Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932969AbdC1NDr (ORCPT <rfc822;w@1wt.eu>);
        Tue, 28 Mar 2017 09:03:47 -0400
Received: from mail-he1eur01on0124.outbound.protection.outlook.com ([104.47.0.124]:61248
        "EHLO EUR01-HE1-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S932943AbdC1NDn (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 28 Mar 2017 09:03:43 -0400
Authentication-Results: virtuozzo.com; dkim=none (message not signed)
 header.d=none;virtuozzo.com; dmarc=none action=none
 header.from=virtuozzo.com;
Subject: Re: [PATCHv3] x86/mm: set x32 syscall bit in SET_PERSONALITY()
To: Thomas Gleixner <tglx@linutronix.de>
References: <20170321174711.29880-1-dsafonov@virtuozzo.com>
 <alpine.DEB.2.20.1703212319440.3776@nanos>
 <cccc8f91-bd0d-fea0-b9b9-71653be38f61@virtuozzo.com>
 <alpine.DEB.2.20.1703281449070.3616@nanos>
CC: <linux-kernel@vger.kernel.org>, <0x7f454c46@gmail.com>,
        Adam Borowski <kilobyte@angband.pl>, <linux-mm@kvack.org>,
        Andrei Vagin <avagin@gmail.com>, Cyrill Gorcunov <gorcunov@openvz.org>,
        Borislav Petkov <bp@suse.de>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        <x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
        Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@redhat.com>
From: Dmitry Safonov <dsafonov@virtuozzo.com>
Message-ID: <66372d92-8fc1-301e-df21-7020514d7dbb@virtuozzo.com>
Date: Tue, 28 Mar 2017 15:59:00 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <alpine.DEB.2.20.1703281449070.3616@nanos>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [195.214.232.6]
X-ClientProxiedBy: DB6PR0501CA0002.eurprd05.prod.outlook.com (10.172.232.140)
 To DB6PR0801MB1735.eurprd08.prod.outlook.com (10.169.226.150)
X-MS-Office365-Filtering-Correlation-Id: 1d90f258-6a58-4b2b-f76e-08d475dab5b1
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(201703131423061)(201703031133067);SRVR:DB6PR0801MB1735;
X-Microsoft-Exchange-Diagnostics: 1;DB6PR0801MB1735;3:7F7WfvqLtF+h+aMEyDhihFLU7ZyPgUjHqWGJR5/vFmi6ejHqrhdmnCp/24eYpGRPPWX1kpy1Vmvca3t0GXgoz1hi5Qy666JSovn/Y6uEAmHCmvx4KHExbi9hjxqAYMuIBQ9yydIRvqWuK+OQUDUWaVFwuaDavIu6lku/Kdq06dBLFlr3qrHgkwjkApqtpdGIOKx+optLPK4oQDPKR73xVT3q0F7GZtokKCKErdzFjUPtX3lwnjSrd/i9qnraLQ2Dm3vmstPOHaYSl+Xv8dqp/7pgjgkWi63jx6hpL6qn731DsypJFw4SOWN93tu7uoS2SZScWEi1WIAXlEhDqkx41Q==;25:TtoE9nVJECMNROlW+rd2MIiftp5EhljbJLYaopOA90nefORjnzGToL7CkLYRKXEGq4PUEzFUSnamYRrc/hR0fnbuAZ1+dNZkcc19vSDT11wL7iJ+kEAjr2IchuxwP/09PxpUVJW9msM4bDq2YMPXXpIcsWEDXlRF1nqLFiWktk4D703PHzd9litA+sQWzlLbPrLIrZ/l3UWAtxXyIXc4lWR2rcTelzvKR2U4BzP0f7MWoCCDTECSMLSF0H4LqlBPdCDTxJprKSNQu+p9HwrKsYqMaUEN0E7zxZmATz5gd6WY/vRjxCFNg/0Cw8AmoPMwefBhBW2FW7j5sdlvfBaCCxLV3QjRpEu1Iy3D4lrXEpZdn2OLvOCxdlU2UsGokcBW7troKUBsA1PAy1FgUj7oh5cHJaHJH050f7jf6jaXFoLXrr8InWyYGRZ+OL+EfqClAoXOiWgbIgqpekrDhm3v2w==
X-Microsoft-Exchange-Diagnostics: 1;DB6PR0801MB1735;31:NcOHL71LOt79eEL2VDL5otJm8kI0Cvl/AIj+wQOfwt7KC1WSVGeaSFOJA7dZ9Y40+zZ3mfHKr+UMHZ9R2nu4iOsUY/fNZriJ9oWSgA7xjgqJSgoOqzWnaVszzB//Psb1fGRQvpH1vqfJZCeYTJx8dbXrIdsys+R/kaiPm4n6jw9TAYfvr+/0eppS8DFRYWN4g54EviOXxeMonp37jNyN1oWx6GcWc1guk/cx0MUPIvIZYSFY27AC81VJ1gDftu9O;20:aLspEMwBBL2U/d+biAlTtlY05ijR0ykFjI7aeHI83+wLZzrfwUmaHD3C5cUhGud32OvSwyFvqTsRGx3qYaWgwJHhs90IgbhcQR3BS5wBjRovaVUVsjwX1DHsQ4bzkPodtyM3sV2AUagJ/1BkK05yMUrrhv7Hg27zVDrlNV2r0VulNcuBXtZ/1jSEofGeILDLdDUOpOWQFp3nW5EKixjlqYIlAhz17GtDVcYpc1mjp6IJoobqLeU8tYoHd2vVijF/2yjE6AFxD6z//dbYyD9+DpkwTLZCcxWeynDfpJw4gpLeho7yMz2/YiBvuPlArJL6mSxxm18ugAekaBvr2GoMFNshZloVIaXVux8e5OEZ9dy5PG1rjhqOjs8mptJb1Hu42Te3C0C5Pd9wgiN+OuoWu2jdZtQ+zaT6iNn7xgirvOM=
X-Microsoft-Antispam-PRVS: <DB6PR0801MB1735EEDFA8CC04CB39F99E3ED1320@DB6PR0801MB1735.eurprd08.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040435)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6041248)(20161123558025)(20161123562025)(20161123555025)(201703131423060)(201703061421060)(201703161042060)(20161123564025)(20161123560025)(6042181)(6072148);SRVR:DB6PR0801MB1735;BCL:0;PCL:0;RULEID:;SRVR:DB6PR0801MB1735;
X-Microsoft-Exchange-Diagnostics: 1;DB6PR0801MB1735;4:abeaiRgkxfT/IyxiPN0TVrrzeUrdcXdCfxnJPz+PN5hXJJOUiymhrmY4WF4AxYjbzjYsKqzolTp+9s/R4lx0dcZt+b+qvpXkVjY11vgC+//TJx0xHZ16UqdP/DYy+2I5qy/k16pyPUHY5AOqhmmCMKji7Kih1fLcipyvXfLy1ln/3S4abL9spYQNg9se6a90xdyoZLRb7uhRbee1YWT+5J0J0nTMw8i4AoCgIzDiDrQVbuD75wimpn/0AzgFVC6fDkqe45MQboa9U7yV6Ejs2VOqmLv8Rmd3JQYP8PDQjK4EGw9jggmkYEvELiCm+ebOMSkbyYs292imNCOBX1TLnyZnrVzfz7Cuy7pAZTGLRmz6SZBhsutM+EXiC+iX0GlCiKpZ04tZA0Sxm8/Yot4OVM7c5Vp+14a5dn04OIiUStkl8eJo2DpAhov6qyfE6Egn5VKuiSwcj80HATKpioDiOyPA9tYtwFIr4Ul4q9EdcW0KoP5e0FoPnmp7VvFD38BMci4g4izS9NAAf2/yWmlA0Kluia8ajGMPnNQzdNSOOTRQXm1/5HRb9DinEhJwVQ9U1kk735O+uLV8qqLGwygCPlCh+CKARVikJIrlqqTcgDhvSrXtx1P4Z5ixcOueQ3uzC63qs531caU5tOUCe44NFlEPaTRshNWJeBre0ZYoHPQCaZmqV3KyBvG50UkgnSAKV+JfEzF5BRnghjUfXFLs4eynXE0lbATuONtJvZRrja4=
