[RFC PATCH] powerpc/signal: sanitise PT_NIP and sa_handler low bits

[Sachin Sant]

>> [  550.569802] GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
>> [  550.569802] GPR20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
>> [  550.569802] GPR24: 0000000000000002 0000000000000001 0000000002002000 0000000002802000
>> [  550.569802] GPR28: 0000000000000000 0000000000000800 c000000ae08bbe80 0000000000040080
>> [  550.569899] NIP [c0000000000171dc] arch_local_irq_restore+0x22c/0x230
>> [  550.569909] LR [c000000000033240] interrupt_exit_user_prepare_main+0x150/0x260
>> [  550.569919] Call Trace:
>> [  550.569925] [c000000ae08bbd80] [c000000000033240] interrupt_exit_user_prepare_main+0x150/0x260
>> [  550.569937] [c000000ae08bbde0] [c000000000033744] syscall_exit_prepare+0x74/0x150
>> [  550.569948] [c000000ae08bbe10] [c00000000000c758] system_call_common+0xf8/0x268
> 
> Yeah this looks like a different issue. Is there a test running which 
> flips the security mitigations rapidly? There is a race window with
Yes, powerpc/security/mitigation-patching.sh. This test enables/disables
various supported mitigations (parallel execution).

> the the static branch causing exit_must_hard_disable() returning two
> different values.
> 
> We should update they key while single threaded AFAIKS.

Thanks. I tested with this fix. The test ran correctly without a crash.

> diff --git a/arch/powerpc/lib/feature-fixups.c b/arch/powerpc/lib/feature-fixups.c
> index 57c6bb802f6c..a7cb317e7039 100644
> --- a/arch/powerpc/lib/feature-fixups.c
> +++ b/arch/powerpc/lib/feature-fixups.c
> @@ -232,11 +232,22 @@ static DEFINE_MUTEX(exit_flush_lock);
> 
> static int __do_stf_barrier_fixups(void *data)
> {
> -	enum stf_barrier_type *types = data;
> +	enum stf_barrier_type types = *(enum stf_barrier_type *)data;
> 
> 	do_stf_entry_barrier_fixups(*types);
> 	do_stf_exit_barrier_fixups(*types);
> 
*types should be changed to “types” to avoid build failure.