Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0-only
2 : /*
3 : * linux/kernel/signal.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : *
7 : * 1997-11-02 Modified for POSIX.1b signals by Richard Henderson
8 : *
9 : * 2003-06-02 Jim Houston - Concurrent Computer Corp.
10 : * Changes to use preallocated sigqueue structures
11 : * to allow signals to be sent reliably.
12 : */
13 :
14 : #include <linux/slab.h>
15 : #include <linux/export.h>
16 : #include <linux/init.h>
17 : #include <linux/sched/mm.h>
18 : #include <linux/sched/user.h>
19 : #include <linux/sched/debug.h>
20 : #include <linux/sched/task.h>
21 : #include <linux/sched/task_stack.h>
22 : #include <linux/sched/cputime.h>
23 : #include <linux/file.h>
24 : #include <linux/fs.h>
25 : #include <linux/proc_fs.h>
26 : #include <linux/tty.h>
27 : #include <linux/binfmts.h>
28 : #include <linux/coredump.h>
29 : #include <linux/security.h>
30 : #include <linux/syscalls.h>
31 : #include <linux/ptrace.h>
32 : #include <linux/signal.h>
33 : #include <linux/signalfd.h>
34 : #include <linux/ratelimit.h>
35 : #include <linux/task_work.h>
36 : #include <linux/capability.h>
37 : #include <linux/freezer.h>
38 : #include <linux/pid_namespace.h>
39 : #include <linux/nsproxy.h>
40 : #include <linux/user_namespace.h>
41 : #include <linux/uprobes.h>
42 : #include <linux/compat.h>
43 : #include <linux/cn_proc.h>
44 : #include <linux/compiler.h>
45 : #include <linux/posix-timers.h>
46 : #include <linux/cgroup.h>
47 : #include <linux/audit.h>
48 :
49 : #define CREATE_TRACE_POINTS
50 : #include <trace/events/signal.h>
51 :
52 : #include <asm/param.h>
53 : #include <linux/uaccess.h>
54 : #include <asm/unistd.h>
55 : #include <asm/siginfo.h>
56 : #include <asm/cacheflush.h>
57 : #include <asm/syscall.h> /* for syscall_get_* */
58 :
59 : /*
60 : * SLAB caches for signal bits.
61 : */
62 :
63 : static struct kmem_cache *sigqueue_cachep;
64 :
65 : int print_fatal_signals __read_mostly;
66 :
67 : static void __user *sig_handler(struct task_struct *t, int sig)
68 : {
69 0 : return t->sighand->action[sig - 1].sa.sa_handler;
70 : }
71 :
72 : static inline bool sig_handler_ignored(void __user *handler, int sig)
73 : {
74 : /* Is it explicitly or implicitly ignored? */
75 0 : return handler == SIG_IGN ||
76 0 : (handler == SIG_DFL && sig_kernel_ignore(sig));
77 : }
78 :
79 0 : static bool sig_task_ignored(struct task_struct *t, int sig, bool force)
80 : {
81 : void __user *handler;
82 :
83 0 : handler = sig_handler(t, sig);
84 :
85 : /* SIGKILL and SIGSTOP may not be sent to the global init */
86 0 : if (unlikely(is_global_init(t) && sig_kernel_only(sig)))
87 : return true;
88 :
89 0 : if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) &&
90 0 : handler == SIG_DFL && !(force && sig_kernel_only(sig)))
91 : return true;
92 :
93 : /* Only allow kernel generated signals to this kthread */
94 0 : if (unlikely((t->flags & PF_KTHREAD) &&
95 : (handler == SIG_KTHREAD_KERNEL) && !force))
96 : return true;
97 :
98 0 : return sig_handler_ignored(handler, sig);
99 : }
100 :
101 0 : static bool sig_ignored(struct task_struct *t, int sig, bool force)
102 : {
103 : /*
104 : * Blocked signals are never ignored, since the
105 : * signal handler may change by the time it is
106 : * unblocked.
107 : */
108 0 : if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig))
109 : return false;
110 :
111 : /*
112 : * Tracers may want to know about even ignored signal unless it
113 : * is SIGKILL which can't be reported anyway but can be ignored
114 : * by SIGNAL_UNKILLABLE task.
115 : */
116 0 : if (t->ptrace && sig != SIGKILL)
117 : return false;
118 :
119 0 : return sig_task_ignored(t, sig, force);
120 : }
121 :
122 : /*
123 : * Re-calculate pending state from the set of locally pending
124 : * signals, globally pending signals, and blocked signals.
125 : */
126 : static inline bool has_pending_signals(sigset_t *signal, sigset_t *blocked)
127 : {
128 : unsigned long ready;
129 : long i;
130 :
131 : switch (_NSIG_WORDS) {
132 : default:
133 : for (i = _NSIG_WORDS, ready = 0; --i >= 0 ;)
134 : ready |= signal->sig[i] &~ blocked->sig[i];
135 : break;
136 :
137 : case 4: ready = signal->sig[3] &~ blocked->sig[3];
138 : ready |= signal->sig[2] &~ blocked->sig[2];
139 : ready |= signal->sig[1] &~ blocked->sig[1];
140 : ready |= signal->sig[0] &~ blocked->sig[0];
141 : break;
142 :
143 : case 2: ready = signal->sig[1] &~ blocked->sig[1];
144 : ready |= signal->sig[0] &~ blocked->sig[0];
145 : break;
146 :
147 1528 : case 1: ready = signal->sig[0] &~ blocked->sig[0];
148 : }
149 : return ready != 0;
150 : }
151 :
152 : #define PENDING(p,b) has_pending_signals(&(p)->signal, (b))
153 :
154 : static bool recalc_sigpending_tsk(struct task_struct *t)
155 : {
156 1528 : if ((t->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) ||
157 2292 : PENDING(&t->pending, &t->blocked) ||
158 1528 : PENDING(&t->signal->shared_pending, &t->blocked) ||
159 : cgroup_task_frozen(t)) {
160 0 : set_tsk_thread_flag(t, TIF_SIGPENDING);
161 : return true;
162 : }
163 :
164 : /*
165 : * We must never clear the flag in another thread, or in current
166 : * when it's possible the current syscall is returning -ERESTART*.
167 : * So we don't clear it here, and only callers who know they should do.
168 : */
169 : return false;
170 : }
171 :
172 : /*
173 : * After recalculating TIF_SIGPENDING, we need to make sure the task wakes up.
174 : * This is superfluous when called on current, the wakeup is a harmless no-op.
175 : */
176 0 : void recalc_sigpending_and_wake(struct task_struct *t)
177 : {
178 0 : if (recalc_sigpending_tsk(t))
179 0 : signal_wake_up(t, 0);
180 0 : }
181 :
182 764 : void recalc_sigpending(void)
183 : {
184 3056 : if (!recalc_sigpending_tsk(current) && !freezing(current))
185 764 : clear_thread_flag(TIF_SIGPENDING);
186 :
187 764 : }
188 : EXPORT_SYMBOL(recalc_sigpending);
189 :
190 382 : void calculate_sigpending(void)
191 : {
192 : /* Have any signals or users of TIF_SIGPENDING been delayed
193 : * until after fork?
194 : */
195 764 : spin_lock_irq(¤t->sighand->siglock);
196 764 : set_tsk_thread_flag(current, TIF_SIGPENDING);
197 382 : recalc_sigpending();
198 764 : spin_unlock_irq(¤t->sighand->siglock);
199 382 : }
200 :
201 : /* Given the mask, find the first available signal that should be serviced. */
202 :
203 : #define SYNCHRONOUS_MASK \
204 : (sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \
205 : sigmask(SIGTRAP) | sigmask(SIGFPE) | sigmask(SIGSYS))
206 :
207 0 : int next_signal(struct sigpending *pending, sigset_t *mask)
208 : {
209 : unsigned long i, *s, *m, x;
210 0 : int sig = 0;
211 :
212 0 : s = pending->signal.sig;
213 0 : m = mask->sig;
214 :
215 : /*
216 : * Handle the first word specially: it contains the
217 : * synchronous signals that need to be dequeued first.
218 : */
219 0 : x = *s &~ *m;
220 0 : if (x) {
221 0 : if (x & SYNCHRONOUS_MASK)
222 0 : x &= SYNCHRONOUS_MASK;
223 0 : sig = ffz(~x) + 1;
224 : return sig;
225 : }
226 :
227 : switch (_NSIG_WORDS) {
228 : default:
229 : for (i = 1; i < _NSIG_WORDS; ++i) {
230 : x = *++s &~ *++m;
231 : if (!x)
232 : continue;
233 : sig = ffz(~x) + i*_NSIG_BPW + 1;
234 : break;
235 : }
236 : break;
237 :
238 : case 2:
239 : x = s[1] &~ m[1];
240 : if (!x)
241 : break;
242 : sig = ffz(~x) + _NSIG_BPW + 1;
243 : break;
244 :
245 : case 1:
246 : /* Nothing to do */
247 : break;
248 : }
249 :
250 : return sig;
251 : }
252 :
253 0 : static inline void print_dropped_signal(int sig)
254 : {
255 : static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
256 :
257 0 : if (!print_fatal_signals)
258 : return;
259 :
260 0 : if (!__ratelimit(&ratelimit_state))
261 : return;
262 :
263 0 : pr_info("%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
264 : current->comm, current->pid, sig);
265 : }
266 :
267 : /**
268 : * task_set_jobctl_pending - set jobctl pending bits
269 : * @task: target task
270 : * @mask: pending bits to set
271 : *
272 : * Clear @mask from @task->jobctl. @mask must be subset of
273 : * %JOBCTL_PENDING_MASK | %JOBCTL_STOP_CONSUME | %JOBCTL_STOP_SIGMASK |
274 : * %JOBCTL_TRAPPING. If stop signo is being set, the existing signo is
275 : * cleared. If @task is already being killed or exiting, this function
276 : * becomes noop.
277 : *
278 : * CONTEXT:
279 : * Must be called with @task->sighand->siglock held.
280 : *
281 : * RETURNS:
282 : * %true if @mask is set, %false if made noop because @task was dying.
283 : */
284 0 : bool task_set_jobctl_pending(struct task_struct *task, unsigned long mask)
285 : {
286 0 : BUG_ON(mask & ~(JOBCTL_PENDING_MASK | JOBCTL_STOP_CONSUME |
287 : JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
288 0 : BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
289 :
290 0 : if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
291 : return false;
292 :
293 0 : if (mask & JOBCTL_STOP_SIGMASK)
294 0 : task->jobctl &= ~JOBCTL_STOP_SIGMASK;
295 :
296 0 : task->jobctl |= mask;
297 0 : return true;
298 : }
299 :
300 : /**
301 : * task_clear_jobctl_trapping - clear jobctl trapping bit
302 : * @task: target task
303 : *
304 : * If JOBCTL_TRAPPING is set, a ptracer is waiting for us to enter TRACED.
305 : * Clear it and wake up the ptracer. Note that we don't need any further
306 : * locking. @task->siglock guarantees that @task->parent points to the
307 : * ptracer.
308 : *
309 : * CONTEXT:
310 : * Must be called with @task->sighand->siglock held.
311 : */
312 0 : void task_clear_jobctl_trapping(struct task_struct *task)
313 : {
314 0 : if (unlikely(task->jobctl & JOBCTL_TRAPPING)) {
315 0 : task->jobctl &= ~JOBCTL_TRAPPING;
316 0 : smp_mb(); /* advised by wake_up_bit() */
317 0 : wake_up_bit(&task->jobctl, JOBCTL_TRAPPING_BIT);
318 : }
319 0 : }
320 :
321 : /**
322 : * task_clear_jobctl_pending - clear jobctl pending bits
323 : * @task: target task
324 : * @mask: pending bits to clear
325 : *
326 : * Clear @mask from @task->jobctl. @mask must be subset of
327 : * %JOBCTL_PENDING_MASK. If %JOBCTL_STOP_PENDING is being cleared, other
328 : * STOP bits are cleared together.
329 : *
330 : * If clearing of @mask leaves no stop or trap pending, this function calls
331 : * task_clear_jobctl_trapping().
332 : *
333 : * CONTEXT:
334 : * Must be called with @task->sighand->siglock held.
335 : */
336 0 : void task_clear_jobctl_pending(struct task_struct *task, unsigned long mask)
337 : {
338 0 : BUG_ON(mask & ~JOBCTL_PENDING_MASK);
339 :
340 0 : if (mask & JOBCTL_STOP_PENDING)
341 0 : mask |= JOBCTL_STOP_CONSUME | JOBCTL_STOP_DEQUEUED;
342 :
343 0 : task->jobctl &= ~mask;
344 :
345 0 : if (!(task->jobctl & JOBCTL_PENDING_MASK))
346 : task_clear_jobctl_trapping(task);
347 0 : }
348 :
349 : /**
350 : * task_participate_group_stop - participate in a group stop
351 : * @task: task participating in a group stop
352 : *
353 : * @task has %JOBCTL_STOP_PENDING set and is participating in a group stop.
354 : * Group stop states are cleared and the group stop count is consumed if
355 : * %JOBCTL_STOP_CONSUME was set. If the consumption completes the group
356 : * stop, the appropriate `SIGNAL_*` flags are set.
357 : *
358 : * CONTEXT:
359 : * Must be called with @task->sighand->siglock held.
360 : *
361 : * RETURNS:
362 : * %true if group stop completion should be notified to the parent, %false
363 : * otherwise.
364 : */
365 0 : static bool task_participate_group_stop(struct task_struct *task)
366 : {
367 0 : struct signal_struct *sig = task->signal;
368 0 : bool consume = task->jobctl & JOBCTL_STOP_CONSUME;
369 :
370 0 : WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING));
371 :
372 0 : task_clear_jobctl_pending(task, JOBCTL_STOP_PENDING);
373 :
374 0 : if (!consume)
375 : return false;
376 :
377 0 : if (!WARN_ON_ONCE(sig->group_stop_count == 0))
378 0 : sig->group_stop_count--;
379 :
380 : /*
381 : * Tell the caller to notify completion iff we are entering into a
382 : * fresh group stop. Read comment in do_signal_stop() for details.
383 : */
384 0 : if (!sig->group_stop_count && !(sig->flags & SIGNAL_STOP_STOPPED)) {
385 0 : signal_set_stop_flags(sig, SIGNAL_STOP_STOPPED);
386 0 : return true;
387 : }
388 : return false;
389 : }
390 :
391 0 : void task_join_group_stop(struct task_struct *task)
392 : {
393 0 : unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK;
394 0 : struct signal_struct *sig = current->signal;
395 :
396 0 : if (sig->group_stop_count) {
397 0 : sig->group_stop_count++;
398 0 : mask |= JOBCTL_STOP_CONSUME;
399 0 : } else if (!(sig->flags & SIGNAL_STOP_STOPPED))
400 : return;
401 :
402 : /* Have the new thread join an on-going signal group stop */
403 0 : task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING);
404 : }
405 :
406 : /*
407 : * allocate a new signal queue record
408 : * - this may be called without locks if and only if t == current, otherwise an
409 : * appropriate lock must be held to stop the target task from exiting
410 : */
411 : static struct sigqueue *
412 0 : __sigqueue_alloc(int sig, struct task_struct *t, gfp_t gfp_flags,
413 : int override_rlimit, const unsigned int sigqueue_flags)
414 : {
415 0 : struct sigqueue *q = NULL;
416 0 : struct ucounts *ucounts = NULL;
417 : long sigpending;
418 :
419 : /*
420 : * Protect access to @t credentials. This can go away when all
421 : * callers hold rcu read lock.
422 : *
423 : * NOTE! A pending signal will hold on to the user refcount,
424 : * and we get/put the refcount only when the sigpending count
425 : * changes from/to zero.
426 : */
427 : rcu_read_lock();
428 0 : ucounts = task_ucounts(t);
429 0 : sigpending = inc_rlimit_get_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING);
430 : rcu_read_unlock();
431 0 : if (!sigpending)
432 : return NULL;
433 :
434 0 : if (override_rlimit || likely(sigpending <= task_rlimit(t, RLIMIT_SIGPENDING))) {
435 0 : q = kmem_cache_alloc(sigqueue_cachep, gfp_flags);
436 : } else {
437 0 : print_dropped_signal(sig);
438 : }
439 :
440 0 : if (unlikely(q == NULL)) {
441 0 : dec_rlimit_put_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING);
442 : } else {
443 0 : INIT_LIST_HEAD(&q->list);
444 0 : q->flags = sigqueue_flags;
445 0 : q->ucounts = ucounts;
446 : }
447 : return q;
448 : }
449 :
450 0 : static void __sigqueue_free(struct sigqueue *q)
451 : {
452 0 : if (q->flags & SIGQUEUE_PREALLOC)
453 : return;
454 0 : if (q->ucounts) {
455 0 : dec_rlimit_put_ucounts(q->ucounts, UCOUNT_RLIMIT_SIGPENDING);
456 0 : q->ucounts = NULL;
457 : }
458 0 : kmem_cache_free(sigqueue_cachep, q);
459 : }
460 :
461 736 : void flush_sigqueue(struct sigpending *queue)
462 : {
463 : struct sigqueue *q;
464 :
465 736 : sigemptyset(&queue->signal);
466 1472 : while (!list_empty(&queue->list)) {
467 0 : q = list_entry(queue->list.next, struct sigqueue , list);
468 0 : list_del_init(&q->list);
469 0 : __sigqueue_free(q);
470 : }
471 736 : }
472 :
473 : /*
474 : * Flush all pending signals for this kthread.
475 : */
476 1 : void flush_signals(struct task_struct *t)
477 : {
478 : unsigned long flags;
479 :
480 1 : spin_lock_irqsave(&t->sighand->siglock, flags);
481 2 : clear_tsk_thread_flag(t, TIF_SIGPENDING);
482 1 : flush_sigqueue(&t->pending);
483 1 : flush_sigqueue(&t->signal->shared_pending);
484 2 : spin_unlock_irqrestore(&t->sighand->siglock, flags);
485 1 : }
486 : EXPORT_SYMBOL(flush_signals);
487 :
488 : #ifdef CONFIG_POSIX_TIMERS
489 0 : static void __flush_itimer_signals(struct sigpending *pending)
490 : {
491 : sigset_t signal, retain;
492 : struct sigqueue *q, *n;
493 :
494 0 : signal = pending->signal;
495 0 : sigemptyset(&retain);
496 :
497 0 : list_for_each_entry_safe(q, n, &pending->list, list) {
498 0 : int sig = q->info.si_signo;
499 :
500 0 : if (likely(q->info.si_code != SI_TIMER)) {
501 : sigaddset(&retain, sig);
502 : } else {
503 0 : sigdelset(&signal, sig);
504 0 : list_del_init(&q->list);
505 0 : __sigqueue_free(q);
506 : }
507 : }
508 :
509 0 : sigorsets(&pending->signal, &signal, &retain);
510 0 : }
511 :
512 0 : void flush_itimer_signals(void)
513 : {
514 0 : struct task_struct *tsk = current;
515 : unsigned long flags;
516 :
517 0 : spin_lock_irqsave(&tsk->sighand->siglock, flags);
518 0 : __flush_itimer_signals(&tsk->pending);
519 0 : __flush_itimer_signals(&tsk->signal->shared_pending);
520 0 : spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
521 0 : }
522 : #endif
523 :
524 1 : void ignore_signals(struct task_struct *t)
525 : {
526 : int i;
527 :
528 65 : for (i = 0; i < _NSIG; ++i)
529 64 : t->sighand->action[i].sa.sa_handler = SIG_IGN;
530 :
531 1 : flush_signals(t);
532 1 : }
533 :
534 : /*
535 : * Flush all handlers for a task.
536 : */
537 :
538 : void
539 0 : flush_signal_handlers(struct task_struct *t, int force_default)
540 : {
541 : int i;
542 0 : struct k_sigaction *ka = &t->sighand->action[0];
543 0 : for (i = _NSIG ; i != 0 ; i--) {
544 0 : if (force_default || ka->sa.sa_handler != SIG_IGN)
545 0 : ka->sa.sa_handler = SIG_DFL;
546 0 : ka->sa.sa_flags = 0;
547 : #ifdef __ARCH_HAS_SA_RESTORER
548 0 : ka->sa.sa_restorer = NULL;
549 : #endif
550 0 : sigemptyset(&ka->sa.sa_mask);
551 0 : ka++;
552 : }
553 0 : }
554 :
555 0 : bool unhandled_signal(struct task_struct *tsk, int sig)
556 : {
557 0 : void __user *handler = tsk->sighand->action[sig-1].sa.sa_handler;
558 0 : if (is_global_init(tsk))
559 : return true;
560 :
561 0 : if (handler != SIG_IGN && handler != SIG_DFL)
562 : return false;
563 :
564 : /* if ptraced, let the tracer determine */
565 0 : return !tsk->ptrace;
566 : }
567 :
568 0 : static void collect_signal(int sig, struct sigpending *list, kernel_siginfo_t *info,
569 : bool *resched_timer)
570 : {
571 0 : struct sigqueue *q, *first = NULL;
572 :
573 : /*
574 : * Collect the siginfo appropriate to this signal. Check if
575 : * there is another siginfo for the same signal.
576 : */
577 0 : list_for_each_entry(q, &list->list, list) {
578 0 : if (q->info.si_signo == sig) {
579 0 : if (first)
580 : goto still_pending;
581 : first = q;
582 : }
583 : }
584 :
585 0 : sigdelset(&list->signal, sig);
586 :
587 0 : if (first) {
588 : still_pending:
589 0 : list_del_init(&first->list);
590 0 : copy_siginfo(info, &first->info);
591 :
592 0 : *resched_timer =
593 0 : (first->flags & SIGQUEUE_PREALLOC) &&
594 0 : (info->si_code == SI_TIMER) &&
595 0 : (info->si_sys_private);
596 :
597 0 : __sigqueue_free(first);
598 : } else {
599 : /*
600 : * Ok, it wasn't in the queue. This must be
601 : * a fast-pathed signal or we must have been
602 : * out of queue space. So zero out the info.
603 : */
604 0 : clear_siginfo(info);
605 0 : info->si_signo = sig;
606 0 : info->si_errno = 0;
607 0 : info->si_code = SI_USER;
608 0 : info->si_pid = 0;
609 0 : info->si_uid = 0;
610 : }
611 0 : }
612 :
613 0 : static int __dequeue_signal(struct sigpending *pending, sigset_t *mask,
614 : kernel_siginfo_t *info, bool *resched_timer)
615 : {
616 0 : int sig = next_signal(pending, mask);
617 :
618 0 : if (sig)
619 0 : collect_signal(sig, pending, info, resched_timer);
620 0 : return sig;
621 : }
622 :
623 : /*
624 : * Dequeue a signal and return the element to the caller, which is
625 : * expected to free it.
626 : *
627 : * All callers have to hold the siglock.
628 : */
629 0 : int dequeue_signal(struct task_struct *tsk, sigset_t *mask,
630 : kernel_siginfo_t *info, enum pid_type *type)
631 : {
632 0 : bool resched_timer = false;
633 : int signr;
634 :
635 : /* We only dequeue private signals from ourselves, we don't let
636 : * signalfd steal them
637 : */
638 0 : *type = PIDTYPE_PID;
639 0 : signr = __dequeue_signal(&tsk->pending, mask, info, &resched_timer);
640 0 : if (!signr) {
641 0 : *type = PIDTYPE_TGID;
642 0 : signr = __dequeue_signal(&tsk->signal->shared_pending,
643 : mask, info, &resched_timer);
644 : #ifdef CONFIG_POSIX_TIMERS
645 : /*
646 : * itimer signal ?
