1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Based on arch/arm/kernel/signal.c
4 *
5 * Copyright (C) 1995-2009 Russell King
6 * Copyright (C) 2012 ARM Ltd.
7 */
8
9 #include <linux/cache.h>
10 #include <linux/compat.h>
11 #include <linux/errno.h>
12 #include <linux/kernel.h>
13 #include <linux/signal.h>
14 #include <linux/personality.h>
15 #include <linux/freezer.h>
16 #include <linux/stddef.h>
17 #include <linux/uaccess.h>
18 #include <linux/sizes.h>
19 #include <linux/string.h>
20 #include <linux/tracehook.h>
21 #include <linux/ratelimit.h>
22 #include <linux/syscalls.h>
23
24 #include <asm/daifflags.h>
25 #include <asm/debug-monitors.h>
26 #include <asm/elf.h>
27 #include <asm/cacheflush.h>
28 #include <asm/ucontext.h>
29 #include <asm/unistd.h>
30 #include <asm/fpsimd.h>
31 #include <asm/ptrace.h>
32 #include <asm/signal32.h>
33 #include <asm/traps.h>
34 #include <asm/vdso.h>
35
36 /*
37 * Do a signal return; undo the signal stack. These are aligned to 128-bit.
38 */
39 struct rt_sigframe {
40 struct siginfo info;
41 struct ucontext uc;
42 };
43
44 struct frame_record {
45 u64 fp;
46 u64 lr;
47 };
48
49 struct rt_sigframe_user_layout {
50 struct rt_sigframe __user *sigframe;
51 struct frame_record __user *next_frame;
52
53 unsigned long size; /* size of allocated sigframe data */
54 unsigned long limit; /* largest allowed size */
55
56 unsigned long fpsimd_offset;
57 unsigned long esr_offset;
58 unsigned long sve_offset;
59 unsigned long extra_offset;
60 unsigned long end_offset;
61 };
62
63 #define BASE_SIGFRAME_SIZE round_up(sizeof(struct rt_sigframe), 16)
64 #define TERMINATOR_SIZE round_up(sizeof(struct _aarch64_ctx), 16)
65 #define EXTRA_CONTEXT_SIZE round_up(sizeof(struct extra_context), 16)
66
init_user_layout(struct rt_sigframe_user_layout * user)67 static void init_user_layout(struct rt_sigframe_user_layout *user)
68 {
69 const size_t reserved_size =
70 sizeof(user->sigframe->uc.uc_mcontext.__reserved);
71
72 memset(user, 0, sizeof(*user));
73 user->size = offsetof(struct rt_sigframe, uc.uc_mcontext.__reserved);
74
75 user->limit = user->size + reserved_size;
76
77 user->limit -= TERMINATOR_SIZE;
78 user->limit -= EXTRA_CONTEXT_SIZE;
79 /* Reserve space for extension and terminator ^ */
80 }
81
sigframe_size(struct rt_sigframe_user_layout const * user)82 static size_t sigframe_size(struct rt_sigframe_user_layout const *user)
83 {
84 return round_up(max(user->size, sizeof(struct rt_sigframe)), 16);
85 }
86
87 /*
88 * Sanity limit on the approximate maximum size of signal frame we'll
89 * try to generate. Stack alignment padding and the frame record are
90 * not taken into account. This limit is not a guarantee and is
91 * NOT ABI.
92 */
93 #define SIGFRAME_MAXSZ SZ_64K
94
__sigframe_alloc(struct rt_sigframe_user_layout * user,unsigned long * offset,size_t size,bool extend)95 static int __sigframe_alloc(struct rt_sigframe_user_layout *user,
96 unsigned long *offset, size_t size, bool extend)
97 {
98 size_t padded_size = round_up(size, 16);
99
100 if (padded_size > user->limit - user->size &&
101 !user->extra_offset &&
102 extend) {
103 int ret;
104
105 user->limit += EXTRA_CONTEXT_SIZE;
106 ret = __sigframe_alloc(user, &user->extra_offset,
107 sizeof(struct extra_context), false);
108 if (ret) {
109 user->limit -= EXTRA_CONTEXT_SIZE;
110 return ret;
111 }
112
113 /* Reserve space for the __reserved[] terminator */
114 user->size += TERMINATOR_SIZE;
115
116 /*
117 * Allow expansion up to SIGFRAME_MAXSZ, ensuring space for
118 * the terminator:
119 */
120 user->limit = SIGFRAME_MAXSZ - TERMINATOR_SIZE;
121 }
122
123 /* Still not enough space? Bad luck! */
124 if (padded_size > user->limit - user->size)
125 return -ENOMEM;
126
127 *offset = user->size;
128 user->size += padded_size;
129
130 return 0;
131 }
132
133 /*
134 * Allocate space for an optional record of <size> bytes in the user
135 * signal frame. The offset from the signal frame base address to the
136 * allocated block is assigned to *offset.
