From: Dave P Martin <Dave.Martin@arm.com>
To: Szabolcs Nagy <Szabolcs.Nagy@arm.com>
Cc: "linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>, nd <nd@arm.com>,
"Catalin Marinas" <Catalin.Marinas@arm.com>,
"Will Deacon" <Will.Deacon@arm.com>,
"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Richard Sandiford" <Richard.Sandiford@arm.com>,
"tokamoto@jp.fujitsu.com" <tokamoto@jp.fujitsu.com>,
"kvmarm@lists.cs.columbia.edu" <kvmarm@lists.cs.columbia.edu>,
"libc-alpha@sourceware.org" <libc-alpha@sourceware.org>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>
Subject: Re: [RFC PATCH v3 27/28] arm64: signal: Report signal frame size to userspace via auxv
Date: Wed, 11 Oct 2017 14:14:13 +0100 [thread overview]
Message-ID: <20171011131411.GU3602@e103592.cambridge.arm.com> (raw)
In-Reply-To: <59DDF017.7090203@arm.com>
On Wed, Oct 11, 2017 at 11:19:03AM +0100, Szabolcs Nagy wrote:
> On 10/10/17 19:38, Dave Martin wrote:
> > Stateful CPU architecture extensions may require the signal frame
> > to grow to a size that exceeds the arch's MINSIGSTKSZ #define.
> > However, changing this #define is an ABI break.
> >
> > To allow userspace the option of determining the signal frame size
> > in a more forwards-compatible way, this patch adds a new auxv entry
> > tagged with AT_MINSIGSTKSZ, which provides the maximum signal frame
> > size that the process can observe during its lifetime.
> >
> > If AT_MINSIGSTKSZ is absent from the aux vector, the caller can
> > assume that the MINSIGSTKSZ #define is sufficient. This allows for
> > a consistent interface with older kernels that do not provide
> > AT_MINSIGSTKSZ.
> >
>
> the posix sigaltstack api shall fail with ENOMEM
> if smaller than MINSIGSTKSZ stack size is used.
>
> so it is important to note somewhere if AT_MINSIGSTKSZ
> is intended to be always >= MINSIGSTKSZ define (which
> is rounded up to 5k) or it may be smaller as it provides
> the precise value of the largest signal frame.
>
> (i think it makes sense for it to be a precise value,
> but then users should do the >= check before calling
> the sigaltstack api, so they should be aware of this
> issue)
This is a good point, and one that I don't have an answer for yet.
POSIX[1] says that sigaltstack() _shall_ return EPERM if ss_size
< MINSIGSTKSZ.
I don't know the full rationale behind this.
The ENOMEM return here doesn't guarantee that signal delivery will
definitely fail or compromise safety when ss_size or less of stack is
available.
A 0 return doesn't guarantee that signal delivery on the registered
alternate stack will succeed or be safe.
So while the ENOMEM return has some sanity-check value, it's very
limited in its usefulness.
I currently saw no good reason to misrepresent the true signal frame
size in AT_MINSIGSTKSZ, so it is currently a precise value that can be
< MINSIGSTKSZ (and is, in the default case).
In an ideal world, my preference would be to relax the check in
sigaltstack() to check >= AT_MINSIGSTKSZ, but it is technically an ABI
break...
We _could_ paper over this by rounding up the AT_MINSIGSTKSZ value
reported by the kernel to be always >= MINSIGSTKSZ. This seems ugly,
but may be the most pragmatic option.
Thoughts?
