Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0-only
2 : /*
3 : * linux/kernel/signal.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : *
7 : * 1997-11-02 Modified for POSIX.1b signals by Richard Henderson
8 : *
9 : * 2003-06-02 Jim Houston - Concurrent Computer Corp.
10 : * Changes to use preallocated sigqueue structures
11 : * to allow signals to be sent reliably.
12 : */
13 :
14 : #include <linux/slab.h>
15 : #include <linux/export.h>
16 : #include <linux/init.h>
17 : #include <linux/sched/mm.h>
18 : #include <linux/sched/user.h>
19 : #include <linux/sched/debug.h>
20 : #include <linux/sched/task.h>
21 : #include <linux/sched/task_stack.h>
22 : #include <linux/sched/cputime.h>
23 : #include <linux/file.h>
24 : #include <linux/fs.h>
25 : #include <linux/proc_fs.h>
26 : #include <linux/tty.h>
27 : #include <linux/binfmts.h>
28 : #include <linux/coredump.h>
29 : #include <linux/security.h>
30 : #include <linux/syscalls.h>
31 : #include <linux/ptrace.h>
32 : #include <linux/signal.h>
33 : #include <linux/signalfd.h>
34 : #include <linux/ratelimit.h>
35 : #include <linux/task_work.h>
36 : #include <linux/capability.h>
37 : #include <linux/freezer.h>
38 : #include <linux/pid_namespace.h>
39 : #include <linux/nsproxy.h>
40 : #include <linux/user_namespace.h>
41 : #include <linux/uprobes.h>
42 : #include <linux/compat.h>
43 : #include <linux/cn_proc.h>
44 : #include <linux/compiler.h>
45 : #include <linux/posix-timers.h>
46 : #include <linux/cgroup.h>
47 : #include <linux/audit.h>
48 :
49 : #define CREATE_TRACE_POINTS
50 : #include <trace/events/signal.h>
51 :
52 : #include <asm/param.h>
53 : #include <linux/uaccess.h>
54 : #include <asm/unistd.h>
55 : #include <asm/siginfo.h>
56 : #include <asm/cacheflush.h>
57 : #include <asm/syscall.h> /* for syscall_get_* */
58 :
59 : /*
60 : * SLAB caches for signal bits.
61 : */
62 :
63 : static struct kmem_cache *sigqueue_cachep;
64 :
65 : int print_fatal_signals __read_mostly;
66 :
67 : static void __user *sig_handler(struct task_struct *t, int sig)
68 : {
69 0 : return t->sighand->action[sig - 1].sa.sa_handler;
70 : }
71 :
72 : static inline bool sig_handler_ignored(void __user *handler, int sig)
73 : {
74 : /* Is it explicitly or implicitly ignored? */
75 0 : return handler == SIG_IGN ||
76 0 : (handler == SIG_DFL && sig_kernel_ignore(sig));
77 : }
78 :
79 0 : static bool sig_task_ignored(struct task_struct *t, int sig, bool force)
80 : {
81 : void __user *handler;
82 :
83 0 : handler = sig_handler(t, sig);
84 :
85 : /* SIGKILL and SIGSTOP may not be sent to the global init */
86 0 : if (unlikely(is_global_init(t) && sig_kernel_only(sig)))
87 : return true;
88 :
89 0 : if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) &&
90 0 : handler == SIG_DFL && !(force && sig_kernel_only(sig)))
91 : return true;
92 :
93 : /* Only allow kernel generated signals to this kthread */
94 0 : if (unlikely((t->flags & PF_KTHREAD) &&
95 : (handler == SIG_KTHREAD_KERNEL) && !force))
96 : return true;
97 :
98 0 : return sig_handler_ignored(handler, sig);
99 : }
100 :
101 0 : static bool sig_ignored(struct task_struct *t, int sig, bool force)
102 : {
103 : /*
104 : * Blocked signals are never ignored, since the
105 : * signal handler may change by the time it is
106 : * unblocked.
107 : */
108 0 : if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig))
109 : return false;
110 :
111 : /*
112 : * Tracers may want to know about even ignored signal unless it
113 : * is SIGKILL which can't be reported anyway but can be ignored
114 : * by SIGNAL_UNKILLABLE task.
115 : */
116 0 : if (t->ptrace && sig != SIGKILL)
117 : return false;
118 :
119 0 : return sig_task_ignored(t, sig, force);
120 : }
121 :
122 : /*
123 : * Re-calculate pending state from the set of locally pending
124 : * signals, globally pending signals, and blocked signals.
125 : */
126 : static inline bool has_pending_signals(sigset_t *signal, sigset_t *blocked)
127 : {
128 : unsigned long ready;
129 : long i;
130 :
131 : switch (_NSIG_WORDS) {
132 : default:
133 : for (i = _NSIG_WORDS, ready = 0; --i >= 0 ;)
134 : ready |= signal->sig[i] &~ blocked->sig[i];
135 : break;
136 :
137 : case 4: ready = signal->sig[3] &~ blocked->sig[3];
138 : ready |= signal->sig[2] &~ blocked->sig[2];
139 : ready |= signal->sig[1] &~ blocked->sig[1];
140 : ready |= signal->sig[0] &~ blocked->sig[0];
141 : break;
142 :
143 : case 2: ready = signal->sig[1] &~ blocked->sig[1];
144 : ready |= signal->sig[0] &~ blocked->sig[0];
145 : break;
146 :
147 1392 : case 1: ready = signal->sig[0] &~ blocked->sig[0];
148 : }
149 : return ready != 0;
150 : }
151 :
152 : #define PENDING(p,b) has_pending_signals(&(p)->signal, (b))
153 :
154 : static bool recalc_sigpending_tsk(struct task_struct *t)
155 : {
156 1392 : if ((t->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) ||
157 2088 : PENDING(&t->pending, &t->blocked) ||
158 1392 : PENDING(&t->signal->shared_pending, &t->blocked) ||
159 : cgroup_task_frozen(t)) {
160 0 : set_tsk_thread_flag(t, TIF_SIGPENDING);
161 : return true;
162 : }
163 :
164 : /*
165 : * We must never clear the flag in another thread, or in current
166 : * when it's possible the current syscall is returning -ERESTART*.
167 : * So we don't clear it here, and only callers who know they should do.
168 : */
169 : return false;
170 : }
171 :
172 : /*
173 : * After recalculating TIF_SIGPENDING, we need to make sure the task wakes up.
174 : * This is superfluous when called on current, the wakeup is a harmless no-op.
175 : */
176 0 : void recalc_sigpending_and_wake(struct task_struct *t)
177 : {
178 0 : if (recalc_sigpending_tsk(t))
179 0 : signal_wake_up(t, 0);
180 0 : }
181 :
182 696 : void recalc_sigpending(void)
183 : {
184 2784 : if (!recalc_sigpending_tsk(current) && !freezing(current))
185 696 : clear_thread_flag(TIF_SIGPENDING);
186 :
187 696 : }
188 : EXPORT_SYMBOL(recalc_sigpending);
189 :
190 348 : void calculate_sigpending(void)
191 : {
192 : /* Have any signals or users of TIF_SIGPENDING been delayed
193 : * until after fork?
194 : */
195 696 : spin_lock_irq(¤t->sighand->siglock);
196 696 : set_tsk_thread_flag(current, TIF_SIGPENDING);
197 348 : recalc_sigpending();
198 696 : spin_unlock_irq(¤t->sighand->siglock);
199 348 : }
200 :
201 : /* Given the mask, find the first available signal that should be serviced. */
202 :
203 : #define SYNCHRONOUS_MASK \
204 : (sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \
205 : sigmask(SIGTRAP) | sigmask(SIGFPE) | sigmask(SIGSYS))
206 :
207 0 : int next_signal(struct sigpending *pending, sigset_t *mask)
208 : {
209 : unsigned long i, *s, *m, x;
210 0 : int sig = 0;
211 :
212 0 : s = pending->signal.sig;
213 0 : m = mask->sig;
214 :
215 : /*
216 : * Handle the first word specially: it contains the
217 : * synchronous signals that need to be dequeued first.
218 : */
219 0 : x = *s &~ *m;
220 0 : if (x) {
221 0 : if (x & SYNCHRONOUS_MASK)
222 0 : x &= SYNCHRONOUS_MASK;
223 0 : sig = ffz(~x) + 1;
224 : return sig;
225 : }
226 :
227 : switch (_NSIG_WORDS) {
228 : default:
229 : for (i = 1; i < _NSIG_WORDS; ++i) {
230 : x = *++s &~ *++m;
231 : if (!x)
232 : continue;
233 : sig = ffz(~x) + i*_NSIG_BPW + 1;
234 : break;
235 : }
236 : break;
237 :
238 : case 2:
239 : x = s[1] &~ m[1];
240 : if (!x)
241 : break;
242 : sig = ffz(~x) + _NSIG_BPW + 1;
243 : break;
244 :
245 : case 1:
246 : /* Nothing to do */
247 : break;
248 : }
249 :
250 : return sig;
251 : }
252 :
253 0 : static inline void print_dropped_signal(int sig)
254 : {
255 : static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
256 :
257 0 : if (!print_fatal_signals)
258 : return;
259 :
260 0 : if (!__ratelimit(&ratelimit_state))
261 : return;
262 :
263 0 : pr_info("%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
264 : current->comm, current->pid, sig);
265 : }
266 :
267 : /**
268 : * task_set_jobctl_pending - set jobctl pending bits
269 : * @task: target task
270 : * @mask: pending bits to set
271 : *
272 : * Clear @mask from @task->jobctl. @mask must be subset of
273 : * %JOBCTL_PENDING_MASK | %JOBCTL_STOP_CONSUME | %JOBCTL_STOP_SIGMASK |
274 : * %JOBCTL_TRAPPING. If stop signo is being set, the existing signo is
275 : * cleared. If @task is already being killed or exiting, this function
276 : * becomes noop.
277 : *
278 : * CONTEXT:
279 : * Must be called with @task->sighand->siglock held.
280 : *
281 : * RETURNS:
282 : * %true if @mask is set, %false if made noop because @task was dying.
283 : */
284 0 : bool task_set_jobctl_pending(struct task_struct *task, unsigned long mask)
285 : {
286 0 : BUG_ON(mask & ~(JOBCTL_PENDING_MASK | JOBCTL_STOP_CONSUME |
287 : JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
288 0 : BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
289 :
290 0 : if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
291 : return false;
292 :
293 0 : if (mask & JOBCTL_STOP_SIGMASK)
294 0 : task->jobctl &= ~JOBCTL_STOP_SIGMASK;
295 :
296 0 : task->jobctl |= mask;
297 0 : return true;
298 : }
299 :
300 : /**
301 : * task_clear_jobctl_trapping - clear jobctl trapping bit
302 : * @task: target task
303 : *
304 : * If JOBCTL_TRAPPING is set, a ptracer is waiting for us to enter TRACED.
305 : * Clear it and wake up the ptracer. Note that we don't need any further
306 : * locking. @task->siglock guarantees that @task->parent points to the
307 : * ptracer.
308 : *
309 : * CONTEXT:
310 : * Must be called with @task->sighand->siglock held.
311 : */
312 0 : void task_clear_jobctl_trapping(struct task_struct *task)
313 : {
314 0 : if (unlikely(task->jobctl & JOBCTL_TRAPPING)) {
315 0 : task->jobctl &= ~JOBCTL_TRAPPING;
316 0 : smp_mb(); /* advised by wake_up_bit() */
317 0 : wake_up_bit(&task->jobctl, JOBCTL_TRAPPING_BIT);
318 : }
319 0 : }
320 :
321 : /**
322 : * task_clear_jobctl_pending - clear jobctl pending bits
323 : * @task: target task
324 : * @mask: pending bits to clear
325 : *
326 : * Clear @mask from @task->jobctl. @mask must be subset of
327 : * %JOBCTL_PENDING_MASK. If %JOBCTL_STOP_PENDING is being cleared, other
328 : * STOP bits are cleared together.
329 : *
330 : * If clearing of @mask leaves no stop or trap pending, this function calls
331 : * task_clear_jobctl_trapping().
332 : *
333 : * CONTEXT:
334 : * Must be called with @task->sighand->siglock held.
335 : */
336 0 : void task_clear_jobctl_pending(struct task_struct *task, unsigned long mask)
337 : {
338 0 : BUG_ON(mask & ~JOBCTL_PENDING_MASK);
339 :
340 0 : if (mask & JOBCTL_STOP_PENDING)
341 0 : mask |= JOBCTL_STOP_CONSUME | JOBCTL_STOP_DEQUEUED;
342 :
343 0 : task->jobctl &= ~mask;
344 :
345 0 : if (!(task->jobctl & JOBCTL_PENDING_MASK))
346 : task_clear_jobctl_trapping(task);
347 0 : }
348 :
349 : /**
350 : * task_participate_group_stop - participate in a group stop
351 : * @task: task participating in a group stop
352 : *
353 : * @task has %JOBCTL_STOP_PENDING set and is participating in a group stop.
354 : * Group stop states are cleared and the group stop count is consumed if
355 : * %JOBCTL_STOP_CONSUME was set. If the consumption completes the group
356 : * stop, the appropriate `SIGNAL_*` flags are set.
357 : *
358 : * CONTEXT:
359 : * Must be called with @task->sighand->siglock held.
360 : *
361 : * RETURNS:
362 : * %true if group stop completion should be notified to the parent, %false
363 : * otherwise.
364 : */
365 0 : static bool task_participate_group_stop(struct task_struct *task)
366 : {
367 0 : struct signal_struct *sig = task->signal;
368 0 : bool consume = task->jobctl & JOBCTL_STOP_CONSUME;
369 :
370 0 : WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING));
371 :
372 0 : task_clear_jobctl_pending(task, JOBCTL_STOP_PENDING);
373 :
374 0 : if (!consume)
375 : return false;
376 :
377 0 : if (!WARN_ON_ONCE(sig->group_stop_count == 0))
378 0 : sig->group_stop_count--;
379 :
380 : /*
381 : * Tell the caller to notify completion iff we are entering into a
382 : * fresh group stop. Read comment in do_signal_stop() for details.
383 : */
384 0 : if (!sig->group_stop_count && !(sig->flags & SIGNAL_STOP_STOPPED)) {
385 0 : signal_set_stop_flags(sig, SIGNAL_STOP_STOPPED);
386 0 : return true;
387 : }
388 : return false;
389 : }
390 :
391 0 : void task_join_group_stop(struct task_struct *task)
392 : {
393 0 : unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK;
394 0 : struct signal_struct *sig = current->signal;
395 :
396 0 : if (sig->group_stop_count) {
397 0 : sig->group_stop_count++;
398 0 : mask |= JOBCTL_STOP_CONSUME;
399 0 : } else if (!(sig->flags & SIGNAL_STOP_STOPPED))
400 : return;
401 :
402 : /* Have the new thread join an on-going signal group stop */
403 0 : task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING);
404 : }
405 :
406 : /*
407 : * allocate a new signal queue record
408 : * - this may be called without locks if and only if t == current, otherwise an
409 : * appropriate lock must be held to stop the target task from exiting
410 : */
411 : static struct sigqueue *
412 0 : __sigqueue_alloc(int sig, struct task_struct *t, gfp_t gfp_flags,
413 : int override_rlimit, const unsigned int sigqueue_flags)
414 : {
415 0 : struct sigqueue *q = NULL;
416 0 : struct ucounts *ucounts = NULL;
417 : long sigpending;
418 :
419 : /*
420 : * Protect access to @t credentials. This can go away when all
421 : * callers hold rcu read lock.
422 : *
423 : * NOTE! A pending signal will hold on to the user refcount,
424 : * and we get/put the refcount only when the sigpending count
425 : * changes from/to zero.
426 : */
427 : rcu_read_lock();
428 0 : ucounts = task_ucounts(t);
429 0 : sigpending = inc_rlimit_get_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING);
430 : rcu_read_unlock();
431 0 : if (!sigpending)
432 : return NULL;
433 :
434 0 : if (override_rlimit || likely(sigpending <= task_rlimit(t, RLIMIT_SIGPENDING))) {
435 0 : q = kmem_cache_alloc(sigqueue_cachep, gfp_flags);
436 : } else {
437 0 : print_dropped_signal(sig);
438 : }
439 :
440 0 : if (unlikely(q == NULL)) {
441 0 : dec_rlimit_put_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING);
442 : } else {
443 0 : INIT_LIST_HEAD(&q->list);
444 0 : q->flags = sigqueue_flags;
445 0 : q->ucounts = ucounts;
446 : }
447 : return q;
448 : }
449 :
450 0 : static void __sigqueue_free(struct sigqueue *q)
451 : {
452 0 : if (q->flags & SIGQUEUE_PREALLOC)
453 : return;
454 0 : if (q->ucounts) {
455 0 : dec_rlimit_put_ucounts(q->ucounts, UCOUNT_RLIMIT_SIGPENDING);
456 0 : q->ucounts = NULL;
457 : }
458 0 : kmem_cache_free(sigqueue_cachep, q);
459 : }
460 :
461 668 : void flush_sigqueue(struct sigpending *queue)
462 : {
463 : struct sigqueue *q;
464 :
465 668 : sigemptyset(&queue->signal);
466 1336 : while (!list_empty(&queue->list)) {
467 0 : q = list_entry(queue->list.next, struct sigqueue , list);
468 0 : list_del_init(&q->list);
469 0 : __sigqueue_free(q);
470 : }
471 668 : }
472 :
473 : /*
474 : * Flush all pending signals for this kthread.
475 : */
476 1 : void flush_signals(struct task_struct *t)
477 : {
478 : unsigned long flags;
479 :
480 1 : spin_lock_irqsave(&t->sighand->siglock, flags);
481 2 : clear_tsk_thread_flag(t, TIF_SIGPENDING);
482 1 : flush_sigqueue(&t->pending);
483 1 : flush_sigqueue(&t->signal->shared_pending);
484 2 : spin_unlock_irqrestore(&t->sighand->siglock, flags);
485 1 : }
486 : EXPORT_SYMBOL(flush_signals);
487 :
488 : #ifdef CONFIG_POSIX_TIMERS
489 0 : static void __flush_itimer_signals(struct sigpending *pending)
490 : {
491 : sigset_t signal, retain;
492 : struct sigqueue *q, *n;
493 :
494 0 : signal = pending->signal;
495 0 : sigemptyset(&retain);
496 :
497 0 : list_for_each_entry_safe(q, n, &pending->list, list) {
498 0 : int sig = q->info.si_signo;
499 :
500 0 : if (likely(q->info.si_code != SI_TIMER)) {
501 : sigaddset(&retain, sig);
502 : } else {
503 0 : sigdelset(&signal, sig);
504 0 : list_del_init(&q->list);
505 0 : __sigqueue_free(q);
506 : }
507 : }
508 :
509 0 : sigorsets(&pending->signal, &signal, &retain);
510 0 : }
511 :
512 0 : void flush_itimer_signals(void)
513 : {
514 0 : struct task_struct *tsk = current;
515 : unsigned long flags;
516 :
517 0 : spin_lock_irqsave(&tsk->sighand->siglock, flags);
518 0 : __flush_itimer_signals(&tsk->pending);
519 0 : __flush_itimer_signals(&tsk->signal->shared_pending);
520 0 : spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
521 0 : }
522 : #endif
523 :
524 1 : void ignore_signals(struct task_struct *t)
525 : {
526 : int i;
527 :
528 65 : for (i = 0; i < _NSIG; ++i)
529 64 : t->sighand->action[i].sa.sa_handler = SIG_IGN;
530 :
531 1 : flush_signals(t);
532 1 : }
533 :
534 : /*
535 : * Flush all handlers for a task.
