Re: [regression] x86/signal/64: Fix SS handling for signals delivered to 64-bit programs breaks dosemu

From: Stas Sergeev
Date: Thu Aug 13 2015 - 22:03:29 EST

14.08.2015 04:37, Andy Lutomirski ÐÐÑÐÑ:
On Thu, Aug 13, 2015 at 6:32 PM, Stas Sergeev <stsp@xxxxxxx> wrote:
14.08.2015 04:21, Andy Lutomirski ÐÐÑÐÑ:

On Thu, Aug 13, 2015 at 5:50 PM, Stas Sergeev <stsp@xxxxxxx> wrote:
14.08.2015 03:27, Linus Torvalds ÐÐÑÐÑ:
On Thu, Aug 13, 2015 at 5:17 PM, Stas Sergeev <stsp@xxxxxxx> wrote:
For example because you can as well do:
which will mean "restore ss in sighandler to its current value",
I really think a prctl() is the wrong thing to do.

If you want a signal handler to save/restore segments, I think it
should be a SA_xyz flag to sigaction() (the way we have SA_RESTART
Yes, I was proposing the new sigaction() flag in this thread
already too. But at the end, prctl() looks better to me because
it allows to pass the TLS value to use when restoring FS.
The thing is that I am trying to find the similar treatment for
both the SS and FS problems. If you don't think they need a
similar treatment, then perhaps the Andy's patch is enough.

etc). And off by default because of the obvious compatibility issues.
Of course.

So, what we have right now (in the latest Andy's patch) is:
1. lar heuristics
2. new uc_flags flag

What it solves: dosemu's regression.

What prctl() can give:
- fix to dosemu's regression
- fix to the TLS problem in the future
- no hack and heuristics

With SA_xyz you can only solve the SS problem, so it is
probably not any better than the uc_flags things coded
up by Andy.
I'm leaning slightly toward LAR heuristic + SA_SAVE_SS.
Stop right here, doesn't the SA_xyz allow to avoid the
lar heuristic? Why would you still need the lar heuristic then?
Just call it SA_RESTORE_SS instead of SA_SAVE_SS, and
the lar heuristic is gone.
The LAR heuristic is about five lines of code, and it makes signal
delivery more reliable. Sure, we could gate the "regs->ss =
__USER_DS" line on a flag, but why?
I'll let others decide on that.
My vote is to no heuristic if possible, and keeping the FS
problem in mind if possible (obviously, both are possible).

Unfortunately, I don't think we were clever enough to allow this to be
probed easily -- we silently ignore unrecognized sa_flags bits.
Big deal, check the kversion. :)
Not so good. For example, if you made your DOSEMU patch to use the
saved SS check the version, then the backported revert would break
I would be scared to imagine the program that probes
for everything, adding more and more probes with years,
instead of just saying "you need kernel version at least x.y.z".
If some functionality is reverted, another kversion check
can be added. This all is not new: dosemu's protected mode
implementation doesn't work on many kernels selectively.
IIRC it didn't work on 3.14 because the 16bit LDTs were
disallowed, and other versions had problems too. It is easier
to ban such kernels by versions instead of adding a run-time
probes, because you don't know beforehand what will break
in the next kernel to add a probe in advance, and when you
react to an existing breakage, it already doesn't matter.
The possibly of reverting a new functionality is similar to
getting a breakage in an existing functionality (or even have
lower probability), so I see no reason to choose different
treatments for these two.
But of course every author has own habits.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at