Cheers
---Dave
[1] SUSv7 / IEEE Std 1003.1-2008 (2016): sigaltstack
http://pubs.opengroup.org/onlinepubs/9699919799/functions/sigaltstack.html
next prev parent reply other threads:[~2017-10-11 13:14 UTC|newest]
Thread overview: 155+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-10 18:38 [PATCH v3 00/28] ARM Scalable Vector Extension (SVE) Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 01/28] regset: Add support for dynamically sized regsets Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:14 ` Catalin Marinas
2017-10-11 14:45 ` Dave Martin
2017-10-11 14:45 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 02/28] arm64: KVM: Hide unsupported AArch64 CPU features from guests Dave Martin
2017-10-11 14:14 ` Catalin Marinas
2017-10-11 16:21 ` Marc Zyngier
2017-10-11 16:21 ` Marc Zyngier
2017-10-17 13:51 ` Christoffer Dall
2017-10-17 14:08 ` Marc Zyngier
2017-10-18 13:20 ` Christoffer Dall
2017-10-18 13:20 ` Christoffer Dall
2017-10-18 14:45 ` Dave Martin
2017-10-18 19:19 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 03/28] arm64: efi: Add missing Kconfig dependency on KERNEL_MODE_NEON Dave Martin
2017-10-11 14:16 ` Catalin Marinas
2017-10-11 14:35 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 04/28] arm64: Port deprecated instruction emulation to new sysctl interface Dave Martin
2017-10-11 14:17 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set, clear}_ti_thread_flag() Dave Martin
2017-10-10 18:38 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set,clear}_ti_thread_flag() Dave Martin
2017-10-11 14:19 ` [PATCH v3 05/28] arm64: fpsimd: Simplify uses of {set, clear}_ti_thread_flag() Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 06/28] arm64/sve: System register and exception syndrome definitions Dave Martin
2017-10-11 14:20 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 07/28] arm64/sve: Low-level SVE architectural state manipulation functions Dave Martin
2017-10-11 14:28 ` Catalin Marinas
2017-10-11 14:28 ` Catalin Marinas
2017-10-11 14:39 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 08/28] arm64/sve: Kconfig update and conditional compilation support Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:29 ` Catalin Marinas
2017-10-11 14:29 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 09/28] arm64/sve: Signal frame and context structure definition Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 14:29 ` Catalin Marinas
2017-10-11 14:29 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 10/28] arm64/sve: Low-level CPU setup Dave Martin
2017-10-11 14:30 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 11/28] arm64/sve: Core task context handling Dave Martin
2017-10-11 16:15 ` Catalin Marinas
2017-10-12 16:05 ` Dave Martin
2017-10-13 13:57 ` Catalin Marinas
2017-10-13 17:53 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 12/28] arm64/sve: Support vector length resetting for new processes Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:16 ` Catalin Marinas
2017-10-11 16:16 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 13/28] arm64/sve: Signal handling support Dave Martin
2017-10-11 16:40 ` Catalin Marinas
2017-10-12 16:11 ` Dave Martin
2017-10-13 11:17 ` Catalin Marinas
2017-10-13 11:17 ` Catalin Marinas
2017-10-13 14:26 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 14/28] arm64/sve: Backend logic for setting the vector length Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:43 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 15/28] arm64: cpufeature: Move sys_caps_initialised declarations Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:50 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 16/28] arm64/sve: Probe SVE capabilities and usable vector lengths Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:55 ` Catalin Marinas
2017-10-12 12:56 ` Suzuki K Poulose
2017-10-16 15:46 ` Dave Martin
2017-10-16 15:46 ` Dave Martin
2017-10-16 16:27 ` Suzuki K Poulose
2017-10-16 16:27 ` Suzuki K Poulose
2017-10-16 16:44 ` Dave Martin
2017-10-16 16:44 ` Dave Martin
2017-10-16 16:47 ` Suzuki K Poulose
2017-10-16 16:47 ` Suzuki K Poulose
2017-10-16 16:55 ` Dave Martin
2017-10-16 16:58 ` Suzuki K Poulose
2017-10-10 18:38 ` [PATCH v3 17/28] arm64/sve: Preserve SVE registers around kernel-mode NEON use Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 10:15 ` Catalin Marinas
