From patchwork Fri Apr 14 19:36:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergey Bugaev X-Patchwork-Id: 1769172 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=qLG2Li+H; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Pymv42pntz1yXv for ; Sat, 15 Apr 2023 05:37:52 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id BF6DB385770D for ; Fri, 14 Apr 2023 19:37:49 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BF6DB385770D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1681501069; bh=6nmf/22fLRPQ78OsbRCZybk7ZMzljvMRk1dJIVf5lDM=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=qLG2Li+HoUGLGcF70Yd/PYXjbHC9lFxCoQAsBN1Nq7vjLFH0BmCupVZu0OXAFHXbp R+IajwRjTJf+jjpiS+jAgYr4cZEgdSTuBJwL5pv5Z5Ew/fJPh+B5PcYC39sajGpXxs xYfZ+3+/qeEfB9VUCPxafPsv1aEN+WBMNYBOz94o= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com [IPv6:2a00:1450:4864:20::233]) by sourceware.org (Postfix) with ESMTPS id 844763858C54 for ; Fri, 14 Apr 2023 19:37:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 844763858C54 Received: by mail-lj1-x233.google.com with SMTP id by8so19863324ljb.13 for ; Fri, 14 Apr 2023 12:37:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681501049; x=1684093049; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6nmf/22fLRPQ78OsbRCZybk7ZMzljvMRk1dJIVf5lDM=; b=Q3Cgvmet/kr9Ptft2C4LCtOMEWw78JCPJONLE2nFir4je6bePfFgxTDWfNPrzqXGBz IuGe3fBuGPHrPEcZIYpfmD5ZVVG4u0ivQljHhKYTXg3z42QQSjgLm79m3b8y9b6e2BgA Xc9CAlHxS3DmUOGM/tnA4wEfQiCXY3r+bdwKZ3Yp0qneBZXyKGPFW5sNLtO1oF6Qyxef pLeBDrc+2qnIBzZy/Q93yyND1hr9pesMVnd184X6j5//Hp7qReTEjJPCKhHolxBo6v5g V08F/rT9sii17G6I/39i726A5O8po50RvguT9dnhxJldVXEiKzK9Jl2LsjO6Q9p8uzTQ VenA== X-Gm-Message-State: AAQBX9cXH7z+KZLn19cPNSQCGN32r6riCz5NWBjNXlXXu70ibPBBrY9n TVICEnI1f3/lkw1iv5GvJU+xs03gi771Ow== X-Google-Smtp-Source: AKy350afOmbZx+KQ1IA9hCWg4Q86Ho4ecoX1CtcRCubSX8I6n6IyARDPKMtkPhzJDq4N4KDrkF7mYQ== X-Received: by 2002:a2e:864d:0:b0:2a7:7730:9da with SMTP id i13-20020a2e864d000000b002a7773009damr2396930ljj.7.1681501049104; Fri, 14 Apr 2023 12:37:29 -0700 (PDT) Received: from localhost.localdomain ([2a02:2168:b344:a600:4435:f106:1598:d2b0]) by smtp.gmail.com with ESMTPSA id v8-20020a2e9608000000b002a8a5afb87csm735730ljh.20.2023.04.14.12.37.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Apr 2023 12:37:28 -0700 (PDT) To: libc-alpha@sourceware.org, bug-hurd@gnu.org Cc: Samuel Thibault , Sergey Bugaev Subject: [PATCH 1/5] hurd: Fix restoring reply port in sigreturn Date: Fri, 14 Apr 2023 22:36:56 +0300 Message-Id: <20230414193700.542116-1-bugaevc@gmail.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-Spam-Status: No, score=-11.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Sergey Bugaev via Libc-alpha From: Sergey Bugaev Reply-To: Sergey Bugaev Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" We must not use the user's reply port (scp->sc_reply_port) for any of our own RPCs, otherwise various things break. So, use MACH_PORT_DEAD as a reply port when destroying our reply port, and make sure to do this after _hurd_sigstate_unlock (), which may do a gsync_wake () RPC. Signed-off-by: Sergey Bugaev --- sysdeps/mach/hurd/i386/sigreturn.c | 35 ++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/sysdeps/mach/hurd/i386/sigreturn.c b/sysdeps/mach/hurd/i386/sigreturn.c index 4f196710..a0fc8891 100644 --- a/sysdeps/mach/hurd/i386/sigreturn.c +++ b/sysdeps/mach/hurd/i386/sigreturn.c @@ -26,11 +26,29 @@ register int *sp asm ("%esp"); /* This is run on the thread stack after restoring it, to be able to unlock SS off sigstack. */ static void -__sigreturn2 (int *usp) +__sigreturn2 (int *usp, struct sigcontext *scp) { + mach_port_t reply_port; struct hurd_sigstate *ss = _hurd_self_sigstate (); _hurd_sigstate_unlock (ss); + /* Destroy the MiG reply port used by the signal handler, and restore the + reply port in use by the thread when interrupted. + + We cannot use the original reply port for our RPCs that we do here, since + we could unexpectedly receive/consume a reply message meant for the user + (in particular, msg_sig_post_reply), and also since we would deallocate + the port if *our* RPC fails, which we don't want to do since the user + still has the old name. And so, temporarily set MACH_PORT_DEAD as our + reply name, and make sure destroying the port is the very last RPC we + do. */ + reply_port = THREAD_GETMEM (THREAD_SELF, reply_port); + THREAD_SETMEM (THREAD_SELF, reply_port, MACH_PORT_DEAD); + if (MACH_PORT_VALID (reply_port)) + (void) __mach_port_mod_refs (__mach_task_self (), reply_port, + MACH_PORT_RIGHT_RECEIVE, -1); + THREAD_SETMEM (THREAD_SELF, reply_port, scp->sc_reply_port); + sp = usp; #define A(line) asm volatile (#line) /* The members in the sigcontext are arranged in this order @@ -58,7 +76,6 @@ __sigreturn (struct sigcontext *scp) { struct hurd_sigstate *ss; struct hurd_userlink *link = (void *) &scp[1]; - mach_port_t reply_port; if (scp == NULL || (scp->sc_mask & _SIG_CANT_MASK)) { @@ -98,13 +115,6 @@ __sigreturn (struct sigcontext *scp) if (scp->sc_onstack) ss->sigaltstack.ss_flags &= ~SS_ONSTACK; - /* Destroy the MiG reply port used by the signal handler, and restore the - reply port in use by the thread when interrupted. */ - reply_port = THREAD_GETMEM (THREAD_SELF, reply_port); - THREAD_SETMEM (THREAD_SELF, reply_port, scp->sc_reply_port); - if (MACH_PORT_VALID (reply_port)) - __mach_port_destroy (__mach_task_self (), reply_port); - if (scp->sc_fpused) /* Restore the FPU state. Mach conveniently stores the state in the format the i387 `frstor' instruction uses to restore it. */ @@ -115,15 +125,16 @@ __sigreturn (struct sigcontext *scp) copy the registers onto the user's stack, switch there, pop and return. */ - int *usp = (int *) scp->sc_uesp; + int usp_arg, *usp = (int *) scp->sc_uesp; *--usp = scp->sc_eip; *--usp = scp->sc_efl; memcpy (usp -= 12, &scp->sc_i386_thread_state, 12 * sizeof (int)); + usp_arg = (int) usp; + *--usp = (int) scp; /* Pass usp to __sigreturn2 so it can unwind itself easily. */ - *(usp-1) = (int) usp; - --usp; + *--usp = usp_arg; /* Bogus return address for __sigreturn2 */ *--usp = 0; *--usp = (int) __sigreturn2;