536 : */
537 :
538 : void
539 0 : flush_signal_handlers(struct task_struct *t, int force_default)
540 : {
541 : int i;
542 0 : struct k_sigaction *ka = &t->sighand->action[0];
543 0 : for (i = _NSIG ; i != 0 ; i--) {
544 0 : if (force_default || ka->sa.sa_handler != SIG_IGN)
545 0 : ka->sa.sa_handler = SIG_DFL;
546 0 : ka->sa.sa_flags = 0;
547 : #ifdef __ARCH_HAS_SA_RESTORER
548 0 : ka->sa.sa_restorer = NULL;
549 : #endif
550 0 : sigemptyset(&ka->sa.sa_mask);
551 0 : ka++;
552 : }
553 0 : }
554 :
555 0 : bool unhandled_signal(struct task_struct *tsk, int sig)
556 : {
557 0 : void __user *handler = tsk->sighand->action[sig-1].sa.sa_handler;
558 0 : if (is_global_init(tsk))
559 : return true;
560 :
561 0 : if (handler != SIG_IGN && handler != SIG_DFL)
562 : return false;
563 :
564 : /* if ptraced, let the tracer determine */
565 0 : return !tsk->ptrace;
566 : }
567 :
568 0 : static void collect_signal(int sig, struct sigpending *list, kernel_siginfo_t *info,
569 : bool *resched_timer)
570 : {
571 0 : struct sigqueue *q, *first = NULL;
572 :
573 : /*
574 : * Collect the siginfo appropriate to this signal. Check if
575 : * there is another siginfo for the same signal.
576 : */
577 0 : list_for_each_entry(q, &list->list, list) {
578 0 : if (q->info.si_signo == sig) {
579 0 : if (first)
580 : goto still_pending;
581 : first = q;
582 : }
583 : }
584 :
585 0 : sigdelset(&list->signal, sig);
586 :
587 0 : if (first) {
588 : still_pending:
589 0 : list_del_init(&first->list);
590 0 : copy_siginfo(info, &first->info);
591 :
592 0 : *resched_timer =
593 0 : (first->flags & SIGQUEUE_PREALLOC) &&
594 0 : (info->si_code == SI_TIMER) &&
595 0 : (info->si_sys_private);
596 :
597 0 : __sigqueue_free(first);
598 : } else {
599 : /*
600 : * Ok, it wasn't in the queue. This must be
601 : * a fast-pathed signal or we must have been
602 : * out of queue space. So zero out the info.
603 : */
604 0 : clear_siginfo(info);
605 0 : info->si_signo = sig;
606 0 : info->si_errno = 0;
607 0 : info->si_code = SI_USER;
608 0 : info->si_pid = 0;
609 0 : info->si_uid = 0;
610 : }
611 0 : }
612 :
613 0 : static int __dequeue_signal(struct sigpending *pending, sigset_t *mask,
614 : kernel_siginfo_t *info, bool *resched_timer)
615 : {
616 0 : int sig = next_signal(pending, mask);
617 :
618 0 : if (sig)
619 0 : collect_signal(sig, pending, info, resched_timer);
620 0 : return sig;
621 : }
622 :
623 : /*
624 : * Dequeue a signal and return the element to the caller, which is
625 : * expected to free it.
626 : *
627 : * All callers have to hold the siglock.
628 : */
629 0 : int dequeue_signal(struct task_struct *tsk, sigset_t *mask,
630 : kernel_siginfo_t *info, enum pid_type *type)
631 : {
632 0 : bool resched_timer = false;
633 : int signr;
634 :
635 : /* We only dequeue private signals from ourselves, we don't let
636 : * signalfd steal them
637 : */
638 0 : *type = PIDTYPE_PID;
639 0 : signr = __dequeue_signal(&tsk->pending, mask, info, &resched_timer);
640 0 : if (!signr) {
641 0 : *type = PIDTYPE_TGID;
642 0 : signr = __dequeue_signal(&tsk->signal->shared_pending,
643 : mask, info, &resched_timer);
644 : #ifdef CONFIG_POSIX_TIMERS
645 : /*
646 : * itimer signal ?
647 : *
648 : * itimers are process shared and we restart periodic
649 : * itimers in the signal delivery path to prevent DoS
650 : * attacks in the high resolution timer case. This is
651 : * compliant with the old way of self-restarting
652 : * itimers, as the SIGALRM is a legacy signal and only
653 : * queued once. Changing the restart behaviour to
654 : * restart the timer in the signal dequeue path is
655 : * reducing the timer noise on heavy loaded !highres
656 : * systems too.
657 : */
658 0 : if (unlikely(signr == SIGALRM)) {
659 0 : struct hrtimer *tmr = &tsk->signal->real_timer;
660 :
661 0 : if (!hrtimer_is_queued(tmr) &&
662 0 : tsk->signal->it_real_incr != 0) {
663 0 : hrtimer_forward(tmr, tmr->base->get_time(),
664 : tsk->signal->it_real_incr);
665 : hrtimer_restart(tmr);
666 : }
667 : }
668 : #endif
669 : }
670 :
671 0 : recalc_sigpending();
672 0 : if (!signr)
673 : return 0;
674 :
675 0 : if (unlikely(sig_kernel_stop(signr))) {
676 : /*
677 : * Set a marker that we have dequeued a stop signal. Our
678 : * caller might release the siglock and then the pending
679 : * stop signal it is about to process is no longer in the
680 : * pending bitmasks, but must still be cleared by a SIGCONT
681 : * (and overruled by a SIGKILL). So those cases clear this
682 : * shared flag after we've set it. Note that this flag may
683 : * remain set after the signal we return is ignored or
684 : * handled. That doesn't matter because its only purpose
685 : * is to alert stop-signal processing code when another
686 : * processor has come along and cleared the flag.
687 : */
688 0 : current->jobctl |= JOBCTL_STOP_DEQUEUED;
689 : }
690 : #ifdef CONFIG_POSIX_TIMERS
691 0 : if (resched_timer) {
692 : /*
693 : * Release the siglock to ensure proper locking order
694 : * of timer locks outside of siglocks. Note, we leave
695 : * irqs disabled here, since the posix-timers code is
696 : * about to disable them again anyway.
697 : */
698 0 : spin_unlock(&tsk->sighand->siglock);
699 0 : posixtimer_rearm(info);
700 0 : spin_lock(&tsk->sighand->siglock);
701 :
702 : /* Don't expose the si_sys_private value to userspace */
703 0 : info->si_sys_private = 0;
704 : }
705 : #endif
706 : return signr;
707 : }
708 : EXPORT_SYMBOL_GPL(dequeue_signal);
709 :
710 0 : static int dequeue_synchronous_signal(kernel_siginfo_t *info)
711 : {
712 0 : struct task_struct *tsk = current;
713 0 : struct sigpending *pending = &tsk->pending;
714 0 : struct sigqueue *q, *sync = NULL;
715 :
716 : /*
717 : * Might a synchronous signal be in the queue?
718 : */
719 0 : if (!((pending->signal.sig[0] & ~tsk->blocked.sig[0]) & SYNCHRONOUS_MASK))
720 : return 0;
721 :
722 : /*
723 : * Return the first synchronous signal in the queue.
724 : */
725 0 : list_for_each_entry(q, &pending->list, list) {
726 : /* Synchronous signals have a positive si_code */
727 0 : if ((q->info.si_code > SI_USER) &&
728 0 : (sigmask(q->info.si_signo) & SYNCHRONOUS_MASK)) {
729 0 : sync = q;
730 : goto next;
731 : }
732 : }
733 : return 0;
734 : next:
735 : /*
736 : * Check if there is another siginfo for the same signal.
737 : */
738 0 : list_for_each_entry_continue(q, &pending->list, list) {
739 0 : if (q->info.si_signo == sync->info.si_signo)
740 : goto still_pending;
741 : }
742 :
743 0 : sigdelset(&pending->signal, sync->info.si_signo);
744 0 : recalc_sigpending();
745 : still_pending:
746 0 : list_del_init(&sync->list);
747 0 : copy_siginfo(info, &sync->info);
748 0 : __sigqueue_free(sync);
749 0 : return info->si_signo;
750 : }
751 :
752 : /*
753 : * Tell a process that it has a new active signal..
754 : *
755 : * NOTE! we rely on the previous spin_lock to
756 : * lock interrupts for us! We can only be called with
757 : * "siglock" held, and the local interrupt must
758 : * have been disabled when that got acquired!
759 : *
760 : * No need to set need_resched since signal event passing
761 : * goes through ->blocked
762 : */
763 0 : void signal_wake_up_state(struct task_struct *t, unsigned int state)
764 : {
765 : lockdep_assert_held(&t->sighand->siglock);
766 :
767 0 : set_tsk_thread_flag(t, TIF_SIGPENDING);
768 :
769 : /*
770 : * TASK_WAKEKILL also means wake it up in the stopped/traced/killable
771 : * case. We don't check t->state here because there is a race with it
772 : * executing another processor and just now entering stopped state.
773 : * By using wake_up_state, we ensure the process will wake up and
774 : * handle its death signal.
775 : */
776 0 : if (!wake_up_state(t, state | TASK_INTERRUPTIBLE))
777 : kick_process(t);
778 0 : }
779 :
780 : /*
781 : * Remove signals in mask from the pending set and queue.
782 : * Returns 1 if any signals were found.
783 : *
784 : * All callers must be holding the siglock.
785 : */
786 0 : static void flush_sigqueue_mask(sigset_t *mask, struct sigpending *s)
787 : {
788 : struct sigqueue *q, *n;
789 : sigset_t m;
790 :
791 0 : sigandsets(&m, mask, &s->signal);
792 0 : if (sigisemptyset(&m))
793 : return;
794 :
795 0 : sigandnsets(&s->signal, &s->signal, mask);
796 0 : list_for_each_entry_safe(q, n, &s->list, list) {
797 0 : if (sigismember(mask, q->info.si_signo)) {
798 0 : list_del_init(&q->list);
799 0 : __sigqueue_free(q);
800 : }
801 : }
802 : }
803 :
804 : static inline int is_si_special(const struct kernel_siginfo *info)
805 : {
806 : return info <= SEND_SIG_PRIV;
807 : }
808 :
809 : static inline bool si_fromuser(const struct kernel_siginfo *info)
810 : {
811 0 : return info == SEND_SIG_NOINFO ||
812 0 : (!is_si_special(info) && SI_FROMUSER(info));
813 : }
814 :
815 : /*
816 : * called with RCU read lock from check_kill_permission()
817 : */
818 0 : static bool kill_ok_by_cred(struct task_struct *t)
819 : {
820 0 : const struct cred *cred = current_cred();
821 0 : const struct cred *tcred = __task_cred(t);
822 :
823 0 : return uid_eq(cred->euid, tcred->suid) ||
824 0 : uid_eq(cred->euid, tcred->uid) ||
825 0 : uid_eq(cred->uid, tcred->suid) ||
826 0 : uid_eq(cred->uid, tcred->uid) ||
827 0 : ns_capable(tcred->user_ns, CAP_KILL);
828 : }
829 :
830 : /*
831 : * Bad permissions for sending the signal
832 : * - the caller must hold the RCU read lock
833 : */
834 0 : static int check_kill_permission(int sig, struct kernel_siginfo *info,
835 : struct task_struct *t)
836 : {
837 : struct pid *sid;
838 : int error;
839 :
840 0 : if (!valid_signal(sig))
841 : return -EINVAL;
842 :
843 0 : if (!si_fromuser(info))
844 : return 0;
845 :
846 0 : error = audit_signal_info(sig, t); /* Let audit system see the signal */
847 : if (error)
848 : return error;
849 :
850 0 : if (!same_thread_group(current, t) &&
851 0 : !kill_ok_by_cred(t)) {
852 0 : switch (sig) {
853 : case SIGCONT:
854 0 : sid = task_session(t);
855 : /*
856 : * We don't return the error if sid == NULL. The
857 : * task was unhashed, the caller must notice this.
858 : */
859 0 : if (!sid || sid == task_session(current))
860 : break;
861 : fallthrough;
862 : default:
863 : return -EPERM;
864 : }
865 : }
866 :
867 : return security_task_kill(t, info, sig, NULL);
868 : }
869 :
870 : /**
871 : * ptrace_trap_notify - schedule trap to notify ptracer
872 : * @t: tracee wanting to notify tracer
873 : *
874 : * This function schedules sticky ptrace trap which is cleared on the next
875 : * TRAP_STOP to notify ptracer of an event. @t must have been seized by
876 : * ptracer.
877 : *
878 : * If @t is running, STOP trap will be taken. If trapped for STOP and
879 : * ptracer is listening for events, tracee is woken up so that it can
880 : * re-trap for the new event. If trapped otherwise, STOP trap will be
881 : * eventually taken without returning to userland after the existing traps
882 : * are finished by PTRACE_CONT.
883 : *
884 : * CONTEXT:
885 : * Must be called with @task->sighand->siglock held.
886 : */
887 0 : static void ptrace_trap_notify(struct task_struct *t)
888 : {
889 0 : WARN_ON_ONCE(!(t->ptrace & PT_SEIZED));
890 : lockdep_assert_held(&t->sighand->siglock);
891 :
892 0 : task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY);
893 0 : ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING);
894 0 : }
895 :
896 : /*
897 : * Handle magic process-wide effects of stop/continue signals. Unlike
898 : * the signal actions, these happen immediately at signal-generation
899 : * time regardless of blocking, ignoring, or handling. This does the
900 : * actual continuing for SIGCONT, but not the actual stopping for stop
901 : * signals. The process stop is done as a signal action for SIG_DFL.
902 : *
903 : * Returns true if the signal should be actually delivered, otherwise
904 : * it should be dropped.
905 : */
906 0 : static bool prepare_signal(int sig, struct task_struct *p, bool force)
907 : {
908 0 : struct signal_struct *signal = p->signal;
909 : struct task_struct *t;
910 : sigset_t flush;
911 :
912 0 : if (signal->flags & SIGNAL_GROUP_EXIT) {
913 0 : if (signal->core_state)
914 0 : return sig == SIGKILL;
915 : /*
916 : * The process is in the middle of dying, drop the signal.
917 : */
918 : return false;
919 0 : } else if (sig_kernel_stop(sig)) {
920 : /*
921 : * This is a stop signal. Remove SIGCONT from all queues.
922 : */
923 0 : siginitset(&flush, sigmask(SIGCONT));
924 0 : flush_sigqueue_mask(&flush, &signal->shared_pending);
925 0 : for_each_thread(p, t)
926 0 : flush_sigqueue_mask(&flush, &t->pending);
927 0 : } else if (sig == SIGCONT) {
928 : unsigned int why;
929 : /*
930 : * Remove all stop signals from all queues, wake all threads.
931 : */
932 0 : siginitset(&flush, SIG_KERNEL_STOP_MASK);
933 0 : flush_sigqueue_mask(&flush, &signal->shared_pending);
934 0 : for_each_thread(p, t) {
935 0 : flush_sigqueue_mask(&flush, &t->pending);
936 0 : task_clear_jobctl_pending(t, JOBCTL_STOP_PENDING);
937 0 : if (likely(!(t->ptrace & PT_SEIZED))) {
938 0 : t->jobctl &= ~JOBCTL_STOPPED;
939 0 : wake_up_state(t, __TASK_STOPPED);
940 : } else
941 0 : ptrace_trap_notify(t);
942 : }
943 :
944 : /*
945 : * Notify the parent with CLD_CONTINUED if we were stopped.
946 : *
947 : * If we were in the middle of a group stop, we pretend it
948 : * was already finished, and then continued. Since SIGCHLD
949 : * doesn't queue we report only CLD_STOPPED, as if the next
950 : * CLD_CONTINUED was dropped.
951 : */
952 0 : why = 0;
953 0 : if (signal->flags & SIGNAL_STOP_STOPPED)
954 : why |= SIGNAL_CLD_CONTINUED;
955 0 : else if (signal->group_stop_count)
956 0 : why |= SIGNAL_CLD_STOPPED;
957 :
958 0 : if (why) {
959 : /*
960 : * The first thread which returns from do_signal_stop()
961 : * will take ->siglock, notice SIGNAL_CLD_MASK, and
962 : * notify its parent. See get_signal().
963 : */
964 0 : signal_set_stop_flags(signal, why | SIGNAL_STOP_CONTINUED);
965 0 : signal->group_stop_count = 0;
966 0 : signal->group_exit_code = 0;
967 : }
968 : }
969 :
970 0 : return !sig_ignored(p, sig, force);
971 : }
972 :
973 : /*
974 : * Test if P wants to take SIG. After we've checked all threads with this,
975 : * it's equivalent to finding no threads not blocking SIG. Any threads not
976 : * blocking SIG were ruled out because they are not running and already
977 : * have pending signals. Such threads will dequeue from the shared queue
978 : * as soon as they're available, so putting the signal on the shared queue
979 : * will be equivalent to sending it to one such thread.
980 : */
981 0 : static inline bool wants_signal(int sig, struct task_struct *p)
982 : {
983 0 : if (sigismember(&p->blocked, sig))
984 : return false;
985 :
986 0 : if (p->flags & PF_EXITING)
987 : return false;
988 :
989 0 : if (sig == SIGKILL)
990 : return true;
991 :
992 0 : if (task_is_stopped_or_traced(p))
993 : return false;
994 :
995 0 : return task_curr(p) || !task_sigpending(p);
996 : }
997 :
998 0 : static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
999 : {
1000 0 : struct signal_struct *signal = p->signal;
1001 : struct task_struct *t;
1002 :
1003 : /*
1004 : * Now find a thread we can wake up to take the signal off the queue.
1005 : *
1006 : * If the main thread wants the signal, it gets first crack.
1007 : * Probably the least surprising to the average bear.
1008 : */
1009 0 : if (wants_signal(sig, p))
1010 : t = p;
1011 0 : else if ((type == PIDTYPE_PID) || thread_group_empty(p))
1012 : /*
1013 : * There is just one thread and it does not need to be woken.
1014 : * It will dequeue unblocked signals before it runs again.
1015 : */
1016 : return;
1017 : else {
1018 : /*
1019 : * Otherwise try to find a suitable thread.
1020 : */
1021 0 : t = signal->curr_target;
1022 0 : while (!wants_signal(sig, t)) {
1023 0 : t = next_thread(t);
1024 0 : if (t == signal->curr_target)
1025 : /*
1026 : * No thread needs to be woken.
1027 : * Any eligible threads will see
1028 : * the signal in the queue soon.
1029 : */
1030 : return;
1031 : }
1032 0 : signal->curr_target = t;
1033 : }
1034 :
1035 : /*
1036 : * Found a killable thread. If the signal will be fatal,
1037 : * then start taking the whole group down immediately.
1038 : */
1039 0 : if (sig_fatal(p, sig) &&
1040 0 : (signal->core_state || !(signal->flags & SIGNAL_GROUP_EXIT)) &&
1041 0 : !sigismember(&t->real_blocked, sig) &&
1042 0 : (sig == SIGKILL || !p->ptrace)) {
1043 : /*
1044 : * This signal will be fatal to the whole group.
1045 : */
1046 0 : if (!sig_kernel_coredump(sig)) {
1047 : /*
1048 : * Start a group exit and wake everybody up.
1049 : * This way we don't have other threads
1050 : * running and doing things after a slower
1051 : * thread has the fatal signal pending.
1052 : */
1053 0 : signal->flags = SIGNAL_GROUP_EXIT;
1054 0 : signal->group_exit_code = sig;
1055 0 : signal->group_stop_count = 0;
1056 0 : t = p;
1057 : do {
1058 0 : task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
1059 0 : sigaddset(&t->pending.signal, SIGKILL);
1060 0 : signal_wake_up(t, 1);
1061 0 : } while_each_thread(p, t);
1062 : return;
1063 : }
1064 : }
1065 :
1066 : /*
1067 : * The signal is already in the shared-pending queue.
1068 : * Tell the chosen thread to wake up and dequeue it.
