Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753553AbcCGVKc (ORCPT <rfc822;w@1wt.eu>);
	Mon, 7 Mar 2016 16:10:32 -0500
Received: from mail-ob0-f175.google.com ([209.85.214.175]:36828 "EHLO
	mail-ob0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753367AbcCGVKY convert rfc822-to-8bit (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 7 Mar 2016 16:10:24 -0500
MIME-Version: 1.0
In-Reply-To: <56DDDE51.8030006@list.ru>
References: <568D36A1.1030706@list.ru> <CALCETrX+nvBy5JTOsgz-gR9OaT2C7C_Gi-grt_rUJmkXuwX6QQ@mail.gmail.com>
 <568FBE50.7040504@list.ru> <CALCETrX5UQXQaQBdyDVS84=Xq1Qd1i6kHYvsJWc_HUSnPhCvyA@mail.gmail.com>
 <569065A6.7040005@list.ru> <CALCETrUTuh2HzD8u5LqgrprBKXq68HnXQTvWi2WtOR_1gw8UTg@mail.gmail.com>
 <56DDDE51.8030006@list.ru>
From: Andy Lutomirski <luto@amacapital.net>
Date: Mon, 7 Mar 2016 13:10:04 -0800
Message-ID: <CALCETrVtuxhYO0LTM-Vtx9f1Q9bHtZhd+9YihNNqzRci13+eoA@mail.gmail.com>
Subject: Re: sigaltstack breaks swapcontext()
To: Stas Sergeev <stsp@list.ru>
Cc: Linux kernel <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8BIT
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1700
Lines: 49

On Mon, Mar 7, 2016 at 12:02 PM, Stas Sergeev <stsp@list.ru> wrote:
> 09.01.2016 04:48, Andy Lutomirski пишет:
>>
>> On Fri, Jan 8, 2016 at 5:43 PM, Stas Sergeev <stsp@list.ru> wrote:
>>>
>>> 09.01.2016 02:24, Andy Lutomirski пишет:
>>>>
>>>> It's not sigaltstack that I'm thinking about.  It's signal delivery.
>>>> If you end up in DOS mode with SP coincidentally pointing to the
>>>> sigaltstack (but with different SS so it's not really the
>>>> sigaltstack), then the signal delivery will malfunction.
>>>
>>> Will you take care of this one?
>>> Looks quite dangerous for dosemu! And absolutely
>>> undebuggable: you never know when you hit it.
>>
>> I'll try to remember to tack it on to the sigcontext series.
>
> How is this one going?
> There seem to be one more bug in sigcontext handling.
> dosemu have this code:
> ---
>   /*
>    * FIRST thing to do in signal handlers - to avoid being trapped into
> int0x11
>    * forever, we must restore the eflags.
>    */
>   loadflags(eflags_fs_gs.eflags);
> ---
>
> I quickly checked the kernel code, and it seems the
> flags are indeed forgotten, even on ia32! I think the
> most dangerous flags are AC and NT. But most of
> others are important too. IMHO the safe defaults
> should be forced when entering the sighandler.
> Would you mind taking a look at this problem too?

Clearing NT seems sane.

Clearing AC seems like an ABI break, so I'd be a bit nervous about
clearing AC unconditionally.  We could add yet another SS flag (sigh),
or we could make the change.  As a more conservative option, we could
make it so that AC is cleared on entry to an alignment check signal.

--Andy

-- 
Andy Lutomirski
AMA Capital Management, LLC