[v17,0/3] arm64: expose FAR_EL1 tag bits in siginfo

Message ID	cover.1605582887.git.pcc@google.com (mailing list archive)
Headers	show Return-Path: <SRS0=B93A=EX=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DF63C24694 Date: Mon, 16 Nov 2020 19:17:23 -0800 Message-Id: <cover.1605582887.git.pcc@google.com> Mime-Version: 1.0 Subject: [PATCH v17 0/3] arm64: expose FAR_EL1 tag bits in siginfo From: Peter Collingbourne <pcc@google.com> To: Catalin Marinas <catalin.marinas@arm.com>, Evgenii Stepanov <eugenis@google.com>, Kostya Serebryany <kcc@google.com>, Vincenzo Frascino <vincenzo.frascino@arm.com>, Dave Martin <Dave.Martin@arm.com>, Will Deacon <will@kernel.org>, Oleg Nesterov <oleg@redhat.com>, "Eric W. Biederman" <ebiederm@xmission.com>, "James E.J. Bottomley" <James.Bottomley@hansenpartnership.com> Precedence: list Cc: Andrey Konovalov <andreyknvl@google.com>, Helge Deller <deller@gmx.de>, Kevin Brodsky <kevin.brodsky@arm.com>, linux-api@vger.kernel.org, David Spickett <david.spickett@linaro.org>, Peter Collingbourne <pcc@google.com>, Linux ARM <linux-arm-kernel@lists.infradead.org> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
Series	arm64: expose FAR_EL1 tag bits in siginfo \| expand [v17,0/3] arm64: expose FAR_EL1 tag bits in siginfo [v17,1/3] arch: provide better documentation for the arch-specific SA_* flags [v17,2/3] signal: define the SA_UNSUPPORTED bit in sa_flags [v17,3/3] arm64: expose FAR_EL1 tag bits in siginfo

Message ID

cover.1605582887.git.pcc@google.com (mailing list archive)

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DF63C24694
Date: Mon, 16 Nov 2020 19:17:23 -0800
Message-Id: <cover.1605582887.git.pcc@google.com>
Mime-Version: 1.0
Subject: [PATCH v17 0/3] arm64: expose FAR_EL1 tag bits in siginfo
From: Peter Collingbourne <pcc@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
 Evgenii Stepanov <eugenis@google.com>, Kostya Serebryany <kcc@google.com>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>,
 Dave Martin <Dave.Martin@arm.com>, Will Deacon <will@kernel.org>,
 Oleg Nesterov <oleg@redhat.com>,
 "Eric W. Biederman" <ebiederm@xmission.com>,
 "James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>
Precedence: list
Cc: Andrey Konovalov <andreyknvl@google.com>, Helge Deller <deller@gmx.de>,
 Kevin Brodsky <kevin.brodsky@arm.com>, linux-api@vger.kernel.org,
 David Spickett <david.spickett@linaro.org>,
 Peter Collingbourne <pcc@google.com>,
 Linux ARM <linux-arm-kernel@lists.infradead.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Series

arm64: expose FAR_EL1 tag bits in siginfo | expand

Message

Peter Collingbourne Nov. 17, 2020, 3:17 a.m. UTC

The kernel currently clears the tag bits (i.e. bits 56-63) in the fault
address exposed via siginfo.si_addr and sigcontext.fault_address. However,
the tag bits may be needed by tools in order to accurately diagnose
memory errors, such as HWASan [1] or future tools based on the Memory
Tagging Extension (MTE).

We should not stop clearing these bits in the existing fault address
fields, because there may be existing userspace applications that are
expecting the tag bits to be cleared. Instead, introduce a flag in
sigaction.sa_flags, SA_EXPOSE_TAGBITS, and only expose the tag bits
there if the signal handler has this flag set.

In order to allow userspace to determine whether SA_EXPOSE_TAGBITS
is supported, we first introduce a mechanism for userspace to detect
kernel support for SA_* flags.