647 : *
648 : * itimers are process shared and we restart periodic
649 : * itimers in the signal delivery path to prevent DoS
650 : * attacks in the high resolution timer case. This is
651 : * compliant with the old way of self-restarting
652 : * itimers, as the SIGALRM is a legacy signal and only
653 : * queued once. Changing the restart behaviour to
654 : * restart the timer in the signal dequeue path is
655 : * reducing the timer noise on heavy loaded !highres
656 : * systems too.
657 : */
658 0 : if (unlikely(signr == SIGALRM)) {
659 0 : struct hrtimer *tmr = &tsk->signal->real_timer;
660 :
661 0 : if (!hrtimer_is_queued(tmr) &&
662 0 : tsk->signal->it_real_incr != 0) {
663 0 : hrtimer_forward(tmr, tmr->base->get_time(),
664 : tsk->signal->it_real_incr);
665 : hrtimer_restart(tmr);
666 : }
667 : }
668 : #endif
669 : }
670 :
671 0 : recalc_sigpending();
672 0 : if (!signr)
673 : return 0;
674 :
675 0 : if (unlikely(sig_kernel_stop(signr))) {
676 : /*
677 : * Set a marker that we have dequeued a stop signal. Our
678 : * caller might release the siglock and then the pending
679 : * stop signal it is about to process is no longer in the
680 : * pending bitmasks, but must still be cleared by a SIGCONT
681 : * (and overruled by a SIGKILL). So those cases clear this
682 : * shared flag after we've set it. Note that this flag may
683 : * remain set after the signal we return is ignored or
684 : * handled. That doesn't matter because its only purpose
685 : * is to alert stop-signal processing code when another
686 : * processor has come along and cleared the flag.
687 : */
688 0 : current->jobctl |= JOBCTL_STOP_DEQUEUED;
689 : }
690 : #ifdef CONFIG_POSIX_TIMERS
691 0 : if (resched_timer) {
692 : /*
693 : * Release the siglock to ensure proper locking order
694 : * of timer locks outside of siglocks. Note, we leave
695 : * irqs disabled here, since the posix-timers code is
696 : * about to disable them again anyway.
697 : */
698 0 : spin_unlock(&tsk->sighand->siglock);
699 0 : posixtimer_rearm(info);
700 0 : spin_lock(&tsk->sighand->siglock);
701 :
702 : /* Don't expose the si_sys_private value to userspace */
703 0 : info->si_sys_private = 0;
704 : }
705 : #endif
706 : return signr;
707 : }
708 : EXPORT_SYMBOL_GPL(dequeue_signal);
709 :
710 0 : static int dequeue_synchronous_signal(kernel_siginfo_t *info)
711 : {
712 0 : struct task_struct *tsk = current;
713 0 : struct sigpending *pending = &tsk->pending;
714 0 : struct sigqueue *q, *sync = NULL;
715 :
716 : /*
717 : * Might a synchronous signal be in the queue?
718 : */
719 0 : if (!((pending->signal.sig[0] & ~tsk->blocked.sig[0]) & SYNCHRONOUS_MASK))
720 : return 0;
721 :
722 : /*
723 : * Return the first synchronous signal in the queue.
724 : */
725 0 : list_for_each_entry(q, &pending->list, list) {
726 : /* Synchronous signals have a positive si_code */
727 0 : if ((q->info.si_code > SI_USER) &&
728 0 : (sigmask(q->info.si_signo) & SYNCHRONOUS_MASK)) {
729 0 : sync = q;
730 : goto next;
731 : }
732 : }
733 : return 0;
734 : next:
735 : /*
736 : * Check if there is another siginfo for the same signal.
737 : */
738 0 : list_for_each_entry_continue(q, &pending->list, list) {
739 0 : if (q->info.si_signo == sync->info.si_signo)
740 : goto still_pending;
741 : }
742 :
743 0 : sigdelset(&pending->signal, sync->info.si_signo);
744 0 : recalc_sigpending();
745 : still_pending:
746 0 : list_del_init(&sync->list);
747 0 : copy_siginfo(info, &sync->info);
748 0 : __sigqueue_free(sync);
749 0 : return info->si_signo;
750 : }
751 :
752 : /*
753 : * Tell a process that it has a new active signal..
754 : *
755 : * NOTE! we rely on the previous spin_lock to
756 : * lock interrupts for us! We can only be called with
757 : * "siglock" held, and the local interrupt must
758 : * have been disabled when that got acquired!
759 : *
760 : * No need to set need_resched since signal event passing
761 : * goes through ->blocked
762 : */
763 0 : void signal_wake_up_state(struct task_struct *t, unsigned int state)
764 : {
765 : lockdep_assert_held(&t->sighand->siglock);
766 :
767 0 : set_tsk_thread_flag(t, TIF_SIGPENDING);
768 :
769 : /*
770 : * TASK_WAKEKILL also means wake it up in the stopped/traced/killable
771 : * case. We don't check t->state here because there is a race with it
772 : * executing another processor and just now entering stopped state.
773 : * By using wake_up_state, we ensure the process will wake up and
774 : * handle its death signal.
775 : */
776 0 : if (!wake_up_state(t, state | TASK_INTERRUPTIBLE))
777 : kick_process(t);
778 0 : }
779 :
780 : /*
781 : * Remove signals in mask from the pending set and queue.
782 : * Returns 1 if any signals were found.
783 : *
784 : * All callers must be holding the siglock.
785 : */
786 0 : static void flush_sigqueue_mask(sigset_t *mask, struct sigpending *s)
787 : {
788 : struct sigqueue *q, *n;
789 : sigset_t m;
790 :
791 0 : sigandsets(&m, mask, &s->signal);
792 0 : if (sigisemptyset(&m))
793 : return;
794 :
795 0 : sigandnsets(&s->signal, &s->signal, mask);
796 0 : list_for_each_entry_safe(q, n, &s->list, list) {
797 0 : if (sigismember(mask, q->info.si_signo)) {
798 0 : list_del_init(&q->list);
799 0 : __sigqueue_free(q);
800 : }
801 : }
802 : }
803 :
804 : static inline int is_si_special(const struct kernel_siginfo *info)
805 : {
806 : return info <= SEND_SIG_PRIV;
807 : }
808 :
809 : static inline bool si_fromuser(const struct kernel_siginfo *info)
810 : {
811 0 : return info == SEND_SIG_NOINFO ||
812 0 : (!is_si_special(info) && SI_FROMUSER(info));
813 : }
814 :
815 : /*
816 : * called with RCU read lock from check_kill_permission()
817 : */
818 0 : static bool kill_ok_by_cred(struct task_struct *t)
819 : {
820 0 : const struct cred *cred = current_cred();
821 0 : const struct cred *tcred = __task_cred(t);
822 :
823 0 : return uid_eq(cred->euid, tcred->suid) ||
824 0 : uid_eq(cred->euid, tcred->uid) ||
825 0 : uid_eq(cred->uid, tcred->suid) ||
826 0 : uid_eq(cred->uid, tcred->uid) ||
827 0 : ns_capable(tcred->user_ns, CAP_KILL);
828 : }
829 :
830 : /*
831 : * Bad permissions for sending the signal
832 : * - the caller must hold the RCU read lock
833 : */
834 0 : static int check_kill_permission(int sig, struct kernel_siginfo *info,
835 : struct task_struct *t)
836 : {
837 : struct pid *sid;
838 : int error;
839 :
840 0 : if (!valid_signal(sig))
841 : return -EINVAL;
842 :
843 0 : if (!si_fromuser(info))
844 : return 0;
845 :
846 0 : error = audit_signal_info(sig, t); /* Let audit system see the signal */
847 : if (error)
848 : return error;
849 :
850 0 : if (!same_thread_group(current, t) &&
851 0 : !kill_ok_by_cred(t)) {
852 0 : switch (sig) {
853 : case SIGCONT:
854 0 : sid = task_session(t);
855 : /*
856 : * We don't return the error if sid == NULL. The
857 : * task was unhashed, the caller must notice this.
858 : */
859 0 : if (!sid || sid == task_session(current))
860 : break;
861 : fallthrough;
862 : default:
863 : return -EPERM;
864 : }
865 : }
866 :
867 : return security_task_kill(t, info, sig, NULL);
868 : }
869 :
870 : /**
871 : * ptrace_trap_notify - schedule trap to notify ptracer
872 : * @t: tracee wanting to notify tracer
873 : *
874 : * This function schedules sticky ptrace trap which is cleared on the next
875 : * TRAP_STOP to notify ptracer of an event. @t must have been seized by
876 : * ptracer.
877 : *
878 : * If @t is running, STOP trap will be taken. If trapped for STOP and
879 : * ptracer is listening for events, tracee is woken up so that it can
880 : * re-trap for the new event. If trapped otherwise, STOP trap will be
881 : * eventually taken without returning to userland after the existing traps
882 : * are finished by PTRACE_CONT.
883 : *
884 : * CONTEXT:
885 : * Must be called with @task->sighand->siglock held.
886 : */
887 0 : static void ptrace_trap_notify(struct task_struct *t)
888 : {
889 0 : WARN_ON_ONCE(!(t->ptrace & PT_SEIZED));
890 : lockdep_assert_held(&t->sighand->siglock);
891 :
892 0 : task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY);
893 0 : ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING);
894 0 : }
895 :
896 : /*
897 : * Handle magic process-wide effects of stop/continue signals. Unlike
898 : * the signal actions, these happen immediately at signal-generation
899 : * time regardless of blocking, ignoring, or handling. This does the
900 : * actual continuing for SIGCONT, but not the actual stopping for stop
901 : * signals. The process stop is done as a signal action for SIG_DFL.
902 : *
903 : * Returns true if the signal should be actually delivered, otherwise
904 : * it should be dropped.
905 : */
906 0 : static bool prepare_signal(int sig, struct task_struct *p, bool force)
907 : {
908 0 : struct signal_struct *signal = p->signal;
909 : struct task_struct *t;
910 : sigset_t flush;
911 :
912 0 : if (signal->flags & SIGNAL_GROUP_EXIT) {
913 0 : if (signal->core_state)
914 0 : return sig == SIGKILL;
915 : /*
916 : * The process is in the middle of dying, drop the signal.
917 : */
918 : return false;
919 0 : } else if (sig_kernel_stop(sig)) {
920 : /*
921 : * This is a stop signal. Remove SIGCONT from all queues.
922 : */
923 0 : siginitset(&flush, sigmask(SIGCONT));
924 0 : flush_sigqueue_mask(&flush, &signal->shared_pending);
925 0 : for_each_thread(p, t)
926 0 : flush_sigqueue_mask(&flush, &t->pending);
927 0 : } else if (sig == SIGCONT) {
928 : unsigned int why;
929 : /*
930 : * Remove all stop signals from all queues, wake all threads.
931 : */
932 0 : siginitset(&flush, SIG_KERNEL_STOP_MASK);
933 0 : flush_sigqueue_mask(&flush, &signal->shared_pending);
934 0 : for_each_thread(p, t) {
935 0 : flush_sigqueue_mask(&flush, &t->pending);
936 0 : task_clear_jobctl_pending(t, JOBCTL_STOP_PENDING);
937 0 : if (likely(!(t->ptrace & PT_SEIZED))) {
938 0 : t->jobctl &= ~JOBCTL_STOPPED;
939 0 : wake_up_state(t, __TASK_STOPPED);
940 : } else
941 0 : ptrace_trap_notify(t);
942 : }
943 :
944 : /*
945 : * Notify the parent with CLD_CONTINUED if we were stopped.
946 : *
947 : * If we were in the middle of a group stop, we pretend it
948 : * was already finished, and then continued. Since SIGCHLD
949 : * doesn't queue we report only CLD_STOPPED, as if the next
950 : * CLD_CONTINUED was dropped.
951 : */
952 0 : why = 0;
953 0 : if (signal->flags & SIGNAL_STOP_STOPPED)
954 : why |= SIGNAL_CLD_CONTINUED;
955 0 : else if (signal->group_stop_count)
956 0 : why |= SIGNAL_CLD_STOPPED;
957 :
958 0 : if (why) {
959 : /*
960 : * The first thread which returns from do_signal_stop()
961 : * will take ->siglock, notice SIGNAL_CLD_MASK, and
962 : * notify its parent. See get_signal().
963 : */
964 0 : signal_set_stop_flags(signal, why | SIGNAL_STOP_CONTINUED);
965 0 : signal->group_stop_count = 0;
966 0 : signal->group_exit_code = 0;
967 : }
968 : }
969 :
970 0 : return !sig_ignored(p, sig, force);
971 : }
972 :
973 : /*
974 : * Test if P wants to take SIG. After we've checked all threads with this,
975 : * it's equivalent to finding no threads not blocking SIG. Any threads not
976 : * blocking SIG were ruled out because they are not running and already
977 : * have pending signals. Such threads will dequeue from the shared queue
978 : * as soon as they're available, so putting the signal on the shared queue
979 : * will be equivalent to sending it to one such thread.
980 : */
981 0 : static inline bool wants_signal(int sig, struct task_struct *p)
982 : {
983 0 : if (sigismember(&p->blocked, sig))
984 : return false;
985 :
986 0 : if (p->flags & PF_EXITING)
987 : return false;
988 :
989 0 : if (sig == SIGKILL)
990 : return true;
991 :
992 0 : if (task_is_stopped_or_traced(p))
993 : return false;
994 :
995 0 : return task_curr(p) || !task_sigpending(p);
996 : }
997 :
998 0 : static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
999 : {
1000 0 : struct signal_struct *signal = p->signal;
1001 : struct task_struct *t;
1002 :
1003 : /*
1004 : * Now find a thread we can wake up to take the signal off the queue.
1005 : *
1006 : * Try the suggested task first (may or may not be the main thread).
1007 : */
1008 0 : if (wants_signal(sig, p))
1009 : t = p;
1010 0 : else if ((type == PIDTYPE_PID) || thread_group_empty(p))
1011 : /*
1012 : * There is just one thread and it does not need to be woken.
1013 : * It will dequeue unblocked signals before it runs again.
1014 : */
1015 : return;
1016 : else {
1017 : /*
1018 : * Otherwise try to find a suitable thread.
1019 : */
1020 0 : t = signal->curr_target;
1021 0 : while (!wants_signal(sig, t)) {
1022 0 : t = next_thread(t);
1023 0 : if (t == signal->curr_target)
1024 : /*
1025 : * No thread needs to be woken.
1026 : * Any eligible threads will see
1027 : * the signal in the queue soon.
1028 : */
1029 : return;
1030 : }
1031 0 : signal->curr_target = t;
1032 : }
1033 :
1034 : /*
1035 : * Found a killable thread. If the signal will be fatal,
1036 : * then start taking the whole group down immediately.
1037 : */
1038 0 : if (sig_fatal(p, sig) &&
1039 0 : (signal->core_state || !(signal->flags & SIGNAL_GROUP_EXIT)) &&
1040 0 : !sigismember(&t->real_blocked, sig) &&
1041 0 : (sig == SIGKILL || !p->ptrace)) {
1042 : /*
1043 : * This signal will be fatal to the whole group.
1044 : */
1045 0 : if (!sig_kernel_coredump(sig)) {
1046 : /*
1047 : * Start a group exit and wake everybody up.
1048 : * This way we don't have other threads
1049 : * running and doing things after a slower
1050 : * thread has the fatal signal pending.
1051 : */
1052 0 : signal->flags = SIGNAL_GROUP_EXIT;
1053 0 : signal->group_exit_code = sig;
1054 0 : signal->group_stop_count = 0;
1055 0 : t = p;
1056 : do {
1057 0 : task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
1058 0 : sigaddset(&t->pending.signal, SIGKILL);
1059 0 : signal_wake_up(t, 1);
1060 0 : } while_each_thread(p, t);
1061 : return;
1062 : }
1063 : }
1064 :
1065 : /*
1066 : * The signal is already in the shared-pending queue.
1067 : * Tell the chosen thread to wake up and dequeue it.
1068 : */
1069 0 : signal_wake_up(t, sig == SIGKILL);
1070 0 : return;
1071 : }
1072 :
1073 : static inline bool legacy_queue(struct sigpending *signals, int sig)
1074 : {
1075 0 : return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
1076 : }
1077 :
1078 0 : static int __send_signal_locked(int sig, struct kernel_siginfo *info,
1079 : struct task_struct *t, enum pid_type type, bool force)
1080 : {
1081 : struct sigpending *pending;
1082 : struct sigqueue *q;
1083 : int override_rlimit;
1084 0 : int ret = 0, result;
1085 :
1086 : lockdep_assert_held(&t->sighand->siglock);
1087 :
1088 0 : result = TRACE_SIGNAL_IGNORED;
1089 0 : if (!prepare_signal(sig, t, force))
1090 : goto ret;
1091 :
1092 0 : pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
1093 : /*
1094 : * Short-circuit ignored signals and support queuing
1095 : * exactly one non-rt signal, so that we can get more
1096 : * detailed information about the cause of the signal.
1097 : */
1098 0 : result = TRACE_SIGNAL_ALREADY_PENDING;
1099 0 : if (legacy_queue(pending, sig))
1100 : goto ret;
1101 :
1102 0 : result = TRACE_SIGNAL_DELIVERED;
1103 : /*
1104 : * Skip useless siginfo allocation for SIGKILL and kernel threads.
1105 : */
1106 0 : if ((sig == SIGKILL) || (t->flags & PF_KTHREAD))
1107 : goto out_set;
1108 :
1109 : /*
1110 : * Real-time signals must be queued if sent by sigqueue, or
1111 : * some other real-time mechanism. It is implementation
1112 : * defined whether kill() does so. We attempt to do so, on
1113 : * the principle of least surprise, but since kill is not
1114 : * allowed to fail with EAGAIN when low on memory we just
1115 : * make sure at least one signal gets delivered and don't
1116 : * pass on the info struct.
1117 : */
1118 0 : if (sig < SIGRTMIN)
1119 0 : override_rlimit = (is_si_special(info) || info->si_code >= 0);
1120 : else
1121 : override_rlimit = 0;
1122 :
1123 0 : q = __sigqueue_alloc(sig, t, GFP_ATOMIC, override_rlimit, 0);
1124 :
1125 0 : if (q) {
1126 0 : list_add_tail(&q->list, &pending->list);
1127 0 : switch ((unsigned long) info) {
1128 : case (unsigned long) SEND_SIG_NOINFO:
1129 0 : clear_siginfo(&q->info);
1130 0 : q->info.si_signo = sig;
1131 0 : q->info.si_errno = 0;
1132 0 : q->info.si_code = SI_USER;
1133 0 : q->info.si_pid = task_tgid_nr_ns(current,
1134 : task_active_pid_ns(t));
1135 : rcu_read_lock();
1136 0 : q->info.si_uid =
1137 0 : from_kuid_munged(task_cred_xxx(t, user_ns),
1138 0 : current_uid());
1139 : rcu_read_unlock();
1140 : break;
1141 : case (unsigned long) SEND_SIG_PRIV:
1142 0 : clear_siginfo(&q->info);
1143 0 : q->info.si_signo = sig;
1144 0 : q->info.si_errno = 0;
1145 0 : q->info.si_code = SI_KERNEL;
1146 0 : q->info.si_pid = 0;
1147 0 : q->info.si_uid = 0;
1148 0 : break;
1149 : default:
1150 0 : copy_siginfo(&q->info, info);
1151 : break;
1152 : }
1153 0 : } else if (!is_si_special(info) &&
1154 0 : sig >= SIGRTMIN && info->si_code != SI_USER) {
1155 : /*
1156 : * Queue overflow, abort. We may abort if the
1157 : * signal was rt and sent by user using something
1158 : * other than kill().
1159 : */
1160 : result = TRACE_SIGNAL_OVERFLOW_FAIL;
1161 : ret = -EAGAIN;
1162 : goto ret;
1163 : } else {
1164 : /*
1165 : * This is a silent loss of information. We still
1166 : * send the signal, but the *info bits are lost.
1167 : */
1168 : result = TRACE_SIGNAL_LOSE_INFO;
1169 : }
1170 :
1171 : out_set:
1172 0 : signalfd_notify(t, sig);
1173 0 : sigaddset(&pending->signal, sig);
1174 :
1175 : /* Let multiprocess signals appear after on-going forks */
1176 0 : if (type > PIDTYPE_TGID) {
1177 : struct multiprocess_signals *delayed;
1178 0 : hlist_for_each_entry(delayed, &t->signal->multiprocess, node) {
1179 0 : sigset_t *signal = &delayed->signal;
1180 : /* Can't queue both a stop and a continue signal */
1181 0 : if (sig == SIGCONT)
1182 : sigdelsetmask(signal, SIG_KERNEL_STOP_MASK);
1183 0 : else if (sig_kernel_stop(sig))
1184 : sigdelset(signal, SIGCONT);
1185 0 : sigaddset(signal, sig);
1186 : }
1187 : }
1188 :
1189 0 : complete_signal(sig, t, type);
1190 : ret:
1191 0 : trace_signal_generate(sig, info, t, type != PIDTYPE_PID, result);
1192 0 : return ret;
1193 : }
1194 :
1195 0 : static inline bool has_si_pid_and_uid(struct kernel_siginfo *info)
1196 : {
1197 0 : bool ret = false;
1198 0 : switch (siginfo_layout(info->si_signo, info->si_code)) {
1199 : case SIL_KILL:
1200 : case SIL_CHLD:
1201 : case SIL_RT:
1202 : ret = true;
1203 : break;
1204 : case SIL_TIMER:
1205 : case SIL_POLL:
1206 : case SIL_FAULT:
1207 : case SIL_FAULT_TRAPNO:
1208 : case SIL_FAULT_MCEERR:
1209 : case SIL_FAULT_BNDERR:
1210 : case SIL_FAULT_PKUERR:
1211 : case SIL_FAULT_PERF_EVENT:
1212 : case SIL_SYS:
1213 : ret = false;
1214 : break;
1215 : }
1216 0 : return ret;
1217 : }
1218 :
1219 0 : int send_signal_locked(int sig, struct kernel_siginfo *info,
1220 : struct task_struct *t, enum pid_type type)
1221 : {
1222 : /* Should SIGKILL or SIGSTOP be received by a pid namespace init? */
1223 0 : bool force = false;
1224 :
1225 0 : if (info == SEND_SIG_NOINFO) {
1226 : /* Force if sent from an ancestor pid namespace */
1227 0 : force = !task_pid_nr_ns(current, task_active_pid_ns(t));
1228 0 : } else if (info == SEND_SIG_PRIV) {
1229 : /* Don't ignore kernel generated signals */
1230 : force = true;
1231 0 : } else if (has_si_pid_and_uid(info)) {
1232 : /* SIGKILL and SIGSTOP is special or has ids */
1233 : struct user_namespace *t_user_ns;
1234 :
1235 : rcu_read_lock();
1236 0 : t_user_ns = task_cred_xxx(t, user_ns);
1237 0 : if (current_user_ns() != t_user_ns) {
1238 0 : kuid_t uid = make_kuid(current_user_ns(), info->si_uid);
1239 0 : info->si_uid = from_kuid_munged(t_user_ns, uid);
1240 : }
1241 : rcu_read_unlock();
1242 :
1243 : /* A kernel generated signal? */
1244 0 : force = (info->si_code == SI_KERNEL);
1245 :
1246 : /* From an ancestor pid namespace? */
1247 0 : if (!task_pid_nr_ns(current, task_active_pid_ns(t))) {
1248 0 : info->si_pid = 0;
1249 0 : force = true;
1250 : }
1251 : }
1252 0 : return __send_signal_locked(sig, info, t, type, force);
1253 : }
1254 :
1255 0 : static void print_fatal_signal(int signr)
1256 : {
1257 0 : struct pt_regs *regs = task_pt_regs(current);
1258 0 : pr_info("potentially unexpected fatal signal %d.\n", signr);
1259 :
1260 : #if defined(__i386__) && !defined(__arch_um__)
1261 : pr_info("code at %08lx: ", regs->ip);
1262 : {
1263 : int i;
1264 : for (i = 0; i < 16; i++) {
1265 : unsigned char insn;
1266 :
1267 : if (get_user(insn, (unsigned char *)(regs->ip + i)))
1268 : break;
1269 : pr_cont("%02x ", insn);
1270 : }
1271 : }
1272 : pr_cont("\n");
1273 : #endif
1274 0 : preempt_disable();
1275 0 : show_regs(regs);
1276 0 : preempt_enable();
1277 0 : }
1278 :
1279 0 : static int __init setup_print_fatal_signals(char *str)
1280 : {
1281 0 : get_option (&str, &print_fatal_signals);
1282 :
1283 0 : return 1;
1284 : }
1285 :
1286 : __setup("print-fatal-signals=", setup_print_fatal_signals);
1287 :
1288 0 : int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p,
1289 : enum pid_type type)
1290 : {
1291 : unsigned long flags;
1292 0 : int ret = -ESRCH;
1293 :
1294 0 : if (lock_task_sighand(p, &flags)) {
1295 0 : ret = send_signal_locked(sig, info, p, type);
1296 0 : unlock_task_sighand(p, &flags);
1297 : }
1298 :
1299 0 : return ret;
1300 : }
1301 :
1302 : enum sig_handler {
1303 : HANDLER_CURRENT, /* If reachable use the current handler */
1304 : HANDLER_SIG_DFL, /* Always use SIG_DFL handler semantics */
1305 : HANDLER_EXIT, /* Only visible as the process exit code */
1306 : };
1307 :
1308 : /*
1309 : * Force a signal that the process can't ignore: if necessary
1310 : * we unblock the signal and change any SIG_IGN to SIG_DFL.