1069 : */
1070 0 : signal_wake_up(t, sig == SIGKILL);
1071 0 : return;
1072 : }
1073 :
1074 : static inline bool legacy_queue(struct sigpending *signals, int sig)
1075 : {
1076 0 : return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
1077 : }
1078 :
1079 0 : static int __send_signal_locked(int sig, struct kernel_siginfo *info,
1080 : struct task_struct *t, enum pid_type type, bool force)
1081 : {
1082 : struct sigpending *pending;
1083 : struct sigqueue *q;
1084 : int override_rlimit;
1085 0 : int ret = 0, result;
1086 :
1087 : lockdep_assert_held(&t->sighand->siglock);
1088 :
1089 0 : result = TRACE_SIGNAL_IGNORED;
1090 0 : if (!prepare_signal(sig, t, force))
1091 : goto ret;
1092 :
1093 0 : pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
1094 : /*
1095 : * Short-circuit ignored signals and support queuing
1096 : * exactly one non-rt signal, so that we can get more
1097 : * detailed information about the cause of the signal.
1098 : */
1099 0 : result = TRACE_SIGNAL_ALREADY_PENDING;
1100 0 : if (legacy_queue(pending, sig))
1101 : goto ret;
1102 :
1103 0 : result = TRACE_SIGNAL_DELIVERED;
1104 : /*
1105 : * Skip useless siginfo allocation for SIGKILL and kernel threads.
1106 : */
1107 0 : if ((sig == SIGKILL) || (t->flags & PF_KTHREAD))
1108 : goto out_set;
1109 :
1110 : /*
1111 : * Real-time signals must be queued if sent by sigqueue, or
1112 : * some other real-time mechanism. It is implementation
1113 : * defined whether kill() does so. We attempt to do so, on
1114 : * the principle of least surprise, but since kill is not
1115 : * allowed to fail with EAGAIN when low on memory we just
1116 : * make sure at least one signal gets delivered and don't
1117 : * pass on the info struct.
1118 : */
1119 0 : if (sig < SIGRTMIN)
1120 0 : override_rlimit = (is_si_special(info) || info->si_code >= 0);
1121 : else
1122 : override_rlimit = 0;
1123 :
1124 0 : q = __sigqueue_alloc(sig, t, GFP_ATOMIC, override_rlimit, 0);
1125 :
1126 0 : if (q) {
1127 0 : list_add_tail(&q->list, &pending->list);
1128 0 : switch ((unsigned long) info) {
1129 : case (unsigned long) SEND_SIG_NOINFO:
1130 0 : clear_siginfo(&q->info);
1131 0 : q->info.si_signo = sig;
1132 0 : q->info.si_errno = 0;
1133 0 : q->info.si_code = SI_USER;
1134 0 : q->info.si_pid = task_tgid_nr_ns(current,
1135 : task_active_pid_ns(t));
1136 : rcu_read_lock();
1137 0 : q->info.si_uid =
1138 0 : from_kuid_munged(task_cred_xxx(t, user_ns),
1139 0 : current_uid());
1140 : rcu_read_unlock();
1141 : break;
1142 : case (unsigned long) SEND_SIG_PRIV:
1143 0 : clear_siginfo(&q->info);
1144 0 : q->info.si_signo = sig;
1145 0 : q->info.si_errno = 0;
1146 0 : q->info.si_code = SI_KERNEL;
1147 0 : q->info.si_pid = 0;
1148 0 : q->info.si_uid = 0;
1149 0 : break;
1150 : default:
1151 0 : copy_siginfo(&q->info, info);
1152 : break;
1153 : }
1154 0 : } else if (!is_si_special(info) &&
1155 0 : sig >= SIGRTMIN && info->si_code != SI_USER) {
1156 : /*
1157 : * Queue overflow, abort. We may abort if the
1158 : * signal was rt and sent by user using something
1159 : * other than kill().
1160 : */
1161 : result = TRACE_SIGNAL_OVERFLOW_FAIL;
1162 : ret = -EAGAIN;
1163 : goto ret;
1164 : } else {
1165 : /*
1166 : * This is a silent loss of information. We still
1167 : * send the signal, but the *info bits are lost.
1168 : */
1169 : result = TRACE_SIGNAL_LOSE_INFO;
1170 : }
1171 :
1172 : out_set:
1173 0 : signalfd_notify(t, sig);
1174 0 : sigaddset(&pending->signal, sig);
1175 :
1176 : /* Let multiprocess signals appear after on-going forks */
1177 0 : if (type > PIDTYPE_TGID) {
1178 : struct multiprocess_signals *delayed;
1179 0 : hlist_for_each_entry(delayed, &t->signal->multiprocess, node) {
1180 0 : sigset_t *signal = &delayed->signal;
1181 : /* Can't queue both a stop and a continue signal */
1182 0 : if (sig == SIGCONT)
1183 : sigdelsetmask(signal, SIG_KERNEL_STOP_MASK);
1184 0 : else if (sig_kernel_stop(sig))
1185 : sigdelset(signal, SIGCONT);
1186 0 : sigaddset(signal, sig);
1187 : }
1188 : }
1189 :
1190 0 : complete_signal(sig, t, type);
1191 : ret:
1192 0 : trace_signal_generate(sig, info, t, type != PIDTYPE_PID, result);
1193 0 : return ret;
1194 : }
1195 :
1196 0 : static inline bool has_si_pid_and_uid(struct kernel_siginfo *info)
1197 : {
1198 0 : bool ret = false;
1199 0 : switch (siginfo_layout(info->si_signo, info->si_code)) {
1200 : case SIL_KILL:
1201 : case SIL_CHLD:
1202 : case SIL_RT:
1203 : ret = true;
1204 : break;
1205 : case SIL_TIMER:
1206 : case SIL_POLL:
1207 : case SIL_FAULT:
1208 : case SIL_FAULT_TRAPNO:
1209 : case SIL_FAULT_MCEERR:
1210 : case SIL_FAULT_BNDERR:
1211 : case SIL_FAULT_PKUERR:
1212 : case SIL_FAULT_PERF_EVENT:
1213 : case SIL_SYS:
1214 : ret = false;
1215 : break;
1216 : }
1217 0 : return ret;
1218 : }
1219 :
1220 0 : int send_signal_locked(int sig, struct kernel_siginfo *info,
1221 : struct task_struct *t, enum pid_type type)
1222 : {
1223 : /* Should SIGKILL or SIGSTOP be received by a pid namespace init? */
1224 0 : bool force = false;
1225 :
1226 0 : if (info == SEND_SIG_NOINFO) {
1227 : /* Force if sent from an ancestor pid namespace */
1228 0 : force = !task_pid_nr_ns(current, task_active_pid_ns(t));
1229 0 : } else if (info == SEND_SIG_PRIV) {
1230 : /* Don't ignore kernel generated signals */
1231 : force = true;
1232 0 : } else if (has_si_pid_and_uid(info)) {
1233 : /* SIGKILL and SIGSTOP is special or has ids */
1234 : struct user_namespace *t_user_ns;
1235 :
1236 : rcu_read_lock();
1237 0 : t_user_ns = task_cred_xxx(t, user_ns);
1238 0 : if (current_user_ns() != t_user_ns) {
1239 0 : kuid_t uid = make_kuid(current_user_ns(), info->si_uid);
1240 0 : info->si_uid = from_kuid_munged(t_user_ns, uid);
1241 : }
1242 : rcu_read_unlock();
1243 :
1244 : /* A kernel generated signal? */
1245 0 : force = (info->si_code == SI_KERNEL);
1246 :
1247 : /* From an ancestor pid namespace? */
1248 0 : if (!task_pid_nr_ns(current, task_active_pid_ns(t))) {
1249 0 : info->si_pid = 0;
1250 0 : force = true;
1251 : }
1252 : }
1253 0 : return __send_signal_locked(sig, info, t, type, force);
1254 : }
1255 :
1256 0 : static void print_fatal_signal(int signr)
1257 : {
1258 0 : struct pt_regs *regs = task_pt_regs(current);
1259 0 : pr_info("potentially unexpected fatal signal %d.\n", signr);
1260 :
1261 : #if defined(__i386__) && !defined(__arch_um__)
1262 : pr_info("code at %08lx: ", regs->ip);
1263 : {
1264 : int i;
1265 : for (i = 0; i < 16; i++) {
1266 : unsigned char insn;
1267 :
1268 : if (get_user(insn, (unsigned char *)(regs->ip + i)))
1269 : break;
1270 : pr_cont("%02x ", insn);
1271 : }
1272 : }
1273 : pr_cont("\n");
1274 : #endif
1275 0 : preempt_disable();
1276 0 : show_regs(regs);
1277 0 : preempt_enable();
1278 0 : }
1279 :
1280 0 : static int __init setup_print_fatal_signals(char *str)
1281 : {
1282 0 : get_option (&str, &print_fatal_signals);
1283 :
1284 0 : return 1;
1285 : }
1286 :
1287 : __setup("print-fatal-signals=", setup_print_fatal_signals);
1288 :
1289 0 : int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p,
1290 : enum pid_type type)
1291 : {
1292 : unsigned long flags;
1293 0 : int ret = -ESRCH;
1294 :
1295 0 : if (lock_task_sighand(p, &flags)) {
1296 0 : ret = send_signal_locked(sig, info, p, type);
1297 0 : unlock_task_sighand(p, &flags);
1298 : }
1299 :
1300 0 : return ret;
1301 : }
1302 :
1303 : enum sig_handler {
1304 : HANDLER_CURRENT, /* If reachable use the current handler */
1305 : HANDLER_SIG_DFL, /* Always use SIG_DFL handler semantics */
1306 : HANDLER_EXIT, /* Only visible as the process exit code */
1307 : };
1308 :
1309 : /*
1310 : * Force a signal that the process can't ignore: if necessary
1311 : * we unblock the signal and change any SIG_IGN to SIG_DFL.
1312 : *
1313 : * Note: If we unblock the signal, we always reset it to SIG_DFL,
1314 : * since we do not want to have a signal handler that was blocked
1315 : * be invoked when user space had explicitly blocked it.
1316 : *
1317 : * We don't want to have recursive SIGSEGV's etc, for example,
1318 : * that is why we also clear SIGNAL_UNKILLABLE.
1319 : */
1320 : static int
1321 0 : force_sig_info_to_task(struct kernel_siginfo *info, struct task_struct *t,
1322 : enum sig_handler handler)
1323 : {
1324 : unsigned long int flags;
1325 : int ret, blocked, ignored;
1326 : struct k_sigaction *action;
1327 0 : int sig = info->si_signo;
1328 :
1329 0 : spin_lock_irqsave(&t->sighand->siglock, flags);
1330 0 : action = &t->sighand->action[sig-1];
1331 0 : ignored = action->sa.sa_handler == SIG_IGN;
1332 0 : blocked = sigismember(&t->blocked, sig);
1333 0 : if (blocked || ignored || (handler != HANDLER_CURRENT)) {
1334 0 : action->sa.sa_handler = SIG_DFL;
1335 0 : if (handler == HANDLER_EXIT)
1336 0 : action->sa.sa_flags |= SA_IMMUTABLE;
1337 0 : if (blocked) {
1338 0 : sigdelset(&t->blocked, sig);
1339 0 : recalc_sigpending_and_wake(t);
1340 : }
1341 : }
1342 : /*
1343 : * Don't clear SIGNAL_UNKILLABLE for traced tasks, users won't expect
1344 : * debugging to leave init killable. But HANDLER_EXIT is always fatal.
1345 : */
1346 0 : if (action->sa.sa_handler == SIG_DFL &&
1347 0 : (!t->ptrace || (handler == HANDLER_EXIT)))
1348 0 : t->signal->flags &= ~SIGNAL_UNKILLABLE;
1349 0 : ret = send_signal_locked(sig, info, t, PIDTYPE_PID);
1350 0 : spin_unlock_irqrestore(&t->sighand->siglock, flags);
1351 :
1352 0 : return ret;
1353 : }
1354 :
1355 0 : int force_sig_info(struct kernel_siginfo *info)
1356 : {
1357 0 : return force_sig_info_to_task(info, current, HANDLER_CURRENT);
1358 : }
1359 :
1360 : /*
1361 : * Nuke all other threads in the group.
1362 : */
1363 0 : int zap_other_threads(struct task_struct *p)
1364 : {
1365 0 : struct task_struct *t = p;
1366 0 : int count = 0;
1367 :
1368 0 : p->signal->group_stop_count = 0;
1369 :
1370 0 : while_each_thread(p, t) {
1371 0 : task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
1372 0 : count++;
1373 :
1374 : /* Don't bother with already dead threads */
1375 0 : if (t->exit_state)
1376 0 : continue;
1377 0 : sigaddset(&t->pending.signal, SIGKILL);
1378 0 : signal_wake_up(t, 1);
1379 : }
1380 :
1381 0 : return count;
1382 : }
1383 :
1384 0 : struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
1385 : unsigned long *flags)
1386 : {
1387 : struct sighand_struct *sighand;
1388 :
1389 : rcu_read_lock();
1390 : for (;;) {
1391 0 : sighand = rcu_dereference(tsk->sighand);
1392 0 : if (unlikely(sighand == NULL))
1393 : break;
1394 :
1395 : /*
1396 : * This sighand can be already freed and even reused, but
1397 : * we rely on SLAB_TYPESAFE_BY_RCU and sighand_ctor() which
1398 : * initializes ->siglock: this slab can't go away, it has
1399 : * the same object type, ->siglock can't be reinitialized.
1400 : *
1401 : * We need to ensure that tsk->sighand is still the same
1402 : * after we take the lock, we can race with de_thread() or
1403 : * __exit_signal(). In the latter case the next iteration
1404 : * must see ->sighand == NULL.
1405 : */
1406 0 : spin_lock_irqsave(&sighand->siglock, *flags);
1407 0 : if (likely(sighand == rcu_access_pointer(tsk->sighand)))
1408 : break;
1409 0 : spin_unlock_irqrestore(&sighand->siglock, *flags);
1410 : }
1411 : rcu_read_unlock();
1412 :
1413 0 : return sighand;
1414 : }
1415 :
1416 : #ifdef CONFIG_LOCKDEP
1417 : void lockdep_assert_task_sighand_held(struct task_struct *task)
1418 : {
1419 : struct sighand_struct *sighand;
1420 :
1421 : rcu_read_lock();
1422 : sighand = rcu_dereference(task->sighand);
1423 : if (sighand)
1424 : lockdep_assert_held(&sighand->siglock);
1425 : else
1426 : WARN_ON_ONCE(1);
1427 : rcu_read_unlock();
1428 : }
1429 : #endif
1430 :
1431 : /*
1432 : * send signal info to all the members of a group
1433 : */
1434 0 : int group_send_sig_info(int sig, struct kernel_siginfo *info,
1435 : struct task_struct *p, enum pid_type type)
1436 : {
1437 : int ret;
1438 :
1439 : rcu_read_lock();
1440 0 : ret = check_kill_permission(sig, info, p);
1441 : rcu_read_unlock();
1442 :
1443 0 : if (!ret && sig)
1444 0 : ret = do_send_sig_info(sig, info, p, type);
1445 :
1446 0 : return ret;
1447 : }
1448 :
1449 : /*
1450 : * __kill_pgrp_info() sends a signal to a process group: this is what the tty
1451 : * control characters do (^C, ^Z etc)
1452 : * - the caller must hold at least a readlock on tasklist_lock
1453 : */
1454 0 : int __kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp)
1455 : {
1456 0 : struct task_struct *p = NULL;
1457 : int retval, success;
1458 :
1459 0 : success = 0;
1460 0 : retval = -ESRCH;
1461 0 : do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
1462 0 : int err = group_send_sig_info(sig, info, p, PIDTYPE_PGID);
1463 0 : success |= !err;
1464 0 : retval = err;
1465 : } while_each_pid_task(pgrp, PIDTYPE_PGID, p);
1466 0 : return success ? 0 : retval;
1467 : }
1468 :
1469 0 : int kill_pid_info(int sig, struct kernel_siginfo *info, struct pid *pid)
1470 : {
1471 0 : int error = -ESRCH;
1472 : struct task_struct *p;
1473 :
1474 : for (;;) {
1475 : rcu_read_lock();
1476 0 : p = pid_task(pid, PIDTYPE_PID);
1477 0 : if (p)
1478 0 : error = group_send_sig_info(sig, info, p, PIDTYPE_TGID);
1479 : rcu_read_unlock();
1480 0 : if (likely(!p || error != -ESRCH))
1481 0 : return error;
1482 :
1483 : /*
1484 : * The task was unhashed in between, try again. If it
1485 : * is dead, pid_task() will return NULL, if we race with
1486 : * de_thread() it will find the new leader.
1487 : */
1488 : }
1489 : }
1490 :
1491 : static int kill_proc_info(int sig, struct kernel_siginfo *info, pid_t pid)
1492 : {
1493 : int error;
1494 : rcu_read_lock();
1495 0 : error = kill_pid_info(sig, info, find_vpid(pid));
1496 : rcu_read_unlock();
1497 : return error;
1498 : }
1499 :
1500 : static inline bool kill_as_cred_perm(const struct cred *cred,
1501 : struct task_struct *target)
1502 : {
1503 0 : const struct cred *pcred = __task_cred(target);
1504 :
1505 0 : return uid_eq(cred->euid, pcred->suid) ||
1506 0 : uid_eq(cred->euid, pcred->uid) ||
1507 0 : uid_eq(cred->uid, pcred->suid) ||
1508 0 : uid_eq(cred->uid, pcred->uid);
1509 : }
1510 :
1511 : /*
1512 : * The usb asyncio usage of siginfo is wrong. The glibc support
1513 : * for asyncio which uses SI_ASYNCIO assumes the layout is SIL_RT.
1514 : * AKA after the generic fields:
1515 : * kernel_pid_t si_pid;
1516 : * kernel_uid32_t si_uid;
1517 : * sigval_t si_value;
1518 : *
1519 : * Unfortunately when usb generates SI_ASYNCIO it assumes the layout
1520 : * after the generic fields is:
1521 : * void __user *si_addr;
1522 : *
1523 : * This is a practical problem when there is a 64bit big endian kernel
1524 : * and a 32bit userspace. As the 32bit address will encoded in the low
1525 : * 32bits of the pointer. Those low 32bits will be stored at higher
1526 : * address than appear in a 32 bit pointer. So userspace will not
1527 : * see the address it was expecting for it's completions.
1528 : *
1529 : * There is nothing in the encoding that can allow
1530 : * copy_siginfo_to_user32 to detect this confusion of formats, so
1531 : * handle this by requiring the caller of kill_pid_usb_asyncio to
1532 : * notice when this situration takes place and to store the 32bit
1533 : * pointer in sival_int, instead of sival_addr of the sigval_t addr
1534 : * parameter.
1535 : */
1536 0 : int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
1537 : struct pid *pid, const struct cred *cred)
1538 : {
1539 : struct kernel_siginfo info;
1540 : struct task_struct *p;
1541 : unsigned long flags;
1542 0 : int ret = -EINVAL;
1543 :
1544 0 : if (!valid_signal(sig))
1545 : return ret;
1546 :
1547 0 : clear_siginfo(&info);
1548 0 : info.si_signo = sig;
1549 0 : info.si_errno = errno;
1550 0 : info.si_code = SI_ASYNCIO;
1551 0 : *((sigval_t *)&info.si_pid) = addr;
1552 :
1553 : rcu_read_lock();
1554 0 : p = pid_task(pid, PIDTYPE_PID);
1555 0 : if (!p) {
1556 : ret = -ESRCH;
1557 : goto out_unlock;
1558 : }
1559 0 : if (!kill_as_cred_perm(cred, p)) {
1560 : ret = -EPERM;
1561 : goto out_unlock;
1562 : }
1563 0 : ret = security_task_kill(p, &info, sig, cred);
1564 : if (ret)
1565 : goto out_unlock;
1566 :
1567 0 : if (sig) {
1568 0 : if (lock_task_sighand(p, &flags)) {
1569 0 : ret = __send_signal_locked(sig, &info, p, PIDTYPE_TGID, false);
1570 0 : unlock_task_sighand(p, &flags);
1571 : } else
1572 : ret = -ESRCH;
1573 : }
1574 : out_unlock:
1575 : rcu_read_unlock();
1576 0 : return ret;
1577 : }
1578 : EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio);
1579 :
1580 : /*
1581 : * kill_something_info() interprets pid in interesting ways just like kill(2).
