From patchwork Mon Dec 6 13:46:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 48534 X-Patchwork-Delegate: szabolcs.nagy@arm.com Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 6ACE53858C60 for ; Mon, 6 Dec 2021 13:49:38 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6ACE53858C60 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1638798578; bh=wcCfzbruCLPGCzsQ7cG7X9Z8rwjh0nDPxpHyPKbV//g=; h=To:Subject:In-Reply-To:References:Date:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=V0+Pc8hGjc3lANV5BE/TnT2HopjpCJsTNpIUmtM7HoFpa+RUfqaffPNwyTYdo7mck 6pazTmmGw66Brf1O6ASScr6+FpL/xrT9TLfCEUPKgIawBT3y5NeCsx6u9bU/rNV3kf CNtSL3h6NMbi76nWVdbnj5xbiMej/dp6LlHuR7vk= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id A052F385842B for ; Mon, 6 Dec 2021 13:46:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org A052F385842B Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-246-z8gaRKHHPXOHTQmpD89Ikg-1; Mon, 06 Dec 2021 08:46:41 -0500 X-MC-Unique: z8gaRKHHPXOHTQmpD89Ikg-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6CC8681426A; Mon, 6 Dec 2021 13:46:40 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.193.123]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 47A3110016FE; Mon, 6 Dec 2021 13:46:39 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH 4/5] nptl: Add glibc.pthread.rseq tunable to control rseq registration In-Reply-To: References: X-From-Line: 8c13d24bb87ae74658ae64f8ea1661edd1d8dd75 Mon Sep 17 00:00:00 2001 Message-Id: <8c13d24bb87ae74658ae64f8ea1661edd1d8dd75.1638798186.git.fweimer@redhat.com> Date: Mon, 06 Dec 2021 14:46:37 +0100 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Florian Weimer via Libc-alpha From: Florian Weimer Reply-To: Florian Weimer Cc: Mathieu Desnoyers Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" This tunable allows applications to register the rseq area instead of glibc. --- manual/tunables.texi | 10 +++ nptl/pthread_create.c | 10 ++- sysdeps/nptl/dl-tls_init_tp.c | 11 ++- sysdeps/nptl/dl-tunables.list | 6 ++ sysdeps/nptl/internaltypes.h | 1 + sysdeps/unix/sysv/linux/Makefile | 8 ++ sysdeps/unix/sysv/linux/rseq-internal.h | 19 +++-- sysdeps/unix/sysv/linux/tst-rseq-disable.c | 89 ++++++++++++++++++++++ 8 files changed, 145 insertions(+), 9 deletions(-) create mode 100644 sysdeps/unix/sysv/linux/tst-rseq-disable.c diff --git a/manual/tunables.texi b/manual/tunables.texi index 10f4d75993..5d50b90f64 100644 --- a/manual/tunables.texi +++ b/manual/tunables.texi @@ -424,6 +424,16 @@ The value is measured in bytes. The default is @samp{41943040} (fourty mibibytes). @end deftp +@deftp Tunable glibc.pthread.rseq +The @code{glibc.pthread.rseq} tunable can be set to @samp{0}, to disable +restartable sequences support in @theglibc{}. This enables applications +to perform direct restartable sequence registration with the kernel. +The default is @samp{1}, which means that @theglibc{} performs +registration on behalf of the application. + +Restartable sequences are a Linux-specific extension. +@end deftp + @node Hardware Capability Tunables @section Hardware Capability Tunables @cindex hardware