1311 : *
1312 : * Note: If we unblock the signal, we always reset it to SIG_DFL,
1313 : * since we do not want to have a signal handler that was blocked
1314 : * be invoked when user space had explicitly blocked it.
1315 : *
1316 : * We don't want to have recursive SIGSEGV's etc, for example,
1317 : * that is why we also clear SIGNAL_UNKILLABLE.
1318 : */
1319 : static int
1320 0 : force_sig_info_to_task(struct kernel_siginfo *info, struct task_struct *t,
1321 : enum sig_handler handler)
1322 : {
1323 : unsigned long int flags;
1324 : int ret, blocked, ignored;
1325 : struct k_sigaction *action;
1326 0 : int sig = info->si_signo;
1327 :
1328 0 : spin_lock_irqsave(&t->sighand->siglock, flags);
1329 0 : action = &t->sighand->action[sig-1];
1330 0 : ignored = action->sa.sa_handler == SIG_IGN;
1331 0 : blocked = sigismember(&t->blocked, sig);
1332 0 : if (blocked || ignored || (handler != HANDLER_CURRENT)) {
1333 0 : action->sa.sa_handler = SIG_DFL;
1334 0 : if (handler == HANDLER_EXIT)
1335 0 : action->sa.sa_flags |= SA_IMMUTABLE;
1336 0 : if (blocked) {
1337 0 : sigdelset(&t->blocked, sig);
1338 0 : recalc_sigpending_and_wake(t);
1339 : }
1340 : }
1341 : /*
1342 : * Don't clear SIGNAL_UNKILLABLE for traced tasks, users won't expect
1343 : * debugging to leave init killable. But HANDLER_EXIT is always fatal.
1344 : */
1345 0 : if (action->sa.sa_handler == SIG_DFL &&
1346 0 : (!t->ptrace || (handler == HANDLER_EXIT)))
1347 0 : t->signal->flags &= ~SIGNAL_UNKILLABLE;
1348 0 : ret = send_signal_locked(sig, info, t, PIDTYPE_PID);
1349 0 : spin_unlock_irqrestore(&t->sighand->siglock, flags);
1350 :
1351 0 : return ret;
1352 : }
1353 :
1354 0 : int force_sig_info(struct kernel_siginfo *info)
1355 : {
1356 0 : return force_sig_info_to_task(info, current, HANDLER_CURRENT);
1357 : }
1358 :
1359 : /*
1360 : * Nuke all other threads in the group.
1361 : */
1362 0 : int zap_other_threads(struct task_struct *p)
1363 : {
1364 0 : struct task_struct *t = p;
1365 0 : int count = 0;
1366 :
1367 0 : p->signal->group_stop_count = 0;
1368 :
1369 0 : while_each_thread(p, t) {
1370 0 : task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
1371 : /* Don't require de_thread to wait for the vhost_worker */
1372 0 : if ((t->flags & (PF_IO_WORKER | PF_USER_WORKER)) != PF_USER_WORKER)
1373 0 : count++;
1374 :
1375 : /* Don't bother with already dead threads */
1376 0 : if (t->exit_state)
1377 0 : continue;
1378 0 : sigaddset(&t->pending.signal, SIGKILL);
1379 0 : signal_wake_up(t, 1);
1380 : }
1381 :
1382 0 : return count;
1383 : }
1384 :
1385 0 : struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
1386 : unsigned long *flags)
1387 : {
1388 : struct sighand_struct *sighand;
1389 :
1390 : rcu_read_lock();
1391 : for (;;) {
1392 0 : sighand = rcu_dereference(tsk->sighand);
1393 0 : if (unlikely(sighand == NULL))
1394 : break;
1395 :
1396 : /*
1397 : * This sighand can be already freed and even reused, but
1398 : * we rely on SLAB_TYPESAFE_BY_RCU and sighand_ctor() which
1399 : * initializes ->siglock: this slab can't go away, it has
1400 : * the same object type, ->siglock can't be reinitialized.
1401 : *
1402 : * We need to ensure that tsk->sighand is still the same
1403 : * after we take the lock, we can race with de_thread() or
1404 : * __exit_signal(). In the latter case the next iteration
1405 : * must see ->sighand == NULL.
1406 : */
1407 0 : spin_lock_irqsave(&sighand->siglock, *flags);
1408 0 : if (likely(sighand == rcu_access_pointer(tsk->sighand)))
1409 : break;
1410 0 : spin_unlock_irqrestore(&sighand->siglock, *flags);
1411 : }
1412 : rcu_read_unlock();
1413 :
1414 0 : return sighand;
1415 : }
1416 :
1417 : #ifdef CONFIG_LOCKDEP
1418 : void lockdep_assert_task_sighand_held(struct task_struct *task)
1419 : {
1420 : struct sighand_struct *sighand;
1421 :
1422 : rcu_read_lock();
1423 : sighand = rcu_dereference(task->sighand);
1424 : if (sighand)
1425 : lockdep_assert_held(&sighand->siglock);
1426 : else
1427 : WARN_ON_ONCE(1);
1428 : rcu_read_unlock();
1429 : }
1430 : #endif
1431 :
1432 : /*
1433 : * send signal info to all the members of a group
1434 : */
1435 0 : int group_send_sig_info(int sig, struct kernel_siginfo *info,
1436 : struct task_struct *p, enum pid_type type)
1437 : {
1438 : int ret;
1439 :
1440 : rcu_read_lock();
1441 0 : ret = check_kill_permission(sig, info, p);
1442 : rcu_read_unlock();
1443 :
1444 0 : if (!ret && sig)
1445 0 : ret = do_send_sig_info(sig, info, p, type);
1446 :
1447 0 : return ret;
1448 : }
1449 :
1450 : /*
1451 : * __kill_pgrp_info() sends a signal to a process group: this is what the tty
1452 : * control characters do (^C, ^Z etc)
1453 : * - the caller must hold at least a readlock on tasklist_lock
1454 : */
1455 0 : int __kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp)
1456 : {
1457 0 : struct task_struct *p = NULL;
1458 : int retval, success;
1459 :
1460 0 : success = 0;
1461 0 : retval = -ESRCH;
1462 0 : do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
1463 0 : int err = group_send_sig_info(sig, info, p, PIDTYPE_PGID);
1464 0 : success |= !err;
1465 0 : retval = err;
1466 : } while_each_pid_task(pgrp, PIDTYPE_PGID, p);
1467 0 : return success ? 0 : retval;
1468 : }
1469 :
1470 0 : int kill_pid_info(int sig, struct kernel_siginfo *info, struct pid *pid)
1471 : {
1472 0 : int error = -ESRCH;
1473 : struct task_struct *p;
1474 :
1475 : for (;;) {
1476 : rcu_read_lock();
1477 0 : p = pid_task(pid, PIDTYPE_PID);
1478 0 : if (p)
1479 0 : error = group_send_sig_info(sig, info, p, PIDTYPE_TGID);
1480 : rcu_read_unlock();
1481 0 : if (likely(!p || error != -ESRCH))
1482 0 : return error;
1483 :
1484 : /*
1485 : * The task was unhashed in between, try again. If it
1486 : * is dead, pid_task() will return NULL, if we race with
1487 : * de_thread() it will find the new leader.
1488 : */
1489 : }
1490 : }
1491 :
1492 : static int kill_proc_info(int sig, struct kernel_siginfo *info, pid_t pid)
1493 : {
1494 : int error;
1495 : rcu_read_lock();
1496 0 : error = kill_pid_info(sig, info, find_vpid(pid));
1497 : rcu_read_unlock();
1498 : return error;
1499 : }
1500 :
1501 : static inline bool kill_as_cred_perm(const struct cred *cred,
1502 : struct task_struct *target)
1503 : {
1504 0 : const struct cred *pcred = __task_cred(target);
1505 :
1506 0 : return uid_eq(cred->euid, pcred->suid) ||
1507 0 : uid_eq(cred->euid, pcred->uid) ||
1508 0 : uid_eq(cred->uid, pcred->suid) ||
1509 0 : uid_eq(cred->uid, pcred->uid);
1510 : }
1511 :
1512 : /*
1513 : * The usb asyncio usage of siginfo is wrong. The glibc support
1514 : * for asyncio which uses SI_ASYNCIO assumes the layout is SIL_RT.
1515 : * AKA after the generic fields:
1516 : * kernel_pid_t si_pid;
1517 : * kernel_uid32_t si_uid;
1518 : * sigval_t si_value;
1519 : *
1520 : * Unfortunately when usb generates SI_ASYNCIO it assumes the layout
1521 : * after the generic fields is:
1522 : * void __user *si_addr;
1523 : *
1524 : * This is a practical problem when there is a 64bit big endian kernel
1525 : * and a 32bit userspace. As the 32bit address will encoded in the low
1526 : * 32bits of the pointer. Those low 32bits will be stored at higher
1527 : * address than appear in a 32 bit pointer. So userspace will not
1528 : * see the address it was expecting for it's completions.
1529 : *
1530 : * There is nothing in the encoding that can allow
1531 : * copy_siginfo_to_user32 to detect this confusion of formats, so
1532 : * handle this by requiring the caller of kill_pid_usb_asyncio to
1533 : * notice when this situration takes place and to store the 32bit
1534 : * pointer in sival_int, instead of sival_addr of the sigval_t addr
1535 : * parameter.
1536 : */
1537 0 : int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
1538 : struct pid *pid, const struct cred *cred)
1539 : {
1540 : struct kernel_siginfo info;
1541 : struct task_struct *p;
1542 : unsigned long flags;
1543 0 : int ret = -EINVAL;
1544 :
1545 0 : if (!valid_signal(sig))
1546 : return ret;
1547 :
1548 0 : clear_siginfo(&info);
1549 0 : info.si_signo = sig;
1550 0 : info.si_errno = errno;
1551 0 : info.si_code = SI_ASYNCIO;
1552 0 : *((sigval_t *)&info.si_pid) = addr;
1553 :
1554 : rcu_read_lock();
1555 0 : p = pid_task(pid, PIDTYPE_PID);
1556 0 : if (!p) {
1557 : ret = -ESRCH;
1558 : goto out_unlock;
1559 : }
1560 0 : if (!kill_as_cred_perm(cred, p)) {
1561 : ret = -EPERM;
1562 : goto out_unlock;
1563 : }
1564 0 : ret = security_task_kill(p, &info, sig, cred);
1565 : if (ret)
1566 : goto out_unlock;
1567 :
1568 0 : if (sig) {
1569 0 : if (lock_task_sighand(p, &flags)) {
1570 0 : ret = __send_signal_locked(sig, &info, p, PIDTYPE_TGID, false);
1571 0 : unlock_task_sighand(p, &flags);
1572 : } else
1573 : ret = -ESRCH;
1574 : }
1575 : out_unlock:
1576 : rcu_read_unlock();
1577 0 : return ret;
1578 : }
1579 : EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio);
1580 :
1581 : /*
1582 : * kill_something_info() interprets pid in interesting ways just like kill(2).
1583 : *
1584 : * POSIX specifies that kill(-1,sig) is unspecified, but what we have
1585 : * is probably wrong. Should make it like BSD or SYSV.
1586 : */
1587 :
1588 0 : static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
1589 : {
1590 : int ret;
1591 :
1592 0 : if (pid > 0)
1593 0 : return kill_proc_info(sig, info, pid);
1594 :
1595 : /* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */
1596 0 : if (pid == INT_MIN)
1597 : return -ESRCH;
1598 :
1599 0 : read_lock(&tasklist_lock);
1600 0 : if (pid != -1) {
1601 0 : ret = __kill_pgrp_info(sig, info,
1602 0 : pid ? find_vpid(-pid) : task_pgrp(current));
1603 : } else {
1604 : int retval = 0, count = 0;
1605 : struct task_struct * p;
1606 :
1607 0 : for_each_process(p) {
1608 0 : if (task_pid_vnr(p) > 1 &&
1609 0 : !same_thread_group(p, current)) {
1610 0 : int err = group_send_sig_info(sig, info, p,
1611 : PIDTYPE_MAX);
1612 0 : ++count;
1613 0 : if (err != -EPERM)
1614 0 : retval = err;
1615 : }
1616 : }
1617 0 : ret = count ? retval : -ESRCH;
1618 : }
1619 0 : read_unlock(&tasklist_lock);
1620 :
1621 0 : return ret;
1622 : }
1623 :
1624 : /*
1625 : * These are for backward compatibility with the rest of the kernel source.
1626 : */
1627 :
1628 0 : int send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
1629 : {
1630 : /*
1631 : * Make sure legacy kernel users don't send in bad values
1632 : * (normal paths check this in check_kill_permission).
1633 : */
1634 0 : if (!valid_signal(sig))
1635 : return -EINVAL;
1636 :
1637 0 : return do_send_sig_info(sig, info, p, PIDTYPE_PID);
1638 : }
1639 : EXPORT_SYMBOL(send_sig_info);
1640 :
1641 : #define __si_special(priv) \
1642 : ((priv) ? SEND_SIG_PRIV : SEND_SIG_NOINFO)
1643 :
1644 : int
1645 0 : send_sig(int sig, struct task_struct *p, int priv)
1646 : {
1647 0 : return send_sig_info(sig, __si_special(priv), p);
1648 : }
1649 : EXPORT_SYMBOL(send_sig);
1650 :
1651 0 : void force_sig(int sig)
1652 : {
1653 : struct kernel_siginfo info;
1654 :
1655 0 : clear_siginfo(&info);
1656 0 : info.si_signo = sig;
1657 0 : info.si_errno = 0;
1658 0 : info.si_code = SI_KERNEL;
1659 0 : info.si_pid = 0;
1660 0 : info.si_uid = 0;
1661 0 : force_sig_info(&info);
1662 0 : }
1663 : EXPORT_SYMBOL(force_sig);
1664 :
1665 0 : void force_fatal_sig(int sig)
1666 : {
1667 : struct kernel_siginfo info;
1668 :
1669 0 : clear_siginfo(&info);
1670 0 : info.si_signo = sig;
1671 0 : info.si_errno = 0;
1672 0 : info.si_code = SI_KERNEL;
1673 0 : info.si_pid = 0;
1674 0 : info.si_uid = 0;
1675 0 : force_sig_info_to_task(&info, current, HANDLER_SIG_DFL);
1676 0 : }
1677 :
1678 0 : void force_exit_sig(int sig)
1679 : {
1680 : struct kernel_siginfo info;
1681 :
1682 0 : clear_siginfo(&info);
1683 0 : info.si_signo = sig;
1684 0 : info.si_errno = 0;
1685 0 : info.si_code = SI_KERNEL;
1686 0 : info.si_pid = 0;
1687 0 : info.si_uid = 0;
1688 0 : force_sig_info_to_task(&info, current, HANDLER_EXIT);
1689 0 : }
1690 :
1691 : /*
1692 : * When things go south during signal handling, we
1693 : * will force a SIGSEGV. And if the signal that caused
1694 : * the problem was already a SIGSEGV, we'll want to
1695 : * make sure we don't even try to deliver the signal..
1696 : */
1697 0 : void force_sigsegv(int sig)
1698 : {
1699 0 : if (sig == SIGSEGV)
1700 0 : force_fatal_sig(SIGSEGV);
1701 : else
1702 0 : force_sig(SIGSEGV);
1703 0 : }
1704 :
1705 0 : int force_sig_fault_to_task(int sig, int code, void __user *addr
1706 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
1707 : , struct task_struct *t)
1708 : {
1709 : struct kernel_siginfo info;
1710 :
1711 0 : clear_siginfo(&info);
1712 0 : info.si_signo = sig;
1713 0 : info.si_errno = 0;
1714 0 : info.si_code = code;
1715 0 : info.si_addr = addr;
1716 : #ifdef __ia64__
1717 : info.si_imm = imm;
1718 : info.si_flags = flags;
1719 : info.si_isr = isr;
1720 : #endif
1721 0 : return force_sig_info_to_task(&info, t, HANDLER_CURRENT);
1722 : }
1723 :
1724 0 : int force_sig_fault(int sig, int code, void __user *addr
1725 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr))
1726 : {
1727 0 : return force_sig_fault_to_task(sig, code, addr
1728 0 : ___ARCH_SI_IA64(imm, flags, isr), current);
1729 : }
1730 :
1731 0 : int send_sig_fault(int sig, int code, void __user *addr
1732 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
1733 : , struct task_struct *t)
1734 : {
1735 : struct kernel_siginfo info;
1736 :
1737 0 : clear_siginfo(&info);
1738 0 : info.si_signo = sig;
1739 0 : info.si_errno = 0;
1740 0 : info.si_code = code;
1741 0 : info.si_addr = addr;
1742 : #ifdef __ia64__
1743 : info.si_imm = imm;
1744 : info.si_flags = flags;
1745 : info.si_isr = isr;
1746 : #endif
1747 0 : return send_sig_info(info.si_signo, &info, t);
1748 : }
1749 :
1750 0 : int force_sig_mceerr(int code, void __user *addr, short lsb)
1751 : {
1752 : struct kernel_siginfo info;
1753 :
1754 0 : WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
1755 0 : clear_siginfo(&info);
1756 0 : info.si_signo = SIGBUS;
1757 0 : info.si_errno = 0;
1758 0 : info.si_code = code;
1759 0 : info.si_addr = addr;
1760 0 : info.si_addr_lsb = lsb;
1761 0 : return force_sig_info(&info);
1762 : }
1763 :
1764 0 : int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *t)
1765 : {
1766 : struct kernel_siginfo info;
1767 :
1768 0 : WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
1769 0 : clear_siginfo(&info);
1770 0 : info.si_signo = SIGBUS;
1771 0 : info.si_errno = 0;
1772 0 : info.si_code = code;
1773 0 : info.si_addr = addr;
1774 0 : info.si_addr_lsb = lsb;
1775 0 : return send_sig_info(info.si_signo, &info, t);
1776 : }
1777 : EXPORT_SYMBOL(send_sig_mceerr);
1778 :
1779 0 : int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
1780 : {
1781 : struct kernel_siginfo info;
1782 :
1783 0 : clear_siginfo(&info);
1784 0 : info.si_signo = SIGSEGV;
1785 0 : info.si_errno = 0;
1786 0 : info.si_code = SEGV_BNDERR;
1787 0 : info.si_addr = addr;
1788 0 : info.si_lower = lower;
1789 0 : info.si_upper = upper;
1790 0 : return force_sig_info(&info);
1791 : }
1792 :
1793 : #ifdef SEGV_PKUERR
1794 0 : int force_sig_pkuerr(void __user *addr, u32 pkey)
1795 : {
1796 : struct kernel_siginfo info;
1797 :
1798 0 : clear_siginfo(&info);
1799 0 : info.si_signo = SIGSEGV;
1800 0 : info.si_errno = 0;
1801 0 : info.si_code = SEGV_PKUERR;
1802 0 : info.si_addr = addr;
1803 0 : info.si_pkey = pkey;
1804 0 : return force_sig_info(&info);
1805 : }
1806 : #endif
1807 :
1808 0 : int send_sig_perf(void __user *addr, u32 type, u64 sig_data)
1809 : {
1810 : struct kernel_siginfo info;
1811 :
1812 0 : clear_siginfo(&info);
1813 0 : info.si_signo = SIGTRAP;
1814 0 : info.si_errno = 0;
1815 0 : info.si_code = TRAP_PERF;
1816 0 : info.si_addr = addr;
1817 0 : info.si_perf_data = sig_data;
1818 0 : info.si_perf_type = type;
1819 :
1820 : /*
1821 : * Signals generated by perf events should not terminate the whole
1822 : * process if SIGTRAP is blocked, however, delivering the signal
1823 : * asynchronously is better than not delivering at all. But tell user
1824 : * space if the signal was asynchronous, so it can clearly be
1825 : * distinguished from normal synchronous ones.
1826 : */
1827 0 : info.si_perf_flags = sigismember(¤t->blocked, info.si_signo) ?
1828 0 : TRAP_PERF_FLAG_ASYNC :
1829 : 0;
1830 :
1831 0 : return send_sig_info(info.si_signo, &info, current);
1832 : }
1833 :
1834 : /**
1835 : * force_sig_seccomp - signals the task to allow in-process syscall emulation
1836 : * @syscall: syscall number to send to userland
1837 : * @reason: filter-supplied reason code to send to userland (via si_errno)
1838 : * @force_coredump: true to trigger a coredump
1839 : *
1840 : * Forces a SIGSYS with a code of SYS_SECCOMP and related sigsys info.
1841 : */
1842 0 : int force_sig_seccomp(int syscall, int reason, bool force_coredump)
1843 : {
1844 : struct kernel_siginfo info;
1845 :
1846 0 : clear_siginfo(&info);
1847 0 : info.si_signo = SIGSYS;
1848 0 : info.si_code = SYS_SECCOMP;
1849 0 : info.si_call_addr = (void __user *)KSTK_EIP(current);
1850 0 : info.si_errno = reason;
1851 0 : info.si_arch = syscall_get_arch(current);
1852 0 : info.si_syscall = syscall;
1853 0 : return force_sig_info_to_task(&info, current,
1854 : force_coredump ? HANDLER_EXIT : HANDLER_CURRENT);
1855 : }
1856 :
1857 : /* For the crazy architectures that include trap information in
1858 : * the errno field, instead of an actual errno value.
1859 : */
1860 0 : int force_sig_ptrace_errno_trap(int errno, void __user *addr)
1861 : {
1862 : struct kernel_siginfo info;
1863 :
1864 0 : clear_siginfo(&info);
1865 0 : info.si_signo = SIGTRAP;
1866 0 : info.si_errno = errno;
1867 0 : info.si_code = TRAP_HWBKPT;
1868 0 : info.si_addr = addr;
1869 0 : return force_sig_info(&info);
1870 : }
1871 :
1872 : /* For the rare architectures that include trap information using
1873 : * si_trapno.
