm64/tagged-pointers.rst b/Documentation/arm64/tagged-pointers.rst
>> index eab4323609b9..19d284b70384 100644
>> --- a/Documentation/arm64/tagged-pointers.rst
>> +++ b/Documentation/arm64/tagged-pointers.rst
>> @@ -53,12 +53,25 @@ visibility.
>>  Preserving tags
>>  ---------------
>>  
>> -Non-zero tags are not preserved when delivering signals. This means that
>> -signal handlers in applications making use of tags cannot rely on the
>> -tag information for user virtual addresses being maintained for fields
>> -inside siginfo_t. One exception to this rule is for signals raised in
>> -response to watchpoint debug exceptions, where the tag information will
>> -be preserved.
>> +When delivering signals, non-zero tags are not preserved in
>> +siginfo.si_addr unless the flag SA_EXPOSE_TAGBITS was set in
>> +sigaction.sa_flags when the signal handler was installed. This means
>> +that signal handlers in applications making use of tags cannot rely
>> +on the tag information for user virtual addresses being maintained
>> +in these fields unless the flag was set.
>> +
>> +Due to architecture limitations, bits 63:60 of the fault address
>> +are not preserved in response to synchronous tag check faults
>> +(SEGV_MTESERR) even if SA_EXPOSE_TAGBITS was set. Applications should
>> +treat the values of these bits as undefined in order to accommodate
>> +future architecture revisions which may preserve the bits.
>
> If future architecture versions will preserve these bits, most likely
> we'll add a new HWCAP bit so that the user knows what's going on. But
> the user shouldn't rely on them being 0, just in case.
>
>> +For signals raised in response to watchpoint debug exceptions, the
>> +tag information will be preserved regardless of the SA_EXPOSE_TAGBITS
>> +flag setting.
>> +
>> +Non-zero tags are never preserved in sigcontext.fault_address
>> +regardless of the SA_EXPOSE_TAGBITS flag setting.
>
> We could've done it the other way around (fault_address tagged, si_addr
> untagged) but that would be specific to arm64, so I think we should
> solve it for other architectures that implement (or plan to) tagging.
> The fault_address in the arm64 sigcontext was an oversight, we should
> have removed it but when we realised it was already ABI.
>
> Anyway, I'm fine with the arm64 changes here:
>
> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
>
> With Eric's ack, I'm happy to take the series through the arm64 tree,
> otherwise Eric's tree is fine as well.

In general I am fine with the last two patches.

I want to understand where the value for SA_UNSUPPORTED comes from, and
while I have good answers I am still digesting the question of if
SA_EXPOSE_TAGBITS should be implemented in the arch specific header or
in a generic header.  I quite agree it should have a generic
definition/implementation.  I just don't know if it makes sense to make
the value available to userspace if the architecture does not have
tagbits.  Mostly my concern is about bit consumption as we only have
30ish sigaction bits.

I will follow with my acks when I have resolved those issues.

Thank you,
Eric


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  reply	other threads:[~2020-11-16 21:57 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-13  2:53 [PATCH v16 0/6] arm64: expose FAR_EL1 tag bits in siginfo Peter Collingbourne
2020-11-13  2:53 ` [PATCH v16 1/6] parisc: Drop parisc special case for __sighandler_t Peter Collingbourne
2020-11-13  2:53 ` [PATCH v16 2/6] parisc: start using signal-defs.h Peter Collingbourne
2020-11-13  2:53 ` [PATCH v16 3/6] arch: move SA_* definitions to generic headers Peter Collingbourne
2020-11-13  2:53 ` [PATCH v16 4/6] signal: clear non-uapi flag bits when passing/returning sa_flags Peter Collingbourne
2020-11-13  2:53 ` [PATCH v16 5/6] signal: define the SA_UNSUPPORTED bit in sa_flags Peter Collingbourne
2020-11-14 13:53   ` Eric W. Biederman
2020-11-14 22:12     ` Peter Collingbourne
2020-11-16 23:48       ` Eric W. Biederman
2020-11-13  2:53 ` [PATCH v16 6/6] arm64: expose FAR_EL1 tag bits in siginfo Peter Collingbourne
2020-11-15 14:08   ` Eric W. Biederman
2020-11-16 13:36     ` Dave Martin
2020-11-16 18:32       ` Peter Collingbourne
2020-11-16 19:01   ` Catalin Marinas
2020-11-16 21:55     ` Eric W. Biederman [this message]
2020-11-16 22:08       ` Catalin Marinas
2020-11-16 23:28       ` Peter Collingbourne
2020-11-16 23:59         ` Eric W. Biederman
2020-11-17  3:24           ` Peter Collingbourne

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87d00dge6e.fsf@x220.int.ebiederm.org \
    --to=ebiederm@xmission.com \
    --cc=Dave.Martin@arm.com \
    --cc=James.Bottomley@hansenpartnership.com \
    --cc=andreyknvl@google.com \
    --cc=catalin.marinas@arm.com \
    --cc=david.spickett@linaro.org \
    --cc=deller@gmx.de \
    --cc=eugenis@google.com \
    --cc=kcc@google.com \
    --cc=kevin.brodsky@arm.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=oleg@redhat.com \
    --cc=pcc@google.com \
    --cc=vincenzo.frascino@arm.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).