137 */
sigframe_alloc(struct rt_sigframe_user_layout * user,unsigned long * offset,size_t size)138 static int sigframe_alloc(struct rt_sigframe_user_layout *user,
139 unsigned long *offset, size_t size)
140 {
141 return __sigframe_alloc(user, offset, size, true);
142 }
143
144 /* Allocate the null terminator record and prevent further allocations */
sigframe_alloc_end(struct rt_sigframe_user_layout * user)145 static int sigframe_alloc_end(struct rt_sigframe_user_layout *user)
146 {
147 int ret;
148
149 /* Un-reserve the space reserved for the terminator: */
150 user->limit += TERMINATOR_SIZE;
151
152 ret = sigframe_alloc(user, &user->end_offset,
153 sizeof(struct _aarch64_ctx));
154 if (ret)
155 return ret;
156
157 /* Prevent further allocation: */
158 user->limit = user->size;
159 return 0;
160 }
161
apply_user_offset(struct rt_sigframe_user_layout const * user,unsigned long offset)162 static void __user *apply_user_offset(
163 struct rt_sigframe_user_layout const *user, unsigned long offset)
164 {
165 char __user *base = (char __user *)user->sigframe;
166
167 return base + offset;
168 }
169
preserve_fpsimd_context(struct fpsimd_context __user * ctx)170 static int preserve_fpsimd_context(struct fpsimd_context __user *ctx)
171 {
172 struct user_fpsimd_state const *fpsimd =
173 ¤t->thread.uw.fpsimd_state;
174 int err;
175
176 /* copy the FP and status/control registers */
177 err = __copy_to_user(ctx->vregs, fpsimd->vregs, sizeof(fpsimd->vregs));
178 __put_user_error(fpsimd->fpsr, &ctx->fpsr, err);
179 __put_user_error(fpsimd->fpcr, &ctx->fpcr, err);
180
181 /* copy the magic/size information */
182 __put_user_error(FPSIMD_MAGIC, &ctx->head.magic, err);
183 __put_user_error(sizeof(struct fpsimd_context), &ctx->head.size, err);
184
185 return err ? -EFAULT : 0;
186 }
187
restore_fpsimd_context(struct fpsimd_context __user * ctx)188 static int restore_fpsimd_context(struct fpsimd_context __user *ctx)
189 {
190 struct user_fpsimd_state fpsimd;
191 __u32 magic, size;
192 int err = 0;
193
194 /* check the magic/size information */
195 __get_user_error(magic, &ctx->head.magic, err);
196 __get_user_error(size, &ctx->head.size, err);
197 if (err)
198 return -EFAULT;
199 if (magic != FPSIMD_MAGIC || size != sizeof(struct fpsimd_context))
200 return -EINVAL;
201
202 /* copy the FP and status/control registers */
203 err = __copy_from_user(fpsimd.vregs, ctx->vregs,
204 sizeof(fpsimd.vregs));
205 __get_user_error(fpsimd.fpsr, &ctx->fpsr, err);
206 __get_user_error(fpsimd.fpcr, &ctx->fpcr, err);
207
208 clear_thread_flag(TIF_SVE);
209
210 /* load the hardware registers from the fpsimd_state structure */
211 if (!err)
212 fpsimd_update_current_state(&fpsimd);
213
214 return err ? -EFAULT : 0;
215 }
216
217
218 struct user_ctxs {
219 struct fpsimd_context __user *fpsimd;
220 struct sve_context __user *sve;
221 };
222
223 #ifdef CONFIG_ARM64_SVE
224
preserve_sve_context(struct sve_context __user * ctx)225 static int preserve_sve_context(struct sve_context __user *ctx)
226 {
227 int err = 0;
228 u16 reserved[ARRAY_SIZE(ctx->__reserved)];
229 unsigned int vl = current->thread.sve_vl;
230 unsigned int vq = 0;
231
232 if (test_thread_flag(TIF_SVE))
233 vq = sve_vq_from_vl(vl);
234
235 memset(reserved, 0, sizeof(reserved));
236
237 __put_user_error(SVE_MAGIC, &ctx->head.magic, err);
238 __put_user_error(round_up(SVE_SIG_CONTEXT_SIZE(vq), 16),
239 &ctx->head.size, err);
240 __put_user_error(vl, &ctx->vl, err);
241 BUILD_BUG_ON(sizeof(ctx->__reserved) != sizeof(reserved));
242 err |= __copy_to_user(&ctx->__reserved, reserved, sizeof(reserved));
243
244 if (vq) {
245 /*
246 * This assumes that the SVE state has already been saved to
247 * the task struct by calling the function
248 * fpsimd_signal_preserve_current_state().