1582 : *
1583 : * POSIX specifies that kill(-1,sig) is unspecified, but what we have
1584 : * is probably wrong. Should make it like BSD or SYSV.
1585 : */
1586 :
1587 0 : static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
1588 : {
1589 : int ret;
1590 :
1591 0 : if (pid > 0)
1592 0 : return kill_proc_info(sig, info, pid);
1593 :
1594 : /* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */
1595 0 : if (pid == INT_MIN)
1596 : return -ESRCH;
1597 :
1598 0 : read_lock(&tasklist_lock);
1599 0 : if (pid != -1) {
1600 0 : ret = __kill_pgrp_info(sig, info,
1601 0 : pid ? find_vpid(-pid) : task_pgrp(current));
1602 : } else {
1603 : int retval = 0, count = 0;
1604 : struct task_struct * p;
1605 :
1606 0 : for_each_process(p) {
1607 0 : if (task_pid_vnr(p) > 1 &&
1608 0 : !same_thread_group(p, current)) {
1609 0 : int err = group_send_sig_info(sig, info, p,
1610 : PIDTYPE_MAX);
1611 0 : ++count;
1612 0 : if (err != -EPERM)
1613 0 : retval = err;
1614 : }
1615 : }
1616 0 : ret = count ? retval : -ESRCH;
1617 : }
1618 0 : read_unlock(&tasklist_lock);
1619 :
1620 0 : return ret;
1621 : }
1622 :
1623 : /*
1624 : * These are for backward compatibility with the rest of the kernel source.
1625 : */
1626 :
1627 0 : int send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
1628 : {
1629 : /*
1630 : * Make sure legacy kernel users don't send in bad values
1631 : * (normal paths check this in check_kill_permission).
1632 : */
1633 0 : if (!valid_signal(sig))
1634 : return -EINVAL;
1635 :
1636 0 : return do_send_sig_info(sig, info, p, PIDTYPE_PID);
1637 : }
1638 : EXPORT_SYMBOL(send_sig_info);
1639 :
1640 : #define __si_special(priv) \
1641 : ((priv) ? SEND_SIG_PRIV : SEND_SIG_NOINFO)
1642 :
1643 : int
1644 0 : send_sig(int sig, struct task_struct *p, int priv)
1645 : {
1646 0 : return send_sig_info(sig, __si_special(priv), p);
1647 : }
1648 : EXPORT_SYMBOL(send_sig);
1649 :
1650 0 : void force_sig(int sig)
1651 : {
1652 : struct kernel_siginfo info;
1653 :
1654 0 : clear_siginfo(&info);
1655 0 : info.si_signo = sig;
1656 0 : info.si_errno = 0;
1657 0 : info.si_code = SI_KERNEL;
1658 0 : info.si_pid = 0;
1659 0 : info.si_uid = 0;
1660 0 : force_sig_info(&info);
1661 0 : }
1662 : EXPORT_SYMBOL(force_sig);
1663 :
1664 0 : void force_fatal_sig(int sig)
1665 : {
1666 : struct kernel_siginfo info;
1667 :
1668 0 : clear_siginfo(&info);
1669 0 : info.si_signo = sig;
1670 0 : info.si_errno = 0;
1671 0 : info.si_code = SI_KERNEL;
1672 0 : info.si_pid = 0;
1673 0 : info.si_uid = 0;
1674 0 : force_sig_info_to_task(&info, current, HANDLER_SIG_DFL);
1675 0 : }
1676 :
1677 0 : void force_exit_sig(int sig)
1678 : {
1679 : struct kernel_siginfo info;
1680 :
1681 0 : clear_siginfo(&info);
1682 0 : info.si_signo = sig;
1683 0 : info.si_errno = 0;
1684 0 : info.si_code = SI_KERNEL;
1685 0 : info.si_pid = 0;
1686 0 : info.si_uid = 0;
1687 0 : force_sig_info_to_task(&info, current, HANDLER_EXIT);
1688 0 : }
1689 :
1690 : /*
1691 : * When things go south during signal handling, we
1692 : * will force a SIGSEGV. And if the signal that caused
1693 : * the problem was already a SIGSEGV, we'll want to
1694 : * make sure we don't even try to deliver the signal..
1695 : */
1696 0 : void force_sigsegv(int sig)
1697 : {
1698 0 : if (sig == SIGSEGV)
1699 0 : force_fatal_sig(SIGSEGV);
1700 : else
1701 0 : force_sig(SIGSEGV);
1702 0 : }
1703 :
1704 0 : int force_sig_fault_to_task(int sig, int code, void __user *addr
1705 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
1706 : , struct task_struct *t)
1707 : {
1708 : struct kernel_siginfo info;
1709 :
1710 0 : clear_siginfo(&info);
1711 0 : info.si_signo = sig;
1712 0 : info.si_errno = 0;
1713 0 : info.si_code = code;
1714 0 : info.si_addr = addr;
1715 : #ifdef __ia64__
1716 : info.si_imm = imm;
1717 : info.si_flags = flags;
1718 : info.si_isr = isr;
1719 : #endif
1720 0 : return force_sig_info_to_task(&info, t, HANDLER_CURRENT);
1721 : }
1722 :
1723 0 : int force_sig_fault(int sig, int code, void __user *addr
1724 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr))
1725 : {
1726 0 : return force_sig_fault_to_task(sig, code, addr
1727 0 : ___ARCH_SI_IA64(imm, flags, isr), current);
1728 : }
1729 :
1730 0 : int send_sig_fault(int sig, int code, void __user *addr
1731 : ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
1732 : , struct task_struct *t)
1733 : {
1734 : struct kernel_siginfo info;
1735 :
1736 0 : clear_siginfo(&info);
1737 0 : info.si_signo = sig;
1738 0 : info.si_errno = 0;
1739 0 : info.si_code = code;
1740 0 : info.si_addr = addr;
1741 : #ifdef __ia64__
1742 : info.si_imm = imm;
1743 : info.si_flags = flags;
1744 : info.si_isr = isr;
1745 : #endif
1746 0 : return send_sig_info(info.si_signo, &info, t);
1747 : }
1748 :
1749 0 : int force_sig_mceerr(int code, void __user *addr, short lsb)
1750 : {
1751 : struct kernel_siginfo info;
1752 :
1753 0 : WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
1754 0 : clear_siginfo(&info);
1755 0 : info.si_signo = SIGBUS;
1756 0 : info.si_errno = 0;
1757 0 : info.si_code = code;
1758 0 : info.si_addr = addr;
1759 0 : info.si_addr_lsb = lsb;
1760 0 : return force_sig_info(&info);
1761 : }
1762 :
1763 0 : int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *t)
1764 : {
1765 : struct kernel_siginfo info;
1766 :
1767 0 : WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
1768 0 : clear_siginfo(&info);
1769 0 : info.si_signo = SIGBUS;
1770 0 : info.si_errno = 0;
1771 0 : info.si_code = code;
1772 0 : info.si_addr = addr;
1773 0 : info.si_addr_lsb = lsb;
1774 0 : return send_sig_info(info.si_signo, &info, t);
1775 : }
1776 : EXPORT_SYMBOL(send_sig_mceerr);
1777 :
1778 0 : int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
1779 : {
1780 : struct kernel_siginfo info;
1781 :
1782 0 : clear_siginfo(&info);
1783 0 : info.si_signo = SIGSEGV;
1784 0 : info.si_errno = 0;
1785 0 : info.si_code = SEGV_BNDERR;
1786 0 : info.si_addr = addr;
1787 0 : info.si_lower = lower;
1788 0 : info.si_upper = upper;
1789 0 : return force_sig_info(&info);
1790 : }
1791 :
1792 : #ifdef SEGV_PKUERR
1793 0 : int force_sig_pkuerr(void __user *addr, u32 pkey)
1794 : {
1795 : struct kernel_siginfo info;
1796 :
1797 0 : clear_siginfo(&info);
1798 0 : info.si_signo = SIGSEGV;
1799 0 : info.si_errno = 0;
1800 0 : info.si_code = SEGV_PKUERR;
1801 0 : info.si_addr = addr;
1802 0 : info.si_pkey = pkey;
1803 0 : return force_sig_info(&info);
1804 : }
1805 : #endif
1806 :
1807 0 : int send_sig_perf(void __user *addr, u32 type, u64 sig_data)
1808 : {
1809 : struct kernel_siginfo info;
1810 :
1811 0 : clear_siginfo(&info);
1812 0 : info.si_signo = SIGTRAP;
1813 0 : info.si_errno = 0;
1814 0 : info.si_code = TRAP_PERF;
1815 0 : info.si_addr = addr;
1816 0 : info.si_perf_data = sig_data;
1817 0 : info.si_perf_type = type;
1818 :
1819 : /*
1820 : * Signals generated by perf events should not terminate the whole
1821 : * process if SIGTRAP is blocked, however, delivering the signal
1822 : * asynchronously is better than not delivering at all. But tell user
1823 : * space if the signal was asynchronous, so it can clearly be
1824 : * distinguished from normal synchronous ones.
1825 : */
1826 0 : info.si_perf_flags = sigismember(¤t->blocked, info.si_signo) ?
1827 0 : TRAP_PERF_FLAG_ASYNC :
1828 : 0;
1829 :
1830 0 : return send_sig_info(info.si_signo, &info, current);
1831 : }
1832 :
1833 : /**
1834 : * force_sig_seccomp - signals the task to allow in-process syscall emulation
1835 : * @syscall: syscall number to send to userland
1836 : * @reason: filter-supplied reason code to send to userland (via si_errno)
1837 : * @force_coredump: true to trigger a coredump
1838 : *
1839 : * Forces a SIGSYS with a code of SYS_SECCOMP and related sigsys info.
1840 : */
1841 0 : int force_sig_seccomp(int syscall, int reason, bool force_coredump)
1842 : {
1843 : struct kernel_siginfo info;
1844 :
1845 0 : clear_siginfo(&info);
1846 0 : info.si_signo = SIGSYS;
1847 0 : info.si_code = SYS_SECCOMP;
1848 0 : info.si_call_addr = (void __user *)KSTK_EIP(current);
1849 0 : info.si_errno = reason;
1850 0 : info.si_arch = syscall_get_arch(current);
1851 0 : info.si_syscall = syscall;
1852 0 : return force_sig_info_to_task(&info, current,
1853 : force_coredump ? HANDLER_EXIT : HANDLER_CURRENT);
1854 : }
1855 :
1856 : /* For the crazy architectures that include trap information in
1857 : * the errno field, instead of an actual errno value.
1858 : */
1859 0 : int force_sig_ptrace_errno_trap(int errno, void __user *addr)
1860 : {
1861 : struct kernel_siginfo info;
1862 :
1863 0 : clear_siginfo(&info);
1864 0 : info.si_signo = SIGTRAP;
1865 0 : info.si_errno = errno;
1866 0 : info.si_code = TRAP_HWBKPT;
1867 0 : info.si_addr = addr;
1868 0 : return force_sig_info(&info);
1869 : }
1870 :
1871 : /* For the rare architectures that include trap information using
1872 : * si_trapno.
1873 : */
1874 0 : int force_sig_fault_trapno(int sig, int code, void __user *addr, int trapno)
1875 : {
1876 : struct kernel_siginfo info;
1877 :
1878 0 : clear_siginfo(&info);
1879 0 : info.si_signo = sig;
1880 0 : info.si_errno = 0;
1881 0 : info.si_code = code;
1882 0 : info.si_addr = addr;
1883 0 : info.si_trapno = trapno;
1884 0 : return force_sig_info(&info);
1885 : }
1886 :
1887 : /* For the rare architectures that include trap information using
1888 : * si_trapno.
1889 : */
1890 0 : int send_sig_fault_trapno(int sig, int code, void __user *addr, int trapno,
1891 : struct task_struct *t)
1892 : {
1893 : struct kernel_siginfo info;
1894 :
1895 0 : clear_siginfo(&info);
1896 0 : info.si_signo = sig;
1897 0 : info.si_errno = 0;
1898 0 : info.si_code = code;
1899 0 : info.si_addr = addr;
1900 0 : info.si_trapno = trapno;
1901 0 : return send_sig_info(info.si_signo, &info, t);
1902 : }
1903 :
1904 0 : int kill_pgrp(struct pid *pid, int sig, int priv)
1905 : {
1906 : int ret;
1907 :
1908 0 : read_lock(&tasklist_lock);
1909 0 : ret = __kill_pgrp_info(sig, __si_special(priv), pid);
1910 0 : read_unlock(&tasklist_lock);
1911 :
1912 0 : return ret;
1913 : }
1914 : EXPORT_SYMBOL(kill_pgrp);
1915 :
1916 0 : int kill_pid(struct pid *pid, int sig, int priv)
1917 : {
1918 0 : return kill_pid_info(sig, __si_special(priv), pid);
1919 : }
1920 : EXPORT_SYMBOL(kill_pid);
1921 :
1922 : /*
1923 : * These functions support sending signals using preallocated sigqueue
1924 : * structures. This is needed "because realtime applications cannot
1925 : * afford to lose notifications of asynchronous events, like timer
1926 : * expirations or I/O completions". In the case of POSIX Timers
1927 : * we allocate the sigqueue structure from the timer_create. If this
1928 : * allocation fails we are able to report the failure to the application
1929 : * with an EAGAIN error.
1930 : */
1931 0 : struct sigqueue *sigqueue_alloc(void)
1932 : {
1933 0 : return __sigqueue_alloc(-1, current, GFP_KERNEL, 0, SIGQUEUE_PREALLOC);
1934 : }
1935 :
1936 0 : void sigqueue_free(struct sigqueue *q)
1937 : {
1938 : unsigned long flags;
1939 0 : spinlock_t *lock = ¤t->sighand->siglock;
1940 :
1941 0 : BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
1942 : /*
1943 : * We must hold ->siglock while testing q->list
1944 : * to serialize with collect_signal() or with
1945 : * __exit_signal()->flush_sigqueue().
1946 : */
1947 0 : spin_lock_irqsave(lock, flags);
1948 0 : q->flags &= ~SIGQUEUE_PREALLOC;
1949 : /*
1950 : * If it is queued it will be freed when dequeued,
1951 : * like the "regular" sigqueue.
1952 : */
1953 0 : if (!list_empty(&q->list))
1954 0 : q = NULL;
1955 0 : spin_unlock_irqrestore(lock, flags);
1956 :
1957 0 : if (q)
1958 0 : __sigqueue_free(q);
1959 0 : }
1960 :
1961 0 : int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type)
1962 : {
1963 0 : int sig = q->info.si_signo;
1964 : struct sigpending *pending;
1965 : struct task_struct *t;
1966 : unsigned long flags;
1967 : int ret, result;
1968 :
1969 0 : BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
1970 :
1971 0 : ret = -1;
1972 : rcu_read_lock();
1973 0 : t = pid_task(pid, type);
1974 0 : if (!t || !likely(lock_task_sighand(t, &flags)))
1975 : goto ret;
1976 :
1977 0 : ret = 1; /* the signal is ignored */
1978 0 : result = TRACE_SIGNAL_IGNORED;
1979 0 : if (!prepare_signal(sig, t, false))
1980 : goto out;
1981 :
1982 0 : ret = 0;
1983 0 : if (unlikely(!list_empty(&q->list))) {
1984 : /*
1985 : * If an SI_TIMER entry is already queue just increment
1986 : * the overrun count.
1987 : */
1988 0 : BUG_ON(q->info.si_code != SI_TIMER);
1989 0 : q->info.si_overrun++;
1990 0 : result = TRACE_SIGNAL_ALREADY_PENDING;
1991 0 : goto out;
1992 : }
1993 0 : q->info.si_overrun = 0;
1994 :
1995 0 : signalfd_notify(t, sig);
1996 0 : pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
1997 0 : list_add_tail(&q->list, &pending->list);
1998 0 : sigaddset(&pending->signal, sig);
1999 0 : complete_signal(sig, t, type);
2000 0 : result = TRACE_SIGNAL_DELIVERED;
2001 : out:
2002 0 : trace_signal_generate(sig, &q->info, t, type != PIDTYPE_PID, result);
2003 0 : unlock_task_sighand(t, &flags);
2004 : ret:
2005 : rcu_read_unlock();
2006 0 : return ret;
2007 : }
2008 :
2009 333 : static void do_notify_pidfd(struct task_struct *task)
2010 : {
2011 : struct pid *pid;
2012 :
2013 333 : WARN_ON(task->exit_state == 0);
2014 333 : pid = task_pid(task);
2015 333 : wake_up_all(&pid->wait_pidfd);
2016 333 : }
2017 :
2018 : /*
2019 : * Let a parent know about the death of a child.
2020 : * For a stopped/continued status change, use do_notify_parent_cldstop instead.
2021 : *
2022 : * Returns true if our parent ignored us and so we've switched to
2023 : * self-reaping.
2024 : */
2025 333 : bool do_notify_parent(struct task_struct *tsk, int sig)
2026 : {
2027 : struct kernel_siginfo info;
2028 : unsigned long flags;
2029 : struct sighand_struct *psig;
2030 333 : bool autoreap = false;
2031 : u64 utime, stime;
2032 :
2033 333 : WARN_ON_ONCE(sig == -1);
2034 :
2035 : /* do_notify_parent_cldstop should have been called instead. */
2036 333 : WARN_ON_ONCE(task_is_stopped_or_traced(tsk));
2037 :
2038 666 : WARN_ON_ONCE(!tsk->ptrace &&
2039 : (tsk->group_leader != tsk || !thread_group_empty(tsk)));
2040 :
2041 : /* Wake up all pidfd waiters */
2042 333 : do_notify_pidfd(tsk);
2043 :
2044 333 : if (sig != SIGCHLD) {
2045 : /*
2046 : * This is only possible if parent == real_parent.
2047 : * Check if it has changed security domain.
2048 : */
2049 0 : if (tsk->parent_exec_id != READ_ONCE(tsk->parent->self_exec_id))
2050 0 : sig = SIGCHLD;
2051 : }
2052 :
2053 333 : clear_siginfo(&info);
2054 333 : info.si_signo = sig;
2055 333 : info.si_errno = 0;
2056 : /*
2057 : * We are under tasklist_lock here so our parent is tied to
2058 : * us and cannot change.
2059 : *
2060 : * task_active_pid_ns will always return the same pid namespace
2061 : * until a task passes through release_task.
2062 : *
2063 : * write_lock() currently calls preempt_disable() which is the
2064 : * same as rcu_read_lock(), but according to Oleg, this is not
2065 : * correct to rely on this
2066 : */
2067 : rcu_read_lock();
2068 666 : info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(tsk->parent));
2069 999 : info.si_uid = from_kuid_munged(task_cred_xxx(tsk->parent, user_ns),
2070 333 : task_uid(tsk));
2071 : rcu_read_unlock();
2072 :
2073 666 : task_cputime(tsk, &utime, &stime);
2074 333 : info.si_utime = nsec_to_clock_t(utime + tsk->signal->utime);
2075 333 : info.si_stime = nsec_to_clock_t(stime + tsk->signal->stime);
2076 :
2077 333 : info.si_status = tsk->exit_code & 0x7f;
2078 333 : if (tsk->exit_code & 0x80)
2079 0 : info.si_code = CLD_DUMPED;
2080 333 : else if (tsk->exit_code & 0x7f)
2081 0 : info.si_code = CLD_KILLED;
2082 : else {
2083 333 : info.si_code = CLD_EXITED;
2084 333 : info.si_status = tsk->exit_code >> 8;
2085 : }
2086 :
2087 333 : psig = tsk->parent->sighand;
2088 333 : spin_lock_irqsave(&psig->siglock, flags);
2089 666 : if (!tsk->ptrace && sig == SIGCHLD &&
2090 333 : (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
2091 0 : (psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
2092 : /*
2093 : * We are exiting and our parent doesn't care. POSIX.1
2094 : * defines special semantics for setting SIGCHLD to SIG_IGN
2095 : * or setting the SA_NOCLDWAIT flag: we should be reaped
2096 : * automatically and not left for our parent's wait4 call.
