From patchwork Fri Nov 20 20:33:45 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Collingbourne <pcc@google.com>
X-Patchwork-Id: 11922213
Return-Path: 
 <SRS0=Tevr=E2=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-21.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_ADSP_CUSTOM_MED,DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,
	SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 804BFC64E7A
	for <linux-arm-kernel@archiver.kernel.org>;
 Fri, 20 Nov 2020 20:34:38 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 130CE22D0A
	for <linux-arm-kernel@archiver.kernel.org>;
 Fri, 20 Nov 2020 20:34:38 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="rrnDpgUO";
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=google.com header.i=@google.com header.b="pJvXQOou"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 130CE22D0A
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:To:From:Subject:Mime-Version:Message-Id:Date:
	Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender
	:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner;
	bh=JN9sIsUIqws2WFuK8CR2JX57p+BoVZbJ6WGeXgwXaBI=; b=rrnDpgUOVEnwIQamMRPKRQozFc
	mW2AgjMdjYsQNlXKsNbuk/j/2h95l8LnRC5UXLyeCOMnj09dRlqHzA2oUNBORmwwvgHZC33qY8gah
	BtNU1dEJHrjugmC2fyt2TFN9iT+rRcl4cdABHISMI2XEO78GVXBH05aLHZFq0oq+RSf2gUIVK0xla
	C3Qly8J2DKa9o5bX366ui9iAmSh4jJ+bDBRtaLxLgGb+261oRu/JAiljUzd0cRrWD3Yhp1zSdxsGT
	oyRxVwliLDYDHYkdyB55qo2/qGrh6WYsa0S/IyDkeaW0ilJu+YTKVpfSWdnQ1o288wg4mrwROL8tJ
	tErazVhw==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1kgD6d-0002ht-RG; Fri, 20 Nov 2020 20:34:07 +0000
Received: from mail-pg1-x54a.google.com ([2607:f8b0:4864:20::54a])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1kgD6a-0002gX-IH
 for linux-arm-kernel@lists.infradead.org; Fri, 20 Nov 2020 20:34:05 +0000
Received: by mail-pg1-x54a.google.com with SMTP id g3so6997132pgj.20
 for <linux-arm-kernel@lists.infradead.org>;
 Fri, 20 Nov 2020 12:34:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=20161025;
 h=sender:date:message-id:mime-version:subject:from:to:cc;
 bh=HUyQwqda+W6FCUadbLHRIIKbkgk8bVAoQNFKxp4rBE8=;
 b=pJvXQOouCDYvrXgHCoJoq8yazaUcMG44tmjXqJbhdkFCUJfDOKDDMAelAV115b5BCP
 vbW+2ILhPUYvEIjFp1NTtu+AvdwttlZZcKsOaP/Fx73Ym/oC2UuM1p5tz0QVVYpI3Nup
 UY/u0BzsB+fPkER5Wt6cAVfofdZJMifgl0quzKBiAqPeBQtpPCDB3YSCcCLeNNwj5wDz
 x3ODyXspnhTyO0FZ0AC2xEmiuaQGBijfc3eTUVwXgCzXzs9AI/Z7wnubELX8Z7p5QkBa
 OfcoQZbLAG0h8JIvfohEOZRTXcabe40rYWJ270R5eXWHOdFUo7CHjR/2q6oY6jE7c7w7
 1B4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:date:message-id:mime-version:subject:from
 :to:cc;
 bh=HUyQwqda+W6FCUadbLHRIIKbkgk8bVAoQNFKxp4rBE8=;
 b=inRP/yjUpYZaMT3BWpmLfQes6LteU/kDdk8BdUQ60DIhCsb9zDID3jzTg9yyWzJqcO
 wH90KVSmBJHI5nhFNZW21lnCoMZ7+IbTnMk5r7PCUKQd5J8mGNWGuJafBOrce+yrP3Mr
 FibEMyuJNC3R364R1gB1+dD6nCb9tMmdtDJqdeqt5FfuTAcAPg+OdKdLWDk8q/4Okn2B
 Mr7Zwp7aeDIyZzrZc4QXPyEFXWXKLUWQ5erFLP9nCcygAH9DuihRnJcqZnvyplYiRF8c
 NwHrntLSeakIpJElvtemOij4Wrhmjf25pXrc4T+WcBiz6lVO771itf0M+F4DbxUwhxrR
 8AHw==
X-Gm-Message-State: AOAM531qfSQCKaOSiIT+itw6NNngtTGdIb3gXSqxDWTrlQiRax/7+71t
 5tfSzDYPx4sTocNCYi5edHAuArA=
X-Google-Smtp-Source: 
 ABdhPJw2M8qy6cVWBnbZzy673Gcd3QvhsRS3BGBI/+JkVE7xj6Th3BE4Z+//vmqOelsGAF5xsXNsuMw=
X-Received: from pcc-desktop.svl.corp.google.com
 ([2620:15c:2ce:0:7220:84ff:fe09:385a])
 (user=pcc job=sendgmr) by 2002:a05:6a00:794:b029:197:e418:ac4d with SMTP id
 g20-20020a056a000794b0290197e418ac4dmr1543533pfu.47.1605904440203; Fri, 20
 Nov 2020 12:34:00 -0800 (PST)
Date: Fri, 20 Nov 2020 12:33:45 -0800
Message-Id: 
 <13cf24d00ebdd8e1f55caf1821c7c29d54100191.1605904350.git.pcc@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog
Subject: [PATCH v21 1/2] signal: define the SA_EXPOSE_TAGBITS bit in sa_flags
From: Peter Collingbourne <pcc@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
 Evgenii Stepanov <eugenis@google.com>, Kostya Serebryany <kcc@google.com>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>,
 Dave Martin <Dave.Martin@arm.com>, Will Deacon <will@kernel.org>,
 Oleg Nesterov <oleg@redhat.com>,
 "Eric W. Biederman" <ebiederm@xmission.com>,
 "James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20201120_153404_641420_7D2F00AD 
X-CRM114-Status: GOOD (  21.43  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: Andrey Konovalov <andreyknvl@google.com>, Helge Deller <deller@gmx.de>,
 Kevin Brodsky <kevin.brodsky@arm.com>, linux-api@vger.kernel.org,
 David Spickett <david.spickett@linaro.org>,
 Peter Collingbourne <pcc@google.com>,
 Linux ARM <linux-arm-kernel@lists.infradead.org>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Architectures that support address tagging, such as arm64, may want to
expose fault address tag bits to the signal handler to help diagnose
memory errors. However, these bits have not been previously set,
and their presence may confuse unaware user applications. Therefore,
introduce a SA_EXPOSE_TAGBITS flag bit in sa_flags that a signal
handler may use to explicitly request that the bits are set.

