RFR: 8345296: AArch64: VM crashes with SIGILL when prctl is disallowed

[Aleksey Shipilev]

On Mon, 2 Dec 2024 13:12:13 GMT, Evgeny Astigeevich <eastigeevich at openjdk.org> wrote:

>> We have caught this in some prod environments, where `prctl` is forbidden by the sandboxing mechanism. This fails the JVM, because we have the following code to check for SVE vector length:
>> 
>> 
>> int VM_Version::get_current_sve_vector_length() {
>>   assert(VM_Version::supports_sve(), "should not call this");
>>   return prctl(PR_SVE_GET_VL);
>> }
>> 
>> 
>> That code returns `-1` when `prctl` is disallowed, which JVM then blindly interprets as vector length, leading to `SIGILL`. I looked around other uses of `prctl` around Hotspot, and they all seem to handle the errors correctly.
>> 
>> Additional testing:
>>  - [x] Linux AArch64 server fastdebug, with seccomp reproducer
>>  - [ ] Linux AArch64 server fastdebug, `all`
>
> src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 453:
> 
>> 451:     } else {
>> 452:       _initial_sve_vector_length = vl;
>> 453:     }
> 
> I think we need to disable SVE in `VM_Version::get_os_cpu_info` in `src/hotspot/os_cpu/linux_aarch64/vm_version_linux_aarch64.cpp`:
> 
> 
>   if (auxv2 & HWCAP2_SVE2) _features |= CPU_SVE2;
>   if (auxv2 & HWCAP2_SVEBITPERM) _features |= CPU_SVEBITPERM;
> 
>   if (prctl(PR_SVE_GET_VL) == -1) {
>     warning("Unable to get SVE vector length on this system. Disabling SVE.");
>     _features &= ~CPU_SVE;
>   }

I think this part later in the same method does the sync for us already:
https://github.com/openjdk/jdk/blob/b8233989e7605268dda908e6b639ca373789792b/src/hotspot/cpu/aarch64/vm_version_aarch64.cpp#L590-L597

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/22479#discussion_r1865930448