These patches need to be applied on top of:
https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11

The series can be viewed on Gerrit here:
https://linux-review.googlesource.com/id/Ia8876bad8c798e0a32df7c2ce1256c4771c81446

[1] http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html

Peter Collingbourne (3):
  arch: provide better documentation for the arch-specific SA_* flags
  signal: define the SA_UNSUPPORTED bit in sa_flags
  arm64: expose FAR_EL1 tag bits in siginfo

 Documentation/arm64/tagged-pointers.rst | 25 ++++++---
 arch/arm64/include/asm/exception.h      |  2 +-
 arch/arm64/include/asm/signal.h         | 25 +++++++++
 arch/arm64/include/asm/system_misc.h    |  2 +-
 arch/arm64/include/asm/traps.h          |  6 +--
 arch/arm64/kernel/debug-monitors.c      |  5 +-
 arch/arm64/kernel/entry-common.c        |  2 -
 arch/arm64/kernel/ptrace.c              |  7 +--
 arch/arm64/kernel/sys_compat.c          |  5 +-
 arch/arm64/kernel/traps.c               | 29 ++++++-----
 arch/arm64/mm/fault.c                   | 68 ++++++++++++++-----------
 include/linux/signal.h                  | 14 +++++
 include/linux/signal_types.h            |  2 +-
 include/uapi/asm-generic/signal-defs.h  | 32 +++++++++---
 kernel/signal.c                         | 29 ++++++++---
 15 files changed, 168 insertions(+), 85 deletions(-)
 create mode 100644 arch/arm64/include/asm/signal.h

Comments

Eric W. Biederman Nov. 17, 2020, 6:16 p.m. UTC | #1

Peter Collingbourne <pcc@google.com> writes:

> The kernel currently clears the tag bits (i.e. bits 56-63) in the fault
> address exposed via siginfo.si_addr and sigcontext.fault_address. However,
> the tag bits may be needed by tools in order to accurately diagnose
> memory errors, such as HWASan [1] or future tools based on the Memory
> Tagging Extension (MTE).
>
> We should not stop clearing these bits in the existing fault address
> fields, because there may be existing userspace applications that are
> expecting the tag bits to be cleared. Instead, introduce a flag in
> sigaction.sa_flags, SA_EXPOSE_TAGBITS, and only expose the tag bits
> there if the signal handler has this flag set.
>
> In order to allow userspace to determine whether SA_EXPOSE_TAGBITS
> is supported, we first introduce a mechanism for userspace to detect
> kernel support for SA_* flags.
>
> These patches need to be applied on top of:
> https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11

The first two patches look good and I have applied them.

While I was at it I added Link tags to the LKML postings to the entire
series.  I don't think anyone has merged my branch into another so it
should still be safe.

Eric

Peter Collingbourne Nov. 17, 2020, 7:52 p.m. UTC | #2

On Tue, Nov 17, 2020 at 10:17 AM Eric W. Biederman
<ebiederm@xmission.com> wrote:
>
> Peter Collingbourne <pcc@google.com> writes:
>
> > The kernel currently clears the tag bits (i.e. bits 56-63) in the fault
> > address exposed via siginfo.si_addr and sigcontext.fault_address. However,
> > the tag bits may be needed by tools in order to accurately diagnose
> > memory errors, such as HWASan [1] or future tools based on the Memory
> > Tagging Extension (MTE).
> >
> > We should not stop clearing these bits in the existing fault address
> > fields, because there may be existing userspace applications that are
> > expecting the tag bits to be cleared. Instead, introduce a flag in
> > sigaction.sa_flags, SA_EXPOSE_TAGBITS, and only expose the tag bits
> > there if the signal handler has this flag set.
> >
> > In order to allow userspace to determine whether SA_EXPOSE_TAGBITS
> > is supported, we first introduce a mechanism for userspace to detect
> > kernel support for SA_* flags.
> >
> > These patches need to be applied on top of:
> > https://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git signal-for-v5.11
>
> The first two patches look good and I have applied them.
>
> While I was at it I added Link tags to the LKML postings to the entire
> series.  I don't think anyone has merged my branch into another so it
> should still be safe.

Thanks!

Peter