249 */
250 err |= __copy_to_user((char __user *)ctx + SVE_SIG_REGS_OFFSET,
251 current->thread.sve_state,
252 SVE_SIG_REGS_SIZE(vq));
253 }
254
255 return err ? -EFAULT : 0;
256 }
257
restore_sve_fpsimd_context(struct user_ctxs * user)258 static int restore_sve_fpsimd_context(struct user_ctxs *user)
259 {
260 int err;
261 unsigned int vq;
262 struct user_fpsimd_state fpsimd;
263 struct sve_context sve;
264
265 if (__copy_from_user(&sve, user->sve, sizeof(sve)))
266 return -EFAULT;
267
268 if (sve.vl != current->thread.sve_vl)
269 return -EINVAL;
270
271 if (sve.head.size <= sizeof(*user->sve)) {
272 clear_thread_flag(TIF_SVE);
273 goto fpsimd_only;
274 }
275
276 vq = sve_vq_from_vl(sve.vl);
277
278 if (sve.head.size < SVE_SIG_CONTEXT_SIZE(vq))
279 return -EINVAL;
280
281 /*
282 * Careful: we are about __copy_from_user() directly into
283 * thread.sve_state with preemption enabled, so protection is
284 * needed to prevent a racing context switch from writing stale
285 * registers back over the new data.
286 */
287
288 fpsimd_flush_task_state(current);
289 /* From now, fpsimd_thread_switch() won't touch thread.sve_state */
290
291 sve_alloc(current);
292 err = __copy_from_user(current->thread.sve_state,
293 (char __user const *)user->sve +
294 SVE_SIG_REGS_OFFSET,
295 SVE_SIG_REGS_SIZE(vq));
296 if (err)
297 return -EFAULT;
298
299 set_thread_flag(TIF_SVE);
300
301 fpsimd_only:
302 /* copy the FP and status/control registers */
303 /* restore_sigframe() already checked that user->fpsimd != NULL. */
304 err = __copy_from_user(fpsimd.vregs, user->fpsimd->vregs,
305 sizeof(fpsimd.vregs));
306 __get_user_error(fpsimd.fpsr, &user->fpsimd->fpsr, err);
307 __get_user_error(fpsimd.fpcr, &user->fpsimd->fpcr, err);
308
309 /* load the hardware registers from the fpsimd_state structure */
310 if (!err)
311 fpsimd_update_current_state(&fpsimd);
312
313 return err ? -EFAULT : 0;
314 }
315
316 #else /* ! CONFIG_ARM64_SVE */
317
318 /* Turn any non-optimised out attempts to use these into a link error: */
319 extern int preserve_sve_context(void __user *ctx);
320 extern int restore_sve_fpsimd_context(struct user_ctxs *user);
321
322 #endif /* ! CONFIG_ARM64_SVE */
323
324
parse_user_sigframe(struct user_ctxs * user,struct rt_sigframe __user * sf)325 static int parse_user_sigframe(struct user_ctxs *user,
326 struct rt_sigframe __user *sf)
327 {
328 struct sigcontext __user *const sc = &sf->uc.uc_mcontext;
329 struct _aarch64_ctx __user *head;
330 char __user *base = (char __user *)&sc->__reserved;
331 size_t offset = 0;
332 size_t limit = sizeof(sc->__reserved);
333 bool have_extra_context = false;
334 char const __user *const sfp = (char const __user *)sf;
335
336 user->fpsimd = NULL;
337 user->sve = NULL;
338
339 if (!IS_ALIGNED((unsigned long)base, 16))
340 goto invalid;
341
342 while (1) {
343 int err = 0;
344 u32 magic, size;
345 char const __user *userp;
346 struct extra_context const __user *extra;
347 u64 extra_datap;
348 u32 extra_size;
349 struct _aarch64_ctx const __user *end;
350 u32 end_magic, end_size;
351
352 if (limit - offset < sizeof(*head))
353 goto invalid;
354
355 if (!IS_ALIGNED(offset, 16))
356 goto invalid;
357
358 head = (struct _aarch64_ctx __user *)(base + offset);