capability tunables diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c index ea0d79341e..036ca15ea0 100644 --- a/nptl/pthread_create.c +++ b/nptl/pthread_create.c @@ -368,7 +368,10 @@ start_thread (void *arg) __ctype_init (); /* Register rseq TLS to the kernel. */ - rseq_register_current_thread (pd); + { + bool do_rseq = THREAD_GETMEM (pd, flags) & ATTR_FLAG_DO_RSEQ; + rseq_register_current_thread (pd, do_rseq); + } #ifndef __ASSUME_SET_ROBUST_LIST if (__nptl_set_robust_list_avail) @@ -677,6 +680,11 @@ __pthread_create_2_1 (pthread_t *newthread, const pthread_attr_t *attr, pd->flags = ((iattr->flags & ~(ATTR_FLAG_SCHED_SET | ATTR_FLAG_POLICY_SET)) | (self->flags & (ATTR_FLAG_SCHED_SET | ATTR_FLAG_POLICY_SET))); + /* Inherit rseq registration state. Without seccomp filters, rseq + registration will either always fail or always succeed. */ + if ((int) THREAD_GETMEM (self, rseq_area.cpu_id) >= 0) + pd->flags |= ATTR_FLAG_DO_RSEQ; + /* Initialize the field for the ID of the thread which is waiting for us. This is a self-reference in case the thread is created detached. */ diff --git a/sysdeps/nptl/dl-tls_init_tp.c b/sysdeps/nptl/dl-tls_init_tp.c index fedb876fdb..b39dfbff2c 100644 --- a/sysdeps/nptl/dl-tls_init_tp.c +++ b/sysdeps/nptl/dl-tls_init_tp.c @@ -23,6 +23,9 @@ #include #include +#define TUNABLE_NAMESPACE pthread +#include + #ifndef __ASSUME_SET_ROBUST_LIST bool __nptl_set_robust_list_avail; rtld_hidden_data_def (__nptl_set_robust_list_avail) @@ -92,7 +95,13 @@ __tls_init_tp (void) } } - rseq_register_current_thread (pd); + { + bool do_rseq = true; +#if HAVE_TUNABLES + do_rseq = TUNABLE_GET (rseq, int, NULL); +#endif + rseq_register_current_thread (pd, do_rseq); + } /* Set initial thread's stack block from 0 up to __libc_stack_end. It will be bigger than it actually is, but for unwind.c/pt-longjmp.c diff --git a/sysdeps/nptl/dl-tunables.list b/sysdeps/nptl/dl-tunables.list index ac5d053298..d24f4be0d0 100644 --- a/sysdeps/nptl/dl-tunables.list +++ b/sysdeps/nptl/dl-tunables.list @@ -27,5 +27,11 @@ glibc { type: SIZE_T default: 41943040 } + rseq { + type: INT_32 + minval: 0 + maxval: 1 + default: 1 + } } } diff --git a/sysdeps/nptl/internaltypes.h b/sysdeps/nptl/internaltypes.h index 6032a6b785..dec8c5b5ff 100644 --- a/sysdeps/nptl/internaltypes.h +++ b/sysdeps/nptl/internaltypes.h @@ -48,6 +48,7 @@ struct pthread_attr #define ATTR_FLAG_OLDATTR 0x0010 #define ATTR_FLAG_SCHED_SET 0x0020 #define ATTR_FLAG_POLICY_SET 0x0040 +#define ATTR_FLAG_DO_RSEQ 0x0080 /* Used to allocate a pthread_attr_t object which is also accessed internally. */ diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile index eb0f5fc021..62a796f214 100644 --- a/sysdeps/unix/sysv/linux/Makefile +++ b/sysdeps/unix/sysv/linux/Makefile @@ -136,6 +136,12 @@ tests-internal += \ tst-sigcontext-get_pc \ # tests-internal +ifneq (no,$(have-tunables)) +tests-internal += \ + tst-rseq-disable \ + # tests-internal $(have-tunables) +endif + tests-time64 += \ tst-adjtimex-time64 \ tst-clock_adjtime-time64 \ @@ -227,6 +233,8 @@ $(objpfx)tst-mman-consts.out: ../sysdeps/unix/sysv/linux/tst-mman-consts.py < /dev/null > $@ 2>&1; $(evaluate-test) $(objpfx)tst-mman-consts.out: $(sysdeps-linux-python-deps) +tst-rseq-disable-ENV = GLIBC_TUNABLES=glibc.pthread.rseq=0 + endif # $(subdir) == misc ifeq ($(subdir),time) diff --git a/sysdeps/unix/sysv/linux/rseq-internal.h b/sysdeps/unix/sysv/linux/rseq-internal.h index 909f547825..15bc7ffd6e 100644 --- a/sysdeps/unix/sysv/linux/rseq-internal.h +++ b/sysdeps/unix/sysv/linux/rseq-internal.h @@ -21,22 +21,27 @@ #include #include #include +#include #include #include #ifdef RSEQ_SIG static inline void -rseq_register_current_thread (struct pthread *self) +rseq_register_current_thread (struct pthread *self, bool do_rseq) { - int ret = INTERNAL_SYSCALL_CALL (rseq, - &self->rseq_area, sizeof (self->rseq_area), - 0, RSEQ_SIG); - if (INTERNAL_SYSCALL_ERROR_P (ret)) - THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_REGISTRATION_FAILED); + if (do_rseq) + { + int ret = INTERNAL_SYSCALL_CALL (rseq, &self->rseq_area, + sizeof (self->rseq_area), + 0, RSEQ_SIG); + if (!INTERNAL_SYSCALL_ERROR_P (ret)) + return; + } + THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_REGISTRATION_FAILED); } #else /* RSEQ_SIG */ static inline void -rseq_register_current_thread (struct pthread *self) +rseq_register_current_thread (struct pthread *self, bool do_rseq) { THREAD_SETMEM (self, rseq_area.cpu_id, RSEQ_CPU_ID_REGISTRATION_FAILED); } diff --git a/sysdeps/unix/sysv/linux/tst-rseq-disable.c b/sysdeps/unix/sysv/linux/tst-rseq-disable.c new file mode 100644 index 0000000000..000e351872 --- /dev/null +++ b/sysdeps/unix/sysv/linux/tst-rseq-disable.c @@ -0,0 +1,89 @@ +/* Test disabling of rseq registration via tunable. + Copyright (C) 2021 Free Software Foundation, Inc. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include +#include + +#ifdef RSEQ_SIG + +/* Check that rseq can be registered and has not been taken by glibc. */ +static void +check_rseq_disabled (void) +{ + struct pthread *pd = THREAD_SELF; + TEST_COMPARE ((int) pd->rseq_area.cpu_id, RSEQ_CPU_ID_REGISTRATION_FAILED); + + int ret = syscall (__NR_rseq, &pd->rseq_area, sizeof (pd->rseq_area), + 0, RSEQ_SIG); + if (ret == 0) + { + ret = syscall (__NR_rseq, &pd->rseq_area, sizeof (pd->rseq_area), + RSEQ_FLAG_UNREGISTER, RSEQ_SIG); + TEST_COMPARE (ret, 0); + pd->rseq_area.cpu_id = RSEQ_CPU_ID_REGISTRATION_FAILED; + } + else + { + TEST_VERIFY (errno != -EINVAL); + TEST_VERIFY (errno != -EBUSY); + } +} + +static void * +thread_func (void *ignored) +{ + check_rseq_disabled (); + return NULL; +} + +static void +proc_func (void *ignored) +{ + check_rseq_disabled (); +} + +static int +do_test (void) +{ + puts ("info: checking main thread"); + check_rseq_disabled (); + + puts ("info: checking main thread (2)"); + check_rseq_disabled (); + + puts ("info: checking new thread"); + xpthread_join (xpthread_create (NULL, thread_func, NULL)); + + puts ("info: checking subprocess"); + support_isolate_in_subprocess (proc_func, NULL); + + return 0; +} +#else /* !RSEQ_SIG */ +static int +do_test (void) +{ + FAIL_UNSUPPORTED ("glibc does not define RSEQ_SIG, skipping test"); +} +#endif + +#include