2097 : * Rather than having the parent do it as a magic kind of
2098 : * signal handler, we just set this to tell do_exit that we
2099 : * can be cleaned up without becoming a zombie. Note that
2100 : * we still call __wake_up_parent in this case, because a
2101 : * blocked sys_wait4 might now return -ECHILD.
2102 : *
2103 : * Whether we send SIGCHLD or not for SA_NOCLDWAIT
2104 : * is implementation-defined: we do (if you don't want
2105 : * it, just use SIG_IGN instead).
2106 : */
2107 333 : autoreap = true;
2108 333 : if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN)
2109 333 : sig = 0;
2110 : }
2111 : /*
2112 : * Send with __send_signal as si_pid and si_uid are in the
2113 : * parent's namespaces.
2114 : */
2115 333 : if (valid_signal(sig) && sig)
2116 0 : __send_signal_locked(sig, &info, tsk->parent, PIDTYPE_TGID, false);
2117 333 : __wake_up_parent(tsk, tsk->parent);
2118 666 : spin_unlock_irqrestore(&psig->siglock, flags);
2119 :
2120 333 : return autoreap;
2121 : }
2122 :
2123 : /**
2124 : * do_notify_parent_cldstop - notify parent of stopped/continued state change
2125 : * @tsk: task reporting the state change
2126 : * @for_ptracer: the notification is for ptracer
2127 : * @why: CLD_{CONTINUED|STOPPED|TRAPPED} to report
2128 : *
2129 : * Notify @tsk's parent that the stopped/continued state has changed. If
2130 : * @for_ptracer is %false, @tsk's group leader notifies to its real parent.
2131 : * If %true, @tsk reports to @tsk->parent which should be the ptracer.
2132 : *
2133 : * CONTEXT:
2134 : * Must be called with tasklist_lock at least read locked.
2135 : */
2136 0 : static void do_notify_parent_cldstop(struct task_struct *tsk,
2137 : bool for_ptracer, int why)
2138 : {
2139 : struct kernel_siginfo info;
2140 : unsigned long flags;
2141 : struct task_struct *parent;
2142 : struct sighand_struct *sighand;
2143 : u64 utime, stime;
2144 :
2145 0 : if (for_ptracer) {
2146 0 : parent = tsk->parent;
2147 : } else {
2148 0 : tsk = tsk->group_leader;
2149 0 : parent = tsk->real_parent;
2150 : }
2151 :
2152 0 : clear_siginfo(&info);
2153 0 : info.si_signo = SIGCHLD;
2154 0 : info.si_errno = 0;
2155 : /*
2156 : * see comment in do_notify_parent() about the following 4 lines
2157 : */
2158 : rcu_read_lock();
2159 0 : info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(parent));
2160 0 : info.si_uid = from_kuid_munged(task_cred_xxx(parent, user_ns), task_uid(tsk));
2161 : rcu_read_unlock();
2162 :
2163 0 : task_cputime(tsk, &utime, &stime);
2164 0 : info.si_utime = nsec_to_clock_t(utime);
2165 0 : info.si_stime = nsec_to_clock_t(stime);
2166 :
2167 0 : info.si_code = why;
2168 0 : switch (why) {
2169 : case CLD_CONTINUED:
2170 0 : info.si_status = SIGCONT;
2171 0 : break;
2172 : case CLD_STOPPED:
2173 0 : info.si_status = tsk->signal->group_exit_code & 0x7f;
2174 0 : break;
2175 : case CLD_TRAPPED:
2176 0 : info.si_status = tsk->exit_code & 0x7f;
2177 0 : break;
2178 : default:
2179 0 : BUG();
2180 : }
2181 :
2182 0 : sighand = parent->sighand;
2183 0 : spin_lock_irqsave(&sighand->siglock, flags);
2184 0 : if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN &&
2185 0 : !(sighand->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDSTOP))
2186 0 : send_signal_locked(SIGCHLD, &info, parent, PIDTYPE_TGID);
2187 : /*
2188 : * Even if SIGCHLD is not generated, we must wake up wait4 calls.
2189 : */
2190 0 : __wake_up_parent(tsk, parent);
2191 0 : spin_unlock_irqrestore(&sighand->siglock, flags);
2192 0 : }
2193 :
2194 : /*
2195 : * This must be called with current->sighand->siglock held.
2196 : *
2197 : * This should be the path for all ptrace stops.
2198 : * We always set current->last_siginfo while stopped here.
2199 : * That makes it a way to test a stopped process for
2200 : * being ptrace-stopped vs being job-control-stopped.
2201 : *
2202 : * Returns the signal the ptracer requested the code resume
2203 : * with. If the code did not stop because the tracer is gone,
2204 : * the stop signal remains unchanged unless clear_code.
2205 : */
2206 0 : static int ptrace_stop(int exit_code, int why, unsigned long message,
2207 : kernel_siginfo_t *info)
2208 : __releases(¤t->sighand->siglock)
2209 : __acquires(¤t->sighand->siglock)
2210 : {
2211 0 : bool gstop_done = false;
2212 :
2213 : if (arch_ptrace_stop_needed()) {
2214 : /*
2215 : * The arch code has something special to do before a
2216 : * ptrace stop. This is allowed to block, e.g. for faults
2217 : * on user stack pages. We can't keep the siglock while
2218 : * calling arch_ptrace_stop, so we must release it now.
2219 : * To preserve proper semantics, we must do this before
2220 : * any signal bookkeeping like checking group_stop_count.
2221 : */
2222 : spin_unlock_irq(¤t->sighand->siglock);
2223 : arch_ptrace_stop();
2224 : spin_lock_irq(¤t->sighand->siglock);
2225 : }
2226 :
2227 : /*
2228 : * After this point ptrace_signal_wake_up or signal_wake_up
2229 : * will clear TASK_TRACED if ptrace_unlink happens or a fatal
2230 : * signal comes in. Handle previous ptrace_unlinks and fatal
2231 : * signals here to prevent ptrace_stop sleeping in schedule.
2232 : */
2233 0 : if (!current->ptrace || __fatal_signal_pending(current))
2234 : return exit_code;
2235 :
2236 0 : set_special_state(TASK_TRACED);
2237 0 : current->jobctl |= JOBCTL_TRACED;
2238 :
2239 : /*
2240 : * We're committing to trapping. TRACED should be visible before
2241 : * TRAPPING is cleared; otherwise, the tracer might fail do_wait().
2242 : * Also, transition to TRACED and updates to ->jobctl should be
2243 : * atomic with respect to siglock and should be done after the arch
2244 : * hook as siglock is released and regrabbed across it.
2245 : *
2246 : * TRACER TRACEE
2247 : *
2248 : * ptrace_attach()
2249 : * [L] wait_on_bit(JOBCTL_TRAPPING) [S] set_special_state(TRACED)
2250 : * do_wait()
2251 : * set_current_state() smp_wmb();
2252 : * ptrace_do_wait()
2253 : * wait_task_stopped()
2254 : * task_stopped_code()
2255 : * [L] task_is_traced() [S] task_clear_jobctl_trapping();
2256 : */
2257 0 : smp_wmb();
2258 :
2259 0 : current->ptrace_message = message;
2260 0 : current->last_siginfo = info;
2261 0 : current->exit_code = exit_code;
2262 :
2263 : /*
2264 : * If @why is CLD_STOPPED, we're trapping to participate in a group
2265 : * stop. Do the bookkeeping. Note that if SIGCONT was delievered
2266 : * across siglock relocks since INTERRUPT was scheduled, PENDING
2267 : * could be clear now. We act as if SIGCONT is received after
2268 : * TASK_TRACED is entered - ignore it.
2269 : */
2270 0 : if (why == CLD_STOPPED && (current->jobctl & JOBCTL_STOP_PENDING))
2271 0 : gstop_done = task_participate_group_stop(current);
2272 :
2273 : /* any trap clears pending STOP trap, STOP trap clears NOTIFY */
2274 0 : task_clear_jobctl_pending(current, JOBCTL_TRAP_STOP);
2275 0 : if (info && info->si_code >> 8 == PTRACE_EVENT_STOP)
2276 0 : task_clear_jobctl_pending(current, JOBCTL_TRAP_NOTIFY);
2277 :
2278 : /* entering a trap, clear TRAPPING */
2279 0 : task_clear_jobctl_trapping(current);
2280 :
2281 0 : spin_unlock_irq(¤t->sighand->siglock);
2282 0 : read_lock(&tasklist_lock);
2283 : /*
2284 : * Notify parents of the stop.
2285 : *
2286 : * While ptraced, there are two parents - the ptracer and
2287 : * the real_parent of the group_leader. The ptracer should
2288 : * know about every stop while the real parent is only
2289 : * interested in the completion of group stop. The states
2290 : * for the two don't interact with each other. Notify
2291 : * separately unless they're gonna be duplicates.
2292 : */
2293 0 : if (current->ptrace)
2294 0 : do_notify_parent_cldstop(current, true, why);
2295 0 : if (gstop_done && (!current->ptrace || ptrace_reparented(current)))
2296 0 : do_notify_parent_cldstop(current, false, why);
2297 :
2298 : /*
2299 : * Don't want to allow preemption here, because
2300 : * sys_ptrace() needs this task to be inactive.
2301 : *
2302 : * XXX: implement read_unlock_no_resched().
2303 : */
2304 0 : preempt_disable();
2305 0 : read_unlock(&tasklist_lock);
2306 : cgroup_enter_frozen();
2307 0 : preempt_enable_no_resched();
2308 0 : schedule();
2309 0 : cgroup_leave_frozen(true);
2310 :
2311 : /*
2312 : * We are back. Now reacquire the siglock before touching
2313 : * last_siginfo, so that we are sure to have synchronized with
2314 : * any signal-sending on another CPU that wants to examine it.
2315 : */
2316 0 : spin_lock_irq(¤t->sighand->siglock);
2317 0 : exit_code = current->exit_code;
2318 0 : current->last_siginfo = NULL;
2319 0 : current->ptrace_message = 0;
2320 0 : current->exit_code = 0;
2321 :
2322 : /* LISTENING can be set only during STOP traps, clear it */
2323 0 : current->jobctl &= ~(JOBCTL_LISTENING | JOBCTL_PTRACE_FROZEN);
2324 :
2325 : /*
2326 : * Queued signals ignored us while we were stopped for tracing.
2327 : * So check for any that we should take before resuming user mode.
2328 : * This sets TIF_SIGPENDING, but never clears it.
2329 : */
2330 0 : recalc_sigpending_tsk(current);
2331 : return exit_code;
2332 : }
2333 :
2334 0 : static int ptrace_do_notify(int signr, int exit_code, int why, unsigned long message)
2335 : {
2336 : kernel_siginfo_t info;
2337 :
2338 0 : clear_siginfo(&info);
2339 0 : info.si_signo = signr;
2340 0 : info.si_code = exit_code;
2341 0 : info.si_pid = task_pid_vnr(current);
2342 0 : info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
2343 :
2344 : /* Let the debugger run. */
2345 0 : return ptrace_stop(exit_code, why, message, &info);
2346 : }
2347 :
2348 0 : int ptrace_notify(int exit_code, unsigned long message)
2349 : {
2350 : int signr;
2351 :
2352 0 : BUG_ON((exit_code & (0x7f | ~0xffff)) != SIGTRAP);
2353 0 : if (unlikely(task_work_pending(current)))
2354 0 : task_work_run();
2355 :
2356 0 : spin_lock_irq(¤t->sighand->siglock);
2357 0 : signr = ptrace_do_notify(SIGTRAP, exit_code, CLD_TRAPPED, message);
2358 0 : spin_unlock_irq(¤t->sighand->siglock);
2359 0 : return signr;
2360 : }
2361 :
2362 : /**
2363 : * do_signal_stop - handle group stop for SIGSTOP and other stop signals
2364 : * @signr: signr causing group stop if initiating
2365 : *
2366 : * If %JOBCTL_STOP_PENDING is not set yet, initiate group stop with @signr
2367 : * and participate in it. If already set, participate in the existing
2368 : * group stop. If participated in a group stop (and thus slept), %true is
2369 : * returned with siglock released.
2370 : *
2371 : * If ptraced, this function doesn't handle stop itself. Instead,
2372 : * %JOBCTL_TRAP_STOP is scheduled and %false is returned with siglock
2373 : * untouched. The caller must ensure that INTERRUPT trap handling takes
2374 : * places afterwards.
2375 : *
2376 : * CONTEXT:
2377 : * Must be called with @current->sighand->siglock held, which is released
2378 : * on %true return.
2379 : *
2380 : * RETURNS:
2381 : * %false if group stop is already cancelled or ptrace trap is scheduled.
2382 : * %true if participated in group stop.
2383 : */
2384 0 : static bool do_signal_stop(int signr)
2385 : __releases(¤t->sighand->siglock)
2386 : {
2387 0 : struct signal_struct *sig = current->signal;
2388 :
2389 0 : if (!(current->jobctl & JOBCTL_STOP_PENDING)) {
2390 0 : unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME;
2391 : struct task_struct *t;
2392 :
2393 : /* signr will be recorded in task->jobctl for retries */
2394 0 : WARN_ON_ONCE(signr & ~JOBCTL_STOP_SIGMASK);
2395 :
2396 0 : if (!likely(current->jobctl & JOBCTL_STOP_DEQUEUED) ||
2397 0 : unlikely(sig->flags & SIGNAL_GROUP_EXIT) ||
2398 0 : unlikely(sig->group_exec_task))
2399 : return false;
2400 : /*
2401 : * There is no group stop already in progress. We must
2402 : * initiate one now.
2403 : *
2404 : * While ptraced, a task may be resumed while group stop is
2405 : * still in effect and then receive a stop signal and
2406 : * initiate another group stop. This deviates from the
2407 : * usual behavior as two consecutive stop signals can't
2408 : * cause two group stops when !ptraced. That is why we
2409 : * also check !task_is_stopped(t) below.
2410 : *
2411 : * The condition can be distinguished by testing whether
2412 : * SIGNAL_STOP_STOPPED is already set. Don't generate
2413 : * group_exit_code in such case.
2414 : *
2415 : * This is not necessary for SIGNAL_STOP_CONTINUED because
2416 : * an intervening stop signal is required to cause two
2417 : * continued events regardless of ptrace.
2418 : */
2419 0 : if (!(sig->flags & SIGNAL_STOP_STOPPED))
2420 0 : sig->group_exit_code = signr;
2421 :
2422 0 : sig->group_stop_count = 0;
2423 :
2424 0 : if (task_set_jobctl_pending(current, signr | gstop))
2425 0 : sig->group_stop_count++;
2426 :
2427 0 : t = current;
2428 0 : while_each_thread(current, t) {
2429 : /*
2430 : * Setting state to TASK_STOPPED for a group
2431 : * stop is always done with the siglock held,
2432 : * so this check has no races.
2433 : */
2434 0 : if (!task_is_stopped(t) &&
2435 0 : task_set_jobctl_pending(t, signr | gstop)) {
2436 0 : sig->group_stop_count++;
2437 0 : if (likely(!(t->ptrace & PT_SEIZED)))
2438 0 : signal_wake_up(t, 0);
2439 : else
2440 0 : ptrace_trap_notify(t);
2441 : }
2442 : }
2443 : }
2444 :
2445 0 : if (likely(!current->ptrace)) {
2446 0 : int notify = 0;
2447 :
2448 : /*
2449 : * If there are no other threads in the group, or if there
2450 : * is a group stop in progress and we are the last to stop,
2451 : * report to the parent.
2452 : */
2453 0 : if (task_participate_group_stop(current))
2454 0 : notify = CLD_STOPPED;
2455 :
2456 0 : current->jobctl |= JOBCTL_STOPPED;
2457 0 : set_special_state(TASK_STOPPED);
2458 0 : spin_unlock_irq(¤t->sighand->siglock);
2459 :
2460 : /*
2461 : * Notify the parent of the group stop completion. Because
2462 : * we're not holding either the siglock or tasklist_lock
2463 : * here, ptracer may attach inbetween; however, this is for
2464 : * group stop and should always be delivered to the real
2465 : * parent of the group leader. The new ptracer will get
2466 : * its notification when this task transitions into
2467 : * TASK_TRACED.
2468 : */
2469 0 : if (notify) {
2470 0 : read_lock(&tasklist_lock);
2471 0 : do_notify_parent_cldstop(current, false, notify);
2472 0 : read_unlock(&tasklist_lock);
2473 : }
2474 :
2475 : /* Now we don't run again until woken by SIGCONT or SIGKILL */
2476 : cgroup_enter_frozen();
2477 0 : schedule();
2478 0 : return true;
2479 : } else {
2480 : /*
2481 : * While ptraced, group stop is handled by STOP trap.
2482 : * Schedule it and let the caller deal with it.
2483 : */
2484 0 : task_set_jobctl_pending(current, JOBCTL_TRAP_STOP);
2485 0 : return false;
2486 : }
2487 : }
2488 :
2489 : /**
2490 : * do_jobctl_trap - take care of ptrace jobctl traps
2491 : *
2492 : * When PT_SEIZED, it's used for both group stop and explicit
2493 : * SEIZE/INTERRUPT traps. Both generate PTRACE_EVENT_STOP trap with
2494 : * accompanying siginfo. If stopped, lower eight bits of exit_code contain
2495 : * the stop signal; otherwise, %SIGTRAP.
2496 : *
2497 : * When !PT_SEIZED, it's used only for group stop trap with stop signal
2498 : * number as exit_code and no siginfo.
2499 : *
2500 : * CONTEXT:
2501 : * Must be called with @current->sighand->siglock held, which may be
2502 : * released and re-acquired before returning with intervening sleep.
2503 : */
2504 0 : static void do_jobctl_trap(void)
2505 : {
2506 0 : struct signal_struct *signal = current->signal;
2507 0 : int signr = current->jobctl & JOBCTL_STOP_SIGMASK;
2508 :
2509 0 : if (current->ptrace & PT_SEIZED) {
2510 0 : if (!signal->group_stop_count &&
2511 : !(signal->flags & SIGNAL_STOP_STOPPED))
2512 0 : signr = SIGTRAP;
2513 0 : WARN_ON_ONCE(!signr);
2514 0 : ptrace_do_notify(signr, signr | (PTRACE_EVENT_STOP << 8),
2515 : CLD_STOPPED, 0);
2516 : } else {
2517 0 : WARN_ON_ONCE(!signr);
2518 0 : ptrace_stop(signr, CLD_STOPPED, 0, NULL);
2519 : }
2520 0 : }
2521 :
2522 : /**
2523 : * do_freezer_trap - handle the freezer jobctl trap
2524 : *
2525 : * Puts the task into frozen state, if only the task is not about to quit.
2526 : * In this case it drops JOBCTL_TRAP_FREEZE.
2527 : *
2528 : * CONTEXT:
2529 : * Must be called with @current->sighand->siglock held,
2530 : * which is always released before returning.
2531 : */
2532 0 : static void do_freezer_trap(void)
2533 : __releases(¤t->sighand->siglock)
2534 : {
2535 : /*
2536 : * If there are other trap bits pending except JOBCTL_TRAP_FREEZE,
2537 : * let's make another loop to give it a chance to be handled.
2538 : * In any case, we'll return back.
2539 : */
2540 0 : if ((current->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) !=
2541 : JOBCTL_TRAP_FREEZE) {
2542 0 : spin_unlock_irq(¤t->sighand->siglock);
2543 : return;
2544 : }
2545 :
2546 : /*
2547 : * Now we're sure that there is no pending fatal signal and no
2548 : * pending traps. Clear TIF_SIGPENDING to not get out of schedule()
2549 : * immediately (if there is a non-fatal signal pending), and
2550 : * put the task into sleep.
