Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp5784625imm; Tue, 26 Jun 2018 18:35:25 -0700 (PDT) X-Google-Smtp-Source: AAOMgpej5lnSiJkhaFd9hFUQsYm1Ja3+6vVgXpRa4xhzaUDmwwpZ7TNo3g870wlUqCoLGqVRQ344 X-Received: by 2002:a62:c8a:: with SMTP id 10-v6mr3771290pfm.27.1530063325091; Tue, 26 Jun 2018 18:35:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530063325; cv=none; d=google.com; s=arc-20160816; b=B4nq55yAv0/2fRilohNU3AJN5GbNFQLJIeYHnTON8ItHSS6Kcjd79znPL+3CKspH7H fyIpZJjzbAngC7jqAHNSdi21X+9DE/BSmK5c/B681DN+GNHcjmqSjaIOyRNB9wWgPG9Z O2BN4NFhfDLsyubIeDp6Vjtumf4xM/7NR5dJsAKPtuHCVupVGky0BqqjNLfWGotYfF9P 8KPphzGCPUljAJcrLzmyB91nZTW/Sh2/Q/AMxARokItgnClZgZTKwdF3HClUuymknmEK fwn29GEpGK3of6aQ7Awe5agIRfilWv8D2os7XqW87lVikE3T7Kkpg3kQrlVJSFIxx4EK 4KJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature:arc-authentication-results; bh=qznug5JFcOhQCnZSWddHf8n96lgsu+uYCNiLX7Wf31Y=; b=Hrojfygvo9yVIiemUhK+molXTde1hTDbnJvkfBF+2MURRGdzLP9FQNJbMf2ME/40nO eAdw5b2pmjxKdbrn0D54F6PlbS3/IBV5VYLky80wa7HxMOsfo7o3vQxca7ryuDw+Lpqu z3IOA6cgJbcLRRbO4ajtgRYAOpbo0vIENccz5/pt4DDskO1l4mC/lS7j3EYEwT8H/Y3y MmuuVqQOE4astp3gbs4fK4Kp2JwqFmtuwHmGUmzQlS5Wssl3cWxzJ+6o1nqVfzACHB+C Idld0VOQcYhRBM6o1ygriGYEe2OhSBPQeZz7pj7sfngufl1JqkiJQFMHnAyO4WXjN+Tr wEkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=zEmGgM3W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h2-v6si2882310pls.245.2018.06.26.18.35.10; Tue, 26 Jun 2018 18:35:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=zEmGgM3W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752730AbeFZV6O (ORCPT + 99 others); Tue, 26 Jun 2018 17:58:14 -0400 Received: from mail-pl0-f65.google.com ([209.85.160.65]:47063 "EHLO mail-pl0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752113AbeFZV6M (ORCPT ); Tue, 26 Jun 2018 17:58:12 -0400 Received: by mail-pl0-f65.google.com with SMTP id 30-v6so9170874pld.13 for ; Tue, 26 Jun 2018 14:58:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=qznug5JFcOhQCnZSWddHf8n96lgsu+uYCNiLX7Wf31Y=; b=zEmGgM3Wc6E7/K/P6G/sN7rxwzvvr28FVIWUbkidfTsPKMTkwBv/nTX7kaKeL+y5cQ /2zVc9yHTYS68Mt05bHG6gjv25nAyQxD1/qIXrez8/E5CjJ8h5wVA0YpGjhIwB8VICDc isDhoAqyJCYwzjadmnCS1rg1ocO5d9NO/kg6GQHhSJ4znoBSsI87PXcmtMvJK41PEOHy Yv5GqFafeM+dNhJMyWNwkaOZagZWh09uPjTVswdAeIRObdeFtiFG6rPpVOnnwP11pyMe dsicp4Wqh8Wrsljix8r7WPd/gKL0SNyTr+eBZZpoop3iprY0AZi82K8f5s/BfLgzSfh3 fEWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=qznug5JFcOhQCnZSWddHf8n96lgsu+uYCNiLX7Wf31Y=; b=e6SVEU1F3TqEdTXaHsm4GKqnUY0QUKk89+v1ZLLySQ/cVAGBsLCUsdG+IU402TfsE4 /c74U5x699KVhfcHiZUKYCtMSD8S69W8Px3yIrE4aHvC4YlEkW1FCnp8XSGyXuR3wN/g B0zragb/qWpn3QYHu5FrU+2reboZk0FDD2bwhK19SrZcofXktztFmaWgBfGpbRCeE65l V+zqbvHq4qx5km7vmV1omQfh0Xws//hH39kBBQRAWUOjyK49TzFhWoUO24vsRx4i02To