From: ebiederm@xmission.com (Eric W. Biederman)
To: Peter Collingbourne <pcc@google.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Helge Deller <deller@gmx.de>,
Kevin Brodsky <kevin.brodsky@arm.com>,
Oleg Nesterov <oleg@redhat.com>,
linux-api@vger.kernel.org,
"James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>,
Kostya Serebryany <kcc@google.com>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Andrey Konovalov <andreyknvl@google.com>,
David Spickett <david.spickett@linaro.org>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Will Deacon <will@kernel.org>, Dave Martin <Dave.Martin@arm.com>,
Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH v17 3/3] arm64: expose FAR_EL1 tag bits in siginfo
Date: Tue, 17 Nov 2020 07:39:40 -0600 [thread overview]
Message-ID: <87mtzgcdb7.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <f296f270d97a4fbf496e1015461566407d02152f.1605582887.git.pcc@google.com> (Peter Collingbourne's message of "Mon, 16 Nov 2020 19:17:26 -0800")
Peter Collingbourne <pcc@google.com> writes:
> diff --git a/kernel/signal.c b/kernel/signal.c
> index 8f34819e80de..16be62e6d341 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -1650,6 +1650,15 @@ void force_sigsegv(int sig)
> force_sig(SIGSEGV);
> }
>
> +static void __user *get_si_addr(void __user *addr, unsigned long sig,
> + unsigned long si_code)
> +{
> + if (current->sighand->action[sig - 1].sa.sa_flags & SA_EXPOSE_TAGBITS)
> + return addr;
Apologies for not seeing this before but this part of the patch is
buggy.
It is using current->sighand->action when the destination task may not
be current. send_sig_fault and send_sig_mcerr may somewhat legitimately
be used to send faults to other processes.
Now that I think about it there are interactions with
PTRACE_GETSIGINFO/PTRACE_SETSIGINFO.
Can we move the masking into get_signal after the ptrace handling?
That way everything in the core of the kernel deals with unmasked
si_addr values and we only mask the address just before sending it to
userspace?
Eric
> + return arch_untagged_si_addr(addr, sig, si_code);
> +}
> +
> int force_sig_fault_to_task(int sig, int code, void __user *addr
> ___ARCH_SI_TRAPNO(int trapno)
> ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
> @@ -1661,7 +1670,7 @@ int force_sig_fault_to_task(int sig, int code, void __user *addr
> info.si_signo = sig;
> info.si_errno = 0;
> info.si_code = code;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, sig, code);
> #ifdef __ARCH_SI_TRAPNO
> info.si_trapno = trapno;
> #endif
> @@ -1693,7 +1702,7 @@ int send_sig_fault(int sig, int code, void __user *addr
> info.si_signo = sig;
> info.si_errno = 0;
> info.si_code = code;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, sig, code);
> #ifdef __ARCH_SI_TRAPNO
> info.si_trapno = trapno;
> #endif
> @@ -1714,7 +1723,7 @@ int force_sig_mceerr(int code, void __user *addr, short lsb)
> info.si_signo = SIGBUS;
> info.si_errno = 0;
> info.si_code = code;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, SIGBUS, code);
> info.si_addr_lsb = lsb;
> return force_sig_info(&info);
> }
> @@ -1728,7 +1737,7 @@ int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *
> info.si_signo = SIGBUS;
> info.si_errno = 0;
> info.si_code = code;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, SIGBUS, code);
> info.si_addr_lsb = lsb;
> return send_sig_info(info.si_signo, &info, t);
> }
> @@ -1742,7 +1751,7 @@ int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
> info.si_signo = SIGSEGV;
> info.si_errno = 0;
> info.si_code = SEGV_BNDERR;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, SIGSEGV, SEGV_BNDERR);
> info.si_lower = lower;
> info.si_upper = upper;
> return force_sig_info(&info);
> @@ -1757,7 +1766,7 @@ int force_sig_pkuerr(void __user *addr, u32 pkey)
> info.si_signo = SIGSEGV;
> info.si_errno = 0;
> info.si_code = SEGV_PKUERR;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, SIGSEGV, SEGV_PKUERR);
> info.si_pkey = pkey;
> return force_sig_info(&info);
> }
> @@ -1774,7 +1783,7 @@ int force_sig_ptrace_errno_trap(int errno, void __user *addr)
> info.si_signo = SIGTRAP;
> info.si_errno = errno;
> info.si_code = TRAP_HWBKPT;
> - info.si_addr = addr;
> + info.si_addr = get_si_addr(addr, SIGTRAP, TRAP_HWBKPT);
> return force_sig_info(&info);
> }
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-11-17 13:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-17 3:17 [PATCH v17 0/3] arm64: expose FAR_EL1 tag bits in siginfo Peter Collingbourne
2020-11-17 3:17 ` [PATCH v17 1/3] arch: provide better documentation for the arch-specific SA_* flags Peter Collingbourne
2020-11-17 3:17 ` [PATCH v17 2/3] signal: define the SA_UNSUPPORTED bit in sa_flags Peter Collingbourne
2020-11-17 3:17 ` [PATCH v17 3/3] arm64: expose FAR_EL1 tag bits in siginfo Peter Collingbourne
2020-11-17 13:39 ` Eric W. Biederman [this message]
2020-11-17 19:51 ` Peter Collingbourne
2020-11-17 18:16 ` [PATCH v17 0/3] " Eric W. Biederman
2020-11-17 19:52 ` Peter Collingbourne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mtzgcdb7.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=Dave.Martin@arm.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=andreyknvl@google.com \
--cc=catalin.marinas@arm.com \
--cc=david.spickett@linaro.org \
--cc=deller@gmx.de \
--cc=eugenis@google.com \
--cc=kcc@google.com \
--cc=kevin.brodsky@arm.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=oleg@redhat.com \
--cc=pcc@google.com \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).