Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp5512333imm; Tue, 26 Jun 2018 12:36:35 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIIcfzvHhWkZYTC/wKmFnVTtU9UMM/vxWTl1v90dyIxx28O6kK5NXp9Qiopy/EfaB4s7ZRI X-Received: by 2002:a63:ac57:: with SMTP id z23-v6mr2469210pgn.74.1530041795773; Tue, 26 Jun 2018 12:36:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530041795; cv=none; d=google.com; s=arc-20160816; b=EpXTIB6zRUm6ym4m5tv4lh4MHa7CuKs5ChVE9i1P9vwY9FnRrbEvxOaZzV5rSX3cD5 l9Z0lBV8fJsx3Xu5OL7gyimEDjuQm7Htsh3/11qFlMZ2VGSWCxNMEQxyF+VTBH2tFiGV 7MUKWaIhmXNbgVPPHCC7H3tCy+mHjfcm9lu06Hz2sgylMY/7tbdt0Yih5Z2OzszauSZ3 KmoB9zuLyUTIvcFHHzwsKLCmkEtzdQR594nSX4oP+wV5MKjRnnlBKAPmA9MPp1/r/ZR6 X4dj6uRJ1eM5OgYsTRnhBw7Gyqz77OrvcX66DoWwCA6Qva/q31vo/CjXIXrjAJwBhMPB 24ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=vyZwxDwR0IPTb8b0HJ2A/QtKVQS7O55KugwpA1bxnhI=; b=VyD+uXvXGp6TaF4qJ0dG/V1alIUSw7CzfUIXDe31VbBoOs3UoGPE8teYRTii3AbBZd G8pC8Tj/3xYv04Dr2/Yvr3ri376wInHhYp/grVtFTjEIYGA1+FkyBnXfvjG+WMrQMJtr 5MwETIUhZ/hj+aigJjBMaN5Rzyh8actV8Lk2ZVg84b3LqyPfr1EFIQAEmokplwswes97 2nOBb14m4gd6Jf0p6xvFpPBM0pVDr6cKlSLDxaFKv7o5tW7BN7P8TVgmKNQx8Mlho8SC peD3PO8Cl1BmsZGNbXBVHiklyG6lQwP1kyZ27uQ5BpInvHzD92oGBSemLfm6Ar6nJCnV hPlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=f4ikRtrX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v187-v6si1900220pgv.678.2018.06.26.12.36.21; Tue, 26 Jun 2018 12:36:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=f4ikRtrX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755050AbeFZTcg (ORCPT + 99 others); Tue, 26 Jun 2018 15:32:36 -0400 Received: from mail-wr0-f195.google.com ([209.85.128.195]:32837 "EHLO mail-wr0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752427AbeFZTcf (ORCPT ); Tue, 26 Jun 2018 15:32:35 -0400 Received: by mail-wr0-f195.google.com with SMTP id k16-v6so18388097wro.0 for ; Tue, 26 Jun 2018 12:32:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vyZwxDwR0IPTb8b0HJ2A/QtKVQS7O55KugwpA1bxnhI=; b=f4ikRtrXumoKh+5L+Hinl935bR2lvzXiTv+bNWAqyQQjMx2OaonT11CXHRdUt5d7cG oq+d2Z7Pbq41ozevX066L4eHRG20PfHIuSyd8lIx+DQ3nxbXPbah7m/ppgrh0O3oCmdb dxy3cZruNx4O/tLs/+VbQV94AhDvLnXBS0h/8VwNni1PJxBI6JFJl0EKpK9hEs8aIMuQ Nst4zPZwJwEmV099JepoTQ+/akrQBYN7r6RB0CKUbvPW4rc27rIX7XT7vQ0Pz7Iy0LQp X98SVhWe3NqW/CDIOukQJWnPF3JWU51mMGjaec/1t7CtpTO3YOrzLgHStYkOUj3asL0x H6Eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vyZwxDwR0IPTb8b0HJ2A/QtKVQS7O55KugwpA1bxnhI=; b=dBg0NrAz9N+5mnE9siIzkGQrr2K4naU9VSgi0wZqtaz+x18nneCm7jRGvqX1o71GYp QlF/R6tXdQbR8ugF/iXRx0GEkor7XKlJOa95fVO2MicAoAjJ/HxL+OqnuHgtiqEH8Cc0 TdBNNpxetF6pNr4UzcdahPg5AhIEPaBaxxb7vbjZVV6+Ruae18UbY6wc/EBB8liZB3yp ibYsSJNiYM/UUeyF0xkSMTwnihzhSY8n5G5AofgQdG7z1ZxrDfjyaBscZq0ewa2d0Ys9 9AXtCtlqHzu5JR6SDtpmURGs4VdjcUSKuhO/wETW957Ozynt1Fm8eNtR3XdDMHOWWAY0 5sQw== X-Gm-Message-State: APt69E1A4ZRykO9nMrx8pnzJ1c6gNW7V9VkiH/4RyB8WXWM7JIFvRZTz u7MKocmcH38pHWuY0EwpWVqwTwag/iPF6qiQfVbTeA== X-Received: by 2002:adf:8062:: with SMTP id 89-v6mr2438418wrk.221.1530041553864; Tue, 26 Jun 2018 12:32:33 -0700 (PDT) MIME-Version: 1.0 References: <1514459655.4190.1530034687884.JavaMail.zimbra@efficios.com> <170076903.5015.1530038711536.JavaMail.zimbra@efficios.com> In-Reply-To: <170076903.5015.1530038711536.JavaMail.zimbra@efficios.com> From: Andy Lutomirski Date: Tue, 26 Jun 2018 12:32:22 -0700 Message-ID: Subject: Re: rseq: How to test for compat task at signal delivery To: Mathieu Desnoyers Cc: Peter Zijlstra , Boqun Feng , LKML , "Paul E. McKenney" , Thomas Gleixner Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 26, 2018 at 11:45 AM Mathieu Desnoyers wrote: > > ----- On Jun 26, 2018, at 1:38 PM, Mathieu Desnoyers mathieu.desnoyers@efficios.com wrote: > > > Hi Andy, > > > > I would like to make the behavior rseq on compat tasks more robust > > by ensuring that kernel/rseq.c:rseq_get_rseq_cs() clears the high > > bits of rseq_cs->abort_ip, rseq_cs->start_ip and > > rseq_cs->post_commit_offset when a 32-bit binary is run on a 64-bit > > kernel. > > > > The intent here is that if user-space has garbage rather than zeroes > > in its struct rseq_cs fields padding, the behavior will be the same > > whether the binary is run on 32-bit or 64 kernels. > > > > I know that internally, the kernel is making a transition from > > is_compat_task() to in_compat_syscall(). > > > > I'm fine with using in_compat_syscall() when rseq_get_rseq_cs() is > > invoked from a system call, but is it OK to call it when it is > > invoked from signal delivery ? AFAIU, signals can be delivered > > upon return from interrupt as well. > > > > If not, what strategy do you recommend for arch-agnostic code ? > > I think what we're missing here is a new "is_compat_frame(struct ksignal *ksig)" > which I could use in the rseq code. I'll prepare a patch and we can discuss > from there. > That sounds about right. I'm confused, though. Wouldn't it be more consistent to just segfault if the high 32 bits are not clear when rseq transitions to a 32-bit context? If there's garbage in 64-bit mode, the program will crash. Why should 32-bit mode be any different?