359 __get_user_error(magic, &head->magic, err);
360 __get_user_error(size, &head->size, err);
361 if (err)
362 return err;
363
364 if (limit - offset < size)
365 goto invalid;
366
367 switch (magic) {
368 case 0:
369 if (size)
370 goto invalid;
371
372 goto done;
373
374 case FPSIMD_MAGIC:
375 if (!system_supports_fpsimd())
376 goto invalid;
377 if (user->fpsimd)
378 goto invalid;
379
380 if (size < sizeof(*user->fpsimd))
381 goto invalid;
382
383 user->fpsimd = (struct fpsimd_context __user *)head;
384 break;
385
386 case ESR_MAGIC:
387 /* ignore */
388 break;
389
390 case SVE_MAGIC:
391 if (!system_supports_sve())
392 goto invalid;
393
394 if (user->sve)
395 goto invalid;
396
397 if (size < sizeof(*user->sve))
398 goto invalid;
399
400 user->sve = (struct sve_context __user *)head;
401 break;
402
403 case EXTRA_MAGIC:
404 if (have_extra_context)
405 goto invalid;
406
407 if (size < sizeof(*extra))
408 goto invalid;
409
410 userp = (char const __user *)head;
411
412 extra = (struct extra_context const __user *)userp;
413 userp += size;
414
415 __get_user_error(extra_datap, &extra->datap, err);
416 __get_user_error(extra_size, &extra->size, err);
417 if (err)
418 return err;
419
420 /* Check for the dummy terminator in __reserved[]: */
421
422 if (limit - offset - size < TERMINATOR_SIZE)
423 goto invalid;
424
425 end = (struct _aarch64_ctx const __user *)userp;
426 userp += TERMINATOR_SIZE;
427
428 __get_user_error(end_magic, &end->magic, err);
429 __get_user_error(end_size, &end->size, err);
430 if (err)
431 return err;
432
433 if (end_magic || end_size)
434 goto invalid;
435
436 /* Prevent looping/repeated parsing of extra_context */
437 have_extra_context = true;
438
439 base = (__force void __user *)extra_datap;
440 if (!IS_ALIGNED((unsigned long)base, 16))
441 goto invalid;
442
443 if (!IS_ALIGNED(extra_size, 16))
444 goto invalid;
445
446 if (base != userp)
447 goto invalid;
448
449 /* Reject "unreasonably large" frames: */
450 if (extra_size > sfp + SIGFRAME_MAXSZ - userp)
451 goto invalid;
452
453 /*
454 * Ignore trailing terminator in __reserved[]
455 * and start parsing extra data:
456 */
457 offset = 0;
458 limit = extra_size;
459
460 if (!access_ok(base, limit))
461 goto invalid;
462
463 continue;
464
465 default:
466 goto invalid;
467 }
468
469 if (size < sizeof(*head))
470 goto invalid;
471
472 if (limit - offset < size)
473 goto invalid;
474
475 offset += size;
476 }
477
478 done:
479 return 0;
480
481 invalid:
482 return -EINVAL;
483 }
484
restore_sigframe(struct pt_regs * regs,struct rt_sigframe __user * sf)485 static int restore_sigframe(struct pt_regs *regs,
486 struct rt_sigframe __user *sf)
487 {
488 sigset_t set;
489 int i, err;
490 struct user_ctxs user;
491
492 err = __copy_from_user(&set, &sf->uc.uc_sigmask, sizeof(set));
493 if (err == 0)
494 set_current_blocked(&set);
495
496 for (i = 0; i < 31; i++)
497 __get_user_error(regs->regs[i], &sf->uc.uc_mcontext.regs[i],
498 err);
499 __get_user_error(regs->sp, &sf->uc.uc_mcontext.sp, err);
500 __get_user_error(regs->pc, &sf->uc.uc_mcontext.pc, err);
501 __get_user_error(regs->pstate, &sf->uc.uc_mcontext.pstate, err);
502
503 /*
504 * Avoid sys_rt_sigreturn() restarting.