X-Forefront-PRVS: 0260457E99
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6049001)(6009001)(24454002)(377454003)(38730400002)(6246003)(230700001)(5660300001)(2950100002)(6916009)(6666003)(64126003)(110136004)(83506001)(31696002)(229853002)(189998001)(47776003)(66066001)(65806001)(65956001)(86362001)(50466002)(2906002)(33646002)(31686004)(77096006)(6486002)(54906002)(36756003)(81166006)(23746002)(42186005)(6116002)(4326008)(6306002)(53936002)(3846002)(7416002)(4001350100001)(305945005)(50986999)(8676002)(90366009)(54356999)(76176999)(25786009)(53546009)(7736002);DIR:OUT;SFP:1102;SCL:1;SRVR:DB6PR0801MB1735;H:[172.16.25.13];FPR:;SPF:None;MLV:sfv;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;DB6PR0801MB1735;23:ychj3FAjg0lcyqmsSoBYrrABq7fuoAcs3/j?=
 =?Windows-1252?Q?f2Qvnb0LKIfqKq69W+VS5dsPMOHzAoIqiG5gZrvgpLl4d4vrjLtroBCu?=
 =?Windows-1252?Q?uGuetfWqUpWEd8l21Q/s9jaZj8UR3Lri073lgXUGhJ8dwyVCpXOBxOxI?=
 =?Windows-1252?Q?1WC8T6dLGkgPRr2LOAWT01CeysADCmqV/irdnxQQNno+ZclGVwp6qOBu?=
 =?Windows-1252?Q?s5VOd2QuYSiuHAbKcSAy+ePtB3jamEOmt75lOeBdDkScIUfLL17rIsnG?=
 =?Windows-1252?Q?YkhtpQK/kTAkUONDlzJd1GLQbKVEwb+KIfKZYOmwNymPQFcw71ctwiln?=
 =?Windows-1252?Q?vv65lpSaKODYOopoQZEHBQkFvVIYtudMzzurg+AjQIymw71OJ+Bum9ep?=
 =?Windows-1252?Q?91wNns6opEUSvApezCWV8bPm1w9rxq0KdG3Hu2rRsbHg+eTmRM/F1Nls?=
 =?Windows-1252?Q?5kXTnE2ZgwhphbngW191e04S9xKTXJbhLEfPmtMjIH4rXOoHLDumrTEv?=
 =?Windows-1252?Q?nigoWijTQln+0kTTL3CKzgjUrLcQpMMbVwmHeHlTjAoQUfIjXPMDQl1K?=
 =?Windows-1252?Q?MyXrW+u1CE1ccAXba0+NTgXGGRyQmlYJaERegyTTqOcgjzljzN9HkuvM?=
 =?Windows-1252?Q?TjzVpwNQalhoUCbrKyCVVoXGezqE0kQrTuZID/4g4wmCcjD5OqTKI3ED?=
 =?Windows-1252?Q?XF/qoByVXCiW2MKCCocLjFu0sNkjhotw8V9Y7SxeTA+l8JrY1D4I/I3E?=
 =?Windows-1252?Q?6OojeCicnaeHjeBSyauCT1nXWasO8OlFSJMCz8e6IDL9OXci3mhyUsPn?=
 =?Windows-1252?Q?fDm+UoR8Jl3Szs4HCroVaMSVS9KjzpuECic7hXves5Veaj0gI9OlWhb/?=
 =?Windows-1252?Q?44f2Pz47F4RWiFYoc7TYjdCB4L6F4AmK5iXJd0c5zid+9N8Mzj3RwE1B?=
 =?Windows-1252?Q?1Sn4MuEj38Rl8tZGFzADztr10vjfC+Sfcrzknz/vYMs5c4xXiaXt6A+l?=
 =?Windows-1252?Q?s1dJGYhuhfQepVA84AKTK9vcWMdU1y6Yfhd/bfqITuGzauNNfp7nAZB1?=
 =?Windows-1252?Q?Xk2kNFjUm0pGh6pGkIsQnzgkjyRS/A04oEQqbM0K37jfwtxiBCd5BXLA?=
