From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=B93A=EX=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 70A5AC5519F
	for <linux-arm-kernel@archiver.kernel.org>; Tue, 17 Nov 2020 13:40:45 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id EDD1E20870
	for <linux-arm-kernel@archiver.kernel.org>; Tue, 17 Nov 2020 13:40:44 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="H96CHSpc"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EDD1E20870
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=xmission.com
Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:Subject:MIME-Version:Message-ID:In-Reply-To:Date:
	References:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=c64TIZjIL7aygbwcG9NR60T785jyJs0KoOdow8OJe+0=; b=H96CHSpcfW8Gr5PCmIUp50sf4
	CzZMOLO43Vdd+c+uQwiH2voHHtsPgEXcyH3rDD5Lh1SFblZDAfqcRO3qI47hlaG4CXupJQPRV/vWW
	Yvv5hSo+7kxGfdWGM9Ct+LAbF5qaVG7mESxViQ9snAxw914VjwsRWlDEQ6vwIEFqCuZZpmtcoEyTD
	sr5Xdeso7alE1VEAtUAw3EhMRhxUPmwez2gFONVPdJisZG+2t+tMUfGvvDxYWo1js75QkQVIiFeC1
	BgdnGmeRQh/LIokH8IlUhqX9UjEEcngCvLbCacjLZVrJglom9ajCKMGcnoRhugPCjapHNlaramsiO
	bebZJGBYA==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kf1DY-0005tM-5u; Tue, 17 Nov 2020 13:40:20 +0000
Received: from out02.mta.xmission.com ([166.70.13.232])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kf1DV-0005sN-Ei
 for linux-arm-kernel@lists.infradead.org; Tue, 17 Nov 2020 13:40:18 +0000
Received: from in02.mta.xmission.com ([166.70.13.52])
 by out02.mta.xmission.com with esmtps (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93)
 (envelope-from <ebiederm@xmission.com>)
 id 1kf1DC-00CvDA-Sp; Tue, 17 Nov 2020 06:39:59 -0700
Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]
 helo=x220.xmission.com)
 by in02.mta.xmission.com with esmtpsa (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93)
 (envelope-from <ebiederm@xmission.com>)
 id 1kf1DB-0040YB-Sv; Tue, 17 Nov 2020 06:39:58 -0700
From: ebiederm@xmission.com (Eric W. Biederman)
To: Peter Collingbourne <pcc@google.com>
References: <cover.1605582887.git.pcc@google.com>
 <f296f270d97a4fbf496e1015461566407d02152f.1605582887.git.pcc@google.com>
Date: Tue, 17 Nov 2020 07:39:40 -0600
In-Reply-To: <f296f270d97a4fbf496e1015461566407d02152f.1605582887.git.pcc@google.com>
 (Peter Collingbourne's message of "Mon, 16 Nov 2020 19:17:26 -0800")
Message-ID: <87mtzgcdb7.fsf@x220.int.ebiederm.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
X-XM-SPF: eid=1kf1DB-0040YB-Sv; ; ; mid=<87mtzgcdb7.fsf@x220.int.ebiederm.org>;
 ; ; hst=in02.mta.xmission.com; ; ; ip=68.227.160.95; ; ;
 frm=ebiederm@xmission.com; ; ; spf=neutral
X-XM-AID: U2FsdGVkX19RYv/up30pxTpXmr+tpWw1dePD/OE5kk0=
X-SA-Exim-Connect-IP: 68.227.160.95
X-SA-Exim-Mail-From: ebiederm@xmission.com
Subject: Re: [PATCH v17 3/3] arm64: expose FAR_EL1 tag bits in siginfo
X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20201117_084017_510509_E4D8A0D1 
X-CRM114-Status: GOOD (  16.04  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>, 
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Catalin Marinas <catalin.marinas@arm.com>, Helge Deller <deller@gmx.de>,
 Kevin Brodsky <kevin.brodsky@arm.com>, Oleg Nesterov <oleg@redhat.com>,
 linux-api@vger.kernel.org,
 "James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>,
 Kostya Serebryany <kcc@google.com>,
 Linux ARM <linux-arm-kernel@lists.infradead.org>,
 Andrey Konovalov <andreyknvl@google.com>,
 David Spickett <david.spickett@linaro.org>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>, Will Deacon <will@kernel.org>,
 Dave Martin <Dave.Martin@arm.com>, Evgenii Stepanov <eugenis@google.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Peter Collingbourne <pcc@google.com> writes:

> diff --git a/kernel/signal.c b/kernel/signal.c
> index 8f34819e80de..16be62e6d341 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -1650,6 +1650,15 @@ void force_sigsegv(int sig)
>  	force_sig(SIGSEGV);
>  }
>  
> +static void __user *get_si_addr(void __user *addr, unsigned long sig,
> +				unsigned long si_code)
> +{
> +	if (current->sighand->action[sig - 1].sa.sa_flags & SA_EXPOSE_TAGBITS)
> +		return addr;

Apologies for not seeing this before but this part of the patch is
buggy.