505 */
506 forget_syscall(regs);
507
508 err |= !valid_user_regs(®s->user_regs, current);
509 if (err == 0)
510 err = parse_user_sigframe(&user, sf);
511
512 if (err == 0 && system_supports_fpsimd()) {
513 if (!user.fpsimd)
514 return -EINVAL;
515
516 if (user.sve) {
517 if (!system_supports_sve())
518 return -EINVAL;
519
520 err = restore_sve_fpsimd_context(&user);
521 } else {
522 err = restore_fpsimd_context(user.fpsimd);
523 }
524 }
525
526 return err;
527 }
528
SYSCALL_DEFINE0(rt_sigreturn)529 SYSCALL_DEFINE0(rt_sigreturn)
530 {
531 struct pt_regs *regs = current_pt_regs();
532 struct rt_sigframe __user *frame;
533
534 /* Always make any pending restarted system calls return -EINTR */
535 current->restart_block.fn = do_no_restart_syscall;
536
537 /*
538 * Since we stacked the signal on a 128-bit boundary, then 'sp' should
539 * be word aligned here.
540 */
541 if (regs->sp & 15)
542 goto badframe;
543
544 frame = (struct rt_sigframe __user *)regs->sp;
545
546 if (!access_ok(frame, sizeof (*frame)))
547 goto badframe;
548
549 if (restore_sigframe(regs, frame))
550 goto badframe;
551
552 if (restore_altstack(&frame->uc.uc_stack))
553 goto badframe;
554
555 return regs->regs[0];
556
557 badframe:
558 arm64_notify_segfault(regs->sp);
559 return 0;
560 }
561
562 /*
563 * Determine the layout of optional records in the signal frame
564 *
565 * add_all: if true, lays out the biggest possible signal frame for
566 * this task; otherwise, generates a layout for the current state
567 * of the task.
568 */
setup_sigframe_layout(struct rt_sigframe_user_layout * user,bool add_all)569 static int setup_sigframe_layout(struct rt_sigframe_user_layout *user,
570 bool add_all)
571 {
572 int err;
573
574 err = sigframe_alloc(user, &user->fpsimd_offset,
575 sizeof(struct fpsimd_context));
576 if (err)
577 return err;
578
579 /* fault information, if valid */
580 if (add_all || current->thread.fault_code) {
581 err = sigframe_alloc(user, &user->esr_offset,
582 sizeof(struct esr_context));
583 if (err)
584 return err;
585 }
586
587 if (system_supports_sve()) {
588 unsigned int vq = 0;
589
590 if (add_all || test_thread_flag(TIF_SVE)) {
591 int vl = sve_max_vl;
592
593 if (!add_all)
594 vl = current->thread.sve_vl;
595
596 vq = sve_vq_from_vl(vl);
597 }
598
599 err = sigframe_alloc(user, &user->sve_offset,
600 SVE_SIG_CONTEXT_SIZE(vq));
601 if (err)
602 return err;
603 }
604
605 return sigframe_alloc_end(user);
606 }
607
setup_sigframe(struct rt_sigframe_user_layout * user,struct pt_regs * regs,sigset_t * set)608 static int setup_sigframe(struct rt_sigframe_user_layout *user,
609 struct pt_regs *regs, sigset_t *set)
610 {
611 int i, err = 0;
612 struct rt_sigframe __user *sf = user->sigframe;
613
614 /* set up the stack frame for unwinding */
615 __put_user_error(regs->regs[29], &user->next_frame->fp, err);
616 __put_user_error(regs->regs[30], &user->next_frame->lr, err);
617
618 for (i = 0; i < 31; i++)
619 __put_user_error(regs->regs[i], &sf->uc.uc_mcontext.regs[i],
620 err);
621 __put_user_error(regs->sp, &sf->uc.uc_mcontext.sp, err);
622 __put_user_error(regs->pc, &sf->uc.uc_mcontext.pc, err);
623 __put_user_error(regs->pstate, &sf->uc.uc_mcontext.pstate, err);
624
625 __put_user_error(current->thread.fault_address, &sf->uc.uc_mcontext.fault_address, err);
626
627 err |= __copy_to_user(&sf->uc.uc_sigmask, set, sizeof(*set));
628
629 if (err == 0 && system_supports_fpsimd()) {
630 struct fpsimd_context __user *fpsimd_ctx =
631 apply_user_offset(user, user->fpsimd_offset);
632 err |= preserve_fpsimd_context(fpsimd_ctx);
633 }
634