1874 : */
1875 0 : int force_sig_fault_trapno(int sig, int code, void __user *addr, int trapno)
1876 : {
1877 : struct kernel_siginfo info;
1878 :
1879 0 : clear_siginfo(&info);
1880 0 : info.si_signo = sig;
1881 0 : info.si_errno = 0;
1882 0 : info.si_code = code;
1883 0 : info.si_addr = addr;
1884 0 : info.si_trapno = trapno;
1885 0 : return force_sig_info(&info);
1886 : }
1887 :
1888 : /* For the rare architectures that include trap information using
1889 : * si_trapno.
1890 : */
1891 0 : int send_sig_fault_trapno(int sig, int code, void __user *addr, int trapno,
1892 : struct task_struct *t)
1893 : {
1894 : struct kernel_siginfo info;
1895 :
1896 0 : clear_siginfo(&info);
1897 0 : info.si_signo = sig;
1898 0 : info.si_errno = 0;
1899 0 : info.si_code = code;
1900 0 : info.si_addr = addr;
1901 0 : info.si_trapno = trapno;
1902 0 : return send_sig_info(info.si_signo, &info, t);
1903 : }
1904 :
1905 0 : int kill_pgrp(struct pid *pid, int sig, int priv)
1906 : {
1907 : int ret;
1908 :
1909 0 : read_lock(&tasklist_lock);
1910 0 : ret = __kill_pgrp_info(sig, __si_special(priv), pid);
1911 0 : read_unlock(&tasklist_lock);
1912 :
1913 0 : return ret;
1914 : }
1915 : EXPORT_SYMBOL(kill_pgrp);
1916 :
1917 0 : int kill_pid(struct pid *pid, int sig, int priv)
1918 : {
1919 0 : return kill_pid_info(sig, __si_special(priv), pid);
1920 : }
1921 : EXPORT_SYMBOL(kill_pid);
1922 :
1923 : /*
1924 : * These functions support sending signals using preallocated sigqueue
1925 : * structures. This is needed "because realtime applications cannot
1926 : * afford to lose notifications of asynchronous events, like timer
1927 : * expirations or I/O completions". In the case of POSIX Timers
1928 : * we allocate the sigqueue structure from the timer_create. If this
1929 : * allocation fails we are able to report the failure to the application
1930 : * with an EAGAIN error.
1931 : */
1932 0 : struct sigqueue *sigqueue_alloc(void)
1933 : {
1934 0 : return __sigqueue_alloc(-1, current, GFP_KERNEL, 0, SIGQUEUE_PREALLOC);
1935 : }
1936 :
1937 0 : void sigqueue_free(struct sigqueue *q)
1938 : {
1939 : unsigned long flags;
1940 0 : spinlock_t *lock = ¤t->sighand->siglock;
1941 :
1942 0 : BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
1943 : /*
1944 : * We must hold ->siglock while testing q->list
1945 : * to serialize with collect_signal() or with
1946 : * __exit_signal()->flush_sigqueue().
1947 : */
1948 0 : spin_lock_irqsave(lock, flags);
1949 0 : q->flags &= ~SIGQUEUE_PREALLOC;
1950 : /*
1951 : * If it is queued it will be freed when dequeued,
1952 : * like the "regular" sigqueue.
1953 : */
1954 0 : if (!list_empty(&q->list))
1955 0 : q = NULL;
1956 0 : spin_unlock_irqrestore(lock, flags);
1957 :
1958 0 : if (q)
1959 0 : __sigqueue_free(q);
1960 0 : }
1961 :
1962 0 : int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type)
1963 : {
1964 0 : int sig = q->info.si_signo;
1965 : struct sigpending *pending;
1966 : struct task_struct *t;
1967 : unsigned long flags;
1968 : int ret, result;
1969 :
1970 0 : BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
1971 :
1972 0 : ret = -1;
1973 : rcu_read_lock();
1974 :
1975 : /*
1976 : * This function is used by POSIX timers to deliver a timer signal.
1977 : * Where type is PIDTYPE_PID (such as for timers with SIGEV_THREAD_ID
1978 : * set), the signal must be delivered to the specific thread (queues
1979 : * into t->pending).
1980 : *
1981 : * Where type is not PIDTYPE_PID, signals must be delivered to the
1982 : * process. In this case, prefer to deliver to current if it is in
1983 : * the same thread group as the target process, which avoids
1984 : * unnecessarily waking up a potentially idle task.
1985 : */
1986 0 : t = pid_task(pid, type);
1987 0 : if (!t)
1988 : goto ret;
1989 0 : if (type != PIDTYPE_PID && same_thread_group(t, current))
1990 0 : t = current;
1991 0 : if (!likely(lock_task_sighand(t, &flags)))
1992 : goto ret;
1993 :
1994 0 : ret = 1; /* the signal is ignored */
1995 0 : result = TRACE_SIGNAL_IGNORED;
1996 0 : if (!prepare_signal(sig, t, false))
1997 : goto out;
1998 :
1999 0 : ret = 0;
2000 0 : if (unlikely(!list_empty(&q->list))) {
2001 : /*
2002 : * If an SI_TIMER entry is already queue just increment
2003 : * the overrun count.
2004 : */
2005 0 : BUG_ON(q->info.si_code != SI_TIMER);
2006 0 : q->info.si_overrun++;
2007 0 : result = TRACE_SIGNAL_ALREADY_PENDING;
2008 0 : goto out;
2009 : }
2010 0 : q->info.si_overrun = 0;
2011 :
2012 0 : signalfd_notify(t, sig);
2013 0 : pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
2014 0 : list_add_tail(&q->list, &pending->list);
2015 0 : sigaddset(&pending->signal, sig);
2016 0 : complete_signal(sig, t, type);
2017 0 : result = TRACE_SIGNAL_DELIVERED;
2018 : out:
2019 0 : trace_signal_generate(sig, &q->info, t, type != PIDTYPE_PID, result);
2020 0 : unlock_task_sighand(t, &flags);
2021 : ret:
2022 : rcu_read_unlock();
2023 0 : return ret;
2024 : }
2025 :
2026 367 : static void do_notify_pidfd(struct task_struct *task)
2027 : {
2028 : struct pid *pid;
2029 :
2030 367 : WARN_ON(task->exit_state == 0);
2031 367 : pid = task_pid(task);
2032 367 : wake_up_all(&pid->wait_pidfd);
2033 367 : }
2034 :
2035 : /*
2036 : * Let a parent know about the death of a child.
2037 : * For a stopped/continued status change, use do_notify_parent_cldstop instead.
2038 : *
2039 : * Returns true if our parent ignored us and so we've switched to
2040 : * self-reaping.
2041 : */
2042 367 : bool do_notify_parent(struct task_struct *tsk, int sig)
2043 : {
2044 : struct kernel_siginfo info;
2045 : unsigned long flags;
2046 : struct sighand_struct *psig;
2047 367 : bool autoreap = false;
2048 : u64 utime, stime;
2049 :
2050 367 : WARN_ON_ONCE(sig == -1);
2051 :
2052 : /* do_notify_parent_cldstop should have been called instead. */
2053 367 : WARN_ON_ONCE(task_is_stopped_or_traced(tsk));
2054 :
2055 734 : WARN_ON_ONCE(!tsk->ptrace &&
2056 : (tsk->group_leader != tsk || !thread_group_empty(tsk)));
2057 :
2058 : /* Wake up all pidfd waiters */
2059 367 : do_notify_pidfd(tsk);
2060 :
2061 367 : if (sig != SIGCHLD) {
2062 : /*
2063 : * This is only possible if parent == real_parent.
2064 : * Check if it has changed security domain.
2065 : */
2066 0 : if (tsk->parent_exec_id != READ_ONCE(tsk->parent->self_exec_id))
2067 0 : sig = SIGCHLD;
2068 : }
2069 :
2070 367 : clear_siginfo(&info);
2071 367 : info.si_signo = sig;
2072 367 : info.si_errno = 0;
2073 : /*
2074 : * We are under tasklist_lock here so our parent is tied to
2075 : * us and cannot change.
2076 : *
2077 : * task_active_pid_ns will always return the same pid namespace
2078 : * until a task passes through release_task.
2079 : *
2080 : * write_lock() currently calls preempt_disable() which is the
2081 : * same as rcu_read_lock(), but according to Oleg, this is not
2082 : * correct to rely on this
2083 : */
2084 : rcu_read_lock();
2085 734 : info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(tsk->parent));
2086 1101 : info.si_uid = from_kuid_munged(task_cred_xxx(tsk->parent, user_ns),
2087 367 : task_uid(tsk));
2088 : rcu_read_unlock();
2089 :
2090 734 : task_cputime(tsk, &utime, &stime);
2091 367 : info.si_utime = nsec_to_clock_t(utime + tsk->signal->utime);
2092 367 : info.si_stime = nsec_to_clock_t(stime + tsk->signal->stime);
2093 :
2094 367 : info.si_status = tsk->exit_code & 0x7f;
2095 367 : if (tsk->exit_code & 0x80)
2096 0 : info.si_code = CLD_DUMPED;
2097 367 : else if (tsk->exit_code & 0x7f)
2098 0 : info.si_code = CLD_KILLED;
2099 : else {
2100 367 : info.si_code = CLD_EXITED;
2101 367 : info.si_status = tsk->exit_code >> 8;
2102 : }
2103 :
2104 367 : psig = tsk->parent->sighand;
2105 367 : spin_lock_irqsave(&psig->siglock, flags);
2106 734 : if (!tsk->ptrace && sig == SIGCHLD &&
2107 367 : (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
2108 0 : (psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
2109 : /*
2110 : * We are exiting and our parent doesn't care. POSIX.1
2111 : * defines special semantics for setting SIGCHLD to SIG_IGN
2112 : * or setting the SA_NOCLDWAIT flag: we should be reaped
2113 : * automatically and not left for our parent's wait4 call.
2114 : * Rather than having the parent do it as a magic kind of
2115 : * signal handler, we just set this to tell do_exit that we
2116 : * can be cleaned up without becoming a zombie. Note that
2117 : * we still call __wake_up_parent in this case, because a
2118 : * blocked sys_wait4 might now return -ECHILD.
2119 : *
2120 : * Whether we send SIGCHLD or not for SA_NOCLDWAIT
2121 : * is implementation-defined: we do (if you don't want
2122 : * it, just use SIG_IGN instead).
2123 : */
2124 367 : autoreap = true;
2125 367 : if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN)
2126 367 : sig = 0;
2127 : }
2128 : /*
2129 : * Send with __send_signal as si_pid and si_uid are in the
2130 : * parent's namespaces.
2131 : */
2132 367 : if (valid_signal(sig) && sig)
2133 0 : __send_signal_locked(sig, &info, tsk->parent, PIDTYPE_TGID, false);
2134 367 : __wake_up_parent(tsk, tsk->parent);
2135 734 : spin_unlock_irqrestore(&psig->siglock, flags);
2136 :
2137 367 : return autoreap;
2138 : }
2139 :
2140 : /**
2141 : * do_notify_parent_cldstop - notify parent of stopped/continued state change
2142 : * @tsk: task reporting the state change
2143 : * @for_ptracer: the notification is for ptracer
2144 : * @why: CLD_{CONTINUED|STOPPED|TRAPPED} to report
2145 : *
2146 : * Notify @tsk's parent that the stopped/continued state has changed. If
2147 : * @for_ptracer is %false, @tsk's group leader notifies to its real parent.
2148 : * If %true, @tsk reports to @tsk->parent which should be the ptracer.
2149 : *
2150 : * CONTEXT:
2151 : * Must be called with tasklist_lock at least read locked.
2152 : */
2153 0 : static void do_notify_parent_cldstop(struct task_struct *tsk,
2154 : bool for_ptracer, int why)
2155 : {
2156 : struct kernel_siginfo info;
2157 : unsigned long flags;
2158 : struct task_struct *parent;
2159 : struct sighand_struct *sighand;
2160 : u64 utime, stime;
2161 :
2162 0 : if (for_ptracer) {
2163 0 : parent = tsk->parent;
2164 : } else {
2165 0 : tsk = tsk->group_leader;
2166 0 : parent = tsk->real_parent;
2167 : }
2168 :
2169 0 : clear_siginfo(&info);
2170 0 : info.si_signo = SIGCHLD;
2171 0 : info.si_errno = 0;
2172 : /*
2173 : * see comment in do_notify_parent() about the following 4 lines
2174 : */
2175 : rcu_read_lock();
2176 0 : info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(parent));
2177 0 : info.si_uid = from_kuid_munged(task_cred_xxx(parent, user_ns), task_uid(tsk));
2178 : rcu_read_unlock();
2179 :
2180 0 : task_cputime(tsk, &utime, &stime);
2181 0 : info.si_utime = nsec_to_clock_t(utime);
2182 0 : info.si_stime = nsec_to_clock_t(stime);
2183 :
2184 0 : info.si_code = why;
2185 0 : switch (why) {
2186 : case CLD_CONTINUED:
2187 0 : info.si_status = SIGCONT;
2188 0 : break;
2189 : case CLD_STOPPED:
2190 0 : info.si_status = tsk->signal->group_exit_code & 0x7f;
2191 0 : break;
2192 : case CLD_TRAPPED:
2193 0 : info.si_status = tsk->exit_code & 0x7f;
2194 0 : break;
2195 : default:
2196 0 : BUG();
2197 : }
2198 :
2199 0 : sighand = parent->sighand;
2200 0 : spin_lock_irqsave(&sighand->siglock, flags);
2201 0 : if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN &&
2202 0 : !(sighand->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDSTOP))
2203 0 : send_signal_locked(SIGCHLD, &info, parent, PIDTYPE_TGID);
2204 : /*
2205 : * Even if SIGCHLD is not generated, we must wake up wait4 calls.
2206 : */
2207 0 : __wake_up_parent(tsk, parent);
2208 0 : spin_unlock_irqrestore(&sighand->siglock, flags);
2209 0 : }
2210 :
2211 : /*
2212 : * This must be called with current->sighand->siglock held.
2213 : *
2214 : * This should be the path for all ptrace stops.
2215 : * We always set current->last_siginfo while stopped here.
2216 : * That makes it a way to test a stopped process for
2217 : * being ptrace-stopped vs being job-control-stopped.
2218 : *
2219 : * Returns the signal the ptracer requested the code resume
2220 : * with. If the code did not stop because the tracer is gone,
2221 : * the stop signal remains unchanged unless clear_code.
2222 : */
2223 0 : static int ptrace_stop(int exit_code, int why, unsigned long message,
2224 : kernel_siginfo_t *info)
2225 : __releases(¤t->sighand->siglock)
2226 : __acquires(¤t->sighand->siglock)
2227 : {
2228 0 : bool gstop_done = false;
2229 :
2230 : if (arch_ptrace_stop_needed()) {
2231 : /*
2232 : * The arch code has something special to do before a
2233 : * ptrace stop. This is allowed to block, e.g. for faults
2234 : * on user stack pages. We can't keep the siglock while
2235 : * calling arch_ptrace_stop, so we must release it now.
2236 : * To preserve proper semantics, we must do this before
2237 : * any signal bookkeeping like checking group_stop_count.
2238 : */
2239 : spin_unlock_irq(¤t->sighand->siglock);
2240 : arch_ptrace_stop();
2241 : spin_lock_irq(¤t->sighand->siglock);
2242 : }
2243 :
2244 : /*
2245 : * After this point ptrace_signal_wake_up or signal_wake_up
2246 : * will clear TASK_TRACED if ptrace_unlink happens or a fatal
2247 : * signal comes in. Handle previous ptrace_unlinks and fatal
2248 : * signals here to prevent ptrace_stop sleeping in schedule.
2249 : */
2250 0 : if (!current->ptrace || __fatal_signal_pending(current))
2251 : return exit_code;
2252 :
2253 0 : set_special_state(TASK_TRACED);
2254 0 : current->jobctl |= JOBCTL_TRACED;
2255 :
2256 : /*
2257 : * We're committing to trapping. TRACED should be visible before
2258 : * TRAPPING is cleared; otherwise, the tracer might fail do_wait().
2259 : * Also, transition to TRACED and updates to ->jobctl should be
2260 : * atomic with respect to siglock and should be done after the arch
2261 : * hook as siglock is released and regrabbed across it.
2262 : *
2263 : * TRACER TRACEE
2264 : *
2265 : * ptrace_attach()
2266 : * [L] wait_on_bit(JOBCTL_TRAPPING) [S] set_special_state(TRACED)
2267 : * do_wait()
2268 : * set_current_state() smp_wmb();
2269 : * ptrace_do_wait()
2270 : * wait_task_stopped()
2271 : * task_stopped_code()
2272 : * [L] task_is_traced() [S] task_clear_jobctl_trapping();
2273 : */
2274 0 : smp_wmb();
2275 :
2276 0 : current->ptrace_message = message;
2277 0 : current->last_siginfo = info;
2278 0 : current->exit_code = exit_code;
2279 :
2280 : /*
2281 : * If @why is CLD_STOPPED, we're trapping to participate in a group
2282 : * stop. Do the bookkeeping. Note that if SIGCONT was delievered
2283 : * across siglock relocks since INTERRUPT was scheduled, PENDING
2284 : * could be clear now. We act as if SIGCONT is received after
2285 : * TASK_TRACED is entered - ignore it.
2286 : */
2287 0 : if (why == CLD_STOPPED && (current->jobctl & JOBCTL_STOP_PENDING))
2288 0 : gstop_done = task_participate_group_stop(current);
2289 :
2290 : /* any trap clears pending STOP trap, STOP trap clears NOTIFY */
2291 0 : task_clear_jobctl_pending(current, JOBCTL_TRAP_STOP);
2292 0 : if (info && info->si_code >> 8 == PTRACE_EVENT_STOP)
2293 0 : task_clear_jobctl_pending(current, JOBCTL_TRAP_NOTIFY);
2294 :
2295 : /* entering a trap, clear TRAPPING */
2296 0 : task_clear_jobctl_trapping(current);
2297 :
2298 0 : spin_unlock_irq(¤t->sighand->siglock);
2299 0 : read_lock(&tasklist_lock);
2300 : /*
2301 : * Notify parents of the stop.
2302 : *
2303 : * While ptraced, there are two parents - the ptracer and
2304 : * the real_parent of the group_leader. The ptracer should
2305 : * know about every stop while the real parent is only
2306 : * interested in the completion of group stop. The states
2307 : * for the two don't interact with each other. Notify
2308 : * separately unless they're gonna be duplicates.
2309 : */
2310 0 : if (current->ptrace)
2311 0 : do_notify_parent_cldstop(current, true, why);
2312 0 : if (gstop_done && (!current->ptrace || ptrace_reparented(current)))
2313 0 : do_notify_parent_cldstop(current, false, why);
2314 :
2315 : /*
2316 : * Don't want to allow preemption here, because
2317 : * sys_ptrace() needs this task to be inactive.
2318 : *
2319 : * XXX: implement read_unlock_no_resched().
2320 : */
2321 0 : preempt_disable();
2322 0 : read_unlock(&tasklist_lock);
2323 : cgroup_enter_frozen();
2324 0 : preempt_enable_no_resched();
2325 0 : schedule();
2326 0 : cgroup_leave_frozen(true);
2327 :
2328 : /*
2329 : * We are back. Now reacquire the siglock before touching
2330 : * last_siginfo, so that we are sure to have synchronized with
2331 : * any signal-sending on another CPU that wants to examine it.
2332 : */
2333 0 : spin_lock_irq(¤t->sighand->siglock);
2334 0 : exit_code = current->exit_code;
2335 0 : current->last_siginfo = NULL;
2336 0 : current->ptrace_message = 0;
2337 0 : current->exit_code = 0;
2338 :
2339 : /* LISTENING can be set only during STOP traps, clear it */
2340 0 : current->jobctl &= ~(JOBCTL_LISTENING | JOBCTL_PTRACE_FROZEN);
2341 :
2342 : /*
2343 : * Queued signals ignored us while we were stopped for tracing.
2344 : * So check for any that we should take before resuming user mode.
2345 : * This sets TIF_SIGPENDING, but never clears it.
2346 : */
2347 0 : recalc_sigpending_tsk(current);
2348 : return exit_code;
2349 : }
2350 :
2351 0 : static int ptrace_do_notify(int signr, int exit_code, int why, unsigned long message)
2352 : {
2353 : kernel_siginfo_t info;
2354 :
2355 0 : clear_siginfo(&info);
2356 0 : info.si_signo = signr;
2357 0 : info.si_code = exit_code;
2358 0 : info.si_pid = task_pid_vnr(current);
2359 0 : info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
2360 :
2361 : /* Let the debugger run. */
2362 0 : return ptrace_stop(exit_code, why, message, &info);
2363 : }
2364 :
2365 0 : int ptrace_notify(int exit_code, unsigned long message)
2366 : {
2367 : int signr;
2368 :
2369 0 : BUG_ON((exit_code & (0x7f | ~0xffff)) != SIGTRAP);
2370 0 : if (unlikely(task_work_pending(current)))
2371 0 : task_work_run();
2372 :
2373 0 : spin_lock_irq(¤t->sighand->siglock);
2374 0 : signr = ptrace_do_notify(SIGTRAP, exit_code, CLD_TRAPPED, message);
2375 0 : spin_unlock_irq(¤t->sighand->siglock);
2376 0 : return signr;
2377 : }
2378 :
2379 : /**
2380 : * do_signal_stop - handle group stop for SIGSTOP and other stop signals
2381 : * @signr: signr causing group stop if initiating
2382 : *
2383 : * If %JOBCTL_STOP_PENDING is not set yet, initiate group stop with @signr
2384 : * and participate in it. If already set, participate in the existing
2385 : * group stop. If participated in a group stop (and thus slept), %true is
2386 : * returned with siglock released.
2387 : *
2388 : * If ptraced, this function doesn't handle stop itself. Instead,
2389 : * %JOBCTL_TRAP_STOP is scheduled and %false is returned with siglock
2390 : * untouched. The caller must ensure that INTERRUPT trap handling takes
2391 : * places afterwards.
2392 : *
2393 : * CONTEXT:
2394 : * Must be called with @current->sighand->siglock held, which is released
2395 : * on %true return.
2396 : *
2397 : * RETURNS:
2398 : * %false if group stop is already cancelled or ptrace trap is scheduled.
2399 : * %true if participated in group stop.
2400 : */
2401 0 : static bool do_signal_stop(int signr)
2402 : __releases(¤t->sighand->siglock)
2403 : {
2404 0 : struct signal_struct *sig = current->signal;
2405 :
2406 0 : if (!(current->jobctl & JOBCTL_STOP_PENDING)) {
2407 0 : unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME;
2408 : struct task_struct *t;
2409 :
2410 : /* signr will be recorded in task->jobctl for retries */
2411 0 : WARN_ON_ONCE(signr & ~JOBCTL_STOP_SIGMASK);
2412 :
2413 0 : if (!likely(current->jobctl & JOBCTL_STOP_DEQUEUED) ||
2414 0 : unlikely(sig->flags & SIGNAL_GROUP_EXIT) ||
2415 0 : unlikely(sig->group_exec_task))
2416 : return false;
2417 : /*
2418 : * There is no group stop already in progress. We must
2419 : * initiate one now.
2420 : *
2421 : * While ptraced, a task may be resumed while group stop is
2422 : * still in effect and then receive a stop signal and
2423 : * initiate another group stop. This deviates from the
2424 : * usual behavior as two consecutive stop signals can't
2425 : * cause two group stops when !ptraced. That is why we
2426 : * also check !task_is_stopped(t) below.
2427 : *
2428 : * The condition can be distinguished by testing whether
2429 : * SIGNAL_STOP_STOPPED is already set. Don't generate
2430 : * group_exit_code in such case.
2431 : *
2432 : * This is not necessary for SIGNAL_STOP_CONTINUED because
2433 : * an intervening stop signal is required to cause two
2434 : * continued events regardless of ptrace.