 =?Windows-1252?Q?QdMr5OM8+DlKRQBnyM/fII2kn41swv6kBKcL7dsKxePMAD2Hy4aOOvnU?=
 =?Windows-1252?Q?NRvhQJAOH0GNPY+1kKDhCxZxIaIXhw172M7n0CLcbRHGpbef7S+3xiTW?=
 =?Windows-1252?Q?TCPOSIi4ugXMiBq2BefD5yXlMxMIXMYPqzrdZnH5XeRtoMBwtaQd3y7p?=
 =?Windows-1252?Q?YS3rZ?=
X-Microsoft-Exchange-Diagnostics: 1;DB6PR0801MB1735;6:Ds+oTZOMj1efW9+T4TxR0gKANW1lkpHeMSg/zN3oGxVXJuk5UL5g6VRsWMhZZbetmJkzJSqRswMsv9yVpds+mIk/f7U8vs+G9Pn/sBKCqcv9O2SMgWbvwzNZJwm77OdtYs52qz1lQRU9r0mICU7ElMgKtEkQMs7/J7wb5gySFl/1+ZKHcUKbOYUp8tU6KULPYo8/ponloMRD+0aD/YMli5AppoUw07+B9Y1KI3Sypp2xNI1CwVvmjIg7KzERak12NwFvDl2YJfWr4HPbBOFzZLK9iBKcKZ6rPL5tfvb+NlLgsre/wj46CklV0/aWvUfBkTYZX46EtIILareg64UWwF97kISUP4PgOSCNZxigbqhXndeOfdOC9lAi07aFjZcvLTeC4/GzpSzHt+LgrIVgzQ==;5:pL/bwkr9B7S8XIxKQGbcHNvcx6S0FQWMJ5SpVK26XpDGjXy6Wk6JX8hIjE6TUYMSOkuYQHrNFMTavKIcCYqRXKEx+1bd9rs5VBb4l+nXQLmcAyde4tKVkBdA8CAaB5izdAbnFHe/VhQ7i5eEtLykQQ==;24:s6fgHzRuWvkMHSkZwFKzo8oZg+gVard4o8SiwSlSkFeS0+cFYtf5VMOpAFI6XLrjT9JoTjeiIkyaREVyFOljsdyRjiH98xuKuIxEN43QP8Y=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;DB6PR0801MB1735;7:fzhnsaNf68JB6ltZrz1DtiMSFQ/jrXmXlx2iqn0wkmq8dWQsrBApvL/8b1Fb933SLFFmJVzTWuUv014KFkN/hNsLGoSII08jzzrrsD+Zt7xMwtyeOUK+27+p4AJ4lbcrk1C7p0Z82kbIdW0jLYauQlK2gSbG+lGUJaJNHD0FSut7VeKukYfAFXajzO2FjIuC+ZkcOBSQBdGqkr2/CfjuyKJLNXqWVISC53xCyJXTQFoFs3ZtFylxEusJOyWYKTLXbzcIPyoG1/gxJDrEDXsIVhYH9lbCrO8APXCujqwX4/WVU9iCURgo/uCDF5/GE7xa+UrDuDxfDMpHjwq3cgXV3A==;20:ooxn+RtqWTCLFA8p+0+BW9q10+q3U2WzDkcKT0TxWE+ZZ0dpH/aSwHADZt5705kJ+NcYvd1Dygc+PkE9XHDDx6oi2xcaUUOLjwFLzQnuMtE3wXvqMSR8W6Q+RHtoE67ydeTpzKurY4JNiOuA/suMuLY+L/STvBRtYHr63fpAh6U=
X-OriginatorOrg: virtuozzo.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Mar 2017 13:02:36.7073 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0801MB1735
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3824
Lines: 126

On 03/28/2017 03:51 PM, Thomas Gleixner wrote:
> On Tue, 28 Mar 2017, Dmitry Safonov wrote:
>> On 03/22/2017 01:21 AM, Thomas Gleixner wrote:
>>> On Tue, 21 Mar 2017, Dmitry Safonov wrote:
>>>> v3:
>>>> - clear x32 syscall flag during x32 -> x86-64 exec() (thanks, HPA).
>>>
>>> For correctness sake, this wants to be cleared in the IA32 path as
>>> well. It's not causing any harm, but ....
>>>
>>> I'll amend the patch.
>>
>> So, just a gentle reminder about this problem.
>> Should I resend v4 with clearing x32 bit in ia32 path?