635 /* fault information, if valid */
636 if (err == 0 && user->esr_offset) {
637 struct esr_context __user *esr_ctx =
638 apply_user_offset(user, user->esr_offset);
639
640 __put_user_error(ESR_MAGIC, &esr_ctx->head.magic, err);
641 __put_user_error(sizeof(*esr_ctx), &esr_ctx->head.size, err);
642 __put_user_error(current->thread.fault_code, &esr_ctx->esr, err);
643 }
644
645 /* Scalable Vector Extension state, if present */
646 if (system_supports_sve() && err == 0 && user->sve_offset) {
647 struct sve_context __user *sve_ctx =
648 apply_user_offset(user, user->sve_offset);
649 err |= preserve_sve_context(sve_ctx);
650 }
651
652 if (err == 0 && user->extra_offset) {
653 char __user *sfp = (char __user *)user->sigframe;
654 char __user *userp =
655 apply_user_offset(user, user->extra_offset);
656
657 struct extra_context __user *extra;
658 struct _aarch64_ctx __user *end;
659 u64 extra_datap;
660 u32 extra_size;
661
662 extra = (struct extra_context __user *)userp;
663 userp += EXTRA_CONTEXT_SIZE;
664
665 end = (struct _aarch64_ctx __user *)userp;
666 userp += TERMINATOR_SIZE;
667
668 /*
669 * extra_datap is just written to the signal frame.
670 * The value gets cast back to a void __user *
671 * during sigreturn.
672 */
673 extra_datap = (__force u64)userp;
674 extra_size = sfp + round_up(user->size, 16) - userp;
675
676 __put_user_error(EXTRA_MAGIC, &extra->head.magic, err);
677 __put_user_error(EXTRA_CONTEXT_SIZE, &extra->head.size, err);
678 __put_user_error(extra_datap, &extra->datap, err);
679 __put_user_error(extra_size, &extra->size, err);
680
681 /* Add the terminator */
682 __put_user_error(0, &end->magic, err);
683 __put_user_error(0, &end->size, err);
684 }
685
686 /* set the "end" magic */
687 if (err == 0) {
688 struct _aarch64_ctx __user *end =
689 apply_user_offset(user, user->end_offset);
690
691 __put_user_error(0, &end->magic, err);
692 __put_user_error(0, &end->size, err);
693 }
694
695 return err;
696 }
697
get_sigframe(struct rt_sigframe_user_layout * user,struct ksignal * ksig,struct pt_regs * regs)698 static int get_sigframe(struct rt_sigframe_user_layout *user,
699 struct ksignal *ksig, struct pt_regs *regs)
700 {
701 unsigned long sp, sp_top;
702 int err;
703
704 init_user_layout(user);
705 err = setup_sigframe_layout(user, false);
706 if (err)
707 return err;
708
709 sp = sp_top = sigsp(regs->sp, ksig);
710
711 sp = round_down(sp - sizeof(struct frame_record), 16);
712 user->next_frame = (struct frame_record __user *)sp;
713
714 sp = round_down(sp, 16) - sigframe_size(user);
715 user->sigframe = (struct rt_sigframe __user *)sp;
716
717 /*
718 * Check that we can actually write to the signal frame.
719 */
720 if (!access_ok(user->sigframe, sp_top - sp))
721 return -EFAULT;
722
723 return 0;
724 }
725
setup_return(struct pt_regs * regs,struct k_sigaction * ka,struct rt_sigframe_user_layout * user,int usig)726 static void setup_return(struct pt_regs *regs, struct k_sigaction *ka,
727 struct rt_sigframe_user_layout *user, int usig)
728 {
729 __sigrestore_t sigtramp;
730
731 regs->regs[0] = usig;
732 regs->sp = (unsigned long)user->sigframe;
733 regs->regs[29] = (unsigned long)&user->next_frame->fp;
734 regs->pc = (unsigned long)ka->sa.sa_handler;
735
736 /*
737 * Signal delivery is a (wacky) indirect function call in
738 * userspace, so simulate the same setting of BTYPE as a BLR
739 * <register containing the signal handler entry point>.
740 * Signal delivery to a location in a PROT_BTI guarded page
741 * that is not a function entry point will now trigger a
742 * SIGILL in userspace.
