1. Patchew
  2. linux
  3. View series

[PATCH v2 0/5] POE sigreturn fix and extra tests

Kevin Brodsky posted 5 patches 1 month, 2 weeks ago 
arch/arm64/kernel/signal.c                         | 54 ++++++++++++----
.../testing/selftests/arm64/signal/test_signals.h  |  2 +
.../selftests/arm64/signal/test_signals_utils.c    |  3 +
.../selftests/arm64/signal/test_signals_utils.h    | 16 +++++
.../signal/testcases/poe_missing_poe_context.c     | 73 ++++++++++++++++++++++
.../selftests/arm64/signal/testcases/poe_restore.c | 64 +++++++++++++++++++
.../selftests/arm64/signal/testcases/poe_siginfo.c | 15 -----
tools/testing/selftests/mm/pkey-arm64.h            |  3 +-
8 files changed, 203 insertions(+), 27 deletions(-)
[PATCH v2 0/5] POE sigreturn fix and extra tests
Posted by Kevin Brodsky 1 month, 2 weeks ago 
Commit 2e8a1acea859 ("arm64: signal: Improve POR_EL0 handling to
avoid uaccess failures") introduced special handling for EL0 registers
that impact uaccess. This did not however handle the case where a signal
handler removes the relevant record (poe_context for POE) from the
signal frame; this is clearly not typical behaviour but it is legal.
That commit resulted in arbitrary data from the kernel stack being
written to POR_EL0 in that case.

Patch 1 fixes this by tracking which fields in struct user_access_state
are actually valid. This restores the original behaviour, where POR_EL0
is left untouched if poe_context is removed.

The remaining patches add new tests to the arm64 signal kselftests to
check that POR_EL0 is reset and restored (or preserved) as expected.
Patch 2 fixes an issue found by Sashiko while reusing some code for
the new tests.

Signed-off-by: Kevin Brodsky <kevin.brodsky@arm.com>
---
v1..v2:
- Patch 1: introduced accessors and moved to using {} for zero-init
  [Will]
- Patch 1: removed change in setup_sigframe() - using the new flag
  isn't actually more consistent than checking system_supports_poe()
  and doesn't play well with the new accessors
- Patch 5: fixed the size passed to get_header(), as reported by
  Sashiko. Added patch 2 to fix the issue where I had originally
  found it.
- Patch 4: improved commit title [Mark]
- Collected R-b

v1: https://lore.kernel.org/all/20260421144252.1440365-1-kevin.brodsky@arm.com/

---
To: linux-arm-kernel@lists.infradead.org
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: David Hildenbrand (Arm) <david@kernel.org>
Cc: Joey Gouly <joey.gouly@arm.com>
Cc: Mark Brown <broonie@kernel.org>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Will Deacon <will@kernel.org>
Cc: linux-kselftest@vger.kernel.org
Cc: linux-mm@kvack.org
Cc: linux-kernel@vger.kernel.org

---
Kevin Brodsky (5):
      arm64: signal: Preserve POR_EL0 if poe_context is missing
      selftests/mm: Fix resv_sz when parsing arm64 signal frame
      kselftest/arm64: Add POE as a feature in the signal tests
      kselftest/arm64: Move/add POE helpers to test_signals_utils.h
      kselftest/arm64: Add tests for POR_EL0 save/reset/restore

 arch/arm64/kernel/signal.c                         | 54 ++++++++++++----
 .../testing/selftests/arm64/signal/test_signals.h  |  2 +
 .../selftests/arm64/signal/test_signals_utils.c    |  3 +
 .../selftests/arm64/signal/test_signals_utils.h    | 16 +++++
 .../signal/testcases/poe_missing_poe_context.c     | 73 ++++++++++++++++++++++
 .../selftests/arm64/signal/testcases/poe_restore.c | 64 +++++++++++++++++++
 .../selftests/arm64/signal/testcases/poe_siginfo.c | 15 -----
 tools/testing/selftests/mm/pkey-arm64.h            |  3 +-
 8 files changed, 203 insertions(+), 27 deletions(-)
---
base-commit: 028ef9c96e96197026887c0f092424679298aae8
change-id: 20260423-poe_signal-809193c5225d
Re: [PATCH v2 0/5] POE sigreturn fix and extra tests
Posted by Will Deacon 4 weeks ago 
On Mon, 27 Apr 2026 13:03:32 +0100, Kevin Brodsky wrote:
> Commit 2e8a1acea859 ("arm64: signal: Improve POR_EL0 handling to
> avoid uaccess failures") introduced special handling for EL0 registers
> that impact uaccess. This did not however handle the case where a signal
> handler removes the relevant record (poe_context for POE) from the
> signal frame; this is clearly not typical behaviour but it is legal.
> That commit resulted in arbitrary data from the kernel stack being
> written to POR_EL0 in that case.
> 
> [...]

Applied selftest updates to arm64 (for-next/selftests), thanks!

[2/5] selftests/mm: Fix resv_sz when parsing arm64 signal frame
      https://git.kernel.org/arm64/c/c364aa56d673
[3/5] kselftest/arm64: Add POE as a feature in the signal tests
      https://git.kernel.org/arm64/c/42c21954063e
[4/5] kselftest/arm64: Move/add POE helpers to test_signals_utils.h
      https://git.kernel.org/arm64/c/925a082ec2a0
[5/5] kselftest/arm64: Add tests for POR_EL0 save/reset/restore
      https://git.kernel.org/arm64/c/f2db075234c8

Cheers,
-- 
Will

https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev
Re: (subset) [PATCH v2 0/5] POE sigreturn fix and extra tests
Posted by Catalin Marinas 1 month, 2 weeks ago 
On Mon, 27 Apr 2026 13:03:32 +0100, Kevin Brodsky wrote:
> Commit 2e8a1acea859 ("arm64: signal: Improve POR_EL0 handling to
> avoid uaccess failures") introduced special handling for EL0 registers
> that impact uaccess. This did not however handle the case where a signal
> handler removes the relevant record (poe_context for POE) from the
> signal frame; this is clearly not typical behaviour but it is legal.
> That commit resulted in arbitrary data from the kernel stack being
> written to POR_EL0 in that case.
> 
> [...]

Applied to arm64 (for-next/fixes), thanks!

[1/5] arm64: signal: Preserve POR_EL0 if poe_context is missing
      https://git.kernel.org/arm64/c/030e8a40fff6

Will, if any objections, please shout.

-- 
Catalin

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.