Commit da7f8de9647a8401c36e0bff69dfa58b066a4c47
Committed by
Greg Kroah-Hartman
Greg Kroah-Hartman
1 parent
7b483af8df
vm: add VM_FAULT_SIGSEGV handling support
commit 33692f27597fcab536d7cbbcc8f52905133e4aa7 upstream. The core VM already knows about VM_FAULT_SIGBUS, but cannot return a "you should SIGSEGV" error, because the SIGSEGV case was generally handled by the caller - usually the architecture fault handler. That results in lots of duplication - all the architecture fault handlers end up doing very similar "look up vma, check permissions, do retries etc" - but it generally works. However, there are cases where the VM actually wants to SIGSEGV, and applications _expect_ SIGSEGV. In particular, when accessing the stack guard page, libsigsegv expects a SIGSEGV. And it usually got one, because the stack growth is handled by that duplicated architecture fault handler. However, when the generic VM layer started propagating the error return from the stack expansion in commit fee7e49d4514 ("mm: propagate error from stack expansion even for guard page"), that now exposed the existing VM_FAULT_SIGBUS result to user space. And user space really expected SIGSEGV, not SIGBUS. To fix that case, we need to add a VM_FAULT_SIGSEGV, and teach all those duplicate architecture fault handlers about it. They all already have the code to handle SIGSEGV, so it's about just tying that new return value to the existing code, but it's all a bit annoying. This is the mindless minimal patch to do this. A more extensive patch would be to try to gather up the mostly shared fault handling logic into one generic helper routine, and long-term we really should do that cleanup. Just from this patch, you can generally see that most architectures just copied (directly or indirectly) the old x86 way of doing things, but in the meantime that original x86 model has been improved to hold the VM semaphore for shorter times etc and to handle VM_FAULT_RETRY and other "newer" things, so it would be a good idea to bring all those improvements to the generic case and teach other architectures about them too. Reported-and-tested-by: Takashi Iwai <tiwai@suse.de> Tested-by: Jan Engelhardt <jengelh@inai.de> Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com> # "s390 still compiles and boots" Cc: linux-arch@vger.kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Showing 29 changed files with 61 additions and 7 deletions Side-by-side Diff
- arch/alpha/mm/fault.c
- arch/arc/mm/fault.c
- arch/avr32/mm/fault.c
- arch/cris/mm/fault.c
- arch/frv/mm/fault.c
- arch/ia64/mm/fault.c
- arch/m32r/mm/fault.c
- arch/m68k/mm/fault.c
- arch/metag/mm/fault.c
- arch/microblaze/mm/fault.c
- arch/mips/mm/fault.c
- arch/mn10300/mm/fault.c
- arch/openrisc/mm/fault.c
- arch/parisc/mm/fault.c
- arch/powerpc/mm/copro_fault.c
- arch/powerpc/mm/fault.c
- arch/s390/mm/fault.c
- arch/score/mm/fault.c
- arch/sh/mm/fault.c
- arch/sparc/mm/fault_32.c
- arch/sparc/mm/fault_64.c
- arch/tile/mm/fault.c
- arch/um/kernel/trap.c
- arch/x86/mm/fault.c
- arch/xtensa/mm/fault.c
- drivers/staging/lustre/lustre/llite/vvp_io.c
- include/linux/mm.h
- mm/gup.c
- mm/ksm.c
arch/alpha/mm/fault.c
arch/arc/mm/fault.c
arch/avr32/mm/fault.c
arch/cris/mm/fault.c
arch/frv/mm/fault.c
arch/ia64/mm/fault.c
arch/m32r/mm/fault.c
arch/m68k/mm/fault.c
arch/metag/mm/fault.c
arch/microblaze/mm/fault.c
arch/mips/mm/fault.c
arch/mn10300/mm/fault.c
arch/openrisc/mm/fault.c
arch/parisc/mm/fault.c
arch/powerpc/mm/copro_fault.c
arch/powerpc/mm/fault.c
| ... | ... | @@ -444,6 +444,8 @@ |
| 444 | 444 | */ |
| 445 | 445 | fault = handle_mm_fault(mm, vma, address, flags); |
| 446 | 446 | if (unlikely(fault & (VM_FAULT_RETRY|VM_FAULT_ERROR))) { |
| 447 | + if (fault & VM_FAULT_SIGSEGV) | |
| 448 | + goto bad_area; | |
| 447 | 449 | rc = mm_fault_error(regs, address, fault); |