2551 : */
2552 0 : __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE);
2553 0 : clear_thread_flag(TIF_SIGPENDING);
2554 0 : spin_unlock_irq(¤t->sighand->siglock);
2555 : cgroup_enter_frozen();
2556 0 : schedule();
2557 : }
2558 :
2559 0 : static int ptrace_signal(int signr, kernel_siginfo_t *info, enum pid_type type)
2560 : {
2561 : /*
2562 : * We do not check sig_kernel_stop(signr) but set this marker
2563 : * unconditionally because we do not know whether debugger will
2564 : * change signr. This flag has no meaning unless we are going
2565 : * to stop after return from ptrace_stop(). In this case it will
2566 : * be checked in do_signal_stop(), we should only stop if it was
2567 : * not cleared by SIGCONT while we were sleeping. See also the
2568 : * comment in dequeue_signal().
2569 : */
2570 0 : current->jobctl |= JOBCTL_STOP_DEQUEUED;
2571 0 : signr = ptrace_stop(signr, CLD_TRAPPED, 0, info);
2572 :
2573 : /* We're back. Did the debugger cancel the sig? */
2574 0 : if (signr == 0)
2575 : return signr;
2576 :
2577 : /*
2578 : * Update the siginfo structure if the signal has
2579 : * changed. If the debugger wanted something
2580 : * specific in the siginfo structure then it should
2581 : * have updated *info via PTRACE_SETSIGINFO.
2582 : */
2583 0 : if (signr != info->si_signo) {
2584 0 : clear_siginfo(info);
2585 0 : info->si_signo = signr;
2586 0 : info->si_errno = 0;
2587 0 : info->si_code = SI_USER;
2588 : rcu_read_lock();
2589 0 : info->si_pid = task_pid_vnr(current->parent);
2590 0 : info->si_uid = from_kuid_munged(current_user_ns(),
2591 0 : task_uid(current->parent));
2592 : rcu_read_unlock();
2593 : }
2594 :
2595 : /* If the (new) signal is now blocked, requeue it. */
2596 0 : if (sigismember(¤t->blocked, signr) ||
2597 0 : fatal_signal_pending(current)) {
2598 0 : send_signal_locked(signr, info, current, type);
2599 0 : signr = 0;
2600 : }
2601 :
2602 : return signr;
2603 : }
2604 :
2605 : static void hide_si_addr_tag_bits(struct ksignal *ksig)
2606 : {
2607 : switch (siginfo_layout(ksig->sig, ksig->info.si_code)) {
2608 : case SIL_FAULT:
2609 : case SIL_FAULT_TRAPNO:
2610 : case SIL_FAULT_MCEERR:
2611 : case SIL_FAULT_BNDERR:
2612 : case SIL_FAULT_PKUERR:
2613 : case SIL_FAULT_PERF_EVENT:
2614 : ksig->info.si_addr = arch_untagged_si_addr(
2615 : ksig->info.si_addr, ksig->sig, ksig->info.si_code);
2616 : break;
2617 : case SIL_KILL:
2618 : case SIL_TIMER:
2619 : case SIL_POLL:
2620 : case SIL_CHLD:
2621 : case SIL_RT:
2622 : case SIL_SYS:
2623 : break;
2624 : }
2625 : }
2626 :
2627 0 : bool get_signal(struct ksignal *ksig)
2628 : {
2629 0 : struct sighand_struct *sighand = current->sighand;
2630 0 : struct signal_struct *signal = current->signal;
2631 : int signr;
2632 :
2633 0 : clear_notify_signal();
2634 0 : if (unlikely(task_work_pending(current)))
2635 0 : task_work_run();
2636 :
2637 0 : if (!task_sigpending(current))
2638 : return false;
2639 :
2640 : if (unlikely(uprobe_deny_signal()))
2641 : return false;
2642 :
2643 : /*
2644 : * Do this once, we can't return to user-mode if freezing() == T.
2645 : * do_signal_stop() and ptrace_stop() do freezable_schedule() and
2646 : * thus do not need another check after return.
2647 : */
2648 0 : try_to_freeze();
2649 :
2650 : relock:
2651 0 : spin_lock_irq(&sighand->siglock);
2652 :
2653 : /*
2654 : * Every stopped thread goes here after wakeup. Check to see if
2655 : * we should notify the parent, prepare_signal(SIGCONT) encodes
2656 : * the CLD_ si_code into SIGNAL_CLD_MASK bits.
2657 : */
2658 0 : if (unlikely(signal->flags & SIGNAL_CLD_MASK)) {
2659 : int why;
2660 :
2661 0 : if (signal->flags & SIGNAL_CLD_CONTINUED)
2662 : why = CLD_CONTINUED;
2663 : else
2664 0 : why = CLD_STOPPED;
2665 :
2666 0 : signal->flags &= ~SIGNAL_CLD_MASK;
2667 :
2668 0 : spin_unlock_irq(&sighand->siglock);
2669 :
2670 : /*
2671 : * Notify the parent that we're continuing. This event is
2672 : * always per-process and doesn't make whole lot of sense
2673 : * for ptracers, who shouldn't consume the state via
2674 : * wait(2) either, but, for backward compatibility, notify
2675 : * the ptracer of the group leader too unless it's gonna be
2676 : * a duplicate.
2677 : */
2678 0 : read_lock(&tasklist_lock);
2679 0 : do_notify_parent_cldstop(current, false, why);
2680 :
2681 0 : if (ptrace_reparented(current->group_leader))
2682 0 : do_notify_parent_cldstop(current->group_leader,
2683 : true, why);
2684 0 : read_unlock(&tasklist_lock);
2685 :
2686 0 : goto relock;
2687 : }
2688 :
2689 0 : for (;;) {
2690 : struct k_sigaction *ka;
2691 : enum pid_type type;
2692 :
2693 : /* Has this task already been marked for death? */
2694 0 : if ((signal->flags & SIGNAL_GROUP_EXIT) ||
2695 0 : signal->group_exec_task) {
2696 0 : clear_siginfo(&ksig->info);
2697 0 : ksig->info.si_signo = signr = SIGKILL;
2698 0 : sigdelset(¤t->pending.signal, SIGKILL);
2699 0 : trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO,
2700 : &sighand->action[SIGKILL - 1]);
2701 0 : recalc_sigpending();
2702 0 : goto fatal;
2703 : }
2704 :
2705 0 : if (unlikely(current->jobctl & JOBCTL_STOP_PENDING) &&
2706 0 : do_signal_stop(0))
2707 : goto relock;
2708 :
2709 0 : if (unlikely(current->jobctl &
2710 : (JOBCTL_TRAP_MASK | JOBCTL_TRAP_FREEZE))) {
2711 0 : if (current->jobctl & JOBCTL_TRAP_MASK) {
2712 0 : do_jobctl_trap();
2713 0 : spin_unlock_irq(&sighand->siglock);
2714 0 : } else if (current->jobctl & JOBCTL_TRAP_FREEZE)
2715 0 : do_freezer_trap();
2716 :
2717 : goto relock;
2718 : }
2719 :
2720 : /*
2721 : * If the task is leaving the frozen state, let's update
2722 : * cgroup counters and reset the frozen bit.
2723 : */
2724 0 : if (unlikely(cgroup_task_frozen(current))) {
2725 : spin_unlock_irq(&sighand->siglock);
2726 : cgroup_leave_frozen(false);
2727 : goto relock;
2728 : }
2729 :
2730 : /*
2731 : * Signals generated by the execution of an instruction
2732 : * need to be delivered before any other pending signals
2733 : * so that the instruction pointer in the signal stack
2734 : * frame points to the faulting instruction.
2735 : */
2736 0 : type = PIDTYPE_PID;
2737 0 : signr = dequeue_synchronous_signal(&ksig->info);
2738 0 : if (!signr)
2739 0 : signr = dequeue_signal(current, ¤t->blocked,
2740 : &ksig->info, &type);
2741 :
2742 0 : if (!signr)
2743 : break; /* will return 0 */
2744 :
2745 0 : if (unlikely(current->ptrace) && (signr != SIGKILL) &&
2746 0 : !(sighand->action[signr -1].sa.sa_flags & SA_IMMUTABLE)) {
2747 0 : signr = ptrace_signal(signr, &ksig->info, type);
2748 0 : if (!signr)
2749 0 : continue;
2750 : }
2751 :
2752 0 : ka = &sighand->action[signr-1];
2753 :
2754 : /* Trace actually delivered signals. */
2755 0 : trace_signal_deliver(signr, &ksig->info, ka);
2756 :
2757 0 : if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */
2758 0 : continue;
2759 0 : if (ka->sa.sa_handler != SIG_DFL) {
2760 : /* Run the handler. */
2761 0 : ksig->ka = *ka;
2762 :
2763 0 : if (ka->sa.sa_flags & SA_ONESHOT)
2764 0 : ka->sa.sa_handler = SIG_DFL;
2765 :
2766 : break; /* will return non-zero "signr" value */
2767 : }
2768 :
2769 : /*
2770 : * Now we are doing the default action for this signal.
2771 : */
2772 0 : if (sig_kernel_ignore(signr)) /* Default is nothing. */
2773 0 : continue;
2774 :
2775 : /*
2776 : * Global init gets no signals it doesn't want.
2777 : * Container-init gets no signals it doesn't want from same
2778 : * container.
2779 : *
2780 : * Note that if global/container-init sees a sig_kernel_only()
2781 : * signal here, the signal must have been generated internally
2782 : * or must have come from an ancestor namespace. In either
2783 : * case, the signal cannot be dropped.
2784 : */
2785 0 : if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
2786 0 : !sig_kernel_only(signr))
2787 0 : continue;
2788 :
2789 0 : if (sig_kernel_stop(signr)) {
2790 : /*
2791 : * The default action is to stop all threads in
2792 : * the thread group. The job control signals
2793 : * do nothing in an orphaned pgrp, but SIGSTOP
2794 : * always works. Note that siglock needs to be
2795 : * dropped during the call to is_orphaned_pgrp()
2796 : * because of lock ordering with tasklist_lock.
2797 : * This allows an intervening SIGCONT to be posted.
2798 : * We need to check for that and bail out if necessary.
2799 : */
2800 0 : if (signr != SIGSTOP) {
2801 0 : spin_unlock_irq(&sighand->siglock);
2802 :
2803 : /* signals can be posted during this window */
2804 :
2805 0 : if (is_current_pgrp_orphaned())
2806 : goto relock;
2807 :
2808 0 : spin_lock_irq(&sighand->siglock);
2809 : }
2810 :
2811 0 : if (likely(do_signal_stop(ksig->info.si_signo))) {
2812 : /* It released the siglock. */
2813 : goto relock;
2814 : }
2815 :
2816 : /*
2817 : * We didn't actually stop, due to a race
2818 : * with SIGCONT or something like that.
2819 : */
2820 0 : continue;
2821 : }
2822 :
2823 : fatal:
2824 0 : spin_unlock_irq(&sighand->siglock);
2825 0 : if (unlikely(cgroup_task_frozen(current)))
2826 : cgroup_leave_frozen(true);
2827 :
2828 : /*
2829 : * Anything else is fatal, maybe with a core dump.
2830 : */
2831 0 : current->flags |= PF_SIGNALED;
2832 :
2833 0 : if (sig_kernel_coredump(signr)) {
2834 0 : if (print_fatal_signals)
2835 0 : print_fatal_signal(ksig->info.si_signo);
2836 0 : proc_coredump_connector(current);
2837 : /*
2838 : * If it was able to dump core, this kills all
2839 : * other threads in the group and synchronizes with
2840 : * their demise. If we lost the race with another
2841 : * thread getting here, it set group_exit_code
2842 : * first and our do_group_exit call below will use
2843 : * that value and ignore the one we pass it.
2844 : */
2845 0 : do_coredump(&ksig->info);
2846 : }
2847 :
2848 : /*
2849 : * PF_IO_WORKER threads will catch and exit on fatal signals
2850 : * themselves. They have cleanup that must be performed, so
2851 : * we cannot call do_exit() on their behalf.
2852 : */
2853 0 : if (current->flags & PF_IO_WORKER)
2854 : goto out;
2855 :
2856 : /*
2857 : * Death signals, no core dump.
2858 : */
2859 0 : do_group_exit(ksig->info.si_signo);
2860 : /* NOTREACHED */
2861 : }
2862 0 : spin_unlock_irq(&sighand->siglock);
2863 : out:
2864 0 : ksig->sig = signr;
2865 :
2866 : if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS))
2867 : hide_si_addr_tag_bits(ksig);
2868 :
2869 0 : return ksig->sig > 0;
2870 : }
2871 :
2872 : /**
2873 : * signal_delivered - called after signal delivery to update blocked signals
2874 : * @ksig: kernel signal struct
2875 : * @stepping: nonzero if debugger single-step or block-step in use
2876 : *
2877 : * This function should be called when a signal has successfully been
2878 : * delivered. It updates the blocked signals accordingly (@ksig->ka.sa.sa_mask
2879 : * is always blocked), and the signal itself is blocked unless %SA_NODEFER
2880 : * is set in @ksig->ka.sa.sa_flags. Tracing is notified.
2881 : */
2882 0 : static void signal_delivered(struct ksignal *ksig, int stepping)
2883 : {
2884 : sigset_t blocked;
2885 :
2886 : /* A signal was successfully delivered, and the
2887 : saved sigmask was stored on the signal frame,
2888 : and will be restored by sigreturn. So we can
2889 : simply clear the restore sigmask flag. */
2890 0 : clear_restore_sigmask();
2891 :
2892 0 : sigorsets(&blocked, ¤t->blocked, &ksig->ka.sa.sa_mask);
2893 0 : if (!(ksig->ka.sa.sa_flags & SA_NODEFER))
2894 0 : sigaddset(&blocked, ksig->sig);
2895 0 : set_current_blocked(&blocked);
2896 0 : if (current->sas_ss_flags & SS_AUTODISARM)
2897 0 : sas_ss_reset(current);
2898 0 : if (stepping)
2899 0 : ptrace_notify(SIGTRAP, 0);
2900 0 : }
2901 :
2902 0 : void signal_setup_done(int failed, struct ksignal *ksig, int stepping)
2903 : {
2904 0 : if (failed)
2905 0 : force_sigsegv(ksig->sig);
2906 : else
2907 0 : signal_delivered(ksig, stepping);
2908 0 : }
2909 :
2910 : /*
2911 : * It could be that complete_signal() picked us to notify about the
2912 : * group-wide signal. Other threads should be notified now to take
2913 : * the shared signals in @which since we will not.
2914 : */
2915 0 : static void retarget_shared_pending(struct task_struct *tsk, sigset_t *which)
2916 : {
2917 : sigset_t retarget;
2918 : struct task_struct *t;
2919 :
2920 0 : sigandsets(&retarget, &tsk->signal->shared_pending.signal, which);
2921 0 : if (sigisemptyset(&retarget))
2922 : return;
2923 :
2924 : t = tsk;
2925 0 : while_each_thread(tsk, t) {
2926 0 : if (t->flags & PF_EXITING)
2927 0 : continue;
2928 :
2929 0 : if (!has_pending_signals(&retarget, &t->blocked))
2930 0 : continue;
2931 : /* Remove the signals this thread can handle. */
2932 0 : sigandsets(&retarget, &retarget, &t->blocked);
2933 :
2934 0 : if (!task_sigpending(t))
2935 0 : signal_wake_up(t, 0);
2936 :
2937 0 : if (sigisemptyset(&retarget))
2938 : break;
2939 : }
2940 : }
2941 :
2942 333 : void exit_signals(struct task_struct *tsk)
2943 : {
2944 333 : int group_stop = 0;
2945 : sigset_t unblocked;
2946 :
2947 : /*
2948 : * @tsk is about to have PF_EXITING set - lock out users which
2949 : * expect stable threadgroup.
2950 : */
2951 333 : cgroup_threadgroup_change_begin(tsk);
2952 :
2953 333 : if (thread_group_empty(tsk) || (tsk->signal->flags & SIGNAL_GROUP_EXIT)) {
2954 333 : sched_mm_cid_exit_signals(tsk);
2955 333 : tsk->flags |= PF_EXITING;
2956 333 : cgroup_threadgroup_change_end(tsk);
2957 333 : return;
2958 : }
2959 :
2960 0 : spin_lock_irq(&tsk->sighand->siglock);
2961 : /*
2962 : * From now this task is not visible for group-wide signals,
2963 : * see wants_signal(), do_signal_stop().
2964 : */
2965 0 : sched_mm_cid_exit_signals(tsk);
2966 0 : tsk->flags |= PF_EXITING;
2967 :
2968 0 : cgroup_threadgroup_change_end(tsk);
2969 :
2970 0 : if (!task_sigpending(tsk))
2971 : goto out;
2972 :
2973 0 : unblocked = tsk->blocked;
2974 0 : signotset(&unblocked);
2975 0 : retarget_shared_pending(tsk, &unblocked);
2976 :
2977 0 : if (unlikely(tsk->jobctl & JOBCTL_STOP_PENDING) &&
2978 0 : task_participate_group_stop(tsk))
2979 0 : group_stop = CLD_STOPPED;
2980 : out:
2981 0 : spin_unlock_irq(&tsk->sighand->siglock);
2982 :
2983 : /*
2984 : * If group stop has completed, deliver the notification. This
2985 : * should always go to the real parent of the group leader.
2986 : */
2987 0 : if (unlikely(group_stop)) {
2988 0 : read_lock(&tasklist_lock);
2989 0 : do_notify_parent_cldstop(tsk, false, group_stop);
2990 0 : read_unlock(&tasklist_lock);
2991 : }
2992 : }
2993 :
2994 : /*
2995 : * System call entry points.
2996 : */
2997 :
2998 : /**
2999 : * sys_restart_syscall - restart a system call
3000 : */
3001 0 : SYSCALL_DEFINE0(restart_syscall)
3002 : {
3003 0 : struct restart_block *restart = ¤t->restart_block;
3004 0 : return restart->fn(restart);
3005 : }
3006 :
3007 0 : long do_no_restart_syscall(struct restart_block *param)
3008 : {
3009 0 : return -EINTR;
3010 : }
3011 :
3012 0 : static void __set_task_blocked(struct task_struct *tsk, const sigset_t *newset)
3013 : {
3014 0 : if (task_sigpending(tsk) && !thread_group_empty(tsk)) {
3015 : sigset_t newblocked;
3016 : /* A set of now blocked but previously unblocked signals. */
3017 0 : sigandnsets(&newblocked, newset, ¤t->blocked);
3018 0 : retarget_shared_pending(tsk, &newblocked);
3019 : }
3020 0 : tsk->blocked = *newset;
3021 0 : recalc_sigpending();
3022 0 : }
3023 :
3024 : /**
3025 : * set_current_blocked - change current->blocked mask
3026 : * @newset: new mask
3027 : *
3028 : * It is wrong to change ->blocked directly, this helper should be used
3029 : * to ensure the process can't miss a shared signal we are going to block.
3030 : */
3031 0 : void set_current_blocked(sigset_t *newset)
3032 : {
3033 0 : sigdelsetmask(newset, sigmask(SIGKILL) | sigmask(SIGSTOP));
3034 0 : __set_current_blocked(newset);
3035 0 : }
3036 :
3037 0 : void __set_current_blocked(const sigset_t *newset)
3038 : {
3039 0 : struct task_struct *tsk = current;
3040 :
3041 : /*
3042 : * In case the signal mask hasn't changed, there is nothing we need
3043 : * to do. The current->blocked shouldn't be modified by other task.
3044 : */
3045 0 : if (sigequalsets(&tsk->blocked, newset))
3046 : return;
3047 :
3048 0 : spin_lock_irq(&tsk->sighand->siglock);
3049 0 : __set_task_blocked(tsk, newset);
3050 0 : spin_unlock_irq(&tsk->sighand->siglock);
3051 : }
3052 :
3053 : /*
3054 : * This is also useful for kernel threads that want to temporarily
3055 : * (or permanently) block certain signals.
