From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753728AbbI1Vz0 (ORCPT ); Mon, 28 Sep 2015 17:55:26 -0400 Received: from mail-db3on0084.outbound.protection.outlook.com ([157.55.234.84]:18832 "EHLO emea01-db3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753115AbbI1VzX (ORCPT ); Mon, 28 Sep 2015 17:55:23 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=cmetcalf@ezchip.com; Subject: Re: [PATCH v7 04/11] task_isolation: provide strict mode configurable signal To: Andy Lutomirski References: <1443453446-7827-1-git-send-email-cmetcalf@ezchip.com> <1443453446-7827-5-git-send-email-cmetcalf@ezchip.com> CC: Gilad Ben Yossef , Steven Rostedt , Ingo Molnar , Peter Zijlstra , Andrew Morton , Rik van Riel , Tejun Heo , Frederic Weisbecker , Thomas Gleixner , "Paul E. McKenney" , Christoph Lameter , Viresh Kumar , Catalin Marinas , Will Deacon , "linux-doc@vger.kernel.org" , Linux API , "linux-kernel@vger.kernel.org" From: Chris Metcalf Message-ID: <5609B733.90005@ezchip.com> Date: Mon, 28 Sep 2015 17:54:59 -0400 User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [12.216.194.146] X-ClientProxiedBy: CY1PR21CA0095.namprd21.prod.outlook.com (25.164.213.21) To HE1PR02MB0777.eurprd02.prod.outlook.com (25.161.118.141) X-Microsoft-Exchange-Diagnostics: 1;HE1PR02MB0777;2:j/4nNh+sBORNdH6e2UygJxrj9WV+w4N7LunH7l0eMi77dZdxiLNwVCCHdOXypB53c7CA+WRElO5myM/nbHd4bQ5Mh3OnQJDbiZDyjWjRx3YpExbxmfGdgF9MRhn0LPIEtPpkuRk6iVtGSpcmqUI1pgt4m9roLyk6Khdd8DqkO3Q=;3:d1fqWKbBQMDKhRA32FkHCSvazUjSwsOmPvboPueBiyXSiU8xg+f0HsPlVmeJs/j6l4PfhMYjTl8Yd4tNIgtCl2zL9RYDV9GC2KiKguCAGvmbA/Ta3k/FsWO8YGpuUA/z07WF/k+KDB/i0czhIfMDFg==;25:hvJHRxZ6Wvr0o7zV35atDqbWa/8ldzP/iBVG7p/PdjY0TTHJiwLkIsZHJmkQrafeAzW78QCs7w9AQk9nTa3Y0kPLBqmN8aD6lbTMA5rNonFAWBx9+ftsKBsx1I4XI7YPyWPEFxCIcTtUdIm6KA9co/AGONvTEc4SRvZcAGQXCTfslZXYQH1IKhcQT1oRSr/tr7g6yPNAwLzOaim/ngZ8s6ORvNDDgRYeK8gjwpcOyM2htKQPfibAZ3f7mCNEvCm8;20:ZhKNKrk21UMF6S1tf9j7IAiQxdEhpz3QXu3lxhn3SEnnegpmsbM8Ld+uB4VRBynGNqS+ETOjfahqj+dj5IX81V8O3zsjj3ECFLXyo+TA/SBExXeww0G8+mSGY0uvOF6Zx43zEaCGOrrpyVTfAspidw7r3gijoC3ZfCrJxL2qAGA= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR02MB0777; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(2401047)(5005006)(520078)(8121501046)(3002001);SRVR:HE1PR02MB0777;BCL:0;PCL:0;RULEID:;SRVR:HE1PR02MB0777; X-Microsoft-Exchange-Diagnostics: 