It is using current->sighand->action when the destination task may not
be current.  send_sig_fault and send_sig_mcerr may somewhat legitimately
be used to send faults to other processes.

Now that I think about it there are interactions with
PTRACE_GETSIGINFO/PTRACE_SETSIGINFO.

Can we move the masking into get_signal after the ptrace handling?

That way everything in the core of the kernel deals with unmasked
si_addr values and we only mask the address just before sending it to
userspace?

Eric

> +	return arch_untagged_si_addr(addr, sig, si_code);
> +}
> +
>  int force_sig_fault_to_task(int sig, int code, void __user *addr
>  	___ARCH_SI_TRAPNO(int trapno)
>  	___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
> @@ -1661,7 +1670,7 @@ int force_sig_fault_to_task(int sig, int code, void __user *addr
>  	info.si_signo = sig;
>  	info.si_errno = 0;
>  	info.si_code  = code;
> -	info.si_addr  = addr;
> +	info.si_addr  = get_si_addr(addr, sig, code);
>  #ifdef __ARCH_SI_TRAPNO
>  	info.si_trapno = trapno;
>  #endif
> @@ -1693,7 +1702,7 @@ int send_sig_fault(int sig, int code, void __user *addr
>  	info.si_signo = sig;
>  	info.si_errno = 0;
>  	info.si_code  = code;
> -	info.si_addr  = addr;
> +	info.si_addr  = get_si_addr(addr, sig, code);
>  #ifdef __ARCH_SI_TRAPNO
>  	info.si_trapno = trapno;
>  #endif
> @@ -1714,7 +1723,7 @@ int force_sig_mceerr(int code, void __user *addr, short lsb)
>  	info.si_signo = SIGBUS;
>  	info.si_errno = 0;
>  	info.si_code = code;
> -	info.si_addr = addr;
> +	info.si_addr = get_si_addr(addr, SIGBUS, code);
>  	info.si_addr_lsb = lsb;
>  	return force_sig_info(&info);
>  }
> @@ -1728,7 +1737,7 @@ int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *
>  	info.si_signo = SIGBUS;
>  	info.si_errno = 0;
>  	info.si_code = code;
> -	info.si_addr = addr;
> +	info.si_addr = get_si_addr(addr, SIGBUS, code);
>  	info.si_addr_lsb = lsb;
>  	return send_sig_info(info.si_signo, &info, t);
>  }
> @@ -1742,7 +1751,7 @@ int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
>  	info.si_signo = SIGSEGV;
>  	info.si_errno = 0;
>  	info.si_code  = SEGV_BNDERR;
> -	info.si_addr  = addr;
> +	info.si_addr  = get_si_addr(addr, SIGSEGV, SEGV_BNDERR);
>  	info.si_lower = lower;
>  	info.si_upper = upper;
>  	return force_sig_info(&info);
> @@ -1757,7 +1766,7 @@ int force_sig_pkuerr(void __user *addr, u32 pkey)
>  	info.si_signo = SIGSEGV;
>  	info.si_errno = 0;
>  	info.si_code  = SEGV_PKUERR;
> -	info.si_addr  = addr;
> +	info.si_addr  = get_si_addr(addr, SIGSEGV, SEGV_PKUERR);
>  	info.si_pkey  = pkey;
>  	return force_sig_info(&info);
>  }
> @@ -1774,7 +1783,7 @@ int force_sig_ptrace_errno_trap(int errno, void __user *addr)
>  	info.si_signo = SIGTRAP;
>  	info.si_errno = errno;
>  	info.si_code  = TRAP_HWBKPT;
> -	info.si_addr  = addr;
> +	info.si_addr  = get_si_addr(addr, SIGTRAP, TRAP_HWBKPT);
>  	return force_sig_info(&info);
>  }

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel