From patchwork Thu Apr 18 09:23:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Benjamin Berg X-Patchwork-Id: 1924862 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=MkRoTXdZ; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=sipsolutions.net header.i=@sipsolutions.net header.a=rsa-sha256 header.s=mail header.b=EWdS1auU; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VKsnC56J7z1yZx for ; Thu, 18 Apr 2024 19:25:03 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=2LfZ4MoJ+9KROOT5YK74Hxu9SnlJPUZk7LmiCFjzKsE=; b=MkRoTXdZpFR+/cea1eYdRyRcYu 4Fq5w+FAusBsv3FdXyZdOWn/q97GTnB7sDy69vf69icoC1bFG0uzwF4mM16kz+0PRyA8bh0M3OZUL cKQ3uZ6KMcn6NhvH0LpzySJj6RWDm9Qv+zagSrIRz2YCargm1AfaWx6B+cUGdkxqGfU45ERj0hgvV G94r/4GLrvKs0v7UQfCMrP2rbLuNIXDw/AOR+VU8viHgp5egZQ1m/H+U4rkN+GeXnQyqtL2N/D3yL 2x7qN7beA9E0I5pGFyokAQAKx+h4X+nxj3pnm1rQJDjP5Bepzb8DjNplxnJByGJ0XaMAfRdhRs1wf 1JT6M6Sg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rxO0r-00000001bKy-1asj; Thu, 18 Apr 2024 09:25:01 +0000 Received: from s3.sipsolutions.net ([2a01:4f8:242:246e::2] helo=sipsolutions.net) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rxO0l-00000001bDY-0oem for linux-um@lists.infradead.org; Thu, 18 Apr 2024 09:24:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=Content-Transfer-Encoding:MIME-Version: References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Content-Type:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=2LfZ4MoJ+9KROOT5YK74Hxu9SnlJPUZk7LmiCFjzKsE=; t=1713432293; x=1714641893; b=EWdS1auUiOkVsaE8AdOw9/yI4CMXSv1UQtbAvvBRX+M97FR 5SwzEoTD3tA42u591YcKCq83MZ7ZUOkQzZcm5pYNFg5LypMCifT+l/RaEuxdeVM7sKYb13wphNelN LiMtDfI5AP4ybFdnKJ5U1uJMkAABIUJRmvg5zq8hJfAZWRZiFdd6wNE+lQSy2buZkCKK6Dk/+5EYW 0EqbX2rhmYh88lEEDe10q2NlKkYPaQA+1g703TdHnHUQ8WHq8z+/PvWXrTofLbTVieBISwl8rURf0 eG5iB0eIxoaZoKcu4z7E+CPRlR9VEtqKpeKduivQF05bvyzD64uOpY/YkczF2yAQ==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.97) (envelope-from ) id 1rxO0f-0000000CKXH-23hr; Thu, 18 Apr 2024 11:24:49 +0200 From: benjamin@sipsolutions.net To: linux-um@lists.infradead.org Cc: Benjamin Berg Subject: [PATCH 02/12] um: Create signal stack memory assignment in stub_data Date: Thu, 18 Apr 2024 11:23:17 +0200 Message-ID: <20240418092327.860135-3-benjamin@sipsolutions.net> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240418092327.860135-1-benjamin@sipsolutions.net> References: <20240418092327.860135-1-benjamin@sipsolutions.net> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240418_022455_354950_5F1A00F1 X-CRM114-Status: GOOD ( 14.74 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Benjamin Berg When we switch to use seccomp, we need both the signal stack and other data (i.e. syscall information) to co-exist in the stub data. To facilitate this, start by defining separate memory areas for the [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: linux-um@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-um" Errors-To: linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Benjamin Berg When we switch to use seccomp, we need both the signal stack and other data (i.e. syscall information) to co-exist in the stub data. To facilitate this, start by defining separate memory areas for the stack and syscall data. This moves the signal stack onto a new page as the memory area is not sufficient to hold both signal stack and syscall information. Only change the signal stack setup for now, as the syscall code will be reworked later. Signed-off-by: Benjamin Berg --- arch/um/include/shared/as-layout.h | 2 +- arch/um/include/shared/skas/stub-data.h | 9 +++++++++ arch/um/kernel/skas/clone.c | 6 ++++-- arch/um/kernel/skas/mmu.c | 4 ++++ arch/um/os-Linux/skas/process.c | 11 ++++++----- 5 files changed, 24 insertions(+), 8 deletions(-) diff --git a/arch/um/include/shared/as-layout.h b/arch/um/include/shared/as-layout.h index 9ec3015bc5e2..4ef98c0339fa 100644 --- a/arch/um/include/shared/as-layout.h +++ b/arch/um/include/shared/as-layout.h @@ -23,7 +23,7 @@ #define STUB_START stub_start #define STUB_CODE STUB_START #define STUB_DATA (STUB_CODE + UM_KERN_PAGE_SIZE) -#define STUB_DATA_PAGES 1 /* must be a power of two */ +#define STUB_DATA_PAGES 2 /* must be a power of two */ #define STUB_END (STUB_DATA + STUB_DATA_PAGES * UM_KERN_PAGE_SIZE) #ifndef __ASSEMBLY__ diff --git a/arch/um/include/shared/skas/stub-data.h b/arch/um/include/shared/skas/stub-data.h index 5e3ade3fb38b..779d2a3bac5d 100644 --- a/arch/um/include/shared/skas/stub-data.h +++ b/arch/um/include/shared/skas/stub-data.h @@ -8,10 +8,19 @@ #ifndef __STUB_DATA_H #define __STUB_DATA_H +#include +#include + struct stub_data { unsigned long offset; int fd; long parent_err, child_err; + + /* 128 leaves enough room for additional fields in the struct */ + unsigned char syscall_data[UM_KERN_PAGE_SIZE - 128] __aligned(16); + + /* Stack for our signal handlers and for calling into . */ + unsigned char sigstack[UM_KERN_PAGE_SIZE] __aligned(UM_KERN_PAGE_SIZE); }; #endif diff --git a/arch/um/kernel/skas/clone.c b/arch/um/kernel/skas/clone.c index 62435187dda4..906f7454887c 100644 --- a/arch/um/kernel/skas/clone.c +++ b/arch/um/kernel/skas/clone.c @@ -27,9 +27,11 @@ stub_clone_handler(void) struct stub_data *data = get_stub_data(); long err; + /* syscall data as a temporary stack area (bottom half). */ err = stub_syscall2(__NR_clone, CLONE_PARENT | CLONE_FILES | SIGCHLD, - (unsigned long)data + - STUB_DATA_PAGES * UM_KERN_PAGE_SIZE / 2); + (unsigned long) data->syscall_data + + sizeof(data->syscall_data) / 2 - + sizeof(void *)); if (err) { data->parent_err = err; goto done; diff --git a/arch/um/kernel/skas/mmu.c b/arch/um/kernel/skas/mmu.c index 656fe16c9b63..b6b9679e6e11 100644 --- a/arch/um/kernel/skas/mmu.c +++ b/arch/um/kernel/skas/mmu.c @@ -13,6 +13,10 @@ #include #include #include +#include + +/* Ensure the stub_data struct covers the allocated area */ +static_assert(sizeof(struct stub_data) == STUB_DATA_PAGES * UM_KERN_PAGE_SIZE); int init_new_context(struct task_struct *task, struct mm_struct *mm) { diff --git a/arch/um/os-Linux/skas/process.c b/arch/um/os-Linux/skas/process.c index 1f5c3f2523d1..72114720be10 100644 --- a/arch/um/os-Linux/skas/process.c +++ b/arch/um/os-Linux/skas/process.c @@ -470,11 +470,12 @@ static int __init init_thread_regs(void) thread_regs[REGS_IP_INDEX] = STUB_CODE + (unsigned long) stub_clone_handler - (unsigned long) __syscall_stub_start; - thread_regs[REGS_SP_INDEX] = STUB_DATA + STUB_DATA_PAGES * UM_KERN_PAGE_SIZE - - sizeof(void *); -#ifdef __SIGNAL_FRAMESIZE - thread_regs[REGS_SP_INDEX] -= __SIGNAL_FRAMESIZE; -#endif + + /* syscall data as a temporary stack area (top half). */ + thread_regs[REGS_SP_INDEX] = STUB_DATA + + offsetof(struct stub_data, syscall_data) + + sizeof(((struct stub_data *) 0)->syscall_data) - + sizeof(void *); return 0; }