743 *
744 * If the signal handler entry point is not in a PROT_BTI
745 * guarded page, this is harmless.
746 */
747 if (system_supports_bti()) {
748 regs->pstate &= ~PSR_BTYPE_MASK;
749 regs->pstate |= PSR_BTYPE_C;
750 }
751
752 /* TCO (Tag Check Override) always cleared for signal handlers */
753 regs->pstate &= ~PSR_TCO_BIT;
754
755 if (ka->sa.sa_flags & SA_RESTORER)
756 sigtramp = ka->sa.sa_restorer;
757 else
758 sigtramp = VDSO_SYMBOL(current->mm->context.vdso, sigtramp);
759
760 regs->regs[30] = (unsigned long)sigtramp;
761 }
762
setup_rt_frame(int usig,struct ksignal * ksig,sigset_t * set,struct pt_regs * regs)763 static int setup_rt_frame(int usig, struct ksignal *ksig, sigset_t *set,
764 struct pt_regs *regs)
765 {
766 struct rt_sigframe_user_layout user;
767 struct rt_sigframe __user *frame;
768 int err = 0;
769
770 fpsimd_signal_preserve_current_state();
771
772 if (get_sigframe(&user, ksig, regs))
773 return 1;
774
775 frame = user.sigframe;
776
777 __put_user_error(0, &frame->uc.uc_flags, err);
778 __put_user_error(NULL, &frame->uc.uc_link, err);
779
780 err |= __save_altstack(&frame->uc.uc_stack, regs->sp);
781 err |= setup_sigframe(&user, regs, set);
782 if (err == 0) {
783 setup_return(regs, &ksig->ka, &user, usig);
784 if (ksig->ka.sa.sa_flags & SA_SIGINFO) {
785 err |= copy_siginfo_to_user(&frame->info, &ksig->info);
786 regs->regs[1] = (unsigned long)&frame->info;
787 regs->regs[2] = (unsigned long)&frame->uc;
788 }
789 }
790
791 return err;
792 }
793
setup_restart_syscall(struct pt_regs * regs)794 static void setup_restart_syscall(struct pt_regs *regs)
795 {
796 if (is_compat_task())
797 compat_setup_restart_syscall(regs);
798 else
799 regs->regs[8] = __NR_restart_syscall;
800 }
801
802 /*
803 * OK, we're invoking a handler
804 */
handle_signal(struct ksignal * ksig,struct pt_regs * regs)805 static void handle_signal(struct ksignal *ksig, struct pt_regs *regs)
806 {
807 sigset_t *oldset = sigmask_to_save();
808 int usig = ksig->sig;
809 int ret;
810
811 rseq_signal_deliver(ksig, regs);
812
813 /*
814 * Set up the stack frame
815 */
816 if (is_compat_task()) {
817 if (ksig->ka.sa.sa_flags & SA_SIGINFO)
818 ret = compat_setup_rt_frame(usig, ksig, oldset, regs);
819 else
820 ret = compat_setup_frame(usig, ksig, oldset, regs);
821 } else {
822 ret = setup_rt_frame(usig, ksig, oldset, regs);
823 }
824
825 /*
826 * Check that the resulting registers are actually sane.
827 */
828 ret |= !valid_user_regs(®s->user_regs, current);
829
830 /* Step into the signal handler if we are stepping */
831 signal_setup_done(ret, ksig, test_thread_flag(TIF_SINGLESTEP));
832 }
833
834 /*
835 * Note that 'init' is a special process: it doesn't get signals it doesn't
836 * want to handle. Thus you cannot kill init even with a SIGKILL even by
837 * mistake.
838 *
839 * Note that we go through the signals twice: once to check the signals that
840 * the kernel can handle, and then we build all the user-level signal handling
841 * stack-frames in one go after that.
842 */
do_signal(struct pt_regs * regs)843 static void do_signal(struct pt_regs *regs)
844 {
845 unsigned long continue_addr = 0, restart_addr = 0;
846 int retval = 0;
847 struct ksignal ksig;
848 bool syscall = in_syscall(regs);
849
850 /*
851 * If we were from a system call, check for system call restarting...
852 */
853 if (syscall) {
854 continue_addr = regs->pc;
855 restart_addr = continue_addr - (compat_thumb_mode(regs) ? 2 : 4);
856 retval = regs->regs[0];
857
858 /*
859 * Avoid additional syscall restarting via ret_to_user.
860 */
861 forget_syscall(regs);
862
863 /*
864 * Prepare for system call restart. We do this here so that a
865 * debugger will see the already changed PC.
866 */
867 switch (retval) {
868 case -ERESTARTNOHAND:
869 case -ERESTARTSYS:
870 case -ERESTARTNOINTR:
871 case -ERESTART_RESTARTBLOCK:
872 regs->regs[0] = regs->orig_x0;
873 regs->pc = restart_addr;
874 break;
875 }
876 }
877
878 /*
879 * Get the signal to deliver. When running under ptrace, at this point
880 * the debugger may change all of our registers.
881 */
882 if (get_signal(&ksig)) {
883 /*
884 * Depending on the signal settings, we may need to revert the
885 * decision to restart the system call, but skip this if a
886 * debugger has chosen to restart at a different PC.
887 */
888 if (regs->pc == restart_addr &&
889 (retval == -ERESTARTNOHAND ||
890 retval == -ERESTART_RESTARTBLOCK ||
891 (retval == -ERESTARTSYS &&
892 !(ksig.ka.sa.sa_flags & SA_RESTART)))) {
893 regs->regs[0] = -EINTR;
894 regs->pc = continue_addr;
895 }
896
897 handle_signal(&ksig, regs);
898 return;
899 }
900
901 /*
902 * Handle restarting a different system call. As above, if a debugger
903 * has chosen to restart at a different PC, ignore the restart.
904 */
905 if (syscall && regs->pc == restart_addr) {
906 if (retval == -ERESTART_RESTARTBLOCK)
907 setup_restart_syscall(regs);
908 user_rewind_single_step(current);
909 }
910
911 restore_saved_sigmask();
912 }
913
do_notify_resume(struct pt_regs * regs,unsigned long thread_flags)914 asmlinkage void do_notify_resume(struct pt_regs *regs,
915 unsigned long thread_flags)
916 {
917 /*
918 * The assembly code enters us with IRQs off, but it hasn't
919 * informed the tracing code of that for efficiency reasons.
920 * Update the trace code with the current status.
921 */
922 trace_hardirqs_off();
923
924 do {
925 /* Check valid user FS if needed */
926 addr_limit_user_check();
927
928 if (thread_flags & _TIF_NEED_RESCHED) {
929 /* Unmask Debug and SError for the next task */
930 local_daif_restore(DAIF_PROCCTX_NOIRQ);
931
932 schedule();
933 } else {
934 local_daif_restore(DAIF_PROCCTX);
935
936 if (thread_flags & _TIF_UPROBE)
937 uprobe_notify_resume(regs);
938
939 if (thread_flags & _TIF_MTE_ASYNC_FAULT) {
940 clear_thread_flag(TIF_MTE_ASYNC_FAULT);
941 send_sig_fault(SIGSEGV, SEGV_MTEAERR,
942 (void __user *)NULL, current);
943 }
944
945 if (thread_flags & _TIF_SIGPENDING)
946 do_signal(regs);
947
948 if (thread_flags & _TIF_NOTIFY_RESUME) {
949 tracehook_notify_resume(regs);
950 rseq_handle_notify_resume(NULL, regs);
951 }
952
953 if (thread_flags & _TIF_FOREIGN_FPSTATE)
954 fpsimd_restore_current_state();
955 }
956
957 local_daif_mask();
958 thread_flags = READ_ONCE(current_thread_info()->flags);
959 } while (thread_flags & _TIF_WORK_MASK);
960 }
961
962 unsigned long __ro_after_init signal_minsigstksz;
963
964 /*
965 * Determine the stack space required for guaranteed signal devliery.
966 * This function is used to populate AT_MINSIGSTKSZ at process startup.
967 * cpufeatures setup is assumed to be complete.
968 */
minsigstksz_setup(void)969 void __init minsigstksz_setup(void)
970 {
971 struct rt_sigframe_user_layout user;
972
973 init_user_layout(&user);
974
975 /*
976 * If this fails, SIGFRAME_MAXSZ needs to be enlarged. It won't
977 * be big enough, but it's our best guess:
978 */
979 if (WARN_ON(setup_sigframe_layout(&user, true)))
980 return;
981
982 signal_minsigstksz = sigframe_size(&user) +
983 round_up(sizeof(struct frame_record), 16) +
984 16; /* max alignment padding */
985 }
986