From nobody Wed Nov 19 20:21:11 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1702383667927158.69836637627714; Tue, 12 Dec 2023 04:21:07 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rD1it-00056X-IY; Tue, 12 Dec 2023 07:18:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rD1ir-00055Y-69; Tue, 12 Dec 2023 07:18:49 -0500 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rD1im-0000Ay-1k; Tue, 12 Dec 2023 07:18:48 -0500 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id C9EAB3AEF4; Tue, 12 Dec 2023 15:18:48 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 8F7983B942; Tue, 12 Dec 2023 15:18:31 +0300 (MSK) Received: (nullmailer pid 1003401 invoked by uid 1000); Tue, 12 Dec 2023 12:18:31 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Max Filippov , Richard Henderson , Michael Tokarev Subject: [Stable-8.1.4 01/31] linux-user: xtensa: fix signal delivery in FDPIC Date: Tue, 12 Dec 2023 15:17:49 +0300 Message-Id: <20231212121831.1003318-1-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1702383669799100007 Content-Type: text/plain; charset="utf-8" From: Max Filippov In FDPIC signal handlers are passed around as FD pointers. Actual code address and GOT pointer must be fetched from memory by the QEMU code that implements kernel signal delivery functionality. This change is equivalent to the following kernel change: 9c2cc74fb31e ("xtensa: fix signal delivery to FDPIC process") Cc: qemu-stable@nongnu.org Fixes: d2796be69d7c ("linux-user: add support for xtensa FDPIC") Reviewed-by: Richard Henderson Signed-off-by: Max Filippov (cherry picked from commit 1b173d06068c4a4e93fad88205399232925967a4) Signed-off-by: Michael Tokarev diff --git a/linux-user/xtensa/signal.c b/linux-user/xtensa/signal.c index f5fb8b5cbe..32dcfa5229 100644 --- a/linux-user/xtensa/signal.c +++ b/linux-user/xtensa/signal.c @@ -157,6 +157,9 @@ void setup_rt_frame(int sig, struct target_sigaction *k= a, { abi_ulong frame_addr; struct target_rt_sigframe *frame; + int is_fdpic =3D info_is_fdpic(((TaskState *)thread_cpu->opaque)->info= ); + abi_ulong handler =3D 0; + abi_ulong handler_fdpic_GOT =3D 0; uint32_t ra; bool abi_call0; unsigned base; @@ -165,6 +168,17 @@ void setup_rt_frame(int sig, struct target_sigaction *= ka, frame_addr =3D get_sigframe(ka, env, sizeof(*frame)); trace_user_setup_rt_frame(env, frame_addr); =20 + if (is_fdpic) { + abi_ulong funcdesc_ptr =3D ka->_sa_handler; + + if (get_user_ual(handler, funcdesc_ptr) + || get_user_ual(handler_fdpic_GOT, funcdesc_ptr + 4)) { + goto give_sigsegv; + } + } else { + handler =3D ka->_sa_handler; + } + if (!lock_user_struct(VERIFY_WRITE, frame, frame_addr, 0)) { goto give_sigsegv; } @@ -185,14 +199,21 @@ void setup_rt_frame(int sig, struct target_sigaction = *ka, } =20 if (ka->sa_flags & TARGET_SA_RESTORER) { - ra =3D ka->sa_restorer; + if (is_fdpic) { + if (get_user_ual(ra, ka->sa_restorer)) { + unlock_user_struct(frame, frame_addr, 0); + goto give_sigsegv; + } + } else { + ra =3D ka->sa_restorer; + } } else { /* Not used, but retain for ABI compatibility. */ install_sigtramp(frame->retcode); ra =3D default_rt_sigreturn; } memset(env->regs, 0, sizeof(env->regs)); - env->pc =3D ka->_sa_handler; + env->pc =3D handler; env->regs[1] =3D frame_addr; env->sregs[WINDOW_BASE] =3D 0; env->sregs[WINDOW_START] =3D 1; @@ -212,6 +233,9 @@ void setup_rt_frame(int sig, struct target_sigaction *k= a, env->regs[base + 3] =3D frame_addr + offsetof(struct target_rt_sigfram= e, info); env->regs[base + 4] =3D frame_addr + offsetof(struct target_rt_sigfram= e, uc); + if (is_fdpic) { + env->regs[base + 11] =3D handler_fdpic_GOT; + } unlock_user_struct(frame, frame_addr, 1); return; =20 --=20 2.39.2