The generic signal handler APIs expect to receive tagged addresses.
Architectures may specify how to untag addresses in the case where
SA_EXPOSE_TAGBITS is clear by defining the arch_untagged_si_addr
function.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Link: https://linux-review.googlesource.com/id/I16dd0ed2081f091fce97be0190cb8caa874c26cb
---
To be applied on top of:
https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11

 include/linux/signal.h                 | 14 ++++++++++++++
 include/linux/signal_types.h           |  2 +-
 include/uapi/asm-generic/signal-defs.h |  3 +++
 kernel/signal.c                        | 24 ++++++++++++++++++++++++
 4 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/include/linux/signal.h b/include/linux/signal.h
index b256f9c65661..205526c4003a 100644
--- a/include/linux/signal.h
+++ b/include/linux/signal.h
@@ -469,4 +469,18 @@ struct seq_file;
 extern void render_sigset_t(struct seq_file *, const char *, sigset_t *);
 #endif
 
+#ifndef arch_untagged_si_addr
+/*
+ * Given a fault address and a signal and si_code which correspond to the
+ * _sigfault union member, returns the address that must appear in si_addr if
+ * the signal handler does not have SA_EXPOSE_TAGBITS enabled in sa_flags.
+ */
+static inline void __user *arch_untagged_si_addr(void __user *addr,
+						 unsigned long sig,
+						 unsigned long si_code)
+{
+	return addr;
+}
+#endif
+
 #endif /* _LINUX_SIGNAL_H */
diff --git a/include/linux/signal_types.h b/include/linux/signal_types.h
index a7887ad84d36..68e06c75c5b2 100644
--- a/include/linux/signal_types.h
+++ b/include/linux/signal_types.h
@@ -78,6 +78,6 @@ struct ksignal {
 
 #define UAPI_SA_FLAGS                                                          \
 	(SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_ONSTACK | SA_RESTART |  \
-	 SA_NODEFER | SA_RESETHAND | __ARCH_UAPI_SA_FLAGS)
+	 SA_NODEFER | SA_RESETHAND | SA_EXPOSE_TAGBITS | __ARCH_UAPI_SA_FLAGS)
 
 #endif /* _LINUX_SIGNAL_TYPES_H */
diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h
index c790f67304ba..fe929e7b77ca 100644
--- a/include/uapi/asm-generic/signal-defs.h
+++ b/include/uapi/asm-generic/signal-defs.h
@@ -20,6 +20,8 @@
  * so this bit allows flag bit support to be detected from userspace while
  * allowing an old kernel to be distinguished from a kernel that supports every
  * flag bit.
+ * SA_EXPOSE_TAGBITS exposes an architecture-defined set of tag bits in
+ * siginfo.si_addr.
  *
  * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single
  * Unix names RESETHAND and NODEFER respectively.
@@ -41,6 +43,7 @@
 /* 0x00000100 used on sparc */
 /* 0x00000200 used on sparc */
 #define SA_UNSUPPORTED	0x00000400
+#define SA_EXPOSE_TAGBITS	0x00000800
 /* 0x00010000 used on mips */
 /* 0x01000000 used on x86 */
 /* 0x02000000 used on x86 */
diff --git a/kernel/signal.c b/kernel/signal.c
index 8f34819e80de..26018c59821d 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -2524,6 +2524,26 @@ static int ptrace_signal(int signr, kernel_siginfo_t *info)
 	return signr;
 }
 
+static void hide_si_addr_tag_bits(struct ksignal *ksig)
+{
+	switch (siginfo_layout(ksig->sig, ksig->info.si_code)) {
+	case SIL_FAULT:
+	case SIL_FAULT_MCEERR:
+	case SIL_FAULT_BNDERR:
+	case SIL_FAULT_PKUERR:
+		ksig->info.si_addr = arch_untagged_si_addr(
+			ksig->info.si_addr, ksig->sig, ksig->info.si_code);
+		break;
+	case SIL_KILL:
+	case SIL_TIMER:
+	case SIL_POLL:
+	case SIL_CHLD:
+	case SIL_RT:
+	case SIL_SYS:
+		break;
+	}
+}
+
 bool get_signal(struct ksignal *ksig)
 {
 	struct sighand_struct *sighand = current->sighand;
@@ -2761,6 +2781,10 @@ bool get_signal(struct ksignal *ksig)
 	spin_unlock_irq(&sighand->siglock);
 
 	ksig->sig = signr;
+
+	if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS))
+		hide_si_addr_tag_bits(ksig);
+
 	return ksig->sig > 0;
 }