From: Ingo Molnar <mingo@kernel.org>
To: Andy Lutomirski <luto@kernel.org>
Cc: x86@kernel.org, Denys Vlasenko <dvlasenk@redhat.com>,
Stas Sergeev <stsp@list.ru>, Cyrill Gorcunov <gorcunov@gmail.com>,
Pavel Emelyanov <xemul@parallels.com>,
Brian Gerst <brgerst@gmail.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Oleg Nesterov <oleg@redhat.com>, Borislav Petkov <bp@alien8.de>
Subject: Re: [PATCH v4 1/4] x86/signal/64: Add a comment about sigcontext->fs and gs
Date: Tue, 16 Feb 2016 08:42:31 +0100 [thread overview]
Message-ID: <20160216074230.GB19862@gmail.com> (raw)
In-Reply-To: <aa2558ac1f98963f5c73158b17aaeebcfb76f270.1455589976.git.luto@kernel.org>
* Andy Lutomirski <luto@kernel.org> wrote:
> These fields have a strange history. This tries to document it.
>
> This borrows from 9a036b93a344 ("x86/signal/64: Remove 'fs' and 'gs'
> from sigcontext"), which was reverted by ed596cde9425 ("Revert x86
> sigcontext cleanups").
>
> Signed-off-by: Andy Lutomirski <luto@kernel.org>
> ---
> arch/x86/include/uapi/asm/sigcontext.h | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
> diff --git a/arch/x86/include/uapi/asm/sigcontext.h b/arch/x86/include/uapi/asm/sigcontext.h
> index d485232f1e9f..47dae8150520 100644
> --- a/arch/x86/include/uapi/asm/sigcontext.h
> +++ b/arch/x86/include/uapi/asm/sigcontext.h
> @@ -341,6 +341,25 @@ struct sigcontext {
> __u64 rip;
> __u64 eflags; /* RFLAGS */
> __u16 cs;
> +
> + /*
> + * Prior to 2.5.64 ("[PATCH] x86-64 updates for 2.5.64-bk3"),
> + * Linux saved and restored fs and gs in these slots. This
> + * was counterproductive, as fsbase and gsbase were never
> + * saved, so arch_prctl was presumably unreliable.
> + *
> + * If these slots are ever needed for any other purpose, there
> + * is some risk that very old 64-bit binaries could get
> + * confused. I doubt that many such binaries still work,
> + * though, since the same patch in 2.5.64 also removed the
> + * 64-bit set_thread_area syscall, so it appears that there is
> + * no TLS API beyond modify_ldt that works in both pre- and
> + * post-2.5.64 kernels.
> + *
> + * There is at least one additional concern if these slots are
> + * recycled for another purpose: some DOSEMU versions stash fs
> + * and gs in these slots manually.
> + */
> __u16 gs;
> __u16 fs;
So I think this comment should be a lot more assertive: it should state that due
to these old legacies that user-space learned to rely on the kernel must not touch
these fields. I.e. it is an ABI - no ifs and whens.
We should also rename them to __dosemu_gs_reserved/__dosemu_fs_reserved or so.
These are ABI legacies for DOSEMU, no need to pretend otherwise. There's very
little to be sorry about: ABI promises have consequences, we should codify that
here and move on. Also please document it precisely which syscall(s) expose this
ABI.
If we need more space for new, cleaner functionality we'll use other fields. (like
your later patches do.)
Thanks,
Ingo
next prev parent reply other threads:[~2016-02-16 7:42 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-16 2:38 [PATCH v4 0/4] x86: sigcontext fixes, again Andy Lutomirski
2016-02-16 2:38 ` [PATCH v4 1/4] x86/signal/64: Add a comment about sigcontext->fs and gs Andy Lutomirski
2016-02-16 7:42 ` Ingo Molnar [this message]
2016-02-16 14:50 ` Andy Lutomirski
2016-02-16 2:38 ` [PATCH v4 2/4] x86/signal/64: Fix SS if needed when delivering a 64-bit signal Andy Lutomirski
2016-02-16 2:38 ` [PATCH v4 3/4] x86/signal/64: Re-add support for SS in the 64-bit signal context Andy Lutomirski
2016-02-16 2:38 ` [PATCH v4 4/4] selftests/x86: Add tests for UC_SIGCONTEXT_SS and UC_STRICT_RESTORE_SS Andy Lutomirski
2016-02-16 10:23 ` [PATCH v4 0/4] x86: sigcontext fixes, again Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160216074230.GB19862@gmail.com \
--to=mingo@kernel.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=gorcunov@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=oleg@redhat.com \
--cc=stsp@list.ru \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.