1;HE1PR02MB0777;4:Y65I/ohd1pCv9iY5YZolXe7L3L6delOh8+fc0YmZMGPSgiHxt625SlE7npPGoxkVQMEmwxyU7nrv40lq6FrcyIgCqIBEQgaQOJUek7vQRqdKzNw8UQQXxuAPFEkrYaVSAixEGL2NdwCBYLFZTT0KocyVv5Q3XEy2Evc7M/HuSBX+2fNPEjSdESm/i8Tg+Www/A/+7ahWleuSm/iTIuMUPWMB3AVBPk058Db6wmZo5ZzNsqL5ewfXIYXfhpFPggJ2Kkc/uyzyzv64R9fPZ9pALthSLQpnW2AcKLyR2LKUx6k1RluiFISAFU6nufwyOqsPpANPhu1WgPFxYfmemjKjrRLvdGVf/OgJiJ5qaWxk+lk= X-Forefront-PRVS: 0713BC207F X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(6049001)(189002)(199003)(24454002)(479174004)(377454003)(36756003)(33656002)(62966003)(81156007)(77096005)(65956001)(5001830100001)(65806001)(47776003)(23676002)(64706001)(4001540100001)(4001350100001)(5001860100001)(97736004)(66066001)(68736005)(64126003)(110136002)(83506001)(19580405001)(101416001)(5004730100002)(5007970100001)(19580395003)(42186005)(77156002)(5001920100001)(5001960100002)(65816999)(189998001)(87976001)(575784001)(54356999)(92566002)(15975445007)(105586002)(122386002)(46102003)(50986999)(40100003)(106356001)(2950100001)(86362001)(76176999)(50466002)(18886065003);DIR:OUT;SFP:1101;SCL:1;SRVR:HE1PR02MB0777;H:[10.7.0.41];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtIRTFQUjAyTUIwNzc3OzIzOlNJdDQwcGFWZmlYQzJzbUxEYnVCR0IxR0oz?= =?utf-8?B?Y3ZPTDg4UmI3b1NyejNSZmYybnJVdTNOdnpDbTdicVhCb2lHZHdOM1hUeVJL?= =?utf-8?B?OWNGaWdJWENFNjc5SFB4SDRSWmltTjNveENLdmY4c2xPdWg4cGM0eFZqWTgz?= =?utf-8?B?citTL3h2RmM5NGRFekw2dnU1QkpJMmFIU2xpeTZ2LzBORUsrREFhSkVWNlVI?= =?utf-8?B?bkhpZHpQNGFGRG5PQTNwdWJoaDhWZ3lyVXMvbklmVTh3ZlZ5VkNtZkFlaFZM?= =?utf-8?B?NlZkZFJxRDcydnAvWG9hTUphaE5HT3IxOXNCU2xFMzVhQXNiUUlQWU81OVY4?= =?utf-8?B?QzFqajV4bG1MT1dPZ0ZWK0NMT3YrQWhac1Q3d2tVakZoUFdkL2FEYklrQkZW?= =?utf-8?B?N3R5d2tJSnk5cWVJRzVma1hrTWFOdnl4Wjk0WXVNek1nNllZc3NqS2NXdmgr?= =?utf-8?B?dUxKdU1odG1TWnJEV0lNTm9kajJabjJEV1JTR3ErMUNUR1Y4WmM1S2lwVnJS?= =?utf-8?B?L0tOdWhyMm1OZFZQNk5YNEZkZUVaWEZjSmRuVEpTNVp3eFJlL29qTlJjUHZS?= =?utf-8?B?U0FMemtRYVAxa0YyaXh3SlJTSzNwU01NM2NGdDBUY0tkNmZqVGdNMzJKUDZ5?= =?utf-8?B?YUpvN2haMTVWdnlZNzZVSlAwbUt5c1dHSHhYZDVNUWF3Wnl0ak56Sy81dE9N?= =?utf-8?B?UUhicklGeG9TT0MxbU1WVUxiZ0xKWWRuc0JIMWhFRU5qMnpZZ0dzOU9HN2RV?= =?utf-8?B?K1VNOXpCZy9YbWcrbHgwN0h0UnprUWtWRWo3WmRZbU1ZQnNmMUc1ZVJvbmtK?= =?utf-8?B?cTVCcmRQaFRRZ0xhaVB5STY2THlkdEZUSmJqR3drQWs2amFLd1Noek1iM3B5?= =?utf-8?B?bFVpY0VFQ3k3STBETjh0Z0xWRnk1aHhyNkwyUWg1RUdnWmFEOW00VmlMbTBn?