2435 : */
2436 0 : if (!(sig->flags & SIGNAL_STOP_STOPPED))
2437 0 : sig->group_exit_code = signr;
2438 :
2439 0 : sig->group_stop_count = 0;
2440 :
2441 0 : if (task_set_jobctl_pending(current, signr | gstop))
2442 0 : sig->group_stop_count++;
2443 :
2444 0 : t = current;
2445 0 : while_each_thread(current, t) {
2446 : /*
2447 : * Setting state to TASK_STOPPED for a group
2448 : * stop is always done with the siglock held,
2449 : * so this check has no races.
2450 : */
2451 0 : if (!task_is_stopped(t) &&
2452 0 : task_set_jobctl_pending(t, signr | gstop)) {
2453 0 : sig->group_stop_count++;
2454 0 : if (likely(!(t->ptrace & PT_SEIZED)))
2455 0 : signal_wake_up(t, 0);
2456 : else
2457 0 : ptrace_trap_notify(t);
2458 : }
2459 : }
2460 : }
2461 :
2462 0 : if (likely(!current->ptrace)) {
2463 0 : int notify = 0;
2464 :
2465 : /*
2466 : * If there are no other threads in the group, or if there
2467 : * is a group stop in progress and we are the last to stop,
2468 : * report to the parent.
2469 : */
2470 0 : if (task_participate_group_stop(current))
2471 0 : notify = CLD_STOPPED;
2472 :
2473 0 : current->jobctl |= JOBCTL_STOPPED;
2474 0 : set_special_state(TASK_STOPPED);
2475 0 : spin_unlock_irq(¤t->sighand->siglock);
2476 :
2477 : /*
2478 : * Notify the parent of the group stop completion. Because
2479 : * we're not holding either the siglock or tasklist_lock
2480 : * here, ptracer may attach inbetween; however, this is for
2481 : * group stop and should always be delivered to the real
2482 : * parent of the group leader. The new ptracer will get
2483 : * its notification when this task transitions into
2484 : * TASK_TRACED.
2485 : */
2486 0 : if (notify) {
2487 0 : read_lock(&tasklist_lock);
2488 0 : do_notify_parent_cldstop(current, false, notify);
2489 0 : read_unlock(&tasklist_lock);
2490 : }
2491 :
2492 : /* Now we don't run again until woken by SIGCONT or SIGKILL */
2493 : cgroup_enter_frozen();
2494 0 : schedule();
2495 0 : return true;
2496 : } else {
2497 : /*
2498 : * While ptraced, group stop is handled by STOP trap.
2499 : * Schedule it and let the caller deal with it.
2500 : */
2501 0 : task_set_jobctl_pending(current, JOBCTL_TRAP_STOP);
2502 0 : return false;
2503 : }
2504 : }
2505 :
2506 : /**
2507 : * do_jobctl_trap - take care of ptrace jobctl traps
2508 : *
2509 : * When PT_SEIZED, it's used for both group stop and explicit
2510 : * SEIZE/INTERRUPT traps. Both generate PTRACE_EVENT_STOP trap with
2511 : * accompanying siginfo. If stopped, lower eight bits of exit_code contain
2512 : * the stop signal; otherwise, %SIGTRAP.
2513 : *
2514 : * When !PT_SEIZED, it's used only for group stop trap with stop signal
2515 : * number as exit_code and no siginfo.
2516 : *
2517 : * CONTEXT:
2518 : * Must be called with @current->sighand->siglock held, which may be
2519 : * released and re-acquired before returning with intervening sleep.
2520 : */
2521 0 : static void do_jobctl_trap(void)
2522 : {
2523 0 : struct signal_struct *signal = current->signal;
2524 0 : int signr = current->jobctl & JOBCTL_STOP_SIGMASK;
2525 :
2526 0 : if (current->ptrace & PT_SEIZED) {
2527 0 : if (!signal->group_stop_count &&
2528 : !(signal->flags & SIGNAL_STOP_STOPPED))
2529 0 : signr = SIGTRAP;
2530 0 : WARN_ON_ONCE(!signr);
2531 0 : ptrace_do_notify(signr, signr | (PTRACE_EVENT_STOP << 8),
2532 : CLD_STOPPED, 0);
2533 : } else {
2534 0 : WARN_ON_ONCE(!signr);
2535 0 : ptrace_stop(signr, CLD_STOPPED, 0, NULL);
2536 : }
2537 0 : }
2538 :
2539 : /**
2540 : * do_freezer_trap - handle the freezer jobctl trap
2541 : *
2542 : * Puts the task into frozen state, if only the task is not about to quit.
2543 : * In this case it drops JOBCTL_TRAP_FREEZE.
2544 : *
2545 : * CONTEXT:
2546 : * Must be called with @current->sighand->siglock held,
2547 : * which is always released before returning.
2548 : */
2549 0 : static void do_freezer_trap(void)
2550 : __releases(¤t->sighand->siglock)
2551 : {
2552 : /*
2553 : * If there are other trap bits pending except JOBCTL_TRAP_FREEZE,
2554 : * let's make another loop to give it a chance to be handled.
2555 : * In any case, we'll return back.
2556 : */
2557 0 : if ((current->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) !=
2558 : JOBCTL_TRAP_FREEZE) {
2559 0 : spin_unlock_irq(¤t->sighand->siglock);
2560 : return;
2561 : }
2562 :
2563 : /*
2564 : * Now we're sure that there is no pending fatal signal and no
2565 : * pending traps. Clear TIF_SIGPENDING to not get out of schedule()
2566 : * immediately (if there is a non-fatal signal pending), and
2567 : * put the task into sleep.
2568 : */
2569 0 : __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE);
2570 0 : clear_thread_flag(TIF_SIGPENDING);
2571 0 : spin_unlock_irq(¤t->sighand->siglock);
2572 : cgroup_enter_frozen();
2573 0 : schedule();
2574 : }
2575 :
2576 0 : static int ptrace_signal(int signr, kernel_siginfo_t *info, enum pid_type type)
2577 : {
2578 : /*
2579 : * We do not check sig_kernel_stop(signr) but set this marker
2580 : * unconditionally because we do not know whether debugger will
2581 : * change signr. This flag has no meaning unless we are going
2582 : * to stop after return from ptrace_stop(). In this case it will
2583 : * be checked in do_signal_stop(), we should only stop if it was
2584 : * not cleared by SIGCONT while we were sleeping. See also the
2585 : * comment in dequeue_signal().
2586 : */
2587 0 : current->jobctl |= JOBCTL_STOP_DEQUEUED;
2588 0 : signr = ptrace_stop(signr, CLD_TRAPPED, 0, info);
2589 :
2590 : /* We're back. Did the debugger cancel the sig? */
2591 0 : if (signr == 0)
2592 : return signr;
2593 :
2594 : /*
2595 : * Update the siginfo structure if the signal has
2596 : * changed. If the debugger wanted something
2597 : * specific in the siginfo structure then it should
2598 : * have updated *info via PTRACE_SETSIGINFO.
2599 : */
2600 0 : if (signr != info->si_signo) {
2601 0 : clear_siginfo(info);
2602 0 : info->si_signo = signr;
2603 0 : info->si_errno = 0;
2604 0 : info->si_code = SI_USER;
2605 : rcu_read_lock();
2606 0 : info->si_pid = task_pid_vnr(current->parent);
2607 0 : info->si_uid = from_kuid_munged(current_user_ns(),
2608 0 : task_uid(current->parent));
2609 : rcu_read_unlock();
2610 : }
2611 :
2612 : /* If the (new) signal is now blocked, requeue it. */
2613 0 : if (sigismember(¤t->blocked, signr) ||
2614 0 : fatal_signal_pending(current)) {
2615 0 : send_signal_locked(signr, info, current, type);
2616 0 : signr = 0;
2617 : }
2618 :
2619 : return signr;
2620 : }
2621 :
2622 : static void hide_si_addr_tag_bits(struct ksignal *ksig)
2623 : {
2624 : switch (siginfo_layout(ksig->sig, ksig->info.si_code)) {
2625 : case SIL_FAULT:
2626 : case SIL_FAULT_TRAPNO:
2627 : case SIL_FAULT_MCEERR:
2628 : case SIL_FAULT_BNDERR:
2629 : case SIL_FAULT_PKUERR:
2630 : case SIL_FAULT_PERF_EVENT:
2631 : ksig->info.si_addr = arch_untagged_si_addr(
2632 : ksig->info.si_addr, ksig->sig, ksig->info.si_code);
2633 : break;
2634 : case SIL_KILL:
2635 : case SIL_TIMER:
2636 : case SIL_POLL:
2637 : case SIL_CHLD:
2638 : case SIL_RT:
2639 : case SIL_SYS:
2640 : break;
2641 : }
2642 : }
2643 :
2644 0 : bool get_signal(struct ksignal *ksig)
2645 : {
2646 0 : struct sighand_struct *sighand = current->sighand;
2647 0 : struct signal_struct *signal = current->signal;
2648 : int signr;
2649 :
2650 0 : clear_notify_signal();
2651 0 : if (unlikely(task_work_pending(current)))
2652 0 : task_work_run();
2653 :
2654 0 : if (!task_sigpending(current))
2655 : return false;
2656 :
2657 : if (unlikely(uprobe_deny_signal()))
2658 : return false;
2659 :
2660 : /*
2661 : * Do this once, we can't return to user-mode if freezing() == T.
2662 : * do_signal_stop() and ptrace_stop() do freezable_schedule() and
2663 : * thus do not need another check after return.
2664 : */
2665 0 : try_to_freeze();
2666 :
2667 : relock:
2668 0 : spin_lock_irq(&sighand->siglock);
2669 :
2670 : /*
2671 : * Every stopped thread goes here after wakeup. Check to see if
2672 : * we should notify the parent, prepare_signal(SIGCONT) encodes
2673 : * the CLD_ si_code into SIGNAL_CLD_MASK bits.
2674 : */
2675 0 : if (unlikely(signal->flags & SIGNAL_CLD_MASK)) {
2676 : int why;
2677 :
2678 0 : if (signal->flags & SIGNAL_CLD_CONTINUED)
2679 : why = CLD_CONTINUED;
2680 : else
2681 0 : why = CLD_STOPPED;
2682 :
2683 0 : signal->flags &= ~SIGNAL_CLD_MASK;
2684 :
2685 0 : spin_unlock_irq(&sighand->siglock);
2686 :
2687 : /*
2688 : * Notify the parent that we're continuing. This event is
2689 : * always per-process and doesn't make whole lot of sense
2690 : * for ptracers, who shouldn't consume the state via
2691 : * wait(2) either, but, for backward compatibility, notify
2692 : * the ptracer of the group leader too unless it's gonna be
2693 : * a duplicate.
2694 : */
2695 0 : read_lock(&tasklist_lock);
2696 0 : do_notify_parent_cldstop(current, false, why);
2697 :
2698 0 : if (ptrace_reparented(current->group_leader))
2699 0 : do_notify_parent_cldstop(current->group_leader,
2700 : true, why);
2701 0 : read_unlock(&tasklist_lock);
2702 :
2703 0 : goto relock;
2704 : }
2705 :
2706 0 : for (;;) {
2707 : struct k_sigaction *ka;
2708 : enum pid_type type;
2709 :
2710 : /* Has this task already been marked for death? */
2711 0 : if ((signal->flags & SIGNAL_GROUP_EXIT) ||
2712 0 : signal->group_exec_task) {
2713 0 : clear_siginfo(&ksig->info);
2714 0 : ksig->info.si_signo = signr = SIGKILL;
2715 0 : sigdelset(¤t->pending.signal, SIGKILL);
2716 0 : trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO,
2717 : &sighand->action[SIGKILL - 1]);
2718 0 : recalc_sigpending();
2719 0 : goto fatal;
2720 : }
2721 :
2722 0 : if (unlikely(current->jobctl & JOBCTL_STOP_PENDING) &&
2723 0 : do_signal_stop(0))
2724 : goto relock;
2725 :
2726 0 : if (unlikely(current->jobctl &
2727 : (JOBCTL_TRAP_MASK | JOBCTL_TRAP_FREEZE))) {
2728 0 : if (current->jobctl & JOBCTL_TRAP_MASK) {
2729 0 : do_jobctl_trap();
2730 0 : spin_unlock_irq(&sighand->siglock);
2731 0 : } else if (current->jobctl & JOBCTL_TRAP_FREEZE)
2732 0 : do_freezer_trap();
2733 :
2734 : goto relock;
2735 : }
2736 :
2737 : /*
2738 : * If the task is leaving the frozen state, let's update
2739 : * cgroup counters and reset the frozen bit.
2740 : */
2741 0 : if (unlikely(cgroup_task_frozen(current))) {
2742 : spin_unlock_irq(&sighand->siglock);
2743 : cgroup_leave_frozen(false);
2744 : goto relock;
2745 : }
2746 :
2747 : /*
2748 : * Signals generated by the execution of an instruction
2749 : * need to be delivered before any other pending signals
2750 : * so that the instruction pointer in the signal stack
2751 : * frame points to the faulting instruction.
2752 : */
2753 0 : type = PIDTYPE_PID;
2754 0 : signr = dequeue_synchronous_signal(&ksig->info);
2755 0 : if (!signr)
2756 0 : signr = dequeue_signal(current, ¤t->blocked,
2757 : &ksig->info, &type);
2758 :
2759 0 : if (!signr)
2760 : break; /* will return 0 */
2761 :
2762 0 : if (unlikely(current->ptrace) && (signr != SIGKILL) &&
2763 0 : !(sighand->action[signr -1].sa.sa_flags & SA_IMMUTABLE)) {
2764 0 : signr = ptrace_signal(signr, &ksig->info, type);
2765 0 : if (!signr)
2766 0 : continue;
2767 : }
2768 :
2769 0 : ka = &sighand->action[signr-1];
2770 :
2771 : /* Trace actually delivered signals. */
2772 0 : trace_signal_deliver(signr, &ksig->info, ka);
2773 :
2774 0 : if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */
2775 0 : continue;
2776 0 : if (ka->sa.sa_handler != SIG_DFL) {
2777 : /* Run the handler. */
2778 0 : ksig->ka = *ka;
2779 :
2780 0 : if (ka->sa.sa_flags & SA_ONESHOT)
2781 0 : ka->sa.sa_handler = SIG_DFL;
2782 :
2783 : break; /* will return non-zero "signr" value */
2784 : }
2785 :
2786 : /*
2787 : * Now we are doing the default action for this signal.
2788 : */
2789 0 : if (sig_kernel_ignore(signr)) /* Default is nothing. */
2790 0 : continue;
2791 :
2792 : /*
2793 : * Global init gets no signals it doesn't want.
2794 : * Container-init gets no signals it doesn't want from same
2795 : * container.
2796 : *
2797 : * Note that if global/container-init sees a sig_kernel_only()
2798 : * signal here, the signal must have been generated internally
2799 : * or must have come from an ancestor namespace. In either
2800 : * case, the signal cannot be dropped.
2801 : */
2802 0 : if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
2803 0 : !sig_kernel_only(signr))
2804 0 : continue;
2805 :
2806 0 : if (sig_kernel_stop(signr)) {
2807 : /*
2808 : * The default action is to stop all threads in
2809 : * the thread group. The job control signals
2810 : * do nothing in an orphaned pgrp, but SIGSTOP
2811 : * always works. Note that siglock needs to be
2812 : * dropped during the call to is_orphaned_pgrp()
2813 : * because of lock ordering with tasklist_lock.
2814 : * This allows an intervening SIGCONT to be posted.
2815 : * We need to check for that and bail out if necessary.
2816 : */
2817 0 : if (signr != SIGSTOP) {
2818 0 : spin_unlock_irq(&sighand->siglock);
2819 :
2820 : /* signals can be posted during this window */
2821 :
2822 0 : if (is_current_pgrp_orphaned())
2823 : goto relock;
2824 :
2825 0 : spin_lock_irq(&sighand->siglock);
2826 : }
2827 :
2828 0 : if (likely(do_signal_stop(ksig->info.si_signo))) {
2829 : /* It released the siglock. */
2830 : goto relock;
2831 : }
2832 :
2833 : /*
2834 : * We didn't actually stop, due to a race
2835 : * with SIGCONT or something like that.
2836 : */
2837 0 : continue;
2838 : }
2839 :
2840 : fatal:
2841 0 : spin_unlock_irq(&sighand->siglock);
2842 0 : if (unlikely(cgroup_task_frozen(current)))
2843 : cgroup_leave_frozen(true);
2844 :
2845 : /*
2846 : * Anything else is fatal, maybe with a core dump.
2847 : */
2848 0 : current->flags |= PF_SIGNALED;
2849 :
2850 0 : if (sig_kernel_coredump(signr)) {
2851 0 : if (print_fatal_signals)
2852 0 : print_fatal_signal(ksig->info.si_signo);
2853 0 : proc_coredump_connector(current);
2854 : /*
2855 : * If it was able to dump core, this kills all
2856 : * other threads in the group and synchronizes with
2857 : * their demise. If we lost the race with another
2858 : * thread getting here, it set group_exit_code
2859 : * first and our do_group_exit call below will use
2860 : * that value and ignore the one we pass it.
2861 : */
2862 0 : do_coredump(&ksig->info);
2863 : }
2864 :
2865 : /*
2866 : * PF_USER_WORKER threads will catch and exit on fatal signals
2867 : * themselves. They have cleanup that must be performed, so
2868 : * we cannot call do_exit() on their behalf.
2869 : */
2870 0 : if (current->flags & PF_USER_WORKER)
2871 : goto out;
2872 :
2873 : /*
2874 : * Death signals, no core dump.
2875 : */
2876 0 : do_group_exit(ksig->info.si_signo);
2877 : /* NOTREACHED */
2878 : }
2879 0 : spin_unlock_irq(&sighand->siglock);
2880 : out:
2881 0 : ksig->sig = signr;
2882 :
2883 : if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS))
2884 : hide_si_addr_tag_bits(ksig);
2885 :
2886 0 : return ksig->sig > 0;
2887 : }
2888 :
2889 : /**
2890 : * signal_delivered - called after signal delivery to update blocked signals
2891 : * @ksig: kernel signal struct
2892 : * @stepping: nonzero if debugger single-step or block-step in use
2893 : *
2894 : * This function should be called when a signal has successfully been
2895 : * delivered. It updates the blocked signals accordingly (@ksig->ka.sa.sa_mask
2896 : * is always blocked), and the signal itself is blocked unless %SA_NODEFER
2897 : * is set in @ksig->ka.sa.sa_flags. Tracing is notified.
2898 : */
2899 0 : static void signal_delivered(struct ksignal *ksig, int stepping)
2900 : {
2901 : sigset_t blocked;
2902 :
2903 : /* A signal was successfully delivered, and the
2904 : saved sigmask was stored on the signal frame,
2905 : and will be restored by sigreturn. So we can
2906 : simply clear the restore sigmask flag. */
2907 0 : clear_restore_sigmask();
2908 :
2909 0 : sigorsets(&blocked, ¤t->blocked, &ksig->ka.sa.sa_mask);
2910 0 : if (!(ksig->ka.sa.sa_flags & SA_NODEFER))
2911 0 : sigaddset(&blocked, ksig->sig);
2912 0 : set_current_blocked(&blocked);
2913 0 : if (current->sas_ss_flags & SS_AUTODISARM)
2914 0 : sas_ss_reset(current);
2915 0 : if (stepping)
2916 0 : ptrace_notify(SIGTRAP, 0);
2917 0 : }
2918 :
2919 0 : void signal_setup_done(int failed, struct ksignal *ksig, int stepping)
2920 : {
2921 0 : if (failed)
2922 0 : force_sigsegv(ksig->sig);
2923 : else
2924 0 : signal_delivered(ksig, stepping);
2925 0 : }
2926 :
2927 : /*
2928 : * It could be that complete_signal() picked us to notify about the
2929 : * group-wide signal. Other threads should be notified now to take
2930 : * the shared signals in @which since we will not.
2931 : */
2932 0 : static void retarget_shared_pending(struct task_struct *tsk, sigset_t *which)
2933 : {
2934 : sigset_t retarget;
2935 : struct task_struct *t;
2936 :
2937 0 : sigandsets(&retarget, &tsk->signal->shared_pending.signal, which);
2938 0 : if (sigisemptyset(&retarget))
2939 : return;
2940 :
2941 : t = tsk;
2942 0 : while_each_thread(tsk, t) {
2943 0 : if (t->flags & PF_EXITING)
2944 0 : continue;
2945 :
2946 0 : if (!has_pending_signals(&retarget, &t->blocked))
2947 0 : continue;
2948 : /* Remove the signals this thread can handle. */
2949 0 : sigandsets(&retarget, &retarget, &t->blocked);
2950 :
2951 0 : if (!task_sigpending(t))
2952 0 : signal_wake_up(t, 0);
2953 :
2954 0 : if (sigisemptyset(&retarget))
2955 : break;
2956 : }
2957 : }
2958 :
2959 367 : void exit_signals(struct task_struct *tsk)
2960 : {
2961 367 : int group_stop = 0;
2962 : sigset_t unblocked;
2963 :
2964 : /*
2965 : * @tsk is about to have PF_EXITING set - lock out users which
2966 : * expect stable threadgroup.
2967 : */
2968 367 : cgroup_threadgroup_change_begin(tsk);
2969 :
2970 367 : if (thread_group_empty(tsk) || (tsk->signal->flags & SIGNAL_GROUP_EXIT)) {
2971 367 : sched_mm_cid_exit_signals(tsk);
2972 367 : tsk->flags |= PF_EXITING;
2973 367 : cgroup_threadgroup_change_end(tsk);
2974 367 : return;
2975 : }
2976 :
2977 0 : spin_lock_irq(&tsk->sighand->siglock);
2978 : /*
2979 : * From now this task is not visible for group-wide signals,
2980 : * see wants_signal(), do_signal_stop().
2981 : */
2982 0 : sched_mm_cid_exit_signals(tsk);
2983 0 : tsk->flags |= PF_EXITING;
2984 :
2985 0 : cgroup_threadgroup_change_end(tsk);
2986 :
2987 0 : if (!task_sigpending(tsk))
2988 : goto out;
2989 :
2990 0 : unblocked = tsk->blocked;
2991 0 : signotset(&unblocked);
2992 0 : retarget_shared_pending(tsk, &unblocked);
2993 :
2994 0 : if (unlikely(tsk->jobctl & JOBCTL_STOP_PENDING) &&
2995 0 : task_participate_group_stop(tsk))
2996 0 : group_stop = CLD_STOPPED;
2997 : out:
2998 0 : spin_unlock_irq(&tsk->sighand->siglock);
2999 :
3000 : /*
3001 : * If group stop has completed, deliver the notification. This
3002 : * should always go to the real parent of the group leader.
3003 : */
3004 0 : if (unlikely(group_stop)) {
3005 0 : read_lock(&tasklist_lock);
3006 0 : do_notify_parent_cldstop(tsk, false, group_stop);
3007 0 : read_unlock(&tasklist_lock);
3008 : }
3009 : }
3010 :
3011 : /*
3012 : * System call entry points.
