signals, pkeys: Notify userspace about protection key faults

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

A protection key fault is very similar to any other access error.
There must be a VMA, etc... We even want to take the same action
(SIGSEGV) that we do with a normal access fault.

However, we do need to let userspace know that something is
different. We do this the same way what we did with SEGV_BNDERR
with Memory Protection eXtensions (MPX): define a new SEGV code:
SEGV_PKUERR.

We add a siginfo field: si_pkey that reveals to userspace which
protection key was set on the PTE that we faulted on. There is
no other easy way for userspace to figure this out. They could
parse smaps but that would be a bit cruel.

We share space with in siginfo with _addr_bnd. #BR faults from
MPX are completely separate from page faults (#PF) that trigger
from protection key violations, so we never need both at the same
time.

Note that _pkey is a 64-bit value. The current hardware only
supports 4-bit protection keys. We do this because there is
_plenty_ of space in _sigfault and it is possible that future
processors would support more than 4 bits of protection keys.

The x86 code to actually fill in the siginfo is in the next
patch.

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Amanieu d'Antras <amanieu@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave@sr71.net>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Richard Weinberger <richard@nod.at>
Cc: Rik van Riel <riel@redhat.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Vegard Nossum <vegard.nossum@oracle.com>
Cc: Vladimir Davydov <vdavydov@parallels.com>
Cc: linux-arch@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20160212210212.3A9B83AC@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>

authored by

Dave Hansen and committed by

Ingo Molnar 10 years ago cd0ea35f b376cd02

+16 -5

2 changed files

expand all

include

uapi

asm-generic

siginfo.h

kernel

signal.c

+12 -5

include/uapi/asm-generic/siginfo.h

··· 91 91 int _trapno; /* TRAP # which caused the signal */ 92 92 #endif 93 93 short _addr_lsb; /* LSB of the reported address */ 94 - struct { 95 - void __user *_lower; 96 - void __user *_upper; 97 - } _addr_bnd; 94 + union { 95 + /* used when si_code=SEGV_BNDERR */ 96 + struct { 97 + void __user *_lower; 98 + void __user *_upper; 99 + } _addr_bnd; 100 + /* used when si_code=SEGV_PKUERR */ 101 + u64 _pkey; 102 + }; 98 103 } _sigfault; 99 104 100 105 /* SIGPOLL */ ··· 142 137 #define si_addr_lsb _sifields._sigfault._addr_lsb 143 138 #define si_lower _sifields._sigfault._addr_bnd._lower 144 139 #define si_upper _sifields._sigfault._addr_bnd._upper 140 + #define si_pkey _sifields._sigfault._pkey 145 141 #define si_band _sifields._sigpoll._band 146 142 #define si_fd _sifields._sigpoll._fd 147 143 #ifdef __ARCH_SIGSYS ··· 212 206 #define SEGV_MAPERR (__SI_FAULT|1) /* address not mapped to object */ 213 207 #define SEGV_ACCERR (__SI_FAULT|2) /* invalid permissions for mapped object */ 214 208 #define SEGV_BNDERR (__SI_FAULT|3) /* failed address bound checks */ 215 - #define NSIGSEGV 3 209 + #define SEGV_PKUERR (__SI_FAULT|4) /* failed protection key checks */ 210 + #define NSIGSEGV 4 216 211 217 212 /* 218 213 * SIGBUS si_codes

kernel/signal.c

··· 2709 2709 err |= __put_user(from->si_upper, &to->si_upper); 2710 2710 } 2711 2711 #endif 2712 + #ifdef SEGV_PKUERR 2713 + if (from->si_signo == SIGSEGV && from->si_code == SEGV_PKUERR) 2714 + err |= __put_user(from->si_pkey, &to->si_pkey); 2715 + #endif 2712 2716 break; 2713 2717 case __SI_CHLD: 2714 2718 err |= __put_user(from->si_pid, &to->si_pid);