= =?utf-8?B?NUxFaFg2NmpRYzZWSWxDMWdkY3JJelN5TTk5UVNjVmNVcnRVVFlZUnhJVnNp?= =?utf-8?B?RmhGd3UzRGlTZUtxS1FYUSs5dHhvMmJZWXBWUk1CT1pNb2pQeEZHWVNkdWNX?= =?utf-8?B?TVJLaXlkRkhmRGQ1ci9wWWJWT2ZJV1BOd2VITlM1TE9VTUFyYXZOaG0vNGZ6?= =?utf-8?B?TlpOSEhPZE1Kck1aakRxUzZWN0dFYXBzY0xsUUhUb0UzSDVUb1RIdnl1eC9O?= =?utf-8?B?SWc1Tk1xTlVXc3RGMW9FY2pRcnlFZ29vUmdTSWh0djJCdTlBWTlxNVByQWJJ?= =?utf-8?B?VUxMRUpHZHpsTWxPSzg3ODlPMFZZN3d6TkVHUmtvUmNRZ2UyTy8vVTBlaDdH?= =?utf-8?B?dWdndlhtbUpHVFZXN0dVT0NZMWhyTitQTXM5RjFuUnloRDNNNFBCZUVhY3ZD?= =?utf-8?B?elAzM3l6MzR6VnFsQ3A1czJBTHlqb1pGdVllaTc1N3lXVGR6aU5rV2VmQzFh?= =?utf-8?B?MzRRdzVlQUdGejFHcWZMUFRSWTlqU0Uva3dKbE45d0RuekYrSUE5M2xPc0ZR?= =?utf-8?B?aE5LbWk1Q25aYWc4U1NRdXY4TlhqSXJ5aWNDbVZsNzhiWWgzUmVOZTUvSGtV?= =?utf-8?B?c2txMVFhU3hHR1ovdFZQQytxZ0l6anVQbkJOYTVGV3FyenZMUDRoYWZXdFl0?= =?utf-8?B?dGovTCs4Vmxocjl2OFh3d0swUW4wVnRHVlZoS1RFWEFQQ1BNZE1IaWROWmZx?= =?utf-8?B?M3ZIaU43dmpiS1dIU0U4RFRIM0RDQ0VRa0o1anpwVzBaTzFlbEJ5djZScHVN?= =?utf-8?B?cW1PMkRBa0Y3QzcwL2MzUU5sUVpyelR1YXdhQUhESzY1NTNGOWlEQVB2TFZ1?= =?utf-8?B?VTFNaVNPYWhpaGhvTGRxZm5Pb2FYRzZGTjRkTnZyYldGY1VRS0tCakNodGhD?= =?utf-8?B?blRwNVN2TXcrOUN5eC8vT2pLa29sNU5nc0JYeGxGcnVPODlJbjVGRU5pNGhG?= =?utf-8?Q?3eRggrBU/IfzQ0zoUAkSv81lXLRSzc=3D?= X-Microsoft-Exchange-Diagnostics: 1;HE1PR02MB0777;5:Tm10FT7keZaDC5vtydzKPqsaXaSflPbQ/nQ/GQoxSp2UbXxxdsIAm3bPJAlHjRdtS1Q6b+OHE8i6QFUpbxpQiBlwyQN4GnUSt/NXyGCnPYna8rXToJ+rhNU1adqPFBiKkY4OFW6RM1Eqd/ZqGqAGEg==;24:KE9BXt2TpJePsolr+N64PJVEO1wFt86kswK0lbA+xu+5uOazkGMxE0pQ3uepvfBZcAMZc1xqmU4kXMbZnQiXfBpSW8KT1fFhHSOLwH9QuQ0=;20:xhwEsmHzi0zSbgrsuBgP2ZxIOSVHQA3blvgUGRtRv2f/rJKOa9VHgNZ8jp4jXb6gvWrwgWGjWTmDaqR7FBIP4g== SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: ezchip.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Sep 2015 21:55:14.3625 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR02MB0777 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/28/2015 04:54 PM, Andy Lutomirski wrote: > On Mon, Sep 28, 2015 at 11:17 AM, Chris Metcalf wrote: >> Allow userspace to override the default SIGKILL delivered >> when a task_isolation process in STRICT mode does a syscall >> or otherwise synchronously enters the kernel. >> >> In addition to being able to set the signal, we now also >> pass whether or not the interruption was from a syscall in >> the si_code field of the