3013 : */
3014 :
3015 : /**
3016 : * sys_restart_syscall - restart a system call
3017 : */
3018 0 : SYSCALL_DEFINE0(restart_syscall)
3019 : {
3020 0 : struct restart_block *restart = ¤t->restart_block;
3021 0 : return restart->fn(restart);
3022 : }
3023 :
3024 0 : long do_no_restart_syscall(struct restart_block *param)
3025 : {
3026 0 : return -EINTR;
3027 : }
3028 :
3029 0 : static void __set_task_blocked(struct task_struct *tsk, const sigset_t *newset)
3030 : {
3031 0 : if (task_sigpending(tsk) && !thread_group_empty(tsk)) {
3032 : sigset_t newblocked;
3033 : /* A set of now blocked but previously unblocked signals. */
3034 0 : sigandnsets(&newblocked, newset, ¤t->blocked);
3035 0 : retarget_shared_pending(tsk, &newblocked);
3036 : }
3037 0 : tsk->blocked = *newset;
3038 0 : recalc_sigpending();
3039 0 : }
3040 :
3041 : /**
3042 : * set_current_blocked - change current->blocked mask
3043 : * @newset: new mask
3044 : *
3045 : * It is wrong to change ->blocked directly, this helper should be used
3046 : * to ensure the process can't miss a shared signal we are going to block.
3047 : */
3048 0 : void set_current_blocked(sigset_t *newset)
3049 : {
3050 0 : sigdelsetmask(newset, sigmask(SIGKILL) | sigmask(SIGSTOP));
3051 0 : __set_current_blocked(newset);
3052 0 : }
3053 :
3054 0 : void __set_current_blocked(const sigset_t *newset)
3055 : {
3056 0 : struct task_struct *tsk = current;
3057 :
3058 : /*
3059 : * In case the signal mask hasn't changed, there is nothing we need
3060 : * to do. The current->blocked shouldn't be modified by other task.
3061 : */
3062 0 : if (sigequalsets(&tsk->blocked, newset))
3063 : return;
3064 :
3065 0 : spin_lock_irq(&tsk->sighand->siglock);
3066 0 : __set_task_blocked(tsk, newset);
3067 0 : spin_unlock_irq(&tsk->sighand->siglock);
3068 : }
3069 :
3070 : /*
3071 : * This is also useful for kernel threads that want to temporarily
3072 : * (or permanently) block certain signals.
3073 : *
3074 : * NOTE! Unlike the user-mode sys_sigprocmask(), the kernel
3075 : * interface happily blocks "unblockable" signals like SIGKILL
3076 : * and friends.
3077 : */
3078 0 : int sigprocmask(int how, sigset_t *set, sigset_t *oldset)
3079 : {
3080 0 : struct task_struct *tsk = current;
3081 : sigset_t newset;
3082 :
3083 : /* Lockless, only current can change ->blocked, never from irq */
3084 0 : if (oldset)
3085 0 : *oldset = tsk->blocked;
3086 :
3087 0 : switch (how) {
3088 : case SIG_BLOCK:
3089 0 : sigorsets(&newset, &tsk->blocked, set);
3090 : break;
3091 : case SIG_UNBLOCK:
3092 0 : sigandnsets(&newset, &tsk->blocked, set);
3093 : break;
3094 : case SIG_SETMASK:
3095 0 : newset = *set;
3096 0 : break;
3097 : default:
3098 : return -EINVAL;
3099 : }
3100 :
3101 0 : __set_current_blocked(&newset);
3102 0 : return 0;
3103 : }
3104 : EXPORT_SYMBOL(sigprocmask);
3105 :
3106 : /*
3107 : * The api helps set app-provided sigmasks.
3108 : *
3109 : * This is useful for syscalls such as ppoll, pselect, io_pgetevents and
3110 : * epoll_pwait where a new sigmask is passed from userland for the syscalls.
3111 : *
3112 : * Note that it does set_restore_sigmask() in advance, so it must be always
3113 : * paired with restore_saved_sigmask_unless() before return from syscall.
3114 : */
3115 0 : int set_user_sigmask(const sigset_t __user *umask, size_t sigsetsize)
3116 : {
3117 : sigset_t kmask;
3118 :
3119 0 : if (!umask)
3120 : return 0;
3121 0 : if (sigsetsize != sizeof(sigset_t))
3122 : return -EINVAL;
3123 0 : if (copy_from_user(&kmask, umask, sizeof(sigset_t)))
3124 : return -EFAULT;
3125 :
3126 0 : set_restore_sigmask();
3127 0 : current->saved_sigmask = current->blocked;
3128 0 : set_current_blocked(&kmask);
3129 :
3130 0 : return 0;
3131 : }
3132 :
3133 : #ifdef CONFIG_COMPAT
3134 : int set_compat_user_sigmask(const compat_sigset_t __user *umask,
3135 : size_t sigsetsize)
3136 : {
3137 : sigset_t kmask;
3138 :
3139 : if (!umask)
3140 : return 0;
3141 : if (sigsetsize != sizeof(compat_sigset_t))
3142 : return -EINVAL;
3143 : if (get_compat_sigset(&kmask, umask))
3144 : return -EFAULT;
3145 :
3146 : set_restore_sigmask();
3147 : current->saved_sigmask = current->blocked;
3148 : set_current_blocked(&kmask);
3149 :
3150 : return 0;
3151 : }
3152 : #endif
3153 :
3154 : /**
3155 : * sys_rt_sigprocmask - change the list of currently blocked signals
3156 : * @how: whether to add, remove, or set signals
3157 : * @nset: stores pending signals
3158 : * @oset: previous value of signal mask if non-null
3159 : * @sigsetsize: size of sigset_t type
3160 : */
3161 0 : SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, nset,
3162 : sigset_t __user *, oset, size_t, sigsetsize)
3163 : {
3164 : sigset_t old_set, new_set;
3165 : int error;
3166 :
3167 : /* XXX: Don't preclude handling different sized sigset_t's. */
3168 0 : if (sigsetsize != sizeof(sigset_t))
3169 : return -EINVAL;
3170 :
3171 0 : old_set = current->blocked;
3172 :
3173 0 : if (nset) {
3174 0 : if (copy_from_user(&new_set, nset, sizeof(sigset_t)))
3175 : return -EFAULT;
3176 0 : sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
3177 :
3178 0 : error = sigprocmask(how, &new_set, NULL);
3179 0 : if (error)
3180 0 : return error;
3181 : }
3182 :
3183 0 : if (oset) {
3184 0 : if (copy_to_user(oset, &old_set, sizeof(sigset_t)))
3185 : return -EFAULT;
3186 : }
3187 :
3188 : return 0;
3189 : }
3190 :
3191 : #ifdef CONFIG_COMPAT
3192 : COMPAT_SYSCALL_DEFINE4(rt_sigprocmask, int, how, compat_sigset_t __user *, nset,
3193 : compat_sigset_t __user *, oset, compat_size_t, sigsetsize)
3194 : {
3195 : sigset_t old_set = current->blocked;
3196 :
3197 : /* XXX: Don't preclude handling different sized sigset_t's. */
3198 : if (sigsetsize != sizeof(sigset_t))
3199 : return -EINVAL;
3200 :
3201 : if (nset) {
3202 : sigset_t new_set;
3203 : int error;
3204 : if (get_compat_sigset(&new_set, nset))
3205 : return -EFAULT;
3206 : sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
3207 :
3208 : error = sigprocmask(how, &new_set, NULL);
3209 : if (error)
3210 : return error;
3211 : }
3212 : return oset ? put_compat_sigset(oset, &old_set, sizeof(*oset)) : 0;
3213 : }
3214 : #endif
3215 :
3216 0 : static void do_sigpending(sigset_t *set)
3217 : {
3218 0 : spin_lock_irq(¤t->sighand->siglock);
3219 0 : sigorsets(set, ¤t->pending.signal,
3220 0 : ¤t->signal->shared_pending.signal);
3221 0 : spin_unlock_irq(¤t->sighand->siglock);
3222 :
3223 : /* Outside the lock because only this thread touches it. */
3224 0 : sigandsets(set, ¤t->blocked, set);
3225 0 : }
3226 :
3227 : /**
3228 : * sys_rt_sigpending - examine a pending signal that has been raised
3229 : * while blocked
3230 : * @uset: stores pending signals
3231 : * @sigsetsize: size of sigset_t type or larger
3232 : */
3233 0 : SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, uset, size_t, sigsetsize)
3234 : {
3235 : sigset_t set;
3236 :
3237 0 : if (sigsetsize > sizeof(*uset))
3238 : return -EINVAL;
3239 :
3240 0 : do_sigpending(&set);
3241 :
3242 0 : if (copy_to_user(uset, &set, sigsetsize))
3243 : return -EFAULT;
3244 :
3245 0 : return 0;
3246 : }
3247 :
3248 : #ifdef CONFIG_COMPAT
3249 : COMPAT_SYSCALL_DEFINE2(rt_sigpending, compat_sigset_t __user *, uset,
3250 : compat_size_t, sigsetsize)
3251 : {
3252 : sigset_t set;
3253 :
3254 : if (sigsetsize > sizeof(*uset))
3255 : return -EINVAL;
3256 :
3257 : do_sigpending(&set);
3258 :
3259 : return put_compat_sigset(uset, &set, sigsetsize);
3260 : }
3261 : #endif
3262 :
3263 : static const struct {
3264 : unsigned char limit, layout;
3265 : } sig_sicodes[] = {
3266 : [SIGILL] = { NSIGILL, SIL_FAULT },
3267 : [SIGFPE] = { NSIGFPE, SIL_FAULT },
3268 : [SIGSEGV] = { NSIGSEGV, SIL_FAULT },
3269 : [SIGBUS] = { NSIGBUS, SIL_FAULT },
3270 : [SIGTRAP] = { NSIGTRAP, SIL_FAULT },
3271 : #if defined(SIGEMT)
3272 : [SIGEMT] = { NSIGEMT, SIL_FAULT },
3273 : #endif
3274 : [SIGCHLD] = { NSIGCHLD, SIL_CHLD },
3275 : [SIGPOLL] = { NSIGPOLL, SIL_POLL },
3276 : [SIGSYS] = { NSIGSYS, SIL_SYS },
3277 : };
3278 :
3279 0 : static bool known_siginfo_layout(unsigned sig, int si_code)
3280 : {
3281 0 : if (si_code == SI_KERNEL)
3282 : return true;
3283 0 : else if ((si_code > SI_USER)) {
3284 0 : if (sig_specific_sicodes(sig)) {
3285 0 : if (si_code <= sig_sicodes[sig].limit)
3286 : return true;
3287 : }
3288 0 : else if (si_code <= NSIGPOLL)
3289 : return true;
3290 : }
3291 0 : else if (si_code >= SI_DETHREAD)
3292 : return true;
3293 0 : else if (si_code == SI_ASYNCNL)
3294 : return true;
3295 0 : return false;
3296 : }
3297 :
3298 0 : enum siginfo_layout siginfo_layout(unsigned sig, int si_code)
3299 : {
3300 0 : enum siginfo_layout layout = SIL_KILL;
3301 0 : if ((si_code > SI_USER) && (si_code < SI_KERNEL)) {
3302 0 : if ((sig < ARRAY_SIZE(sig_sicodes)) &&
3303 0 : (si_code <= sig_sicodes[sig].limit)) {
3304 0 : layout = sig_sicodes[sig].layout;
3305 : /* Handle the exceptions */
3306 0 : if ((sig == SIGBUS) &&
3307 0 : (si_code >= BUS_MCEERR_AR) && (si_code <= BUS_MCEERR_AO))
3308 : layout = SIL_FAULT_MCEERR;
3309 0 : else if ((sig == SIGSEGV) && (si_code == SEGV_BNDERR))
3310 : layout = SIL_FAULT_BNDERR;
3311 : #ifdef SEGV_PKUERR
3312 0 : else if ((sig == SIGSEGV) && (si_code == SEGV_PKUERR))
3313 : layout = SIL_FAULT_PKUERR;
3314 : #endif
3315 0 : else if ((sig == SIGTRAP) && (si_code == TRAP_PERF))
3316 0 : layout = SIL_FAULT_PERF_EVENT;
3317 : else if (IS_ENABLED(CONFIG_SPARC) &&
3318 : (sig == SIGILL) && (si_code == ILL_ILLTRP))
3319 : layout = SIL_FAULT_TRAPNO;
3320 : else if (IS_ENABLED(CONFIG_ALPHA) &&
3321 : ((sig == SIGFPE) ||
3322 : ((sig == SIGTRAP) && (si_code == TRAP_UNK))))
3323 : layout = SIL_FAULT_TRAPNO;
3324 : }
3325 0 : else if (si_code <= NSIGPOLL)
3326 0 : layout = SIL_POLL;
3327 : } else {
3328 0 : if (si_code == SI_TIMER)
3329 : layout = SIL_TIMER;
3330 0 : else if (si_code == SI_SIGIO)
3331 : layout = SIL_POLL;
3332 0 : else if (si_code < 0)
3333 0 : layout = SIL_RT;
3334 : }
3335 0 : return layout;
3336 : }
3337 :
3338 : static inline char __user *si_expansion(const siginfo_t __user *info)
3339 : {
3340 0 : return ((char __user *)info) + sizeof(struct kernel_siginfo);
3341 : }
3342 :
3343 0 : int copy_siginfo_to_user(siginfo_t __user *to, const kernel_siginfo_t *from)
3344 : {
3345 0 : char __user *expansion = si_expansion(to);
3346 0 : if (copy_to_user(to, from , sizeof(struct kernel_siginfo)))
3347 : return -EFAULT;
3348 0 : if (clear_user(expansion, SI_EXPANSION_SIZE))
3349 : return -EFAULT;
3350 0 : return 0;
3351 : }
3352 :
3353 0 : static int post_copy_siginfo_from_user(kernel_siginfo_t *info,
3354 : const siginfo_t __user *from)
3355 : {
3356 0 : if (unlikely(!known_siginfo_layout(info->si_signo, info->si_code))) {
3357 0 : char __user *expansion = si_expansion(from);
3358 : char buf[SI_EXPANSION_SIZE];
3359 : int i;
3360 : /*
3361 : * An unknown si_code might need more than
3362 : * sizeof(struct kernel_siginfo) bytes. Verify all of the
3363 : * extra bytes are 0. This guarantees copy_siginfo_to_user
3364 : * will return this data to userspace exactly.
3365 : */
3366 0 : if (copy_from_user(&buf, expansion, SI_EXPANSION_SIZE))
3367 0 : return -EFAULT;
3368 0 : for (i = 0; i < SI_EXPANSION_SIZE; i++) {
3369 0 : if (buf[i] != 0)
3370 : return -E2BIG;
3371 : }
3372 : }
3373 : return 0;
3374 : }
3375 :
3376 0 : static int __copy_siginfo_from_user(int signo, kernel_siginfo_t *to,
3377 : const siginfo_t __user *from)
3378 : {
3379 0 : if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
3380 : return -EFAULT;
3381 0 : to->si_signo = signo;
3382 0 : return post_copy_siginfo_from_user(to, from);
3383 : }
3384 :
3385 0 : int copy_siginfo_from_user(kernel_siginfo_t *to, const siginfo_t __user *from)
3386 : {
3387 0 : if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
3388 : return -EFAULT;
3389 0 : return post_copy_siginfo_from_user(to, from);
3390 : }
3391 :
3392 : #ifdef CONFIG_COMPAT
3393 : /**
3394 : * copy_siginfo_to_external32 - copy a kernel siginfo into a compat user siginfo
3395 : * @to: compat siginfo destination
3396 : * @from: kernel siginfo source
3397 : *
3398 : * Note: This function does not work properly for the SIGCHLD on x32, but
3399 : * fortunately it doesn't have to. The only valid callers for this function are
3400 : * copy_siginfo_to_user32, which is overriden for x32 and the coredump code.
3401 : * The latter does not care because SIGCHLD will never cause a coredump.
3402 : */
3403 : void copy_siginfo_to_external32(struct compat_siginfo *to,
3404 : const struct kernel_siginfo *from)
3405 : {
3406 : memset(to, 0, sizeof(*to));
3407 :
3408 : to->si_signo = from->si_signo;
3409 : to->si_errno = from->si_errno;
3410 : to->si_code = from->si_code;
3411 : switch(siginfo_layout(from->si_signo, from->si_code)) {
3412 : case SIL_KILL:
3413 : to->si_pid = from->si_pid;
3414 : to->si_uid = from->si_uid;
3415 : break;
3416 : case SIL_TIMER:
3417 : to->si_tid = from->si_tid;
3418 : to->si_overrun = from->si_overrun;
3419 : to->si_int = from->si_int;
3420 : break;
3421 : case SIL_POLL:
3422 : to->si_band = from->si_band;
3423 : to->si_fd = from->si_fd;
3424 : break;
3425 : case SIL_FAULT:
3426 : to->si_addr = ptr_to_compat(from->si_addr);
3427 : break;
3428 : case SIL_FAULT_TRAPNO:
3429 : to->si_addr = ptr_to_compat(from->si_addr);
3430 : to->si_trapno = from->si_trapno;
3431 : break;
3432 : case SIL_FAULT_MCEERR:
3433 : to->si_addr = ptr_to_compat(from->si_addr);
3434 : to->si_addr_lsb = from->si_addr_lsb;
3435 : break;
3436 : case SIL_FAULT_BNDERR:
3437 : to->si_addr = ptr_to_compat(from->si_addr);
3438 : to->si_lower = ptr_to_compat(from->si_lower);
3439 : to->si_upper = ptr_to_compat(from->si_upper);
3440 : break;
3441 : case SIL_FAULT_PKUERR:
3442 : to->si_addr = ptr_to_compat(from->si_addr);
3443 : to->si_pkey = from->si_pkey;
3444 : break;
3445 : case SIL_FAULT_PERF_EVENT:
3446 : to->si_addr = ptr_to_compat(from->si_addr);
3447 : to->si_perf_data = from->si_perf_data;
3448 : to->si_perf_type = from->si_perf_type;
3449 : to->si_perf_flags = from->si_perf_flags;
3450 : break;
3451 : case SIL_CHLD:
3452 : to->si_pid = from->si_pid;
3453 : to->si_uid = from->si_uid;
3454 : to->si_status = from->si_status;
3455 : to->si_utime = from->si_utime;
3456 : to->si_stime = from->si_stime;
3457 : break;
3458 : case SIL_RT:
3459 : to->si_pid = from->si_pid;
3460 : to->si_uid = from->si_uid;
3461 : to->si_int = from->si_int;
3462 : break;
3463 : case SIL_SYS:
3464 : to->si_call_addr = ptr_to_compat(from->si_call_addr);
3465 : to->si_syscall = from->si_syscall;
3466 : to->si_arch = from->si_arch;
3467 : break;
3468 : }
3469 : }
3470 :
3471 : int __copy_siginfo_to_user32(struct compat_siginfo __user *to,
3472 : const struct kernel_siginfo *from)
3473 : {
3474 : struct compat_siginfo new;
3475 :
3476 : copy_siginfo_to_external32(&new, from);
3477 : if (copy_to_user(to, &new, sizeof(struct compat_siginfo)))
3478 : return -EFAULT;
3479 : return 0;
3480 : }
3481 :
3482 : static int post_copy_siginfo_from_user32(kernel_siginfo_t *to,
3483 : const struct compat_siginfo *from)
3484 : {
3485 : clear_siginfo(to);
3486 : to->si_signo = from->si_signo;
3487 : to->si_errno = from->si_errno;
3488 : to->si_code = from->si_code;
3489 : switch(siginfo_layout(from->si_signo, from->si_code)) {
3490 : case SIL_KILL:
3491 : to->si_pid = from->si_pid;
3492 : to->si_uid = from->si_uid;
3493 : break;
3494 : case SIL_TIMER:
3495 : to->si_tid = from->si_tid;
3496 : to->si_overrun = from->si_overrun;
3497 : to->si_int = from->si_int;
3498 : break;
3499 : case SIL_POLL:
3500 : to->si_band = from->si_band;
3501 : to->si_fd = from->si_fd;
3502 : break;
3503 : case SIL_FAULT:
3504 : to->si_addr = compat_ptr(from->si_addr);
3505 : break;
3506 : case SIL_FAULT_TRAPNO:
3507 : to->si_addr = compat_ptr(from->si_addr);
3508 : to->si_trapno = from->si_trapno;
3509 : break;
3510 : case SIL_FAULT_MCEERR:
3511 : to->si_addr = compat_ptr(from->si_addr);
3512 : to->si_addr_lsb = from->si_addr_lsb;
3513 : break;
3514 : case SIL_FAULT_BNDERR:
3515 : to->si_addr = compat_ptr(from->si_addr);
3516 : to->si_lower = compat_ptr(from->si_lower);
3517 : to->si_upper = compat_ptr(from->si_upper);
3518 : break;
3519 : case SIL_FAULT_PKUERR:
3520 : to->si_addr = compat_ptr(from->si_addr);
3521 : to->si_pkey = from->si_pkey;
3522 : break;
3523 : case SIL_FAULT_PERF_EVENT:
3524 : to->si_addr = compat_ptr(from->si_addr);
3525 : to->si_perf_data = from->si_perf_data;
3526 : to->si_perf_type = from->si_perf_type;
3527 : to->si_perf_flags = from->si_perf_flags;
3528 : break;
3529 : case SIL_CHLD:
3530 : to->si_pid = from->si_pid;
3531 : to->si_uid = from->si_uid;
3532 : to->si_status = from->si_status;
3533 : #ifdef CONFIG_X86_X32_ABI
3534 : if (in_x32_syscall()) {
3535 : to->si_utime = from->_sifields._sigchld_x32._utime;
3536 : to->si_stime = from->_sifields._sigchld_x32._stime;
3537 : } else
3538 : #endif
3539 : {
3540 : to->si_utime = from->si_utime;
3541 : to->si_stime = from->si_stime;
3542 : }
3543 : break;
3544 : case SIL_RT:
3545 : to->si_pid = from->si_pid;
3546 : to->si_uid = from->si_uid;
3547 : to->si_int = from->si_int;
3548 : break;
3549 : case SIL_SYS:
3550 : to->si_call_addr = compat_ptr(from->si_call_addr);
3551 : to->si_syscall = from->si_syscall;
3552 : to->si_arch = from->si_arch;
3553 : break;
3554 : }
3555 : return 0;
3556 : }
3557 :
3558 : static int __copy_siginfo_from_user32(int signo, struct kernel_siginfo *to,
3559 : const struct compat_siginfo __user *ufrom)
3560 : {
3561 : struct compat_siginfo from;
3562 :
3563 : if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
3564 : return -EFAULT;
3565 :
3566 : from.si_signo = signo;
3567 : return post_copy_siginfo_from_user32(to, &from);
3568 : }
3569 :
3570 : int copy_siginfo_from_user32(struct kernel_siginfo *to,
3571 : const struct compat_siginfo __user *ufrom)
3572 : {
3573 : struct compat_siginfo from;
3574 :
3575 : if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
3576 : return -EFAULT;
3577 :
3578 : return post_copy_siginfo_from_user32(to, &from);
3579 : }
3580 : #endif /* CONFIG_COMPAT */
3581 :
3582 : /**
3583 : * do_sigtimedwait - wait for queued signals specified in @which
3584 : * @which: queued signals to wait for
3585 : * @info: if non-null, the signal's siginfo is returned here
3586 : * @ts: upper bound on process time suspension
3587 : */
3588 0 : static int do_sigtimedwait(const sigset_t *which, kernel_siginfo_t *info,
3589 : const struct timespec64 *ts)
3590 : {
3591 0 : ktime_t *to = NULL, timeout = KTIME_MAX;
3592 0 : struct task_struct *tsk = current;
3593 0 : sigset_t mask = *which;
3594 : enum pid_type type;
3595 0 : int sig, ret = 0;
3596 :
3597 0 : if (ts) {
3598 0 : if (!timespec64_valid(ts))
3599 : return -EINVAL;
3600 0 : timeout = timespec64_to_ktime(*ts);
3601 0 : to = &timeout;
3602 : }
3603 :
3604 : /*
3605 : * Invert the set of allowed signals to get those we want to block.
