From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61FD2C5519F for ; Sat, 14 Nov 2020 13:55:28 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 09E1A22252 for ; Sat, 14 Nov 2020 13:55:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="jfdBykSS" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 09E1A22252 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=xmission.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:MIME-Version:Message-ID:In-Reply-To:Date: References:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ZLvm8ZXt9hYIkjquikiwGlcieq3UIi2jVkEa1Gm5XEc=; b=jfdBykSSOGGJs60/asG2VTpQf sE7vyhRmo85pNfhWYpjw3dH3EyviGQCHw+rcnJCoYumcnFYgi5KbWE8XTgylJoLERI4Gan7ujGn7r F2vtbYi65tTfv/6NXqXX0ZPdnA8kuB5vnhcUFynHvTOd2YI1LTjBo8c5EOsSQtIjMOSn6RfxRWEeK kbg87wy2I6q3C9f63sjIbkxIDlIRpdqW1DIZgrO99Cle3K0ZiDCWPsrC6Py6GdNBd8KajR7lECJAl cNVTb0TSfSasZhFmPJFe/gLzpqlMz9m3bBjTzd1r9yeaTDdksgfFxn/u88KeojuBsQAdDWHXnqt7e OUwe5TtMw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kdw0J-0000Ro-AY; Sat, 14 Nov 2020 13:54:11 +0000 Received: from out03.mta.xmission.com ([166.70.13.233]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kdw0E-0000HU-N8 for linux-arm-kernel@lists.infradead.org; Sat, 14 Nov 2020 13:54:07 +0000 Received: from in01.mta.xmission.com ([166.70.13.51]) by out03.mta.xmission.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1kdvzq-00BdDW-Pe; Sat, 14 Nov 2020 06:53:42 -0700 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1kdvzq-0001Zp-0u; Sat, 14 Nov 2020 06:53:42 -0700 From: ebiederm@xmission.com (Eric W. Biederman) To: Peter Collingbourne References: <3581410892be6851d804bbbb84fccf06073f1262.1605235762.git.pcc@google.com> Date: Sat, 14 Nov 2020 07:53:28 -0600 In-Reply-To: <3581410892be6851d804bbbb84fccf06073f1262.1605235762.git.pcc@google.com> (Peter Collingbourne's message of "Thu, 12 Nov 2020 18:53:35 -0800") Message-ID: <878sb4nixz.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-XM-SPF: eid=1kdvzq-0001Zp-0u; ; ; mid=<878sb4nixz.fsf@x220.int.ebiederm.org>; ; ; hst=in01.mta.xmission.com; ; ; ip=68.227.160.95; ; ; frm=ebiederm@xmission.com; ; ; spf=neutral X-XM-AID: U2FsdGVkX1/FYdJI0tFmQTLSF0nxOUdOl1juCDlK/nA= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com Subject: Re: [PATCH v16 5/6] signal: define the SA_UNSUPPORTED bit in sa_flags X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201114_085406_798940_68364B0A X-CRM114-Status: GOOD ( 26.94 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Catalin Marinas , Helge Deller , Kevin Brodsky , Oleg Nesterov , linux-api@vger.kernel.org, "James E.J. Bottomley" , Kostya Serebryany , Linux ARM , Andrey Konovalov , David Spickett , Vincenzo Frascino , Will Deacon , Dave Martin , Evgenii Stepanov Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Peter Collingbourne writes: > Define a sa_flags bit, SA_UNSUPPORTED, which will never be supported > in the uapi. The purpose of this flag bit is to allow userspace to > distinguish an old kernel that does not clear unknown sa_flags bits > from a kernel that supports every flag bit. > > In other words, if userspace does something like: > > act.sa_flags |= SA_UNSUPPORTED; > sigaction(SIGSEGV, &act, 0); > sigaction(SIGSEGV, 0, &oldact); > > and finds that SA_UNSUPPORTED remains set in oldact.sa_flags, it means > that the kernel cannot be trusted to have cleared unknown flag bits > from sa_flags, so no assumptions about flag bit support can be made. > > Signed-off-by: Peter Collingbourne > Reviewed-by: Dave Martin > Link: https://linux-review.googlesource.com/id/Ic2501ad150a3a79c1cf27fb8c99be342e9dffbcb > --- > v11: > - clarify the commit message > > include/uapi/asm-generic/signal-defs.h | 7 +++++++ > kernel/signal.c | 6 ++++++ > 2 files changed, 13 insertions(+) > > diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h > index 493953fe319b..0126ebda4d31 100644 > --- a/include/uapi/asm-generic/signal-defs.h > +++ b/include/uapi/asm-generic/signal-defs.h > @@ -14,6 +14,12 @@ > * SA_RESTART flag to get restarting signals (which were the default long ago) > * SA_NODEFER prevents the current signal from being masked in the handler. > * SA_RESETHAND clears the handler when the signal is delivered. > + * SA_UNSUPPORTED is a flag bit that will never be supported. Kernels from > + * before the introduction of SA_UNSUPPORTED did not clear unknown bits from > + * sa_flags when read using the oldact argument to sigaction and rt_sigaction, > + * so this bit allows flag bit support to be detected from userspace while > + * allowing an old kernel to be distinguished from a kernel that supports every > + * flag bit. > * > * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single > * Unix names RESETHAND and NODEFER respectively. > @@ -42,6 +48,7 @@ > #ifndef SA_RESETHAND > #define SA_RESETHAND 0x80000000 > #endif > +#define SA_UNSUPPORTED 0x00000400 Why this value and why not in numerical order with the other flags? At the very least not being in order with the other bits makes it a little easier to overlook it and define something at that position. Eric > #define SA_NOMASK SA_NODEFER > #define SA_ONESHOT SA_RESETHAND > diff --git a/kernel/signal.c b/kernel/signal.c > index 8f5bd12ee41b..8f34819e80de 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -3985,6 +3985,12 @@ int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact) > if (oact) > *oact = *k; > > + /* > + * Make sure that we never accidentally claim to support SA_UNSUPPORTED, > + * e.g. by having an architecture use the bit in their uapi. > + */ > + BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED); > + > /* > * Clear unknown flag bits in order to allow userspace to detect missing > * support for flag bits and to allow the kernel to use non-uapi bits _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel