Commit Graph

54 Commits

Author SHA1 Message Date
Al Viro
b8719c31a3 [PATCH] uml: more __user annotations
From: Al Viro <viro@zeniv.linux.org.uk>

uml __user annotations

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-06-05 12:29:17 -07:00
Al Viro
ca34fb1a87 [PATCH] uml: __user annotation in arch_prctl
From: Al Viro <viro@zeniv.linux.org.uk>

fix uml/amd64 prctl()

put_user() there should go to (long __user *)addr, not &addr

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-06-05 12:29:17 -07:00
Paolo 'Blaisorblade' Giarrusso
7b12b91379 [PATCH] uml: cleanup unprofile expression and build infrastructure
*) Rather than duplicate in various buggy ways the application of
   CFLAGS_NO_HARDENING and UNPROFILE (which apply to the same files),
   centralize it in Makefile.rules.  UNPROFILE_OBJS mustn't be listed in
   USER_OBJS but are compiled as such.

I've also verified that unprofile didn't work in the current form, because we
set _c_flags directly (using CFLAGS and not USER_CFLAGS, which is wrong),
which is normally used by c_flags, but we also override c_flags for all
USER_OBJS, and there we don't call unprofile.

Instead it only worked for unmap.o, the only one which wasn't a USER_OBJ.

We need to set c_flags (which is not a public Kbuild API) to clear a lot of
compilation flags like -nostdinc which Kbuild forces on everything.

*) Rather than $(CFLAGS_$(notdir $@)), which expands to CFLAGS_anObj.s when
   building "anObj.s", use $(CFLAGS_$(*F).o) which always accesses
   CFLAGS_anObj.o, like done by Kbuild.

*) Make c_flags apply to all targets having the same basename, rather than
   listing .s, .i, .lst and .o, with the use (which I tested) of

	$(USER_OBJS:.o=.%): c_flags = ...

and of

 -      $(obj)/unmap.c: _c_flags = ...
 +      $(obj)/unmap.%: _c_flags = ...

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-01 18:17:45 -07:00
Paolo 'Blaisorblade' Giarrusso
275e6e1ee2 [PATCH] uml: fix compilation and execution with hardened GCC
To make some half-assembly stubs compile, disable various "hardened" GCC
features:

*) we can't make it build PIC code as we need %ebx to do syscalls and GCC
   wants it free for PIC

*) we can't leave stack protection as the stub is moved (not relocated!) in
   memory so the RIP-relative access to the canary tries reading from an
   unmapped address and causes a segfault, since we move the stub of various
   megabytes (the exact amount will be decided at runtime) away from the
   link-time address.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-01 18:17:45 -07:00
Paolo 'Blaisorblade' Giarrusso
cb8aa3d29b [PATCH] uml: use Kbuild tracking for all files and fix compilation output
Move the build of user-offsets to arch/um/sys-$(SUBARCH), where it's located.
So we can also build it via Kbuild with its dependency tracking rather than by
hand.  While hacking here, fix also a lot of little cosmetic things.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-01 18:17:45 -07:00
Jeff Dike
fb30d64568 [PATCH] uml: add missing __volatile__
We were missing __volatile__ on some bits of asm in the segfault handlers.
On x86_64, this was messing up the move from %rdx to uc because that was
moved to after the GET_FAULTINFO_FROM_SC, which changed %rdx.

Also changed the other bit of asm and the one in the i386 handler to
prevent any similar occurrences.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-19 09:13:51 -07:00
Paolo 'Blaisorblade' Giarrusso
f53389d8af [PATCH] uml: fix critical typo for TT mode
Noticed this for a compilation-time warning, so I'm fixing it even for TT mode
- this is not put_user, but copy_to_user, so we need a pointer to sp, not sp
itself (we're trying to write the word pointed to by the "sp" var.).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-11 06:18:36 -07:00
Paolo 'Blaisorblade' Giarrusso
aa6758d486 [PATCH] uml: implement {get,set}_thread_area for i386
Implement sys_[gs]et_thread_area and the corresponding ptrace operations for
UML.  This is the main chunk, additional parts follow.  This implementation is
now well tested and has run reliably for some time, and we've understood all
the previously existing problems.

Their implementation saves the new GDT content and then forwards the call to
the host when appropriate, i.e.  immediately when the target process is
running or on context switch otherwise (i.e.  on fork and on ptrace() calls).

In SKAS mode, we must switch registers on each context switch (because SKAS
does not switches tls_array together with current->mm).

Also, added get_cpu() locking; this has been done for SKAS mode, since TT does
not need it (it does not use smp_processor_id()).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-31 12:18:52 -08:00
Al Viro
7b99edc78d [PATCH] uml: clean up remapping code build magic
kills unmap magic

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-31 12:18:51 -08:00
Al Viro
de2fe5e07d [PATCH] uml: eliminate symlinks to host arch
kills symlinks in arch/um/sys-*

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-31 12:18:50 -08:00
Jeff Dike
98c18238f1 [PATCH] uml: fix segfault on signal delivery
This fixes a process segfault where a signal was being delivered such that a
new stack page needed to be allocated to hold the signal frame.  This was
tripping some logic in the page fault handler which wouldn't allocate the page
if the faulting address was more that 32 bytes lower than the current stack
pointer.  Since a signal frame is greater than 32 bytes, this exercised that
case.

It's fixed by updating the SP in the pt_regs before starting to copy the
signal frame.  Since those are the registers that will be copied on to the
stack, we have to be careful to put the original SP, not the new one which
points to the signal frame, on the stack.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 08:44:38 -08:00
Bodo Stroesser
81efcd3300 [PATCH] uml: more carefully test whether we are in a system call
For security reasons, UML in is_syscall() needs to have access to code in
vsyscall-page.  The current implementation grants this access by explicitly
allowing access to vsyscall in access_ok_skas().  With this change,
copy_from_user() may be used to read the code.  Ptrace access to vsyscall-page
for debugging already was implemented in get_user_pages() by mainline.  In
i386, copy_from_user can't access vsyscall-page, but returns EFAULT.

To make UML behave as i386 does, I changed is_syscall to use
access_process_vm(current) to read the code from vsyscall-page.  This doesn't
hurt security, but simplifies the code and prepares implementation of
stub-vmas.

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 08:44:38 -08:00
Jeff Dike
63ae2a94d9 [PATCH] uml: move libc-dependent irq code to os-Linux
The serial UML OS-abstraction layer patch (um/kernel dir).

This moves all systemcalls from irq_user.c file under os-Linux dir

Signed-off-by: Gennady Sharapov <Gennady.V.Sharapov@intel.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-27 08:44:37 -08:00
Jeff Dike
e2216feb37 [PATCH] uml: initialize process FP registers properly
We weren't making sure that we initialized the FP registers of new processes
to sane values.

This patch also moves some defines in the affected area closer to where they
are used.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-02-07 16:12:32 -08:00
Jeff Dike
4ee189a926 [PATCH] uml: fix missing KBUILD_BASENAME
2.6.15-mm1 caused kernel-offsets.c to stop compiling with a syntax error in a
header.  The problem was with KBUILD_BASENAME, which didn't get a definition
with the by-hand compilation in the main UML Makefile.

This was OK before since the expansion was syntactically the same as the
KBUILD_BASENAME token.  With -mm1, the expansion is now a quote-delimited
string, so there needs to be a definition of it.

Since kernel-offsets.c is basically the same as other arches' asm-offsets.c,
and those seem to build OK, this patch turns kernel-offsets.c into
asm-offsets.c.  kernel-offsets.c is in arch/um/sys-$(SUBARCH), i.e.  sys-i386
and sys-x86_64, while kbuild expects it to be in arch/um/kernel.
kernel-offsets.c is moved to
arch/um/include/sysdep-$(SUBARCH)/kernel-offsets.h, which is included by
arch/um/kernel/asm-offsets.c.  With that, include/asm-um/asm-offsets.h is
generated automatically.  kernel-offsets.h continues to exist because it needs
to be accessible to userspace UML code, and include/asm-um isn't.  So, a
symlink is made from arch/um/include/kernel-offsets.h to
include/asm-um/asm-offsets.h.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-01-11 18:42:09 -08:00
Paolo 'Blaisorblade' Giarrusso
63b4444241 [PATCH] uml: fix compilation with CONFIG_MODE_TT disabled
Fix UML compilation when SKAS mode is disabled. Indeed, we were compiling
SKAS-only object files, which failed due to some SKAS-only headers being
excluded from the search path.

Thanks to the bug report from Pekka J Enberg.

Acked-by: Pekka J Enberg <penberg (at) cs ! helsinki ! fi>
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-12-29 09:48:15 -08:00
Jeff Dike
17d469715c [PATCH] uml: properly invoke x86_64 system calls
This patch makes stub_segv use the stub_syscall macros.  This was needed
anyway, but the bug that prompted this was the discovery that gcc was storing
stuff in RCX, which is trashed across a system call.  This is exactly the sort
of problem that the new macros fix.

There is a stub_syscall0 for getpid.  stub_segv was changed to be a libc file,
and that caused some include changes.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-22 09:13:41 -08:00
Bodo Stroesser
858259cf7d [PATCH] uml: maintain own LDT entries
Patch imlements full LDT handling in SKAS:
 * UML holds it's own LDT table, used to deliver data on
   modify_ldt(READ)
 * UML disables the default_ldt, inherited from the host (SKAS3)
   or resets LDT entries, set by host's clib and inherited in
   SKAS0
 * A new global variable skas_needs_stub is inserted, that
   can be used to decide, whether stub-pages must be supported
   or not.
 * Uses the syscall-stub to replace missing PTRACE_LDT (therefore,
   write_ldt_entry needs to be modified)

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-07 07:53:31 -08:00
Jeff Dike
50f72b5794 [PATCH] uml: fix x86_64 with !CONFIG_FRAME_POINTER
UML/x86_64 doesn't run when built with frame pointers disabled.  There
was an implicit frame pointer assumption in the stub segfault handler.
With frame pointers disabled, UML dies on handling its first page fault.

The container-of part of this is from Paolo Giarrusso <blaisorblade@yahoo.it>.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-10 08:37:59 -07:00
Al Viro
ecba97d4aa [PATCH] uml makefiles sanitized
UML makefiles sanitized:
 - number of generated headers reduced to 2 (from user-offsets.c and
   kernel-offsets.c resp.).  The rest is made constant and simply
   includes those two.
 - mk_... helpers are gone now that we don't need to generate these
   headers
 - arch/um/include2 removed since everything under arch/um/include/sysdep
   is constant now and symlink can point straight to source tree.
 - dependencies seriously simplified.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-29 08:46:26 -07:00
viro@ZenIV.linux.org.uk
95608261da [PATCH] bogus symbol used in arch/um/os-Linux/elf_aux.c
elf_aux is userland code; it uses symbol (ELF_CLASS) that doesn't exist in
userland headers; pulled into kernel-offsets.h, switched elf_aux to using it.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-07 17:17:33 -07:00
Bodo Stroesser
07bf731e4b [PATCH] uml: skas0 stubs now check system call return values
Change syscall-stub's data to include a "expected retval".

Stub now checks syscalls retval and aborts execution of syscall list, if
retval != expected retval.

run_syscall_stub prints the data of the failed syscall, using the data pointer
and retval written by the stub to the beginning of the stack.

one_syscall_stub is removed, to simplify code, because only some instructions
are saved by one_syscall_stub, no host-syscall.

Using the stub with additional data (modify_ldt via stub)
is prepared also.

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:24 -07:00
Al Viro
30f7dabb08 [PATCH] uml: build cleanups
Added missing include list to uml AFLAGS

Killed magic for stubs.  [So] - it was needed only because of messed AFLAGS
Switched segv_stubs.c to kernel CFLAGS sans profile, instead of user ones
Killed STUBS_CFLAGS - it's not needed and the only remaining use had been
gratitious - it only polluted CFLAGS

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:23 -07:00
Jeff Dike
c56004901f [PATCH] uml: TLB operation batching
This adds VM op batching to skas0.  Rather than having a context switch to and
from the userspace stub for each address space change, we write a number of
operations to the stub data page and invoke a different stub which loops over
them and executes them all in one go.

The operations are stored as [ system call number, arg1, arg2, ... ] tuples.

The set is terminated by a system call number of 0.  Single operations, i.e.
page faults, are handled in the old way, since that is slightly more
efficient.

For a kernel build, a minority (~1/4) of the operations are part of a set.
These sets averaged ~100 in length, so for this quarter, the context switching
overhead is greatly reduced.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:22 -07:00
Al Viro
93ea5a5b5c [PATCH] uml: build cleanup
Build cleanups

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:22 -07:00
Al Viro
e54a5dfb96 [PATCH] uml: fix signal frame copy_user
The copy_user stuff in the signal frame code was broke.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:21 -07:00
Benjamin LaHaise
52fdd08903 [PATCH] unify x86/x86-64 semaphore code
This patch moves the common code in x86 and x86-64's semaphore.c into a
single file in lib/semaphore-sleepers.c.  The arch specific asm stubs are
left in the arch tree (in semaphore.c for i386 and in the asm for x86-64).
There should be no changes in code/functionality with this patch.

Signed-off-by: Benjamin LaHaise <benjamin.c.lahaise@intel.com>
Cc: Andi Kleen <ak@muc.de>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:06:14 -07:00
Paolo 'Blaisorblade' Giarrusso
1feb8d2d73 [PATCH] uml: workaround host bug in "TT mode vs. NPTL link fix"
A big bug has been diagnosed on hosts running the SKAS patch and built with
CONFIG_REGPARM, due to some missing prevent_tail_call().

On these hosts, this workaround is needed to avoid triggering that bug,
because "to" is kept by GCC only in EBX, which is corrupted at the return of
mmap2().

Since to trigger this bug int 0x80 must be used when doing the call, it rarely
manifests itself, so I'd prefer to get this merged to workaround that host
bug, since it should cause no functional change.  Still, you might prefer to
drop it, I'll leave this to you.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-14 09:00:24 -07:00
Paolo 'Blaisorblade' Giarrusso
bcb01b8a67 [PATCH] uml: fix lvalue for gcc4
Russell King <rmk+lkml@arm.linux.org.uk>

This construct is refused by GCC 4, so here's the (corrected) fix.  Thanks to
Russell for noticing a stupid mistake I did when first sending this.

As he noted, the code is largely suboptimal however it currently works, and
will be fixed shortly.  Just read the access_ok check on fp which is NULL, or
the pointer arithmetic below which should be done with a cast to void*:

 	frame = (struct rt_sigframe __user *)
 		round_down(stack_top - sizeof(struct rt_sigframe), 16) - 8;

The code shows clearly that has been taken from
arch/x86_64/kernel/signal.c:setup_rt_frame(), maybe in a bit of a hurry.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-14 09:00:24 -07:00
Jeff Dike
d67b569f5f [PATCH] uml: skas0 - separate kernel address space on stock hosts
UML has had two modes of operation - an insecure, slow mode (tt mode) in
which the kernel is mapped into every process address space which requires
no host kernel modifications, and a secure, faster mode (skas mode) in
which the UML kernel is in a separate host address space, which requires a
patch to the host kernel.

This patch implements something very close to skas mode for hosts which
don't support skas - I'm calling this skas0.  It provides the security of
the skas host patch, and some of the performance gains.

The two main things that are provided by the skas patch, /proc/mm and
PTRACE_FAULTINFO, are implemented in a way that require no host patch.

For the remote address space changing stuff (mmap, munmap, and mprotect),
we set aside two pages in the process above its stack, one of which
contains a little bit of code which can call mmap et al.

To update the address space, the system call information (system call
number and arguments) are written to the stub page above the code.  The
%esp is set to the beginning of the data, the %eip is set the the start of
the stub, and it repeatedly pops the information into its registers and
makes the system call until it sees a system call number of zero.  This is
to amortize the cost of the context switch across multiple address space
updates.

When the updates are done, it SIGSTOPs itself, and the kernel process
continues what it was doing.

For a PTRACE_FAULTINFO replacement, we set up a SIGSEGV handler in the
child, and let it handle segfaults rather than nullifying them.  The
handler is in the same page as the mmap stub.  The second page is used as
the stack.  The handler reads cr2 and err from the sigcontext, sticks them
at the base of the stack in a faultinfo struct, and SIGSTOPs itself.  The
kernel then reads the faultinfo and handles the fault.

A complication on x86_64 is that this involves resetting the registers to
the segfault values when the process is inside the kill system call.  This
breaks on x86_64 because %rcx will contain %rip because you tell SYSRET
where to return to by putting the value in %rcx.  So, this corrupts $rcx on
return from the segfault.  To work around this, I added an
arch_finish_segv, which on x86 does nothing, but which on x86_64 ptraces
the child back through the sigreturn.  This causes %rcx to be restored by
sigreturn and avoids the corruption.  Ultimately, I think I will replace
this with the trick of having it send itself a blocked signal which will be
unblocked by the sigreturn.  This will allow it to be stopped just after
the sigreturn, and PTRACE_SYSCALLed without all the back-and-forth of
PTRACE_SYSCALLing it through sigreturn.

This runs on a stock host, so theoretically (and hopefully), tt mode isn't
needed any more.  We need to make sure that this is better in every way
than tt mode, though.  I'm concerned about the speed of address space
updates and page fault handling, since they involve extra round-trips to
the child.  We can amortize the round-trip cost for large address space
updates by writing all of the operations to the data page and having the
child execute them all at the same time.  This will help fork and exec, but
not page faults, since they involve only one page.

I can't think of any way to help page faults, except to add something like
PTRACE_FAULTINFO to the host.  There is PTRACE_SIGINFO, but UML doesn't use
siginfo for SIGSEGV (or anything else) because there isn't enough
information in the siginfo struct to handle page faults (the faulting
operation type is missing).  Adding that would make PTRACE_SIGINFO a usable
equivalent to PTRACE_FAULTINFO.

As for the code itself:

- The system call stub is in arch/um/kernel/sys-$(SUBARCH)/stub.S.  It is
  put in its own section of the binary along with stub_segv_handler in
  arch/um/kernel/skas/process.c.  This is manipulated with run_syscall_stub
  in arch/um/kernel/skas/mem_user.c.  syscall_stub will execute any system
  call at all, but it's only used for mmap, munmap, and mprotect.

- The x86_64 stub calls sigreturn by hand rather than allowing the normal
  sigreturn to happen, because the normal sigreturn is a SA_RESTORER in
  UML's address space provided by libc.  Needless to say, this is not
  available in the child's address space.  Also, it does a couple of odd
  pops before that which restore the stack to the state it was in at the
  time the signal handler was called.

- There is a new field in the arch mmu_context, which is now a union.
  This is the pid to be manipulated rather than the /proc/mm file
  descriptor.  Code which deals with this now checks proc_mm to see whether
  it should use the usual skas code or the new code.

- userspace_tramp is now used to create a new host process for every UML
  process, rather than one per UML processor.  It checks proc_mm and
  ptrace_faultinfo to decide whether to map in the pages above its stack.

- start_userspace now makes CLONE_VM conditional on proc_mm since we need
  separate address spaces now.

- switch_mm_skas now just sets userspace_pid[0] to the new pid rather
  than PTRACE_SWITCH_MM.  There is an addition to userspace which updates
  its idea of the pid being manipulated each time around the loop.  This is
  important on exec, when the pid will change underneath userspace().

- The stub page has a pte, but it can't be mapped in using tlb_flush
  because it is part of tlb_flush.  This is why it's required for it to be
  mapped in by userspace_tramp.

Other random things:

- The stub section in uml.lds.S is page aligned.  This page is written
  out to the backing vm file in setup_physmem because it is mapped from
  there into user processes.

- There's some confusion with TASK_SIZE now that there are a couple of
  extra pages that the process can't use.  TASK_SIZE is considered by the
  elf code to be the usable process memory, which is reasonable, so it is
  decreased by two pages.  This confuses the definition of
  USER_PGDS_IN_LAST_PML4, making it too small because of the rounding down
  of the uneven division.  So we round it to the nearest PGDIR_SIZE rather
  than the lower one.

- I added a missing PT_SYSCALL_ARG6_OFFSET macro.

- um_mmu.h was made into a userspace-usable file.

- proc_mm and ptrace_faultinfo are globals which say whether the host
  supports these features.

- There is a bad interaction between the mm.nr_ptes check at the end of
  exit_mmap, stack randomization, and skas0.  exit_mmap will stop freeing
  pages at the PGDIR_SIZE boundary after the last vma.  If the stack isn't
  on the last page table page, the last pte page won't be freed, as it
  should be since the stub ptes are there, and exit_mmap will BUG because
  there is an unfreed page.  To get around this, TASK_SIZE is set to the
  next lowest PGDIR_SIZE boundary and mm->nr_ptes is decremented after the
  calls to init_stub_pte.  This ensures that we know the process stack (and
  all other process mappings) will be below the top page table page, and
  thus we know that mm->nr_ptes will be one too many, and can be
  decremented.

Things that need fixing:

- We may need better assurrences that the stub code is PIC.

- The stub pte is set up in init_new_context_skas.

- alloc_pgdir is probably the right place.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-07-07 18:23:44 -07:00
Jeff Dike
e0877f07e8 [PATCH] uml: fork cleanup
Fix the do_fork calling convention: normal arch pass the regs and the new sp
value to do_fork instead of NULL.

Currently the arch-independent code ignores these values, while the UML code
(actually it's copy_thread) gets the right values by itself.

With this patch, things are fixed up.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25 16:24:35 -07:00
Paolo 'Blaisorblade' Giarrusso
60b2737de1 [PATCH] uml: fix linkage of tt mode against NPTL
With Al Viro <viro@parcelfarce.linux.theplanet.co.uk>

To make sure switcheroo() can execute when we remap all the executable
image, we used a trick to make it use a local copy of errno...  this trick
does not work with NPTL glibc, only with LinuxThreads, so use another
(simpler) one to make it work anyway.

Hopefully, a lot improved thanks to merging with the version of Al Viro
(which had his part of problems, though, i.e.  removing a fix to another
bug and not fixing the problem on i386).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-21 19:07:32 -07:00
Paolo 'Blaisorblade' Giarrusso
f767b02f35 [PATCH] uml: fixlet for arch_prctl_skas
Fix it a bit (after some cross checking with "man arch_prctl"). There were:
*) typos FS/GS and back
*) FS in place of FS_BASE (and the same for GS)
*) the procedure used put_user on &addr, where addr was the parameter (i.e.
changed its param with put_user, completely useless) rather than interpreting
addr as a pointer, as requested in this case (see the man page).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-28 16:46:14 -07:00
Paolo 'Blaisorblade' Giarrusso
b3461034d7 [PATCH] uml: stack dump fix
Copy (and adapt) to UML the stack code dumper used in i386 when
CONFIG_FRAME_POINTER is enabled.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-28 16:46:13 -07:00
Jeff Dike
060e352236 [PATCH] uml: Delay loop cleanups
This patch cleans up the delay implementations a bit, makes the loops
unoptimizable, and exports __udelay and __const_udelay.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-20 15:48:17 -07:00
Jeff Dike
ba9950c820 [PATCH] uml: small fixes left over from rc4
Some changes that I sent in didn't make 2.6.12-rc4 for some reason.  This
adds them back.  We have
	an x86_64 definition of TOP_ADDR
	a reimplementation of the x86_64 csum_partial_copy_from_user
	some syntax fixes in arch/um/kernel/ptrace.c
	removal of a CFLAGS definition in the x86_64 Makefile
	some include changes in the x86_64 ptrace.c and user-offsets.h
	a syntax fix in elf-x86_64.h
Also moved an include in the i386 and x86_64 Makefiles to make the symlinks
work, and some small fixes from Al Viro.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-20 15:48:17 -07:00
Jeff Dike
2d58cc9a43 [PATCH] uml: x86_64 fixes
This fixes some x86_64 bugs -

- maybe_map returns -1 on error instead of 0, which is interpreted as
  physical address 0

- removed an include of ipc.h, which isn't needed

- fixed the calculation of signal frame location

- the signal delivery code is now immune to the stack expansion check

- added a missing include

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-06 22:09:31 -07:00
Bodo Stroesser
82c1c11bdd [PATCH] uml: S390 preparation, peekusr/pokeusr defined by subarch
s390 needs to change some parts of arch/um/kernel/ptrace.c.  Thus, the code
regarding PEEKUSER and POKEUSER are shifted to arch/um/sys-<subarch>/ptrace.c.

Also s390 debug registers need to be updated, when singlestepping is switched
on / off.  Thus, setting/resetting of singlestepping is centralized in the new
function set_singlestep(), which also inserts the macro
SUBARCH_SET_SINGLESTEP(mode), if defined.

Finally, s390 has the "ieee_instruction_pointer" in its
registers, which also is allowed to be read via

  ptrace( PTRACE_PEEKUSER, getpid(), PT_IEEE_IP, 0);

To implement this feature, sys_ptrace inserts the macro
SUBARCH_PTRACE_SPECIAL, if defined.

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-06 22:09:29 -07:00
Bodo Stroesser
5fd861b682 [PATCH] uml: s390 preparation, delay moved to arch
s390 has fast read access to realtime clock (nanosecond resolution).  So it
makes sense to have an arch-specific implementation not only of __delay, but
__udelay also.

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:38 -07:00
Bodo Stroesser
c578455a3e [PATCH] uml: S390 preparation, abstract host page fault data
This patch removes the arch-specific fault/trap-infos from thread and
skas-regs.

It adds a new struct faultinfo, that is arch-specific defined in
sysdep/faultinfo.h.

The structure is inserted in thread.arch and thread.regs.skas and
thread.regs.tt

Now, segv and other trap-handlers can copy the contents from regs.X.faultinfo
to thread.arch.faultinfo with one simple assignment.

Also, the number of macros necessary is reduced to

FAULT_ADDRESS(struct faultinfo)
    extracts the faulting address from faultinfo

FAULT_WRITE(struct faultinfo)
    extracts the "is_write" flag

SEGV_IS_FIXABLE(struct faultinfo)
    is true for the fixable segvs, i.e. (TRAP == 14)
    on i386

UPT_FAULTINFO(regs)
    result is (struct faultinfo *) to the faultinfo
    in regs->skas.faultinfo

GET_FAULTINFO_FROM_SC(struct faultinfo, struct sigcontext *)
    copies the relevant parts of the sigcontext to
    struct faultinfo.

On SIGSEGV, call user_signal() instead of handle_segv(), if the architecture
provides the information needed in PTRACE_FAULTINFO, or if PTRACE_FAULTINFO is
missing, because segv-stub will provide the info.

The benefit of the change is, that in case of a non-fixable SIGSEGV, we can
give user processes a SIGSEGV, instead of possibly looping on pagefault
handling.

Since handle_segv() sikked arch_fixup() implicitly by passing ip==0 to segv(),
I changed segv() to call arch_fixup() only, if !is_user.

Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:36 -07:00
Al Viro
04fe392378 [PATCH] uml: fix missing subdir in x86_64
make distclean et.al.  are missing arch/um/sys-x86_64/utils; fixed the same
way we have it done for sys-i386 counterpart.

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:35 -07:00
Al Viro
2b8b611e9a [PATCH] uml: cross-build support : mk_thread
mk_thread converted

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:35 -07:00
Al Viro
a31769ed3e [PATCH] uml: cross-build support : kernel_offsets
The next group of helpers is a bit trickier - they want the constants similar
to those in user-offsets.h, but we need target sc.h for it.  So we can't put
that into user-offsets (sc.h depends on it) and need the second generated
header for that stuff (kernel-offsets.h.  BFD...

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:35 -07:00
Al Viro
6bae32d395 [PATCH] uml: cross-build support: mk_sc
Ditto for mk_sc

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:34 -07:00
Al Viro
8d0b9dc9be [PATCH] uml: start cross-build support : mk_user_constants
Beginning of cross-build fixes.  Instead of expecting that mk_user_constants
(compiled and executed on the build box) will see the sizeof, etc.  for target
box, we do what every architecture already does for asm-offsets.  Namely, have
user-offsets.c compiled *for* *target* into user-offsets.s and sed it into the
header with relevant constants.  We don't need to reinvent any wheels - all
tools are already there.

This patch deals with mk_user_constants.  It doesn't assume any relationship
between target and build environment anymore - we pick all defines we need
from user-offsets.h.  Later patches will deal with the rest of mk_...  helpers
in the same way.

Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:34 -07:00
Paolo 'Blaisorblade' Giarrusso
776cfebb43 [PATCH] uml kbuild: avoid useless rebuilds
- Fix some problems with usage of $(targets) (sometimes missing, sometimes
  used badly) that trigger partial rebuilds when doing a rebuild.

- At that purpose, also factor out some common code for symlinks creation.

- Fix a x86-64 build warning, caused by -L/usr/lib, which is anyway useless,
  and invalid in the x86-64 case.

Tested on x86_64 and x86.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:33 -07:00
Paolo 'Blaisorblade' Giarrusso
0c28130b5c [PATCH] x86_64: make string func definition work as intended
In include/asm-x86_64/string.h there are such comments:

/* Use C out of line version for memcmp */
#define memcmp __builtin_memcmp
int memcmp(const void * cs,const void * ct,size_t count);

This would mean that if the compiler does not decide to use __builtin_memcmp,
it emits a call to memcmp to be satisfied by the C out-of-line version in
lib/string.c.  What happens is that after preprocessing, in lib/string.i you
may find the definition of "__builtin_strcmp".

Actually, by accident, in the object you will find the definition of strcmp
and such (maybe a trick intended to redirect calls to __builtin_memcmp to the
default memcmp when the definition is not expanded); however, this particular
case is not a documented feature as far as I can see.

Also, the EXPORT_SYMBOL does not work, so it's duplicated in the arch.

I simply added some #undef to lib/string.c and removed the (now duplicated)
exports in x86-64 and UML/x86_64 subarchs (the second ones are introduced by
another patch I just posted for -mm).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
CC: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:33 -07:00
Paolo 'Blaisorblade' Giarrusso
23352fc252 [PATCH] uml: kludgy compilation fixes for x86-64 subarch modules support
These are some trivial fixes for the x86-64 subarch module support.  The only
potential problem is that I have to modify arch/x86_64/kernel/module.c, to
avoid copying the whole of it.

I can't use it verbatim because it depends on a special vmalloc-like area for
modules, which for now (maybe that's to fix, I guess not) UML/x86-64 has not.
I went the easy way and reused the i386 vmalloc()-based allocator.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Acked-by: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:33 -07:00
Paolo 'Blaisorblade' Giarrusso
f7fe878174 [PATCH] uml: obvious compile fixes for x86-64 Subarch and x86 regression fixes
This patch does some totally trivial compilation fixes.  It also restores the
debugregs manipulation, which was commented out simply because it doesn't
compile on x86_64 (we haven't yet implemented there debugregs handling).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-05 16:36:32 -07:00
Stephen Rothwell
7d87e14c23 [PATCH] consolidate sys_shmat
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-05-01 08:59:12 -07:00