3606 : */
3607 0 : sigdelsetmask(&mask, sigmask(SIGKILL) | sigmask(SIGSTOP));
3608 0 : signotset(&mask);
3609 :
3610 0 : spin_lock_irq(&tsk->sighand->siglock);
3611 0 : sig = dequeue_signal(tsk, &mask, info, &type);
3612 0 : if (!sig && timeout) {
3613 : /*
3614 : * None ready, temporarily unblock those we're interested
3615 : * while we are sleeping in so that we'll be awakened when
3616 : * they arrive. Unblocking is always fine, we can avoid
3617 : * set_current_blocked().
3618 : */
3619 0 : tsk->real_blocked = tsk->blocked;
3620 0 : sigandsets(&tsk->blocked, &tsk->blocked, &mask);
3621 0 : recalc_sigpending();
3622 0 : spin_unlock_irq(&tsk->sighand->siglock);
3623 :
3624 0 : __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE);
3625 0 : ret = schedule_hrtimeout_range(to, tsk->timer_slack_ns,
3626 : HRTIMER_MODE_REL);
3627 0 : spin_lock_irq(&tsk->sighand->siglock);
3628 0 : __set_task_blocked(tsk, &tsk->real_blocked);
3629 0 : sigemptyset(&tsk->real_blocked);
3630 0 : sig = dequeue_signal(tsk, &mask, info, &type);
3631 : }
3632 0 : spin_unlock_irq(&tsk->sighand->siglock);
3633 :
3634 0 : if (sig)
3635 : return sig;
3636 0 : return ret ? -EINTR : -EAGAIN;
3637 : }
3638 :
3639 : /**
3640 : * sys_rt_sigtimedwait - synchronously wait for queued signals specified
3641 : * in @uthese
3642 : * @uthese: queued signals to wait for
3643 : * @uinfo: if non-null, the signal's siginfo is returned here
3644 : * @uts: upper bound on process time suspension
3645 : * @sigsetsize: size of sigset_t type
3646 : */
3647 0 : SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese,
3648 : siginfo_t __user *, uinfo,
3649 : const struct __kernel_timespec __user *, uts,
3650 : size_t, sigsetsize)
3651 : {
3652 : sigset_t these;
3653 : struct timespec64 ts;
3654 : kernel_siginfo_t info;
3655 : int ret;
3656 :
3657 : /* XXX: Don't preclude handling different sized sigset_t's. */
3658 0 : if (sigsetsize != sizeof(sigset_t))
3659 : return -EINVAL;
3660 :
3661 0 : if (copy_from_user(&these, uthese, sizeof(these)))
3662 : return -EFAULT;
3663 :
3664 0 : if (uts) {
3665 0 : if (get_timespec64(&ts, uts))
3666 : return -EFAULT;
3667 : }
3668 :
3669 0 : ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
3670 :
3671 0 : if (ret > 0 && uinfo) {
3672 0 : if (copy_siginfo_to_user(uinfo, &info))
3673 0 : ret = -EFAULT;
3674 : }
3675 :
3676 0 : return ret;
3677 : }
3678 :
3679 : #ifdef CONFIG_COMPAT_32BIT_TIME
3680 : SYSCALL_DEFINE4(rt_sigtimedwait_time32, const sigset_t __user *, uthese,
3681 : siginfo_t __user *, uinfo,
3682 : const struct old_timespec32 __user *, uts,
3683 : size_t, sigsetsize)
3684 : {
3685 : sigset_t these;
3686 : struct timespec64 ts;
3687 : kernel_siginfo_t info;
3688 : int ret;
3689 :
3690 : if (sigsetsize != sizeof(sigset_t))
3691 : return -EINVAL;
3692 :
3693 : if (copy_from_user(&these, uthese, sizeof(these)))
3694 : return -EFAULT;
3695 :
3696 : if (uts) {
3697 : if (get_old_timespec32(&ts, uts))
3698 : return -EFAULT;
3699 : }
3700 :
3701 : ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
3702 :
3703 : if (ret > 0 && uinfo) {
3704 : if (copy_siginfo_to_user(uinfo, &info))
3705 : ret = -EFAULT;
3706 : }
3707 :
3708 : return ret;
3709 : }
3710 : #endif
3711 :
3712 : #ifdef CONFIG_COMPAT
3713 : COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time64, compat_sigset_t __user *, uthese,
3714 : struct compat_siginfo __user *, uinfo,
3715 : struct __kernel_timespec __user *, uts, compat_size_t, sigsetsize)
3716 : {
3717 : sigset_t s;
3718 : struct timespec64 t;
3719 : kernel_siginfo_t info;
3720 : long ret;
3721 :
3722 : if (sigsetsize != sizeof(sigset_t))
3723 : return -EINVAL;
3724 :
3725 : if (get_compat_sigset(&s, uthese))
3726 : return -EFAULT;
3727 :
3728 : if (uts) {
3729 : if (get_timespec64(&t, uts))
3730 : return -EFAULT;
3731 : }
3732 :
3733 : ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
3734 :
3735 : if (ret > 0 && uinfo) {
3736 : if (copy_siginfo_to_user32(uinfo, &info))
3737 : ret = -EFAULT;
3738 : }
3739 :
3740 : return ret;
3741 : }
3742 :
3743 : #ifdef CONFIG_COMPAT_32BIT_TIME
3744 : COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time32, compat_sigset_t __user *, uthese,
3745 : struct compat_siginfo __user *, uinfo,
3746 : struct old_timespec32 __user *, uts, compat_size_t, sigsetsize)
3747 : {
3748 : sigset_t s;
3749 : struct timespec64 t;
3750 : kernel_siginfo_t info;
3751 : long ret;
3752 :
3753 : if (sigsetsize != sizeof(sigset_t))
3754 : return -EINVAL;
3755 :
3756 : if (get_compat_sigset(&s, uthese))
3757 : return -EFAULT;
3758 :
3759 : if (uts) {
3760 : if (get_old_timespec32(&t, uts))
3761 : return -EFAULT;
3762 : }
3763 :
3764 : ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
3765 :
3766 : if (ret > 0 && uinfo) {
3767 : if (copy_siginfo_to_user32(uinfo, &info))
3768 : ret = -EFAULT;
3769 : }
3770 :
3771 : return ret;
3772 : }
3773 : #endif
3774 : #endif
3775 :
3776 0 : static inline void prepare_kill_siginfo(int sig, struct kernel_siginfo *info)
3777 : {
3778 0 : clear_siginfo(info);
3779 0 : info->si_signo = sig;
3780 0 : info->si_errno = 0;
3781 0 : info->si_code = SI_USER;
3782 0 : info->si_pid = task_tgid_vnr(current);
3783 0 : info->si_uid = from_kuid_munged(current_user_ns(), current_uid());
3784 0 : }
3785 :
3786 : /**
3787 : * sys_kill - send a signal to a process
3788 : * @pid: the PID of the process
3789 : * @sig: signal to be sent
3790 : */
3791 0 : SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
3792 : {
3793 : struct kernel_siginfo info;
3794 :
3795 0 : prepare_kill_siginfo(sig, &info);
3796 :
3797 0 : return kill_something_info(sig, &info, pid);
3798 : }
3799 :
3800 : /*
3801 : * Verify that the signaler and signalee either are in the same pid namespace
3802 : * or that the signaler's pid namespace is an ancestor of the signalee's pid
3803 : * namespace.
3804 : */
3805 0 : static bool access_pidfd_pidns(struct pid *pid)
3806 : {
3807 0 : struct pid_namespace *active = task_active_pid_ns(current);
3808 : struct pid_namespace *p = ns_of_pid(pid);
3809 :
3810 : for (;;) {
3811 0 : if (!p)
3812 : return false;
3813 0 : if (p == active)
3814 : break;
3815 0 : p = p->parent;
3816 : }
3817 :
3818 : return true;
3819 : }
3820 :
3821 : static int copy_siginfo_from_user_any(kernel_siginfo_t *kinfo,
3822 : siginfo_t __user *info)
3823 : {
3824 : #ifdef CONFIG_COMPAT
3825 : /*
3826 : * Avoid hooking up compat syscalls and instead handle necessary
3827 : * conversions here. Note, this is a stop-gap measure and should not be
3828 : * considered a generic solution.
3829 : */
3830 : if (in_compat_syscall())
3831 : return copy_siginfo_from_user32(
3832 : kinfo, (struct compat_siginfo __user *)info);
3833 : #endif
3834 0 : return copy_siginfo_from_user(kinfo, info);
3835 : }
3836 :
3837 0 : static struct pid *pidfd_to_pid(const struct file *file)
3838 : {
3839 : struct pid *pid;
3840 :
3841 0 : pid = pidfd_pid(file);
3842 0 : if (!IS_ERR(pid))
3843 : return pid;
3844 :
3845 0 : return tgid_pidfd_to_pid(file);
3846 : }
3847 :
3848 : /**
3849 : * sys_pidfd_send_signal - Signal a process through a pidfd
3850 : * @pidfd: file descriptor of the process
3851 : * @sig: signal to send
3852 : * @info: signal info
3853 : * @flags: future flags
3854 : *
3855 : * The syscall currently only signals via PIDTYPE_PID which covers
3856 : * kill(<positive-pid>, <signal>. It does not signal threads or process
3857 : * groups.
3858 : * In order to extend the syscall to threads and process groups the @flags
3859 : * argument should be used. In essence, the @flags argument will determine
3860 : * what is signaled and not the file descriptor itself. Put in other words,
3861 : * grouping is a property of the flags argument not a property of the file
3862 : * descriptor.
3863 : *
3864 : * Return: 0 on success, negative errno on failure
3865 : */
3866 0 : SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig,
3867 : siginfo_t __user *, info, unsigned int, flags)
3868 : {
3869 : int ret;
3870 : struct fd f;
3871 : struct pid *pid;
3872 : kernel_siginfo_t kinfo;
3873 :
3874 : /* Enforce flags be set to 0 until we add an extension. */
3875 0 : if (flags)
3876 : return -EINVAL;
3877 :
3878 0 : f = fdget(pidfd);
3879 0 : if (!f.file)
3880 : return -EBADF;
3881 :
3882 : /* Is this a pidfd? */
3883 0 : pid = pidfd_to_pid(f.file);
3884 0 : if (IS_ERR(pid)) {
3885 0 : ret = PTR_ERR(pid);
3886 0 : goto err;
3887 : }
3888 :
3889 0 : ret = -EINVAL;
3890 0 : if (!access_pidfd_pidns(pid))
3891 : goto err;
3892 :
3893 0 : if (info) {
3894 0 : ret = copy_siginfo_from_user_any(&kinfo, info);
3895 0 : if (unlikely(ret))
3896 : goto err;
3897 :
3898 0 : ret = -EINVAL;
3899 0 : if (unlikely(sig != kinfo.si_signo))
3900 : goto err;
3901 :
3902 : /* Only allow sending arbitrary signals to yourself. */
3903 0 : ret = -EPERM;
3904 0 : if ((task_pid(current) != pid) &&
3905 0 : (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL))
3906 : goto err;
3907 : } else {
3908 0 : prepare_kill_siginfo(sig, &kinfo);
3909 : }
3910 :
3911 0 : ret = kill_pid_info(sig, &kinfo, pid);
3912 :
3913 : err:
3914 0 : fdput(f);
3915 0 : return ret;
3916 : }
3917 :
3918 : static int
3919 0 : do_send_specific(pid_t tgid, pid_t pid, int sig, struct kernel_siginfo *info)
3920 : {
3921 : struct task_struct *p;
3922 0 : int error = -ESRCH;
3923 :
3924 : rcu_read_lock();
3925 0 : p = find_task_by_vpid(pid);
3926 0 : if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) {
3927 0 : error = check_kill_permission(sig, info, p);
3928 : /*
3929 : * The null signal is a permissions and process existence
3930 : * probe. No signal is actually delivered.
3931 : */
3932 0 : if (!error && sig) {
3933 0 : error = do_send_sig_info(sig, info, p, PIDTYPE_PID);
3934 : /*
3935 : * If lock_task_sighand() failed we pretend the task
3936 : * dies after receiving the signal. The window is tiny,
3937 : * and the signal is private anyway.
3938 : */
3939 0 : if (unlikely(error == -ESRCH))
3940 0 : error = 0;
3941 : }
3942 : }
3943 : rcu_read_unlock();
3944 :
3945 0 : return error;
3946 : }
3947 :
3948 0 : static int do_tkill(pid_t tgid, pid_t pid, int sig)
3949 : {
3950 : struct kernel_siginfo info;
3951 :
3952 0 : clear_siginfo(&info);
3953 0 : info.si_signo = sig;
3954 0 : info.si_errno = 0;
3955 0 : info.si_code = SI_TKILL;
3956 0 : info.si_pid = task_tgid_vnr(current);
3957 0 : info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
3958 :
3959 0 : return do_send_specific(tgid, pid, sig, &info);
3960 : }
3961 :
3962 : /**
3963 : * sys_tgkill - send signal to one specific thread
3964 : * @tgid: the thread group ID of the thread
3965 : * @pid: the PID of the thread
3966 : * @sig: signal to be sent
3967 : *
3968 : * This syscall also checks the @tgid and returns -ESRCH even if the PID
3969 : * exists but it's not belonging to the target process anymore. This
3970 : * method solves the problem of threads exiting and PIDs getting reused.
3971 : */
3972 0 : SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig)
3973 : {
3974 : /* This is only valid for single tasks */
3975 0 : if (pid <= 0 || tgid <= 0)
3976 : return -EINVAL;
3977 :
3978 0 : return do_tkill(tgid, pid, sig);
3979 : }
3980 :
3981 : /**
3982 : * sys_tkill - send signal to one specific task
3983 : * @pid: the PID of the task
3984 : * @sig: signal to be sent
3985 : *
3986 : * Send a signal to only one task, even if it's a CLONE_THREAD task.
3987 : */
3988 0 : SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig)
3989 : {
3990 : /* This is only valid for single tasks */
3991 0 : if (pid <= 0)
3992 : return -EINVAL;
3993 :
3994 0 : return do_tkill(0, pid, sig);
3995 : }
3996 :
3997 0 : static int do_rt_sigqueueinfo(pid_t pid, int sig, kernel_siginfo_t *info)
3998 : {
3999 : /* Not even root can pretend to send signals from the kernel.
4000 : * Nor can they impersonate a kill()/tgkill(), which adds source info.
4001 : */
4002 0 : if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
4003 0 : (task_pid_vnr(current) != pid))
4004 : return -EPERM;
4005 :
4006 : /* POSIX.1b doesn't mention process groups. */
4007 0 : return kill_proc_info(sig, info, pid);
4008 : }
4009 :
4010 : /**
4011 : * sys_rt_sigqueueinfo - send signal information to a signal
4012 : * @pid: the PID of the thread
4013 : * @sig: signal to be sent
4014 : * @uinfo: signal info to be sent
4015 : */
4016 0 : SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig,
4017 : siginfo_t __user *, uinfo)
4018 : {
4019 : kernel_siginfo_t info;
4020 0 : int ret = __copy_siginfo_from_user(sig, &info, uinfo);
4021 0 : if (unlikely(ret))
4022 0 : return ret;
4023 0 : return do_rt_sigqueueinfo(pid, sig, &info);
4024 : }
4025 :
4026 : #ifdef CONFIG_COMPAT
4027 : COMPAT_SYSCALL_DEFINE3(rt_sigqueueinfo,
4028 : compat_pid_t, pid,
4029 : int, sig,
4030 : struct compat_siginfo __user *, uinfo)
4031 : {
4032 : kernel_siginfo_t info;
4033 : int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
4034 : if (unlikely(ret))
4035 : return ret;
4036 : return do_rt_sigqueueinfo(pid, sig, &info);
4037 : }
4038 : #endif
4039 :
4040 0 : static int do_rt_tgsigqueueinfo(pid_t tgid, pid_t pid, int sig, kernel_siginfo_t *info)
4041 : {
4042 : /* This is only valid for single tasks */
4043 0 : if (pid <= 0 || tgid <= 0)
4044 : return -EINVAL;
4045 :
4046 : /* Not even root can pretend to send signals from the kernel.
4047 : * Nor can they impersonate a kill()/tgkill(), which adds source info.
4048 : */
4049 0 : if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
4050 0 : (task_pid_vnr(current) != pid))
4051 : return -EPERM;
4052 :
4053 0 : return do_send_specific(tgid, pid, sig, info);
4054 : }
4055 :
4056 0 : SYSCALL_DEFINE4(rt_tgsigqueueinfo, pid_t, tgid, pid_t, pid, int, sig,
4057 : siginfo_t __user *, uinfo)
4058 : {
4059 : kernel_siginfo_t info;
4060 0 : int ret = __copy_siginfo_from_user(sig, &info, uinfo);
4061 0 : if (unlikely(ret))
4062 0 : return ret;
4063 0 : return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
4064 : }
4065 :
4066 : #ifdef CONFIG_COMPAT
4067 : COMPAT_SYSCALL_DEFINE4(rt_tgsigqueueinfo,
4068 : compat_pid_t, tgid,
4069 : compat_pid_t, pid,
4070 : int, sig,
4071 : struct compat_siginfo __user *, uinfo)
4072 : {
4073 : kernel_siginfo_t info;
4074 : int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
4075 : if (unlikely(ret))
4076 : return ret;
4077 : return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
4078 : }
4079 : #endif
4080 :
4081 : /*
4082 : * For kthreads only, must not be used if cloned with CLONE_SIGHAND
4083 : */
4084 0 : void kernel_sigaction(int sig, __sighandler_t action)
4085 : {
4086 0 : spin_lock_irq(¤t->sighand->siglock);
4087 0 : current->sighand->action[sig - 1].sa.sa_handler = action;
4088 0 : if (action == SIG_IGN) {
4089 : sigset_t mask;
4090 :
4091 0 : sigemptyset(&mask);
4092 0 : sigaddset(&mask, sig);
4093 :
4094 0 : flush_sigqueue_mask(&mask, ¤t->signal->shared_pending);
4095 0 : flush_sigqueue_mask(&mask, ¤t->pending);
4096 0 : recalc_sigpending();
4097 : }
4098 0 : spin_unlock_irq(¤t->sighand->siglock);
4099 0 : }
4100 : EXPORT_SYMBOL(kernel_sigaction);
4101 :
4102 0 : void __weak sigaction_compat_abi(struct k_sigaction *act,
4103 : struct k_sigaction *oact)
4104 : {
4105 0 : }
4106 :
4107 0 : int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
4108 : {
4109 0 : struct task_struct *p = current, *t;
4110 : struct k_sigaction *k;
4111 : sigset_t mask;
4112 :
4113 0 : if (!valid_signal(sig) || sig < 1 || (act && sig_kernel_only(sig)))
4114 : return -EINVAL;
4115 :
4116 0 : k = &p->sighand->action[sig-1];
4117 :
4118 0 : spin_lock_irq(&p->sighand->siglock);
4119 0 : if (k->sa.sa_flags & SA_IMMUTABLE) {
4120 0 : spin_unlock_irq(&p->sighand->siglock);
4121 0 : return -EINVAL;
4122 : }
4123 0 : if (oact)
4124 0 : *oact = *k;
4125 :
4126 : /*
4127 : * Make sure that we never accidentally claim to support SA_UNSUPPORTED,
4128 : * e.g. by having an architecture use the bit in their uapi.
4129 : */
4130 : BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED);
4131 :
4132 : /*
4133 : * Clear unknown flag bits in order to allow userspace to detect missing
4134 : * support for flag bits and to allow the kernel to use non-uapi bits
4135 : * internally.
4136 : */
4137 0 : if (act)
4138 0 : act->sa.sa_flags &= UAPI_SA_FLAGS;
4139 0 : if (oact)
4140 0 : oact->sa.sa_flags &= UAPI_SA_FLAGS;
4141 :
4142 0 : sigaction_compat_abi(act, oact);
4143 :
4144 0 : if (act) {
4145 0 : sigdelsetmask(&act->sa.sa_mask,
4146 : sigmask(SIGKILL) | sigmask(SIGSTOP));
4147 0 : *k = *act;
4148 : /*
4149 : * POSIX 3.3.1.3:
4150 : * "Setting a signal action to SIG_IGN for a signal that is
4151 : * pending shall cause the pending signal to be discarded,
4152 : * whether or not it is blocked."
4153 : *
4154 : * "Setting a signal action to SIG_DFL for a signal that is
4155 : * pending and whose default action is to ignore the signal
4156 : * (for example, SIGCHLD), shall cause the pending signal to
4157 : * be discarded, whether or not it is blocked"
4158 : */
4159 0 : if (sig_handler_ignored(sig_handler(p, sig), sig)) {
4160 0 : sigemptyset(&mask);
4161 0 : sigaddset(&mask, sig);
4162 0 : flush_sigqueue_mask(&mask, &p->signal->shared_pending);
4163 0 : for_each_thread(p, t)
4164 0 : flush_sigqueue_mask(&mask, &t->pending);
4165 : }
4166 : }
4167 :
4168 0 : spin_unlock_irq(&p->sighand->siglock);
4169 0 : return 0;
4170 : }
4171 :
4172 : #ifdef CONFIG_DYNAMIC_SIGFRAME
4173 : static inline void sigaltstack_lock(void)
4174 : __acquires(¤t->sighand->siglock)
4175 : {
4176 : spin_lock_irq(¤t->sighand->siglock);
4177 : }
4178 :
4179 : static inline void sigaltstack_unlock(void)
4180 : __releases(¤t->sighand->siglock)
4181 : {
4182 : spin_unlock_irq(¤t->sighand->siglock);
4183 : }
4184 : #else
4185 : static inline void sigaltstack_lock(void) { }
4186 : static inline void sigaltstack_unlock(void) { }
4187 : #endif
4188 :
4189 : static int
4190 0 : do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
4191 : size_t min_ss_size)
4192 : {
4193 0 : struct task_struct *t = current;
4194 0 : int ret = 0;
4195 :
4196 0 : if (oss) {
4197 0 : memset(oss, 0, sizeof(stack_t));
4198 0 : oss->ss_sp = (void __user *) t->sas_ss_sp;
4199 0 : oss->ss_size = t->sas_ss_size;
4200 0 : oss->ss_flags = sas_ss_flags(sp) |
4201 0 : (current->sas_ss_flags & SS_FLAG_BITS);
4202 : }
4203 :
4204 0 : if (ss) {
4205 0 : void __user *ss_sp = ss->ss_sp;
4206 0 : size_t ss_size = ss->ss_size;
4207 0 : unsigned ss_flags = ss->ss_flags;
4208 : int ss_mode;
4209 :
4210 0 : if (unlikely(on_sig_stack(sp)))
4211 : return -EPERM;
4212 :
4213 0 : ss_mode = ss_flags & ~SS_FLAG_BITS;
4214 0 : if (unlikely(ss_mode != SS_DISABLE && ss_mode != SS_ONSTACK &&
4215 : ss_mode != 0))
4216 : return -EINVAL;
4217 :
4218 : /*
4219 : * Return before taking any locks if no actual
4220 : * sigaltstack changes were requested.
