From patchwork Tue Aug 18 03:33:49 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Collingbourne <pcc@google.com>
X-Patchwork-Id: 11719785
Return-Path: 
 <SRS0=oQfD=B4=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D0CA31744
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Tue, 18 Aug 2020 03:35:59 +0000 (UTC)
Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id AB4622053B
	for <patchwork-linux-arm@patchwork.kernel.org>;
 Tue, 18 Aug 2020 03:35:59 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=lists.infradead.org
 header.i=@lists.infradead.org header.b="0vOPdsHN";
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=google.com header.i=@google.com header.b="pqd8wYji"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AB4622053B
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org;
 spf=none
 smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding:
	Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive:
	List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id:
	In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	 bh=125gKwDlsjZRu9cNp4HGTElBPTjdRIg1zdFRhL9EESo=; b=0vOPdsHNJHzYDsinBtVi2ap0S
	J22DyhVBIvGYRtmQLy1PHK+U2mwg/014E3/JcqLF4YDpk1PbsMVGr4X8vcubRt+WXU2WyVRpECj3C
	SQDDgiMORlhEz9US55CRqwpeAwYM1uC/OQRm6gcs8VcYvHjXZC5I7Aw69NEp5L/q3yL7EZesJwGTg
	5TBS8BqHmc9P2Vc51bWzEsG0y4OmnwddV/mJzd7g7nD1gL3hjiRAgqMDYhIxbEs2E3lJ43y/qaBw9
	cwcEo1ByN9PCaCLIigwV7sfDTgiW4G4gq3EUcxAy4bAZ0QM9LYRsCHEvsZqRbM2IcEo0L3qY1s6pQ
	E5UCzXrsw==;
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux))
	id 1k7sOJ-0002W6-Kg; Tue, 18 Aug 2020 03:34:27 +0000
Received: from mail-yb1-xb49.google.com ([2607:f8b0:4864:20::b49])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1k7sO9-0002RS-Rw
 for linux-arm-kernel@lists.infradead.org; Tue, 18 Aug 2020 03:34:19 +0000
Received: by mail-yb1-xb49.google.com with SMTP id d26so20758876yba.20
 for <linux-arm-kernel@lists.infradead.org>;
 Mon, 17 Aug 2020 20:34:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=20161025;
 h=date:in-reply-to:message-id:mime-version:references:subject:from:to
 :cc; bh=C50/vuMgqcrA+1VnnzXbJiGS1cNeYwcSIDfO7/hcWOU=;
 b=pqd8wYjiXwYWoRIaID0SosAHj16lSJz/ifWBqNsr2xgMKXXHOVE7Ap/UWvfXQniwA1
 0dtZDa3DobHBdB3i0hDSbaypKY4LELbRfjsd3dgmC9qNy8rcEH101KqlKS0T+f9e3gT0
 BE6FysjxV/pyjEhGnNjzxai6RJCVgjFAAGEMUcNJ3WU7zVFv2rmOfP6vKiZbNIafgICv
 17evJflcuKHCWtXG/8q/X/I6fnTExz7+a+EI3lzMjx7jDBoHS+Rvi0rs+DeFSqx6aQ6R
 aS/eMV/PYT6fnYm+azIra+Ra68MixB4XQyppLElhff46hy0xvn+wWBuGzcg8+O6wXRIl
 a9OQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:in-reply-to:message-id:mime-version
 :references:subject:from:to:cc;
 bh=C50/vuMgqcrA+1VnnzXbJiGS1cNeYwcSIDfO7/hcWOU=;
 b=auUMMTmi2HkjSJOVEZOiyuhY4IHCC6E9Ykx9rCltaWVb7w3k/Vr8Iv+tCNZf1scnvr
 RgrozC27Fn2WNIxGzpNmDfzvxC0Mp2O9epVXgu6eCatTChR/F7fMtGZmJ8hHe82EZMhD
 LnmROft6nGFY+gJhhVIpGt1Mk1sQYNUelohkmfHr6g6BJ6iXBT1EtFfitZGDqvj1Kfno
 hXl2pqw6N+5cYZ7aWXh5KsTZCHDK3atGA3bi6JmS536EKv+qfVoyzbGoUZ79iqvnJ75T
 mryaYe+hfvxj/BSSal9pRZ1SEjtxfw85nuZ+srlGeo/XCtoA0CeMzzSTL+GSihs+/aRQ
 xKhA==
X-Gm-Message-State: AOAM532szTR6NUpWKz8XM/9Ujtiw2I4eMOoMJNT9Z1YEQrXyTL5lDdSB
 9JUoE5deBBMrEuF3ZTBSkibOxDM=
X-Google-Smtp-Source: 
 ABdhPJxwQRwAMWNrUOuKqNkI5joprptUVjSLR1d42JMj7BJy46pPo5IKuHr0ukBzS7a6VQiFGT5HBso=
X-Received: by 2002:a25:400e:: with SMTP id
 n14mr26327126yba.420.1597721654941;
 Mon, 17 Aug 2020 20:34:14 -0700 (PDT)
Date: Mon, 17 Aug 2020 20:33:49 -0700
In-Reply-To: <cover.1597720138.git.pcc@google.com>
Message-Id: 
 <d93b503a926f45e752178bb61f451a426a558260.1597720138.git.pcc@google.com>
Mime-Version: 1.0
References: <cover.1597720138.git.pcc@google.com>
X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog
Subject: [PATCH v9 4/6] signal: define the SA_UNSUPPORTED bit in sa_flags
From: Peter Collingbourne <pcc@google.com>
To: Catalin Marinas <catalin.marinas@arm.com>,
 Evgenii Stepanov <eugenis@google.com>, Kostya Serebryany <kcc@google.com>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>,
 Dave Martin <Dave.Martin@arm.com>, Will Deacon <will@kernel.org>,
 Oleg Nesterov <oleg@redhat.com>,
 "Eric W. Biederman" <ebiederm@xmission.com>,
 "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20200817_233417_973327_21726C2E 
X-CRM114-Status: GOOD (  17.30  )
X-Spam-Score: -7.7 (-------)
X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary:
 Content analysis details:   (-7.7 points)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [2607:f8b0:4864:20:0:0:0:b49 listed in]
 [list.dnswl.org]
 -7.5 USER_IN_DEF_DKIM_WL    From: address is in the default DKIM
 white-list
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 -0.0 DKIMWL_WL_MED          DKIMwl.org - Medium sender
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: linux-parisc@vger.kernel.org, Andrey Konovalov <andreyknvl@google.com>,
 Kevin Brodsky <kevin.brodsky@arm.com>,
 David Spickett <david.spickett@linaro.org>,
 Peter Collingbourne <pcc@google.com>,
 Linux ARM <linux-arm-kernel@lists.infradead.org>,
 Richard Henderson <rth@twiddle.net>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