| 448 | 450 | if (rc >= MM_FAULT_RETURN) |
| 449 | 451 | goto bail; |
arch/s390/mm/fault.c
| ... | ... | @@ -374,6 +374,12 @@ |
| 374 | 374 | do_no_context(regs); |
| 375 | 375 | else |
| 376 | 376 | pagefault_out_of_memory(); |
| 377 | + } else if (fault & VM_FAULT_SIGSEGV) { | |
| 378 | + /* Kernel mode? Handle exceptions or die */ | |
| 379 | + if (!user_mode(regs)) | |
| 380 | + do_no_context(regs); | |
| 381 | + else | |
| 382 | + do_sigsegv(regs, SEGV_MAPERR); | |
| 377 | 383 | } else if (fault & VM_FAULT_SIGBUS) { |
| 378 | 384 | /* Kernel mode? Handle exceptions or die */ |
| 379 | 385 | if (!user_mode(regs)) |
arch/score/mm/fault.c
arch/sh/mm/fault.c
arch/sparc/mm/fault_32.c
arch/sparc/mm/fault_64.c
arch/tile/mm/fault.c
arch/um/kernel/trap.c
arch/x86/mm/fault.c
| ... | ... | @@ -905,6 +905,8 @@ |
| 905 | 905 | if (fault & (VM_FAULT_SIGBUS|VM_FAULT_HWPOISON| |
| 906 | 906 | VM_FAULT_HWPOISON_LARGE)) |
| 907 | 907 | do_sigbus(regs, error_code, address, fault); |
| 908 | + else if (fault & VM_FAULT_SIGSEGV) | |
| 909 | + bad_area_nosemaphore(regs, error_code, address); | |
| 908 | 910 | else |
| 909 | 911 | BUG(); |
| 910 | 912 | } |
arch/xtensa/mm/fault.c
drivers/staging/lustre/lustre/llite/vvp_io.c
include/linux/mm.h
| ... | ... | @@ -1054,6 +1054,7 @@ |
| 1054 | 1054 | #define VM_FAULT_WRITE 0x0008 /* Special case for get_user_pages */ |
| 1055 | 1055 | #define VM_FAULT_HWPOISON 0x0010 /* Hit poisoned small page */ |
| 1056 | 1056 | #define VM_FAULT_HWPOISON_LARGE 0x0020 /* Hit poisoned large page. Index encoded in upper bits */ |
| 1057 | +#define VM_FAULT_SIGSEGV 0x0040 | |
| 1057 | 1058 | |
| 1058 | 1059 | #define VM_FAULT_NOPAGE 0x0100 /* ->fault installed the pte, not return page */ |
| 1059 | 1060 | #define VM_FAULT_LOCKED 0x0200 /* ->fault locked the returned page */ |
| ... | ... | @@ -1062,8 +1063,9 @@ |
| 1062 | 1063 | |
| 1063 | 1064 | #define VM_FAULT_HWPOISON_LARGE_MASK 0xf000 /* encodes hpage index for large hwpoison */ |
| 1064 | 1065 | |
| 1065 | -#define VM_FAULT_ERROR (VM_FAULT_OOM | VM_FAULT_SIGBUS | VM_FAULT_HWPOISON | \ | |
| 1066 | - VM_FAULT_FALLBACK | VM_FAULT_HWPOISON_LARGE) | |
| 1066 | +#define VM_FAULT_ERROR (VM_FAULT_OOM | VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV | \ | |
| 1067 | + VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE | \ | |
| 1068 | + VM_FAULT_FALLBACK) | |
| 1067 | 1069 | |
| 1068 | 1070 | /* Encode hstate index for a hwpoisoned large page */ |
| 1069 | 1071 | #define VM_FAULT_SET_HINDEX(x) ((x) << 12) |
mm/gup.c
| ... | ... | @@ -296,7 +296,7 @@ |
| 296 | 296 | return -ENOMEM; |
| 297 | 297 | if (ret & (VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE)) |
| 298 | 298 | return *flags & FOLL_HWPOISON ? -EHWPOISON : -EFAULT; |
| 299 | - if (ret & VM_FAULT_SIGBUS) | |
| 299 | + if (ret & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV)) | |
| 300 | 300 | return -EFAULT; |
| 301 | 301 | BUG(); |
| 302 | 302 | } |
| ... | ... | @@ -571,7 +571,7 @@ |
| 571 | 571 | return -ENOMEM; |
| 572 | 572 | if (ret & (VM_FAULT_HWPOISON | VM_FAULT_HWPOISON_LARGE)) |
| 573 | 573 | return -EHWPOISON; |
| 574 | - if (ret & VM_FAULT_SIGBUS) | |
| 574 | + if (ret & (VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV)) | |
| 575 | 575 | return -EFAULT; |
| 576 | 576 | BUG(); |
| 577 | 577 | } |
mm/ksm.c
| ... | ... | @@ -376,7 +376,7 @@ |
| 376 | 376 | else |
| 377 | 377 | ret = VM_FAULT_WRITE; |
| 378 | 378 | put_page(page); |
| 379 | - } while (!(ret & (VM_FAULT_WRITE | VM_FAULT_SIGBUS | VM_FAULT_OOM))); | |
| 379 | + } while (!(ret & (VM_FAULT_WRITE | VM_FAULT_SIGBUS | VM_FAULT_SIGSEGV | VM_FAULT_OOM))); | |
| 380 | 380 | /* |
| 381 | 381 | * We must loop because handle_mm_fault() may back out if there's |
| 382 | 382 | * any difficulty e.g. if pte accessed bit gets updated concurrently. |