>> Or should I resend with this fixup:
>> https://lkml.org/lkml/2017/3/22/343
>>
>> The fixup doesn't look as simple as clearing x32 syscall bit, but I may
>> be wrong.
>
> Something like the below should set it correctly for all possible
> scenarios.

Ok, I'll check the ifdeffery, define __NR_{x32_,ia32_}execve,
test it and resend v4 today or tomorrow.
Thanks.

>
> Thanks,
>
> 	tglx
>
> 8<------------------
>
>  arch/x86/kernel/process_64.c |   63 ++++++++++++++++++++++++++++---------------
>  1 file changed, 42 insertions(+), 21 deletions(-)
>
> --- a/arch/x86/kernel/process_64.c
> +++ b/arch/x86/kernel/process_64.c
> @@ -494,6 +494,8 @@ void set_personality_64bit(void)
>  	clear_thread_flag(TIF_IA32);
>  	clear_thread_flag(TIF_ADDR32);
>  	clear_thread_flag(TIF_X32);
> +	/* Pretend that this comes from a 64bit execve */
> +	task_pt_regs(current)->orig_ax = __NR_execve;
>
>  	/* Ensure the corresponding mm is not marked. */
>  	if (current->mm)
> @@ -506,32 +508,51 @@ void set_personality_64bit(void)
>  	current->personality &= ~READ_IMPLIES_EXEC;
>  }
>
> -void set_personality_ia32(bool x32)
> +static void __set_personality_x32(void)
> +{
> +#ifdef CONFIG_X86_X32
> +	clear_thread_flag(TIF_IA32);
> +	set_thread_flag(TIF_X32);
> +	if (current->mm)
> +		current->mm->context.ia32_compat = TIF_X32;
> +	current->personality &= ~READ_IMPLIES_EXEC;
> +	/*
> +	 * in_compat_syscall() uses the presence of the x32
> +	 * syscall bit flag to determine compat status.
> +	 * The x86 mmap() code relies on the syscall bitness
> +	 * so set x32 syscall bit right here to make
> +	 * in_compat_syscall() work during exec().
> +	 *
> +	 * Pretend to come from a x32 execve.
> +	 */
> +	task_pt_regs(current)->orig_ax = __NR_x32_execve | __X32_SYSCALL_BIT;
> +	current->thread.status &= ~TS_COMPAT;
> +#endif
> +}
> +
> +static void __set_personality_ia32(void)
>  {
> -	/* inherit personality from parent */
> +#ifdef CONFIG_COMPAT_32
> +	set_thread_flag(TIF_IA32);
> +	clear_thread_flag(TIF_X32);
> +	if (current->mm)
> +		current->mm->context.ia32_compat = TIF_IA32;
> +	current->personality |= force_personality32;
> +	/* Prepare the first "return" to user space */
> +	task_pt_regs(current)->orig_ax = __NR_ia32_execve;
> +	current->thread.status |= TS_COMPAT;
> +#endif
> +}
>
> +void set_personality_ia32(bool x32)
> +{
>  	/* Make sure to be in 32bit mode */
>  	set_thread_flag(TIF_ADDR32);
>
> -	/* Mark the associated mm as containing 32-bit tasks. */
> -	if (x32) {
> -		clear_thread_flag(TIF_IA32);
> -		set_thread_flag(TIF_X32);
> -		if (current->mm)
> -			current->mm->context.ia32_compat = TIF_X32;
> -		current->personality &= ~READ_IMPLIES_EXEC;
> -		/* in_compat_syscall() uses the presence of the x32
> -		   syscall bit flag to determine compat status */
> -		current->thread.status &= ~TS_COMPAT;
> -	} else {
> -		set_thread_flag(TIF_IA32);
> -		clear_thread_flag(TIF_X32);
> -		if (current->mm)
> -			current->mm->context.ia32_compat = TIF_IA32;
> -		current->personality |= force_personality32;
> -		/* Prepare the first "return" to user space */
> -		current->thread.status |= TS_COMPAT;
> -	}
> +	if (x32)
> +		__set_personality_x32();
> +	else
> +		__set_personality_ia32();
>  }
>  EXPORT_SYMBOL_GPL(set_personality_ia32);
>
>


-- 
              Dmitry