This bit will never be supported in the uapi. The purpose of this flag
bit is to allow userspace to distinguish an old kernel that does not
clear unknown sa_flags bits from a kernel that supports every flag bit.

In other words, if userspace finds that this bit remains set in
oldact.sa_flags, it means that the kernel cannot be trusted to have
cleared unknown flag bits from sa_flags, so no assumptions about flag
bit support can be made.

Signed-off-by: Peter Collingbourne <pcc@google.com>
---
View this change in Gerrit: https://linux-review.googlesource.com/q/Ic2501ad150a3a79c1cf27fb8c99be342e9dffbcb

 include/uapi/asm-generic/signal-defs.h | 7 +++++++
 kernel/signal.c                        | 6 ++++++
 2 files changed, 13 insertions(+)

diff --git a/include/uapi/asm-generic/signal-defs.h b/include/uapi/asm-generic/signal-defs.h
index 91000b6b97e0..c30a9c1a77b2 100644
--- a/include/uapi/asm-generic/signal-defs.h
+++ b/include/uapi/asm-generic/signal-defs.h
@@ -13,6 +13,12 @@
  * SA_RESETHAND clears the handler when the signal is delivered.
  * SA_NOCLDWAIT flag on SIGCHLD to inhibit zombies.
  * SA_NODEFER prevents the current signal from being masked in the handler.
+ * SA_UNSUPPORTED is a flag bit that will never be supported. Kernels from
+ * before the introduction of SA_UNSUPPORTED did not clear unknown bits from
+ * sa_flags when read using the oldact argument to sigaction and rt_sigaction,
+ * so this bit allows flag bit support to be detected from userspace while
+ * allowing an old kernel to be distinguished from a kernel that supports every
+ * flag bit.
  *
  * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single
  * Unix names RESETHAND and NODEFER respectively.
@@ -42,6 +48,7 @@
  * The following bits are used in architecture-specific SA_* definitions and
  * should be avoided for new generic flags: 3, 4, 5, 6, 7, 8, 9, 16, 24, 25, 26.
  */
+#define SA_UNSUPPORTED	0x00000400
 
 #define SA_NOMASK	SA_NODEFER
 #define SA_ONESHOT	SA_RESETHAND
diff --git a/kernel/signal.c b/kernel/signal.c
index 348b7981f1ff..664a6c31137e 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -3984,6 +3984,12 @@ int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
 	if (oact)
 		*oact = *k;
 
+	/*
+	 * Make sure that we never accidentally claim to support SA_UNSUPPORTED,
+	 * e.g. by having an architecture use the bit in their uapi.
+	 */
+	BUILD_BUG_ON(SA_UAPI_FLAGS & SA_UNSUPPORTED);
+
 	/*
 	 * Clear unknown flag bits in order to allow userspace to detect missing
 	 * support for flag bits and to allow the kernel to use non-uapi bits