D5bOyoWxyx1ba+z9YgTnRBpxUNrciVzf5pk5EQm/1j603lsdk99kNQwic4wa2mUOHK+S dCog== X-Gm-Message-State: APt69E1VAVyqu8y81CgpdXuc0EMwYox9YuK27bfnzqITo7f4z/K3Dwho MkR+mXoX/m9ugfwsw7G5Vfiu5A== X-Received: by 2002:a17:902:8210:: with SMTP id x16-v6mr3275759pln.307.1530050291528; Tue, 26 Jun 2018 14:58:11 -0700 (PDT) Received: from ?IPv6:2600:1010:b01b:ac5e:f0d2:dd3c:5dff:6377? ([2600:1010:b01b:ac5e:f0d2:dd3c:5dff:6377]) by smtp.gmail.com with ESMTPSA id w1-v6sm1156579pgo.72.2018.06.26.14.58.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 26 Jun 2018 14:58:10 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: [RFC PATCH for 4.18 2/2] rseq: compat: clear high bits of rseq_cs fields From: Andy Lutomirski X-Mailer: iPhone Mail (15F79) In-Reply-To: <20180626211617.8933-2-mathieu.desnoyers@efficios.com> Date: Tue, 26 Jun 2018 14:58:08 -0700 Cc: Thomas Gleixner , linux-kernel@vger.kernel.org, Joel Fernandes , Peter Zijlstra , Catalin Marinas , Dave Watson , Will Deacon , Andi Kleen , "H . Peter Anvin" , Chris Lameter , Russell King , Andrew Hunter , Michael Kerrisk , "Paul E . McKenney" , Paul Turner , Boqun Feng , Josh Triplett , Steven Rostedt , Ben Maurer , linux-api@vger.kernel.org, linux-arch@vger.kernel.org, x86@kernel.org, Andrew Morton , Linus Torvalds Content-Transfer-Encoding: quoted-printable Message-Id: References: <20180626211617.8933-1-mathieu.desnoyers@efficios.com> <20180626211617.8933-2-mathieu.desnoyers@efficios.com> To: Mathieu Desnoyers Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Jun 26, 2018, at 2:16 PM, Mathieu Desnoyers wrote: >=20 > Make the behavior rseq on compat tasks more robust by ensuring that > kernel/rseq.c:rseq_get_rseq_cs() clears the high bits of > rseq_cs->abort_ip, rseq_cs->start_ip and rseq_cs->post_commit_offset > when a 32-bit binary is run on a 64-bit kernel. >=20 > The intent here is that if user-space has garbage rather than zeroes > in its struct rseq_cs fields padding, the behavior will be the same > whether the binary is run on 32-bit or 64-bit kernels. >=20 > Use in_compat_syscall() when rseq_get_rseq_cs() is invoked from > system call context, and use is_compat_frame() when invoked from > signal delivery. >=20 And when it=E2=80=99s invoked due to preemption unrelated to a syscall or si= gnal, you malfunction? I think the only sane solution is to make these fields be u64, delete the LI= NUX_FIELD_ macros, and possibly teach the x86 slowpath return to inject a si= gnal if it=E2=80=99s trying to return to a 32-bit context with garbage in th= e high bits of regs->ip so that we determistically fail if the user screws u= p. Rseq is brand new. It should not need compat code at all.=