4221 : */
4222 0 : if (t->sas_ss_sp == (unsigned long)ss_sp &&
4223 0 : t->sas_ss_size == ss_size &&
4224 0 : t->sas_ss_flags == ss_flags)
4225 : return 0;
4226 :
4227 : sigaltstack_lock();
4228 0 : if (ss_mode == SS_DISABLE) {
4229 : ss_size = 0;
4230 : ss_sp = NULL;
4231 : } else {
4232 0 : if (unlikely(ss_size < min_ss_size))
4233 0 : ret = -ENOMEM;
4234 : if (!sigaltstack_size_valid(ss_size))
4235 : ret = -ENOMEM;
4236 : }
4237 0 : if (!ret) {
4238 0 : t->sas_ss_sp = (unsigned long) ss_sp;
4239 0 : t->sas_ss_size = ss_size;
4240 0 : t->sas_ss_flags = ss_flags;
4241 : }
4242 : sigaltstack_unlock();
4243 : }
4244 : return ret;
4245 : }
4246 :
4247 0 : SYSCALL_DEFINE2(sigaltstack,const stack_t __user *,uss, stack_t __user *,uoss)
4248 : {
4249 : stack_t new, old;
4250 : int err;
4251 0 : if (uss && copy_from_user(&new, uss, sizeof(stack_t)))
4252 : return -EFAULT;
4253 0 : err = do_sigaltstack(uss ? &new : NULL, uoss ? &old : NULL,
4254 0 : current_user_stack_pointer(),
4255 : MINSIGSTKSZ);
4256 0 : if (!err && uoss && copy_to_user(uoss, &old, sizeof(stack_t)))
4257 0 : err = -EFAULT;
4258 0 : return err;
4259 : }
4260 :
4261 0 : int restore_altstack(const stack_t __user *uss)
4262 : {
4263 : stack_t new;
4264 0 : if (copy_from_user(&new, uss, sizeof(stack_t)))
4265 : return -EFAULT;
4266 0 : (void)do_sigaltstack(&new, NULL, current_user_stack_pointer(),
4267 : MINSIGSTKSZ);
4268 : /* squash all but EFAULT for now */
4269 0 : return 0;
4270 : }
4271 :
4272 0 : int __save_altstack(stack_t __user *uss, unsigned long sp)
4273 : {
4274 0 : struct task_struct *t = current;
4275 0 : int err = __put_user((void __user *)t->sas_ss_sp, &uss->ss_sp) |
4276 0 : __put_user(t->sas_ss_flags, &uss->ss_flags) |
4277 0 : __put_user(t->sas_ss_size, &uss->ss_size);
4278 0 : return err;
4279 : }
4280 :
4281 : #ifdef CONFIG_COMPAT
4282 : static int do_compat_sigaltstack(const compat_stack_t __user *uss_ptr,
4283 : compat_stack_t __user *uoss_ptr)
4284 : {
4285 : stack_t uss, uoss;
4286 : int ret;
4287 :
4288 : if (uss_ptr) {
4289 : compat_stack_t uss32;
4290 : if (copy_from_user(&uss32, uss_ptr, sizeof(compat_stack_t)))
4291 : return -EFAULT;
4292 : uss.ss_sp = compat_ptr(uss32.ss_sp);
4293 : uss.ss_flags = uss32.ss_flags;
4294 : uss.ss_size = uss32.ss_size;
4295 : }
4296 : ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss,
4297 : compat_user_stack_pointer(),
4298 : COMPAT_MINSIGSTKSZ);
4299 : if (ret >= 0 && uoss_ptr) {
4300 : compat_stack_t old;
4301 : memset(&old, 0, sizeof(old));
4302 : old.ss_sp = ptr_to_compat(uoss.ss_sp);
4303 : old.ss_flags = uoss.ss_flags;
4304 : old.ss_size = uoss.ss_size;
4305 : if (copy_to_user(uoss_ptr, &old, sizeof(compat_stack_t)))
4306 : ret = -EFAULT;
4307 : }
4308 : return ret;
4309 : }
4310 :
4311 : COMPAT_SYSCALL_DEFINE2(sigaltstack,
4312 : const compat_stack_t __user *, uss_ptr,
4313 : compat_stack_t __user *, uoss_ptr)
4314 : {
4315 : return do_compat_sigaltstack(uss_ptr, uoss_ptr);
4316 : }
4317 :
4318 : int compat_restore_altstack(const compat_stack_t __user *uss)
4319 : {
4320 : int err = do_compat_sigaltstack(uss, NULL);
4321 : /* squash all but -EFAULT for now */
4322 : return err == -EFAULT ? err : 0;
4323 : }
4324 :
4325 : int __compat_save_altstack(compat_stack_t __user *uss, unsigned long sp)
4326 : {
4327 : int err;
4328 : struct task_struct *t = current;
4329 : err = __put_user(ptr_to_compat((void __user *)t->sas_ss_sp),
4330 : &uss->ss_sp) |
4331 : __put_user(t->sas_ss_flags, &uss->ss_flags) |
4332 : __put_user(t->sas_ss_size, &uss->ss_size);
4333 : return err;
4334 : }
4335 : #endif
4336 :
4337 : #ifdef __ARCH_WANT_SYS_SIGPENDING
4338 :
4339 : /**
4340 : * sys_sigpending - examine pending signals
4341 : * @uset: where mask of pending signal is returned
4342 : */
4343 0 : SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, uset)
4344 : {
4345 : sigset_t set;
4346 :
4347 : if (sizeof(old_sigset_t) > sizeof(*uset))
4348 : return -EINVAL;
4349 :
4350 0 : do_sigpending(&set);
4351 :
4352 0 : if (copy_to_user(uset, &set, sizeof(old_sigset_t)))
4353 : return -EFAULT;
4354 :
4355 0 : return 0;
4356 : }
4357 :
4358 : #ifdef CONFIG_COMPAT
4359 : COMPAT_SYSCALL_DEFINE1(sigpending, compat_old_sigset_t __user *, set32)
4360 : {
4361 : sigset_t set;
4362 :
4363 : do_sigpending(&set);
4364 :
4365 : return put_user(set.sig[0], set32);
4366 : }
4367 : #endif
4368 :
4369 : #endif
4370 :
4371 : #ifdef __ARCH_WANT_SYS_SIGPROCMASK
4372 : /**
4373 : * sys_sigprocmask - examine and change blocked signals
4374 : * @how: whether to add, remove, or set signals
4375 : * @nset: signals to add or remove (if non-null)
4376 : * @oset: previous value of signal mask if non-null
4377 : *
4378 : * Some platforms have their own version with special arguments;
4379 : * others support only sys_rt_sigprocmask.
4380 : */
4381 :
4382 0 : SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, nset,
4383 : old_sigset_t __user *, oset)
4384 : {
4385 : old_sigset_t old_set, new_set;
4386 : sigset_t new_blocked;
4387 :
4388 0 : old_set = current->blocked.sig[0];
4389 :
4390 0 : if (nset) {
4391 0 : if (copy_from_user(&new_set, nset, sizeof(*nset)))
4392 : return -EFAULT;
4393 :
4394 0 : new_blocked = current->blocked;
4395 :
4396 0 : switch (how) {
4397 : case SIG_BLOCK:
4398 0 : sigaddsetmask(&new_blocked, new_set);
4399 : break;
4400 : case SIG_UNBLOCK:
4401 0 : sigdelsetmask(&new_blocked, new_set);
4402 : break;
4403 : case SIG_SETMASK:
4404 0 : new_blocked.sig[0] = new_set;
4405 0 : break;
4406 : default:
4407 : return -EINVAL;
4408 : }
4409 :
4410 : set_current_blocked(&new_blocked);
4411 : }
4412 :
4413 0 : if (oset) {
4414 0 : if (copy_to_user(oset, &old_set, sizeof(*oset)))
4415 : return -EFAULT;
4416 : }
4417 :
4418 : return 0;
4419 : }
4420 : #endif /* __ARCH_WANT_SYS_SIGPROCMASK */
4421 :
4422 : #ifndef CONFIG_ODD_RT_SIGACTION
4423 : /**
4424 : * sys_rt_sigaction - alter an action taken by a process
4425 : * @sig: signal to be sent
4426 : * @act: new sigaction
4427 : * @oact: used to save the previous sigaction
4428 : * @sigsetsize: size of sigset_t type
4429 : */
4430 0 : SYSCALL_DEFINE4(rt_sigaction, int, sig,
4431 : const struct sigaction __user *, act,
4432 : struct sigaction __user *, oact,
4433 : size_t, sigsetsize)
4434 : {
4435 : struct k_sigaction new_sa, old_sa;
4436 : int ret;
4437 :
4438 : /* XXX: Don't preclude handling different sized sigset_t's. */
4439 0 : if (sigsetsize != sizeof(sigset_t))
4440 : return -EINVAL;
4441 :
4442 0 : if (act && copy_from_user(&new_sa.sa, act, sizeof(new_sa.sa)))
4443 : return -EFAULT;
4444 :
4445 0 : ret = do_sigaction(sig, act ? &new_sa : NULL, oact ? &old_sa : NULL);
4446 0 : if (ret)
4447 0 : return ret;
4448 :
4449 0 : if (oact && copy_to_user(oact, &old_sa.sa, sizeof(old_sa.sa)))
4450 : return -EFAULT;
4451 :
4452 : return 0;
4453 : }
4454 : #ifdef CONFIG_COMPAT
4455 : COMPAT_SYSCALL_DEFINE4(rt_sigaction, int, sig,
4456 : const struct compat_sigaction __user *, act,
4457 : struct compat_sigaction __user *, oact,
4458 : compat_size_t, sigsetsize)
4459 : {
4460 : struct k_sigaction new_ka, old_ka;
4461 : #ifdef __ARCH_HAS_SA_RESTORER
4462 : compat_uptr_t restorer;
4463 : #endif
4464 : int ret;
4465 :
4466 : /* XXX: Don't preclude handling different sized sigset_t's. */
4467 : if (sigsetsize != sizeof(compat_sigset_t))
4468 : return -EINVAL;
4469 :
4470 : if (act) {
4471 : compat_uptr_t handler;
4472 : ret = get_user(handler, &act->sa_handler);
4473 : new_ka.sa.sa_handler = compat_ptr(handler);
4474 : #ifdef __ARCH_HAS_SA_RESTORER
4475 : ret |= get_user(restorer, &act->sa_restorer);
4476 : new_ka.sa.sa_restorer = compat_ptr(restorer);
4477 : #endif
4478 : ret |= get_compat_sigset(&new_ka.sa.sa_mask, &act->sa_mask);
4479 : ret |= get_user(new_ka.sa.sa_flags, &act->sa_flags);
4480 : if (ret)
4481 : return -EFAULT;
4482 : }
4483 :
4484 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4485 : if (!ret && oact) {
4486 : ret = put_user(ptr_to_compat(old_ka.sa.sa_handler),
4487 : &oact->sa_handler);
4488 : ret |= put_compat_sigset(&oact->sa_mask, &old_ka.sa.sa_mask,
4489 : sizeof(oact->sa_mask));
4490 : ret |= put_user(old_ka.sa.sa_flags, &oact->sa_flags);
4491 : #ifdef __ARCH_HAS_SA_RESTORER
4492 : ret |= put_user(ptr_to_compat(old_ka.sa.sa_restorer),
4493 : &oact->sa_restorer);
4494 : #endif
4495 : }
4496 : return ret;
4497 : }
4498 : #endif
4499 : #endif /* !CONFIG_ODD_RT_SIGACTION */
4500 :
4501 : #ifdef CONFIG_OLD_SIGACTION
4502 : SYSCALL_DEFINE3(sigaction, int, sig,
4503 : const struct old_sigaction __user *, act,
4504 : struct old_sigaction __user *, oact)
4505 : {
4506 : struct k_sigaction new_ka, old_ka;
4507 : int ret;
4508 :
4509 : if (act) {
4510 : old_sigset_t mask;
4511 : if (!access_ok(act, sizeof(*act)) ||
4512 : __get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
4513 : __get_user(new_ka.sa.sa_restorer, &act->sa_restorer) ||
4514 : __get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
4515 : __get_user(mask, &act->sa_mask))
4516 : return -EFAULT;
4517 : #ifdef __ARCH_HAS_KA_RESTORER
4518 : new_ka.ka_restorer = NULL;
4519 : #endif
4520 : siginitset(&new_ka.sa.sa_mask, mask);
4521 : }
4522 :
4523 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4524 :
4525 : if (!ret && oact) {
4526 : if (!access_ok(oact, sizeof(*oact)) ||
4527 : __put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
4528 : __put_user(old_ka.sa.sa_restorer, &oact->sa_restorer) ||
4529 : __put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
4530 : __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
4531 : return -EFAULT;
4532 : }
4533 :
4534 : return ret;
4535 : }
4536 : #endif
4537 : #ifdef CONFIG_COMPAT_OLD_SIGACTION
4538 : COMPAT_SYSCALL_DEFINE3(sigaction, int, sig,
4539 : const struct compat_old_sigaction __user *, act,
4540 : struct compat_old_sigaction __user *, oact)
4541 : {
4542 : struct k_sigaction new_ka, old_ka;
4543 : int ret;
4544 : compat_old_sigset_t mask;
4545 : compat_uptr_t handler, restorer;
4546 :
4547 : if (act) {
4548 : if (!access_ok(act, sizeof(*act)) ||
4549 : __get_user(handler, &act->sa_handler) ||
4550 : __get_user(restorer, &act->sa_restorer) ||
4551 : __get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
4552 : __get_user(mask, &act->sa_mask))
4553 : return -EFAULT;
4554 :
4555 : #ifdef __ARCH_HAS_KA_RESTORER
4556 : new_ka.ka_restorer = NULL;
4557 : #endif
4558 : new_ka.sa.sa_handler = compat_ptr(handler);
4559 : new_ka.sa.sa_restorer = compat_ptr(restorer);
4560 : siginitset(&new_ka.sa.sa_mask, mask);
4561 : }
4562 :
4563 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4564 :
4565 : if (!ret && oact) {
4566 : if (!access_ok(oact, sizeof(*oact)) ||
4567 : __put_user(ptr_to_compat(old_ka.sa.sa_handler),
4568 : &oact->sa_handler) ||
4569 : __put_user(ptr_to_compat(old_ka.sa.sa_restorer),
4570 : &oact->sa_restorer) ||
4571 : __put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
4572 : __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
4573 : return -EFAULT;
4574 : }
4575 : return ret;
4576 : }
4577 : #endif
4578 :
4579 : #ifdef CONFIG_SGETMASK_SYSCALL
4580 :
4581 : /*
4582 : * For backwards compatibility. Functionality superseded by sigprocmask.
4583 : */
4584 : SYSCALL_DEFINE0(sgetmask)
4585 : {
4586 : /* SMP safe */
4587 : return current->blocked.sig[0];
4588 : }
4589 :
4590 : SYSCALL_DEFINE1(ssetmask, int, newmask)
4591 : {
4592 : int old = current->blocked.sig[0];
4593 : sigset_t newset;
4594 :
4595 : siginitset(&newset, newmask);
4596 : set_current_blocked(&newset);
4597 :
4598 : return old;
4599 : }
4600 : #endif /* CONFIG_SGETMASK_SYSCALL */
4601 :
4602 : #ifdef __ARCH_WANT_SYS_SIGNAL
4603 : /*
4604 : * For backwards compatibility. Functionality superseded by sigaction.
4605 : */
4606 0 : SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler)
4607 : {
4608 : struct k_sigaction new_sa, old_sa;
4609 : int ret;
4610 :
4611 0 : new_sa.sa.sa_handler = handler;
4612 0 : new_sa.sa.sa_flags = SA_ONESHOT | SA_NOMASK;
4613 0 : sigemptyset(&new_sa.sa.sa_mask);
4614 :
4615 0 : ret = do_sigaction(sig, &new_sa, &old_sa);
4616 :
4617 0 : return ret ? ret : (unsigned long)old_sa.sa.sa_handler;
4618 : }
4619 : #endif /* __ARCH_WANT_SYS_SIGNAL */
4620 :
4621 : #ifdef __ARCH_WANT_SYS_PAUSE
4622 :
4623 0 : SYSCALL_DEFINE0(pause)
4624 : {
4625 0 : while (!signal_pending(current)) {
4626 0 : __set_current_state(TASK_INTERRUPTIBLE);
4627 0 : schedule();
4628 : }
4629 0 : return -ERESTARTNOHAND;
4630 : }
4631 :
4632 : #endif
4633 :
4634 0 : static int sigsuspend(sigset_t *set)
4635 : {
4636 0 : current->saved_sigmask = current->blocked;
4637 : set_current_blocked(set);
4638 :
4639 0 : while (!signal_pending(current)) {
4640 0 : __set_current_state(TASK_INTERRUPTIBLE);
4641 0 : schedule();
4642 : }
4643 0 : set_restore_sigmask();
4644 0 : return -ERESTARTNOHAND;
4645 : }
4646 :
4647 : /**
4648 : * sys_rt_sigsuspend - replace the signal mask for a value with the
4649 : * @unewset value until a signal is received
4650 : * @unewset: new signal mask value
4651 : * @sigsetsize: size of sigset_t type
4652 : */
4653 0 : SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize)
4654 : {
4655 : sigset_t newset;
4656 :
4657 : /* XXX: Don't preclude handling different sized sigset_t's. */
4658 0 : if (sigsetsize != sizeof(sigset_t))
4659 : return -EINVAL;
4660 :
4661 0 : if (copy_from_user(&newset, unewset, sizeof(newset)))
4662 : return -EFAULT;
4663 0 : return sigsuspend(&newset);
4664 : }
4665 :
4666 : #ifdef CONFIG_COMPAT
4667 : COMPAT_SYSCALL_DEFINE2(rt_sigsuspend, compat_sigset_t __user *, unewset, compat_size_t, sigsetsize)
4668 : {
4669 : sigset_t newset;
4670 :
4671 : /* XXX: Don't preclude handling different sized sigset_t's. */
4672 : if (sigsetsize != sizeof(sigset_t))
4673 : return -EINVAL;
4674 :
4675 : if (get_compat_sigset(&newset, unewset))
4676 : return -EFAULT;
4677 : return sigsuspend(&newset);
4678 : }
4679 : #endif
4680 :
4681 : #ifdef CONFIG_OLD_SIGSUSPEND
4682 : SYSCALL_DEFINE1(sigsuspend, old_sigset_t, mask)
4683 : {
4684 : sigset_t blocked;
4685 : siginitset(&blocked, mask);
4686 : return sigsuspend(&blocked);
4687 : }
4688 : #endif
4689 : #ifdef CONFIG_OLD_SIGSUSPEND3
4690 : SYSCALL_DEFINE3(sigsuspend, int, unused1, int, unused2, old_sigset_t, mask)
4691 : {
4692 : sigset_t blocked;
4693 : siginitset(&blocked, mask);
4694 : return sigsuspend(&blocked);
4695 : }
4696 : #endif
4697 :
4698 0 : __weak const char *arch_vma_name(struct vm_area_struct *vma)
4699 : {
4700 0 : return NULL;
4701 : }
4702 :
4703 : static inline void siginfo_buildtime_checks(void)
4704 : {
4705 : BUILD_BUG_ON(sizeof(struct siginfo) != SI_MAX_SIZE);
4706 :
4707 : /* Verify the offsets in the two siginfos match */
4708 : #define CHECK_OFFSET(field) \
4709 : BUILD_BUG_ON(offsetof(siginfo_t, field) != offsetof(kernel_siginfo_t, field))
4710 :
4711 : /* kill */
4712 : CHECK_OFFSET(si_pid);
4713 : CHECK_OFFSET(si_uid);
4714 :
4715 : /* timer */
4716 : CHECK_OFFSET(si_tid);
4717 : CHECK_OFFSET(si_overrun);
4718 : CHECK_OFFSET(si_value);
4719 :
4720 : /* rt */
4721 : CHECK_OFFSET(si_pid);
4722 : CHECK_OFFSET(si_uid);
4723 : CHECK_OFFSET(si_value);
4724 :
4725 : /* sigchld */
4726 : CHECK_OFFSET(si_pid);
4727 : CHECK_OFFSET(si_uid);
4728 : CHECK_OFFSET(si_status);
4729 : CHECK_OFFSET(si_utime);
4730 : CHECK_OFFSET(si_stime);
4731 :
4732 : /* sigfault */
4733 : CHECK_OFFSET(si_addr);
4734 : CHECK_OFFSET(si_trapno);
4735 : CHECK_OFFSET(si_addr_lsb);
4736 : CHECK_OFFSET(si_lower);
4737 : CHECK_OFFSET(si_upper);
4738 : CHECK_OFFSET(si_pkey);
4739 : CHECK_OFFSET(si_perf_data);
4740 : CHECK_OFFSET(si_perf_type);
4741 : CHECK_OFFSET(si_perf_flags);
4742 :
4743 : /* sigpoll */
4744 : CHECK_OFFSET(si_band);
4745 : CHECK_OFFSET(si_fd);
4746 :
4747 : /* sigsys */
4748 : CHECK_OFFSET(si_call_addr);
4749 : CHECK_OFFSET(si_syscall);
4750 : CHECK_OFFSET(si_arch);
4751 : #undef CHECK_OFFSET
4752 :
4753 : /* usb asyncio */
4754 : BUILD_BUG_ON(offsetof(struct siginfo, si_pid) !=
4755 : offsetof(struct siginfo, si_addr));
4756 : if (sizeof(int) == sizeof(void __user *)) {
4757 : BUILD_BUG_ON(sizeof_field(struct siginfo, si_pid) !=
4758 : sizeof(void __user *));
4759 : } else {
4760 : BUILD_BUG_ON((sizeof_field(struct siginfo, si_pid) +
4761 : sizeof_field(struct siginfo, si_uid)) !=
4762 : sizeof(void __user *));
4763 : BUILD_BUG_ON(offsetofend(struct siginfo, si_pid) !=
4764 : offsetof(struct siginfo, si_uid));
4765 : }
4766 : #ifdef CONFIG_COMPAT
4767 : BUILD_BUG_ON(offsetof(struct compat_siginfo, si_pid) !=
4768 : offsetof(struct compat_siginfo, si_addr));
4769 : BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
4770 : sizeof(compat_uptr_t));
4771 : BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
4772 : sizeof_field(struct siginfo, si_pid));
4773 : #endif
4774 : }
4775 :
4776 1 : void __init signals_init(void)
4777 : {
4778 : siginfo_buildtime_checks();
4779 :
4780 1 : sigqueue_cachep = KMEM_CACHE(sigqueue, SLAB_PANIC | SLAB_ACCOUNT);
4781 1 : }
4782 :
4783 : #ifdef CONFIG_KGDB_KDB
4784 : #include <linux/kdb.h>
4785 : /*
4786 : * kdb_send_sig - Allows kdb to send signals without exposing
4787 : * signal internals. This function checks if the required locks are
4788 : * available before calling the main signal code, to avoid kdb
4789 : * deadlocks.
4790 : */
4791 : void kdb_send_sig(struct task_struct *t, int sig)
4792 : {
4793 : static struct task_struct *kdb_prev_t;
4794 : int new_t, ret;
4795 : if (!spin_trylock(&t->sighand->siglock)) {
4796 : kdb_printf("Can't do kill command now.\n"
4797 : "The sigmask lock is held somewhere else in "
4798 : "kernel, try again later\n");
4799 : return;
4800 : }
4801 : new_t = kdb_prev_t != t;
4802 : kdb_prev_t = t;
4803 : if (!task_is_running(t) && new_t) {
4804 : spin_unlock(&t->sighand->siglock);
4805 : kdb_printf("Process is not RUNNING, sending a signal from "
4806 : "kdb risks deadlock\n"
4807 : "on the run queue locks. "
4808 : "The signal has _not_ been sent.\n"
4809 : "Reissue the kill command if you want to risk "
4810 : "the deadlock.\n");
4811 : return;
4812 : }
4813 : ret = send_signal_locked(sig, SEND_SIG_PRIV, t, PIDTYPE_PID);
4814 : spin_unlock(&t->sighand->siglock);
4815 : if (ret)
4816 : kdb_printf("Fail to deliver Signal %d to process %d.\n",
4817 : sig, t->pid);
4818 : else
4819 : kdb_printf("Signal %d is sent to process %d.\n", sig, t->pid);
4820 : }
4821 : #endif /* CONFIG_KGDB_KDB */
|
