| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Jun 2023 19:56:38 +0200
From: Szabolcs Nagy <nsz@...t70.net>
To: Stafford Horne <shorne@...il.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linux OpenRISC <linux-openrisc@...r.kernel.org>,
Jonas Bonn <jonas@...thpole.se>,
Stefan Kristiansson <stefan.kristiansson@...nalahti.fi>,
Eric Biederman <ebiederm@...ssion.com>,
Kees Cook <keescook@...omium.org>,
"Jason A. Donenfeld" <Jason@...c4.com>,
Dominik Brodowski <linux@...inikbrodowski.net>,
linux-mm@...ck.org, Rich Felker <dalias@...c.org>
Subject: Re: [PATCH 3/4] openrisc: Support floating point user api
* Stafford Horne <shorne@...il.com> [2023-06-27 17:41:03 +0100]:
> On Mon, Jun 26, 2023 at 11:38:40PM +0200, Szabolcs Nagy wrote:
> > * Stafford Horne <shorne@...il.com> [2023-04-18 17:58:12 +0100]:
> > > Add support for handling floating point exceptions and forwarding the
> > > SIGFPE signal to processes. Also, add fpu state to sigcontext.
> > >
> > > Signed-off-by: Stafford Horne <shorne@...il.com>
> > > ---
> > ...
> > > --- a/arch/openrisc/include/uapi/asm/sigcontext.h
> > > +++ b/arch/openrisc/include/uapi/asm/sigcontext.h
> > > @@ -28,6 +28,7 @@
> > >
> > > struct sigcontext {
> > > struct user_regs_struct regs; /* needs to be first */
> > > + struct __or1k_fpu_state fpu;
> > > unsigned long oldmask;
> > > };
> >
> > this seems to break userspace abi.
> > glibc and musl have or1k abi without this field.
> >
> > either this is a new abi where binaries opt-in with some marking
> > and then the base sigcontext should be unmodified,
> >
> > or the fp state needs to be added to the signal frame in a way that
> > does not break existing abi (e.g. end of the struct ?) and also
> > advertise the new thing via a hwcap, otherwise userspace cannot
> > make use of it.
> >
> > unless i'm missing something.
>
> I think you are right, I meant to look into this but it must have slipped
> though. Is this something causing you issues or did you just notice it?
i noticed it while trying to update musl headers to linux 6.4 uapi.
> I didn't run into issues when running the glibc test suite, but I may have
> missed it.
i would only expect issues when accessing ucontext entries
after uc_mcontext.regs in a signal handler registered with
SA_SIGINFO.
in particular uc_sigmask is after uc_mcontext on or1k and e.g.
musl thread cancellation uses this entry to affect the mask on
signal return which will not work on a 6.4 kernel (not tested).
i don't think glibc has tests for the ucontext signal abi.
> Just moving this to the end of the sigcontext may be all that is needed.
that won't help since uc_sigmask comes after sigcontext in ucontext.
it has to go to the end of ucontext or outside of ucontext then.
one way to have fpu in sigcontext is
struct sigcontext {
struct user_regs_struct regs;
unsigned long oldmask;
char padding[sizeof(__userspace_sigset_t)];
struct __or1k_fpu_state fpu;
};
but the kernel still has to interpret the padding in a bwcompat
way. (and if libc wants to expose fpu in its ucontext then it
needs a flag day abi break as the ucontext size is abi.)
(part of the userspace uc_sigmask is unused because sigset_t is
larger than necessary so may be that can be reused but this is
a hack as that's libc owned.)
not sure how important this fpu field is, arm does not seem to
have fpu state in ucontext and armhf works.
there may be other ways, i'm adding Rich (musl maintainer) on cc
in case he has an opinion.
Powered by blists - more mailing lists