siginfo. >> >> Signed-off-by: Chris Metcalf >> --- >> include/uapi/linux/prctl.h | 2 ++ >> kernel/isolation.c | 17 +++++++++++++---- >> 2 files changed, 15 insertions(+), 4 deletions(-) >> >> diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h >> index 2b8038b0d1e1..a5582ace987f 100644 >> --- a/include/uapi/linux/prctl.h >> +++ b/include/uapi/linux/prctl.h >> @@ -202,5 +202,7 @@ struct prctl_mm_map { >> #define PR_GET_TASK_ISOLATION 49 >> # define PR_TASK_ISOLATION_ENABLE (1 << 0) >> # define PR_TASK_ISOLATION_STRICT (1 << 1) >> +# define PR_TASK_ISOLATION_SET_SIG(sig) (((sig) & 0x7f) << 8) >> +# define PR_TASK_ISOLATION_GET_SIG(bits) (((bits) >> 8) & 0x7f) >> >> #endif /* _LINUX_PRCTL_H */ >> diff --git a/kernel/isolation.c b/kernel/isolation.c >> index 3779ba670472..44bafcd08bca 100644 >> --- a/kernel/isolation.c >> +++ b/kernel/isolation.c >> @@ -77,14 +77,23 @@ void task_isolation_enter(void) >> } >> } >> >> -static void kill_task_isolation_strict_task(void) >> +static void kill_task_isolation_strict_task(int is_syscall) >> { >> + siginfo_t info = {}; >> + int sig; >> + >> /* RCU should have been enabled prior to this point. */ >> RCU_LOCKDEP_WARN(!rcu_is_watching(), "kernel entry without RCU"); >> >> dump_stack(); >> current->task_isolation_flags &= ~PR_TASK_ISOLATION_ENABLE; >> - send_sig(SIGKILL, current, 1); >> + >> + sig = PR_TASK_ISOLATION_GET_SIG(current->task_isolation_flags); >> + if (sig == 0) >> + sig = SIGKILL; >> + info.si_signo = sig; >> + info.si_code = is_syscall; > I think this needs real SI_ defines. Yeah, it's a fair point, but of course SIGKILL has no SI_ defines at all right now. I'm tempted to suggest we just back out setting si_code altogether. It might be worth a one-line console message (a la show_signal_message()), and use that to pack in the extra information, instead of trying to fuss with the siginfo data. >> + send_sig_info(sig, &info, current); >> } >> >> /* >> @@ -103,7 +112,7 @@ void task_isolation_syscall(int syscall) >> >> pr_warn("%s/%d: task_isolation strict mode violated by syscall %d\n", >> current->comm, current->pid, syscall); >> - kill_task_isolation_strict_task(); >> + kill_task_isolation_strict_task(1); > No magic numbers please. I think mooted by the above, but, good point. -- Chris Metcalf, EZChip Semiconductor http://www.ezchip.com