3056 : *
3057 : * NOTE! Unlike the user-mode sys_sigprocmask(), the kernel
3058 : * interface happily blocks "unblockable" signals like SIGKILL
3059 : * and friends.
3060 : */
3061 0 : int sigprocmask(int how, sigset_t *set, sigset_t *oldset)
3062 : {
3063 0 : struct task_struct *tsk = current;
3064 : sigset_t newset;
3065 :
3066 : /* Lockless, only current can change ->blocked, never from irq */
3067 0 : if (oldset)
3068 0 : *oldset = tsk->blocked;
3069 :
3070 0 : switch (how) {
3071 : case SIG_BLOCK:
3072 0 : sigorsets(&newset, &tsk->blocked, set);
3073 : break;
3074 : case SIG_UNBLOCK:
3075 0 : sigandnsets(&newset, &tsk->blocked, set);
3076 : break;
3077 : case SIG_SETMASK:
3078 0 : newset = *set;
3079 0 : break;
3080 : default:
3081 : return -EINVAL;
3082 : }
3083 :
3084 0 : __set_current_blocked(&newset);
3085 0 : return 0;
3086 : }
3087 : EXPORT_SYMBOL(sigprocmask);
3088 :
3089 : /*
3090 : * The api helps set app-provided sigmasks.
3091 : *
3092 : * This is useful for syscalls such as ppoll, pselect, io_pgetevents and
3093 : * epoll_pwait where a new sigmask is passed from userland for the syscalls.
3094 : *
3095 : * Note that it does set_restore_sigmask() in advance, so it must be always
3096 : * paired with restore_saved_sigmask_unless() before return from syscall.
3097 : */
3098 0 : int set_user_sigmask(const sigset_t __user *umask, size_t sigsetsize)
3099 : {
3100 : sigset_t kmask;
3101 :
3102 0 : if (!umask)
3103 : return 0;
3104 0 : if (sigsetsize != sizeof(sigset_t))
3105 : return -EINVAL;
3106 0 : if (copy_from_user(&kmask, umask, sizeof(sigset_t)))
3107 : return -EFAULT;
3108 :
3109 0 : set_restore_sigmask();
3110 0 : current->saved_sigmask = current->blocked;
3111 0 : set_current_blocked(&kmask);
3112 :
3113 0 : return 0;
3114 : }
3115 :
3116 : #ifdef CONFIG_COMPAT
3117 : int set_compat_user_sigmask(const compat_sigset_t __user *umask,
3118 : size_t sigsetsize)
3119 : {
3120 : sigset_t kmask;
3121 :
3122 : if (!umask)
3123 : return 0;
3124 : if (sigsetsize != sizeof(compat_sigset_t))
3125 : return -EINVAL;
3126 : if (get_compat_sigset(&kmask, umask))
3127 : return -EFAULT;
3128 :
3129 : set_restore_sigmask();
3130 : current->saved_sigmask = current->blocked;
3131 : set_current_blocked(&kmask);
3132 :
3133 : return 0;
3134 : }
3135 : #endif
3136 :
3137 : /**
3138 : * sys_rt_sigprocmask - change the list of currently blocked signals
3139 : * @how: whether to add, remove, or set signals
3140 : * @nset: stores pending signals
3141 : * @oset: previous value of signal mask if non-null
3142 : * @sigsetsize: size of sigset_t type
3143 : */
3144 0 : SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, nset,
3145 : sigset_t __user *, oset, size_t, sigsetsize)
3146 : {
3147 : sigset_t old_set, new_set;
3148 : int error;
3149 :
3150 : /* XXX: Don't preclude handling different sized sigset_t's. */
3151 0 : if (sigsetsize != sizeof(sigset_t))
3152 : return -EINVAL;
3153 :
3154 0 : old_set = current->blocked;
3155 :
3156 0 : if (nset) {
3157 0 : if (copy_from_user(&new_set, nset, sizeof(sigset_t)))
3158 : return -EFAULT;
3159 0 : sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
3160 :
3161 0 : error = sigprocmask(how, &new_set, NULL);
3162 0 : if (error)
3163 0 : return error;
3164 : }
3165 :
3166 0 : if (oset) {
3167 0 : if (copy_to_user(oset, &old_set, sizeof(sigset_t)))
3168 : return -EFAULT;
3169 : }
3170 :
3171 : return 0;
3172 : }
3173 :
3174 : #ifdef CONFIG_COMPAT
3175 : COMPAT_SYSCALL_DEFINE4(rt_sigprocmask, int, how, compat_sigset_t __user *, nset,
3176 : compat_sigset_t __user *, oset, compat_size_t, sigsetsize)
3177 : {
3178 : sigset_t old_set = current->blocked;
3179 :
3180 : /* XXX: Don't preclude handling different sized sigset_t's. */
3181 : if (sigsetsize != sizeof(sigset_t))
3182 : return -EINVAL;
3183 :
3184 : if (nset) {
3185 : sigset_t new_set;
3186 : int error;
3187 : if (get_compat_sigset(&new_set, nset))
3188 : return -EFAULT;
3189 : sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
3190 :
3191 : error = sigprocmask(how, &new_set, NULL);
3192 : if (error)
3193 : return error;
3194 : }
3195 : return oset ? put_compat_sigset(oset, &old_set, sizeof(*oset)) : 0;
3196 : }
3197 : #endif
3198 :
3199 0 : static void do_sigpending(sigset_t *set)
3200 : {
3201 0 : spin_lock_irq(¤t->sighand->siglock);
3202 0 : sigorsets(set, ¤t->pending.signal,
3203 0 : ¤t->signal->shared_pending.signal);
3204 0 : spin_unlock_irq(¤t->sighand->siglock);
3205 :
3206 : /* Outside the lock because only this thread touches it. */
3207 0 : sigandsets(set, ¤t->blocked, set);
3208 0 : }
3209 :
3210 : /**
3211 : * sys_rt_sigpending - examine a pending signal that has been raised
3212 : * while blocked
3213 : * @uset: stores pending signals
3214 : * @sigsetsize: size of sigset_t type or larger
3215 : */
3216 0 : SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, uset, size_t, sigsetsize)
3217 : {
3218 : sigset_t set;
3219 :
3220 0 : if (sigsetsize > sizeof(*uset))
3221 : return -EINVAL;
3222 :
3223 0 : do_sigpending(&set);
3224 :
3225 0 : if (copy_to_user(uset, &set, sigsetsize))
3226 : return -EFAULT;
3227 :
3228 0 : return 0;
3229 : }
3230 :
3231 : #ifdef CONFIG_COMPAT
3232 : COMPAT_SYSCALL_DEFINE2(rt_sigpending, compat_sigset_t __user *, uset,
3233 : compat_size_t, sigsetsize)
3234 : {
3235 : sigset_t set;
3236 :
3237 : if (sigsetsize > sizeof(*uset))
3238 : return -EINVAL;
3239 :
3240 : do_sigpending(&set);
3241 :
3242 : return put_compat_sigset(uset, &set, sigsetsize);
3243 : }
3244 : #endif
3245 :
3246 : static const struct {
3247 : unsigned char limit, layout;
3248 : } sig_sicodes[] = {
3249 : [SIGILL] = { NSIGILL, SIL_FAULT },
3250 : [SIGFPE] = { NSIGFPE, SIL_FAULT },
3251 : [SIGSEGV] = { NSIGSEGV, SIL_FAULT },
3252 : [SIGBUS] = { NSIGBUS, SIL_FAULT },
3253 : [SIGTRAP] = { NSIGTRAP, SIL_FAULT },
3254 : #if defined(SIGEMT)
3255 : [SIGEMT] = { NSIGEMT, SIL_FAULT },
3256 : #endif
3257 : [SIGCHLD] = { NSIGCHLD, SIL_CHLD },
3258 : [SIGPOLL] = { NSIGPOLL, SIL_POLL },
3259 : [SIGSYS] = { NSIGSYS, SIL_SYS },
3260 : };
3261 :
3262 0 : static bool known_siginfo_layout(unsigned sig, int si_code)
3263 : {
3264 0 : if (si_code == SI_KERNEL)
3265 : return true;
3266 0 : else if ((si_code > SI_USER)) {
3267 0 : if (sig_specific_sicodes(sig)) {
3268 0 : if (si_code <= sig_sicodes[sig].limit)
3269 : return true;
3270 : }
3271 0 : else if (si_code <= NSIGPOLL)
3272 : return true;
3273 : }
3274 0 : else if (si_code >= SI_DETHREAD)
3275 : return true;
3276 0 : else if (si_code == SI_ASYNCNL)
3277 : return true;
3278 0 : return false;
3279 : }
3280 :
3281 0 : enum siginfo_layout siginfo_layout(unsigned sig, int si_code)
3282 : {
3283 0 : enum siginfo_layout layout = SIL_KILL;
3284 0 : if ((si_code > SI_USER) && (si_code < SI_KERNEL)) {
3285 0 : if ((sig < ARRAY_SIZE(sig_sicodes)) &&
3286 0 : (si_code <= sig_sicodes[sig].limit)) {
3287 0 : layout = sig_sicodes[sig].layout;
3288 : /* Handle the exceptions */
3289 0 : if ((sig == SIGBUS) &&
3290 0 : (si_code >= BUS_MCEERR_AR) && (si_code <= BUS_MCEERR_AO))
3291 : layout = SIL_FAULT_MCEERR;
3292 0 : else if ((sig == SIGSEGV) && (si_code == SEGV_BNDERR))
3293 : layout = SIL_FAULT_BNDERR;
3294 : #ifdef SEGV_PKUERR
3295 0 : else if ((sig == SIGSEGV) && (si_code == SEGV_PKUERR))
3296 : layout = SIL_FAULT_PKUERR;
3297 : #endif
3298 0 : else if ((sig == SIGTRAP) && (si_code == TRAP_PERF))
3299 0 : layout = SIL_FAULT_PERF_EVENT;
3300 : else if (IS_ENABLED(CONFIG_SPARC) &&
3301 : (sig == SIGILL) && (si_code == ILL_ILLTRP))
3302 : layout = SIL_FAULT_TRAPNO;
3303 : else if (IS_ENABLED(CONFIG_ALPHA) &&
3304 : ((sig == SIGFPE) ||
3305 : ((sig == SIGTRAP) && (si_code == TRAP_UNK))))
3306 : layout = SIL_FAULT_TRAPNO;
3307 : }
3308 0 : else if (si_code <= NSIGPOLL)
3309 0 : layout = SIL_POLL;
3310 : } else {
3311 0 : if (si_code == SI_TIMER)
3312 : layout = SIL_TIMER;
3313 0 : else if (si_code == SI_SIGIO)
3314 : layout = SIL_POLL;
3315 0 : else if (si_code < 0)
3316 0 : layout = SIL_RT;
3317 : }
3318 0 : return layout;
3319 : }
3320 :
3321 : static inline char __user *si_expansion(const siginfo_t __user *info)
3322 : {
3323 0 : return ((char __user *)info) + sizeof(struct kernel_siginfo);
3324 : }
3325 :
3326 0 : int copy_siginfo_to_user(siginfo_t __user *to, const kernel_siginfo_t *from)
3327 : {
3328 0 : char __user *expansion = si_expansion(to);
3329 0 : if (copy_to_user(to, from , sizeof(struct kernel_siginfo)))
3330 : return -EFAULT;
3331 0 : if (clear_user(expansion, SI_EXPANSION_SIZE))
3332 : return -EFAULT;
3333 0 : return 0;
3334 : }
3335 :
3336 0 : static int post_copy_siginfo_from_user(kernel_siginfo_t *info,
3337 : const siginfo_t __user *from)
3338 : {
3339 0 : if (unlikely(!known_siginfo_layout(info->si_signo, info->si_code))) {
3340 0 : char __user *expansion = si_expansion(from);
3341 : char buf[SI_EXPANSION_SIZE];
3342 : int i;
3343 : /*
3344 : * An unknown si_code might need more than
3345 : * sizeof(struct kernel_siginfo) bytes. Verify all of the
3346 : * extra bytes are 0. This guarantees copy_siginfo_to_user
3347 : * will return this data to userspace exactly.
3348 : */
3349 0 : if (copy_from_user(&buf, expansion, SI_EXPANSION_SIZE))
3350 0 : return -EFAULT;
3351 0 : for (i = 0; i < SI_EXPANSION_SIZE; i++) {
3352 0 : if (buf[i] != 0)
3353 : return -E2BIG;
3354 : }
3355 : }
3356 : return 0;
3357 : }
3358 :
3359 0 : static int __copy_siginfo_from_user(int signo, kernel_siginfo_t *to,
3360 : const siginfo_t __user *from)
3361 : {
3362 0 : if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
3363 : return -EFAULT;
3364 0 : to->si_signo = signo;
3365 0 : return post_copy_siginfo_from_user(to, from);
3366 : }
3367 :
3368 0 : int copy_siginfo_from_user(kernel_siginfo_t *to, const siginfo_t __user *from)
3369 : {
3370 0 : if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
3371 : return -EFAULT;
3372 0 : return post_copy_siginfo_from_user(to, from);
3373 : }
3374 :
3375 : #ifdef CONFIG_COMPAT
3376 : /**
3377 : * copy_siginfo_to_external32 - copy a kernel siginfo into a compat user siginfo
3378 : * @to: compat siginfo destination
3379 : * @from: kernel siginfo source
3380 : *
3381 : * Note: This function does not work properly for the SIGCHLD on x32, but
3382 : * fortunately it doesn't have to. The only valid callers for this function are
3383 : * copy_siginfo_to_user32, which is overriden for x32 and the coredump code.
3384 : * The latter does not care because SIGCHLD will never cause a coredump.
3385 : */
3386 : void copy_siginfo_to_external32(struct compat_siginfo *to,
3387 : const struct kernel_siginfo *from)
3388 : {
3389 : memset(to, 0, sizeof(*to));
3390 :
3391 : to->si_signo = from->si_signo;
3392 : to->si_errno = from->si_errno;
3393 : to->si_code = from->si_code;
3394 : switch(siginfo_layout(from->si_signo, from->si_code)) {
3395 : case SIL_KILL:
3396 : to->si_pid = from->si_pid;
3397 : to->si_uid = from->si_uid;
3398 : break;
3399 : case SIL_TIMER:
3400 : to->si_tid = from->si_tid;
3401 : to->si_overrun = from->si_overrun;
3402 : to->si_int = from->si_int;
3403 : break;
3404 : case SIL_POLL:
3405 : to->si_band = from->si_band;
3406 : to->si_fd = from->si_fd;
3407 : break;
3408 : case SIL_FAULT:
3409 : to->si_addr = ptr_to_compat(from->si_addr);
3410 : break;
3411 : case SIL_FAULT_TRAPNO:
3412 : to->si_addr = ptr_to_compat(from->si_addr);
3413 : to->si_trapno = from->si_trapno;
3414 : break;
3415 : case SIL_FAULT_MCEERR:
3416 : to->si_addr = ptr_to_compat(from->si_addr);
3417 : to->si_addr_lsb = from->si_addr_lsb;
3418 : break;
3419 : case SIL_FAULT_BNDERR:
3420 : to->si_addr = ptr_to_compat(from->si_addr);
3421 : to->si_lower = ptr_to_compat(from->si_lower);
3422 : to->si_upper = ptr_to_compat(from->si_upper);
3423 : break;
3424 : case SIL_FAULT_PKUERR:
3425 : to->si_addr = ptr_to_compat(from->si_addr);
3426 : to->si_pkey = from->si_pkey;
3427 : break;
3428 : case SIL_FAULT_PERF_EVENT:
3429 : to->si_addr = ptr_to_compat(from->si_addr);
3430 : to->si_perf_data = from->si_perf_data;
3431 : to->si_perf_type = from->si_perf_type;
3432 : to->si_perf_flags = from->si_perf_flags;
3433 : break;
3434 : case SIL_CHLD:
3435 : to->si_pid = from->si_pid;
3436 : to->si_uid = from->si_uid;
3437 : to->si_status = from->si_status;
3438 : to->si_utime = from->si_utime;
3439 : to->si_stime = from->si_stime;
3440 : break;
3441 : case SIL_RT:
3442 : to->si_pid = from->si_pid;
3443 : to->si_uid = from->si_uid;
3444 : to->si_int = from->si_int;
3445 : break;
3446 : case SIL_SYS:
3447 : to->si_call_addr = ptr_to_compat(from->si_call_addr);
3448 : to->si_syscall = from->si_syscall;
3449 : to->si_arch = from->si_arch;
3450 : break;
3451 : }
3452 : }
3453 :
3454 : int __copy_siginfo_to_user32(struct compat_siginfo __user *to,
3455 : const struct kernel_siginfo *from)
3456 : {
3457 : struct compat_siginfo new;
3458 :
3459 : copy_siginfo_to_external32(&new, from);
3460 : if (copy_to_user(to, &new, sizeof(struct compat_siginfo)))
3461 : return -EFAULT;
3462 : return 0;
3463 : }
3464 :
3465 : static int post_copy_siginfo_from_user32(kernel_siginfo_t *to,
3466 : const struct compat_siginfo *from)
3467 : {
3468 : clear_siginfo(to);
3469 : to->si_signo = from->si_signo;
3470 : to->si_errno = from->si_errno;
3471 : to->si_code = from->si_code;
3472 : switch(siginfo_layout(from->si_signo, from->si_code)) {
3473 : case SIL_KILL:
3474 : to->si_pid = from->si_pid;
3475 : to->si_uid = from->si_uid;
3476 : break;
3477 : case SIL_TIMER:
3478 : to->si_tid = from->si_tid;
3479 : to->si_overrun = from->si_overrun;
3480 : to->si_int = from->si_int;
3481 : break;
3482 : case SIL_POLL:
3483 : to->si_band = from->si_band;
3484 : to->si_fd = from->si_fd;
3485 : break;
3486 : case SIL_FAULT:
3487 : to->si_addr = compat_ptr(from->si_addr);
3488 : break;
3489 : case SIL_FAULT_TRAPNO:
3490 : to->si_addr = compat_ptr(from->si_addr);
3491 : to->si_trapno = from->si_trapno;
3492 : break;
3493 : case SIL_FAULT_MCEERR:
3494 : to->si_addr = compat_ptr(from->si_addr);
3495 : to->si_addr_lsb = from->si_addr_lsb;
3496 : break;
3497 : case SIL_FAULT_BNDERR:
3498 : to->si_addr = compat_ptr(from->si_addr);
3499 : to->si_lower = compat_ptr(from->si_lower);
3500 : to->si_upper = compat_ptr(from->si_upper);
3501 : break;
3502 : case SIL_FAULT_PKUERR:
3503 : to->si_addr = compat_ptr(from->si_addr);
3504 : to->si_pkey = from->si_pkey;
3505 : break;
3506 : case SIL_FAULT_PERF_EVENT:
3507 : to->si_addr = compat_ptr(from->si_addr);
3508 : to->si_perf_data = from->si_perf_data;
3509 : to->si_perf_type = from->si_perf_type;
3510 : to->si_perf_flags = from->si_perf_flags;
3511 : break;
3512 : case SIL_CHLD:
3513 : to->si_pid = from->si_pid;
3514 : to->si_uid = from->si_uid;
3515 : to->si_status = from->si_status;
3516 : #ifdef CONFIG_X86_X32_ABI
3517 : if (in_x32_syscall()) {
3518 : to->si_utime = from->_sifields._sigchld_x32._utime;
3519 : to->si_stime = from->_sifields._sigchld_x32._stime;
3520 : } else
3521 : #endif
3522 : {
3523 : to->si_utime = from->si_utime;
3524 : to->si_stime = from->si_stime;
3525 : }
3526 : break;
3527 : case SIL_RT:
3528 : to->si_pid = from->si_pid;
3529 : to->si_uid = from->si_uid;
3530 : to->si_int = from->si_int;
3531 : break;
3532 : case SIL_SYS:
3533 : to->si_call_addr = compat_ptr(from->si_call_addr);
3534 : to->si_syscall = from->si_syscall;
3535 : to->si_arch = from->si_arch;
3536 : break;
3537 : }
3538 : return 0;
3539 : }
3540 :
3541 : static int __copy_siginfo_from_user32(int signo, struct kernel_siginfo *to,
3542 : const struct compat_siginfo __user *ufrom)
3543 : {
3544 : struct compat_siginfo from;
3545 :
3546 : if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
3547 : return -EFAULT;
3548 :
3549 : from.si_signo = signo;
3550 : return post_copy_siginfo_from_user32(to, &from);
3551 : }
3552 :
3553 : int copy_siginfo_from_user32(struct kernel_siginfo *to,
3554 : const struct compat_siginfo __user *ufrom)
3555 : {
3556 : struct compat_siginfo from;
3557 :
3558 : if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
3559 : return -EFAULT;
3560 :
3561 : return post_copy_siginfo_from_user32(to, &from);
3562 : }
3563 : #endif /* CONFIG_COMPAT */
3564 :
3565 : /**
3566 : * do_sigtimedwait - wait for queued signals specified in @which
3567 : * @which: queued signals to wait for
3568 : * @info: if non-null, the signal's siginfo is returned here
3569 : * @ts: upper bound on process time suspension
3570 : */
3571 0 : static int do_sigtimedwait(const sigset_t *which, kernel_siginfo_t *info,
3572 : const struct timespec64 *ts)
3573 : {
3574 0 : ktime_t *to = NULL, timeout = KTIME_MAX;
3575 0 : struct task_struct *tsk = current;
3576 0 : sigset_t mask = *which;
3577 : enum pid_type type;
3578 0 : int sig, ret = 0;
3579 :
3580 0 : if (ts) {
3581 0 : if (!timespec64_valid(ts))
3582 : return -EINVAL;
3583 0 : timeout = timespec64_to_ktime(*ts);
3584 0 : to = &timeout;
3585 : }
3586 :
3587 : /*
3588 : * Invert the set of allowed signals to get those we want to block.
