From patchwork Tue Apr 10 12:17:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 133072 Delivered-To: patch@linaro.org Received: by 10.46.84.29 with SMTP id i29csp1237662ljb; Tue, 10 Apr 2018 05:20:45 -0700 (PDT) X-Google-Smtp-Source: AIpwx4++4mpjZ9yRVn+1ioYk/vlG5Hg+VwFkWPSuY2r1YtFrl5CzDczXxRWiV2gSuUKqbVEYOD9c X-Received: by 10.55.5.145 with SMTP id 139mr216613qkf.332.1523362845843; Tue, 10 Apr 2018 05:20:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523362845; cv=none; d=google.com; s=arc-20160816; b=vHdgdrDAT0SdORI+xsobjDkoMAmQUBw9t1m2qqY6doXHL8dV7CDesMPI7GDQ1twMKW CGlFZUE8jZ3drckC+NnpTLAfD7Rx74ZDYuqaGtysX1sL4WEiYBkRCxvCj6LQNVfBDe4f +xwknBnj6jxcYoQEojIMHTGOrbk6pEFjERblEH2x2cFFhDeTh8xY7mL7Nrv7fRyDxPjh 7FozQZYgzc32szgoc/CnsifgIKauXUE42oHDGOM935wfmFPpvAk6xZASWgzT2aKidm3H ok6jQqxiqdff60V9281gKPKxztWkGl+WtiRREIfh+q3XhnM/4cR6HdoupOlLsJSwKmnT hPhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:arc-authentication-results; bh=ph17cESIl9LnZZzjST1hOP3Jxd9HJtruEd7EWUr4fsg=; b=l6MJ2DwWCpJgjspxbcLJ8ivBjIlWSbFn0QGc9Y4AtlUMZfe066qkcr5BfRFDWMeRe0 vCjuVEX8bODgj5wRwnTzQMy6dHvKuvMZ2o4JkA/StdJTB0aFM27ojfAZaCTgCXaFHBcn 7vGNk7eA7rCLkUCPOjiKAhadJ8XCPx1i/YhytxY+MdPthHjWRA+NzSrX2ZNhP7NwrGI/ Wca9BZ+GulHtZx2uVRaOcoC8k0ISvka7et9g/RK/e6akxf/ofUHOI1+F7NfY/UjNkWSG q7n0ocalvIhai/BoEA9j6/Bi8FdqpD75wrQoAYGG8Xp6SxDza7RFmkRO2Mx+RD+6qRkp uwQQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id 12si1803966qko.353.2018.04.10.05.20.45 for (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 10 Apr 2018 05:20:45 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:40581 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5sGT-0000l9-6I for patch@linaro.org; Tue, 10 Apr 2018 08:20:45 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56879) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1f5sDQ-0007uU-Ke for qemu-devel@nongnu.org; Tue, 10 Apr 2018 08:17:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1f5sDP-0000iS-B5 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 08:17:36 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:40760) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1f5sDP-0000er-2d for qemu-devel@nongnu.org; Tue, 10 Apr 2018 08:17:35 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1f5sDN-0007dW-U3 for qemu-devel@nongnu.org; Tue, 10 Apr 2018 13:17:33 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Tue, 10 Apr 2018 13:17:22 +0100 Message-Id: <20180410121724.8549-11-peter.maydell@linaro.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180410121724.8549-1-peter.maydell@linaro.org> References: <20180410121724.8549-1-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 10/12] linux-user/signal.c: Ensure AArch64 signal frame isn't too small X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" The AArch64 signal frame design was extended for SVE in commit 8c5931de0ac77388096d79ceb, so that instead of having a fixed setup we now add various records to the frame, with some of them possibly overflowing into an extra space outside the original 4K reserved block in the target_sigcontext. However, we failed to ensure that we always at least allocate the 4K reserved block. This is ABI, and some userspace programs rely on it. In particular the dash shell would segfault if the frame wasn't as big enough. (Compare the kernel's sigframe_size() function in arch/arm64/kernel/signal.c.) Reported-by: Richard Henwood Reviewed-by: Laurent Vivier Reviewed-by: Richard Henderson Message-id: 20180409140714.26841-1-peter.maydell@linaro.org Fixes: https://bugs.launchpad.net/bugs/1761535 Fixes: 8c5931de0ac77388096d79ceb Signed-off-by: Peter Maydell --- linux-user/signal.c | 6 ++++++ 1 file changed, 6 insertions(+) -- 2.16.2 diff --git a/linux-user/signal.c b/linux-user/signal.c index 046d4c8aa0..8d9e6e8410 100644 --- a/linux-user/signal.c +++ b/linux-user/signal.c @@ -1850,6 +1850,12 @@ static void target_setup_frame(int usig, struct target_sigaction *ka, fr_ofs = layout.total_size; layout.total_size += sizeof(struct target_rt_frame_record); + /* We must always provide at least the standard 4K reserved space, + * even if we don't use all of it (this is part of the ABI) + */ + layout.total_size = MAX(layout.total_size, + sizeof(struct target_rt_sigframe)); + frame_addr = get_sigframe(ka, env, layout.total_size); trace_user_setup_frame(env, frame_addr); if (!lock_user_struct(VERIFY_WRITE, frame, frame_addr, 0)) {