2017-10-12 10:15 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 18/28] arm64/sve: Preserve SVE registers around EFI runtime service calls Dave Martin
2017-10-12 10:57 ` Catalin Marinas
2017-10-12 10:57 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 19/28] arm64/sve: ptrace and ELF coredump support Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:06 ` Catalin Marinas
2017-10-13 16:16 ` Dave Martin
2017-10-13 16:16 ` Dave Martin
2017-10-18 10:32 ` Catalin Marinas
2017-10-18 16:02 ` Dave Martin
2017-10-10 18:38 ` [PATCH v3 20/28] arm64/sve: Add prctl controls for userspace vector length management Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:11 ` Catalin Marinas
2017-10-12 17:11 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 21/28] arm64/sve: Add sysctl to set the default vector length for new processes Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-12 17:11 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 22/28] arm64/sve: KVM: Prevent guests from using SVE Dave Martin
2017-10-11 16:28 ` Marc Zyngier
2017-10-12 11:04 ` Dave Martin
2017-10-12 11:28 ` Marc Zyngier
2017-10-13 14:15 ` Dave Martin
2017-10-13 14:21 ` Marc Zyngier
2017-10-13 16:47 ` Dave Martin
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 11:50 ` Christoffer Dall
2017-10-17 11:50 ` Christoffer Dall
2017-10-17 14:31 ` Dave Martin
2017-10-17 14:31 ` Dave Martin
2017-10-18 13:23 ` Christoffer Dall
2017-10-18 13:23 ` Christoffer Dall
2017-10-18 15:00 ` Dave Martin
2017-10-18 15:00 ` Dave Martin
2017-10-18 19:22 ` Christoffer Dall
2017-10-18 19:22 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 23/28] arm64/sve: KVM: Treat guest SVE use as undefined instruction execution Dave Martin
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 13:58 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 24/28] arm64/sve: KVM: Hide SVE from CPU features exposed to guests Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 16:31 ` Marc Zyngier
2017-10-12 17:13 ` Catalin Marinas
2017-10-17 13:58 ` Christoffer Dall
2017-10-17 13:58 ` Christoffer Dall
2017-10-17 14:07 ` Dave Martin
2017-10-17 14:29 ` Marc Zyngier
2017-10-17 14:29 ` Marc Zyngier
2017-10-17 15:47 ` Dave Martin
2017-10-18 13:21 ` Christoffer Dall
2017-10-18 13:21 ` Christoffer Dall
2017-10-18 15:01 ` Dave Martin
2017-10-18 15:01 ` Dave Martin
2017-10-18 16:49 ` Christoffer Dall
2017-10-18 16:49 ` Christoffer Dall
2017-10-10 18:38 ` [PATCH v3 25/28] arm64/sve: Detect SVE and activate runtime support Dave Martin
2017-10-11 17:11 ` Suzuki K Poulose
2017-10-12 17:14 ` Catalin Marinas
2017-10-12 17:14 ` Catalin Marinas
2017-10-10 18:38 ` [PATCH v3 26/28] arm64/sve: Add documentation Dave Martin
2017-10-10 18:38 ` Dave Martin
2017-10-11 9:50 ` Szabolcs Nagy
[not found] ` <59DDE958.4080605-5wv7dgnIgG8@public.gmane.org>
2017-10-11 11:08 ` Dave Martin
2017-10-11 11:08 ` Dave Martin
[not found] ` <20171011110811.GB19485-M5GwZQ6tE7x5pKCnmE3YQBJ8xKzm50AiAL8bYrjMMd8@public.gmane.org>
2017-10-11 11:30 ` Szabolcs Nagy
2017-10-11 11:30 ` Szabolcs Nagy
2017-10-13 14:24 ` Catalin Marinas
2017-10-13 17:17 ` Dave Martin
[not found] ` <20171013171758.GO19485-M5GwZQ6tE7x5pKCnmE3YQBJ8xKzm50AiAL8bYrjMMd8@public.gmane.org>
2017-10-18 9:32 ` Catalin Marinas
2017-10-18 9:32 ` Catalin Marinas
[not found] ` <20171013142421.j32jzisukewxtosx-+1aNUgJU5qkijLcmloz0ER/iLCjYCKR+VpNB7YpNyf8@public.gmane.org>
2017-10-13 17:35 ` Dave Martin
2017-10-13 17:35 ` Dave Martin
2017-10-10 18:38 ` [RFC PATCH v3 27/28] arm64: signal: Report signal frame size to userspace via auxv Dave Martin
2017-10-11 10:19 ` Szabolcs Nagy
2017-10-11 13:14 ` Dave P Martin [this message]
2017-10-10 18:38 ` [RFC PATCH v3 28/28] arm64/sve: signal: Include SVE when computing AT_MINSIGSTKSZ Dave Martin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171011131411.GU3602@e103592.cambridge.arm.com \
--to=dave.martin@arm.com \
--cc=Catalin.Marinas@arm.com \
--cc=Richard.Sandiford@arm.com \
--cc=Szabolcs.Nagy@arm.com \
--cc=Will.Deacon@arm.com \
--cc=alex.bennee@linaro.org \
--cc=ard.biesheuvel@linaro.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=libc-alpha@sourceware.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=nd@arm.com \
--cc=tokamoto@jp.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).