3589 : */
3590 0 : sigdelsetmask(&mask, sigmask(SIGKILL) | sigmask(SIGSTOP));
3591 0 : signotset(&mask);
3592 :
3593 0 : spin_lock_irq(&tsk->sighand->siglock);
3594 0 : sig = dequeue_signal(tsk, &mask, info, &type);
3595 0 : if (!sig && timeout) {
3596 : /*
3597 : * None ready, temporarily unblock those we're interested
3598 : * while we are sleeping in so that we'll be awakened when
3599 : * they arrive. Unblocking is always fine, we can avoid
3600 : * set_current_blocked().
3601 : */
3602 0 : tsk->real_blocked = tsk->blocked;
3603 0 : sigandsets(&tsk->blocked, &tsk->blocked, &mask);
3604 0 : recalc_sigpending();
3605 0 : spin_unlock_irq(&tsk->sighand->siglock);
3606 :
3607 0 : __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE);
3608 0 : ret = schedule_hrtimeout_range(to, tsk->timer_slack_ns,
3609 : HRTIMER_MODE_REL);
3610 0 : spin_lock_irq(&tsk->sighand->siglock);
3611 0 : __set_task_blocked(tsk, &tsk->real_blocked);
3612 0 : sigemptyset(&tsk->real_blocked);
3613 0 : sig = dequeue_signal(tsk, &mask, info, &type);
3614 : }
3615 0 : spin_unlock_irq(&tsk->sighand->siglock);
3616 :
3617 0 : if (sig)
3618 : return sig;
3619 0 : return ret ? -EINTR : -EAGAIN;
3620 : }
3621 :
3622 : /**
3623 : * sys_rt_sigtimedwait - synchronously wait for queued signals specified
3624 : * in @uthese
3625 : * @uthese: queued signals to wait for
3626 : * @uinfo: if non-null, the signal's siginfo is returned here
3627 : * @uts: upper bound on process time suspension
3628 : * @sigsetsize: size of sigset_t type
3629 : */
3630 0 : SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese,
3631 : siginfo_t __user *, uinfo,
3632 : const struct __kernel_timespec __user *, uts,
3633 : size_t, sigsetsize)
3634 : {
3635 : sigset_t these;
3636 : struct timespec64 ts;
3637 : kernel_siginfo_t info;
3638 : int ret;
3639 :
3640 : /* XXX: Don't preclude handling different sized sigset_t's. */
3641 0 : if (sigsetsize != sizeof(sigset_t))
3642 : return -EINVAL;
3643 :
3644 0 : if (copy_from_user(&these, uthese, sizeof(these)))
3645 : return -EFAULT;
3646 :
3647 0 : if (uts) {
3648 0 : if (get_timespec64(&ts, uts))
3649 : return -EFAULT;
3650 : }
3651 :
3652 0 : ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
3653 :
3654 0 : if (ret > 0 && uinfo) {
3655 0 : if (copy_siginfo_to_user(uinfo, &info))
3656 0 : ret = -EFAULT;
3657 : }
3658 :
3659 0 : return ret;
3660 : }
3661 :
3662 : #ifdef CONFIG_COMPAT_32BIT_TIME
3663 : SYSCALL_DEFINE4(rt_sigtimedwait_time32, const sigset_t __user *, uthese,
3664 : siginfo_t __user *, uinfo,
3665 : const struct old_timespec32 __user *, uts,
3666 : size_t, sigsetsize)
3667 : {
3668 : sigset_t these;
3669 : struct timespec64 ts;
3670 : kernel_siginfo_t info;
3671 : int ret;
3672 :
3673 : if (sigsetsize != sizeof(sigset_t))
3674 : return -EINVAL;
3675 :
3676 : if (copy_from_user(&these, uthese, sizeof(these)))
3677 : return -EFAULT;
3678 :
3679 : if (uts) {
3680 : if (get_old_timespec32(&ts, uts))
3681 : return -EFAULT;
3682 : }
3683 :
3684 : ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
3685 :
3686 : if (ret > 0 && uinfo) {
3687 : if (copy_siginfo_to_user(uinfo, &info))
3688 : ret = -EFAULT;
3689 : }
3690 :
3691 : return ret;
3692 : }
3693 : #endif
3694 :
3695 : #ifdef CONFIG_COMPAT
3696 : COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time64, compat_sigset_t __user *, uthese,
3697 : struct compat_siginfo __user *, uinfo,
3698 : struct __kernel_timespec __user *, uts, compat_size_t, sigsetsize)
3699 : {
3700 : sigset_t s;
3701 : struct timespec64 t;
3702 : kernel_siginfo_t info;
3703 : long ret;
3704 :
3705 : if (sigsetsize != sizeof(sigset_t))
3706 : return -EINVAL;
3707 :
3708 : if (get_compat_sigset(&s, uthese))
3709 : return -EFAULT;
3710 :
3711 : if (uts) {
3712 : if (get_timespec64(&t, uts))
3713 : return -EFAULT;
3714 : }
3715 :
3716 : ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
3717 :
3718 : if (ret > 0 && uinfo) {
3719 : if (copy_siginfo_to_user32(uinfo, &info))
3720 : ret = -EFAULT;
3721 : }
3722 :
3723 : return ret;
3724 : }
3725 :
3726 : #ifdef CONFIG_COMPAT_32BIT_TIME
3727 : COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time32, compat_sigset_t __user *, uthese,
3728 : struct compat_siginfo __user *, uinfo,
3729 : struct old_timespec32 __user *, uts, compat_size_t, sigsetsize)
3730 : {
3731 : sigset_t s;
3732 : struct timespec64 t;
3733 : kernel_siginfo_t info;
3734 : long ret;
3735 :
3736 : if (sigsetsize != sizeof(sigset_t))
3737 : return -EINVAL;
3738 :
3739 : if (get_compat_sigset(&s, uthese))
3740 : return -EFAULT;
3741 :
3742 : if (uts) {
3743 : if (get_old_timespec32(&t, uts))
3744 : return -EFAULT;
3745 : }
3746 :
3747 : ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
3748 :
3749 : if (ret > 0 && uinfo) {
3750 : if (copy_siginfo_to_user32(uinfo, &info))
3751 : ret = -EFAULT;
3752 : }
3753 :
3754 : return ret;
3755 : }
3756 : #endif
3757 : #endif
3758 :
3759 0 : static inline void prepare_kill_siginfo(int sig, struct kernel_siginfo *info)
3760 : {
3761 0 : clear_siginfo(info);
3762 0 : info->si_signo = sig;
3763 0 : info->si_errno = 0;
3764 0 : info->si_code = SI_USER;
3765 0 : info->si_pid = task_tgid_vnr(current);
3766 0 : info->si_uid = from_kuid_munged(current_user_ns(), current_uid());
3767 0 : }
3768 :
3769 : /**
3770 : * sys_kill - send a signal to a process
3771 : * @pid: the PID of the process
3772 : * @sig: signal to be sent
3773 : */
3774 0 : SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
3775 : {
3776 : struct kernel_siginfo info;
3777 :
3778 0 : prepare_kill_siginfo(sig, &info);
3779 :
3780 0 : return kill_something_info(sig, &info, pid);
3781 : }
3782 :
3783 : /*
3784 : * Verify that the signaler and signalee either are in the same pid namespace
3785 : * or that the signaler's pid namespace is an ancestor of the signalee's pid
3786 : * namespace.
3787 : */
3788 0 : static bool access_pidfd_pidns(struct pid *pid)
3789 : {
3790 0 : struct pid_namespace *active = task_active_pid_ns(current);
3791 : struct pid_namespace *p = ns_of_pid(pid);
3792 :
3793 : for (;;) {
3794 0 : if (!p)
3795 : return false;
3796 0 : if (p == active)
3797 : break;
3798 0 : p = p->parent;
3799 : }
3800 :
3801 : return true;
3802 : }
3803 :
3804 : static int copy_siginfo_from_user_any(kernel_siginfo_t *kinfo,
3805 : siginfo_t __user *info)
3806 : {
3807 : #ifdef CONFIG_COMPAT
3808 : /*
3809 : * Avoid hooking up compat syscalls and instead handle necessary
3810 : * conversions here. Note, this is a stop-gap measure and should not be
3811 : * considered a generic solution.
3812 : */
3813 : if (in_compat_syscall())
3814 : return copy_siginfo_from_user32(
3815 : kinfo, (struct compat_siginfo __user *)info);
3816 : #endif
3817 0 : return copy_siginfo_from_user(kinfo, info);
3818 : }
3819 :
3820 0 : static struct pid *pidfd_to_pid(const struct file *file)
3821 : {
3822 : struct pid *pid;
3823 :
3824 0 : pid = pidfd_pid(file);
3825 0 : if (!IS_ERR(pid))
3826 : return pid;
3827 :
3828 0 : return tgid_pidfd_to_pid(file);
3829 : }
3830 :
3831 : /**
3832 : * sys_pidfd_send_signal - Signal a process through a pidfd
3833 : * @pidfd: file descriptor of the process
3834 : * @sig: signal to send
3835 : * @info: signal info
3836 : * @flags: future flags
3837 : *
3838 : * The syscall currently only signals via PIDTYPE_PID which covers
3839 : * kill(<positive-pid>, <signal>. It does not signal threads or process
3840 : * groups.
3841 : * In order to extend the syscall to threads and process groups the @flags
3842 : * argument should be used. In essence, the @flags argument will determine
3843 : * what is signaled and not the file descriptor itself. Put in other words,
3844 : * grouping is a property of the flags argument not a property of the file
3845 : * descriptor.
3846 : *
3847 : * Return: 0 on success, negative errno on failure
3848 : */
3849 0 : SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig,
3850 : siginfo_t __user *, info, unsigned int, flags)
3851 : {
3852 : int ret;
3853 : struct fd f;
3854 : struct pid *pid;
3855 : kernel_siginfo_t kinfo;
3856 :
3857 : /* Enforce flags be set to 0 until we add an extension. */
3858 0 : if (flags)
3859 : return -EINVAL;
3860 :
3861 0 : f = fdget(pidfd);
3862 0 : if (!f.file)
3863 : return -EBADF;
3864 :
3865 : /* Is this a pidfd? */
3866 0 : pid = pidfd_to_pid(f.file);
3867 0 : if (IS_ERR(pid)) {
3868 0 : ret = PTR_ERR(pid);
3869 0 : goto err;
3870 : }
3871 :
3872 0 : ret = -EINVAL;
3873 0 : if (!access_pidfd_pidns(pid))
3874 : goto err;
3875 :
3876 0 : if (info) {
3877 0 : ret = copy_siginfo_from_user_any(&kinfo, info);
3878 0 : if (unlikely(ret))
3879 : goto err;
3880 :
3881 0 : ret = -EINVAL;
3882 0 : if (unlikely(sig != kinfo.si_signo))
3883 : goto err;
3884 :
3885 : /* Only allow sending arbitrary signals to yourself. */
3886 0 : ret = -EPERM;
3887 0 : if ((task_pid(current) != pid) &&
3888 0 : (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL))
3889 : goto err;
3890 : } else {
3891 0 : prepare_kill_siginfo(sig, &kinfo);
3892 : }
3893 :
3894 0 : ret = kill_pid_info(sig, &kinfo, pid);
3895 :
3896 : err:
3897 0 : fdput(f);
3898 0 : return ret;
3899 : }
3900 :
3901 : static int
3902 0 : do_send_specific(pid_t tgid, pid_t pid, int sig, struct kernel_siginfo *info)
3903 : {
3904 : struct task_struct *p;
3905 0 : int error = -ESRCH;
3906 :
3907 : rcu_read_lock();
3908 0 : p = find_task_by_vpid(pid);
3909 0 : if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) {
3910 0 : error = check_kill_permission(sig, info, p);
3911 : /*
3912 : * The null signal is a permissions and process existence
3913 : * probe. No signal is actually delivered.
3914 : */
3915 0 : if (!error && sig) {
3916 0 : error = do_send_sig_info(sig, info, p, PIDTYPE_PID);
3917 : /*
3918 : * If lock_task_sighand() failed we pretend the task
3919 : * dies after receiving the signal. The window is tiny,
3920 : * and the signal is private anyway.
3921 : */
3922 0 : if (unlikely(error == -ESRCH))
3923 0 : error = 0;
3924 : }
3925 : }
3926 : rcu_read_unlock();
3927 :
3928 0 : return error;
3929 : }
3930 :
3931 0 : static int do_tkill(pid_t tgid, pid_t pid, int sig)
3932 : {
3933 : struct kernel_siginfo info;
3934 :
3935 0 : clear_siginfo(&info);
3936 0 : info.si_signo = sig;
3937 0 : info.si_errno = 0;
3938 0 : info.si_code = SI_TKILL;
3939 0 : info.si_pid = task_tgid_vnr(current);
3940 0 : info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
3941 :
3942 0 : return do_send_specific(tgid, pid, sig, &info);
3943 : }
3944 :
3945 : /**
3946 : * sys_tgkill - send signal to one specific thread
3947 : * @tgid: the thread group ID of the thread
3948 : * @pid: the PID of the thread
3949 : * @sig: signal to be sent
3950 : *
3951 : * This syscall also checks the @tgid and returns -ESRCH even if the PID
3952 : * exists but it's not belonging to the target process anymore. This
3953 : * method solves the problem of threads exiting and PIDs getting reused.
3954 : */
3955 0 : SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig)
3956 : {
3957 : /* This is only valid for single tasks */
3958 0 : if (pid <= 0 || tgid <= 0)
3959 : return -EINVAL;
3960 :
3961 0 : return do_tkill(tgid, pid, sig);
3962 : }
3963 :
3964 : /**
3965 : * sys_tkill - send signal to one specific task
3966 : * @pid: the PID of the task
3967 : * @sig: signal to be sent
3968 : *
3969 : * Send a signal to only one task, even if it's a CLONE_THREAD task.
3970 : */
3971 0 : SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig)
3972 : {
3973 : /* This is only valid for single tasks */
3974 0 : if (pid <= 0)
3975 : return -EINVAL;
3976 :
3977 0 : return do_tkill(0, pid, sig);
3978 : }
3979 :
3980 0 : static int do_rt_sigqueueinfo(pid_t pid, int sig, kernel_siginfo_t *info)
3981 : {
3982 : /* Not even root can pretend to send signals from the kernel.
3983 : * Nor can they impersonate a kill()/tgkill(), which adds source info.
3984 : */
3985 0 : if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
3986 0 : (task_pid_vnr(current) != pid))
3987 : return -EPERM;
3988 :
3989 : /* POSIX.1b doesn't mention process groups. */
3990 0 : return kill_proc_info(sig, info, pid);
3991 : }
3992 :
3993 : /**
3994 : * sys_rt_sigqueueinfo - send signal information to a signal
3995 : * @pid: the PID of the thread
3996 : * @sig: signal to be sent
3997 : * @uinfo: signal info to be sent
3998 : */
3999 0 : SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig,
4000 : siginfo_t __user *, uinfo)
4001 : {
4002 : kernel_siginfo_t info;
4003 0 : int ret = __copy_siginfo_from_user(sig, &info, uinfo);
4004 0 : if (unlikely(ret))
4005 0 : return ret;
4006 0 : return do_rt_sigqueueinfo(pid, sig, &info);
4007 : }
4008 :
4009 : #ifdef CONFIG_COMPAT
4010 : COMPAT_SYSCALL_DEFINE3(rt_sigqueueinfo,
4011 : compat_pid_t, pid,
4012 : int, sig,
4013 : struct compat_siginfo __user *, uinfo)
4014 : {
4015 : kernel_siginfo_t info;
4016 : int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
4017 : if (unlikely(ret))
4018 : return ret;
4019 : return do_rt_sigqueueinfo(pid, sig, &info);
4020 : }
4021 : #endif
4022 :
4023 0 : static int do_rt_tgsigqueueinfo(pid_t tgid, pid_t pid, int sig, kernel_siginfo_t *info)
4024 : {
4025 : /* This is only valid for single tasks */
4026 0 : if (pid <= 0 || tgid <= 0)
4027 : return -EINVAL;
4028 :
4029 : /* Not even root can pretend to send signals from the kernel.
4030 : * Nor can they impersonate a kill()/tgkill(), which adds source info.
4031 : */
4032 0 : if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
4033 0 : (task_pid_vnr(current) != pid))
4034 : return -EPERM;
4035 :
4036 0 : return do_send_specific(tgid, pid, sig, info);
4037 : }
4038 :
4039 0 : SYSCALL_DEFINE4(rt_tgsigqueueinfo, pid_t, tgid, pid_t, pid, int, sig,
4040 : siginfo_t __user *, uinfo)
4041 : {
4042 : kernel_siginfo_t info;
4043 0 : int ret = __copy_siginfo_from_user(sig, &info, uinfo);
4044 0 : if (unlikely(ret))
4045 0 : return ret;
4046 0 : return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
4047 : }
4048 :
4049 : #ifdef CONFIG_COMPAT
4050 : COMPAT_SYSCALL_DEFINE4(rt_tgsigqueueinfo,
4051 : compat_pid_t, tgid,
4052 : compat_pid_t, pid,
4053 : int, sig,
4054 : struct compat_siginfo __user *, uinfo)
4055 : {
4056 : kernel_siginfo_t info;
4057 : int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
4058 : if (unlikely(ret))
4059 : return ret;
4060 : return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
4061 : }
4062 : #endif
4063 :
4064 : /*
4065 : * For kthreads only, must not be used if cloned with CLONE_SIGHAND
4066 : */
4067 0 : void kernel_sigaction(int sig, __sighandler_t action)
4068 : {
4069 0 : spin_lock_irq(¤t->sighand->siglock);
4070 0 : current->sighand->action[sig - 1].sa.sa_handler = action;
4071 0 : if (action == SIG_IGN) {
4072 : sigset_t mask;
4073 :
4074 0 : sigemptyset(&mask);
4075 0 : sigaddset(&mask, sig);
4076 :
4077 0 : flush_sigqueue_mask(&mask, ¤t->signal->shared_pending);
4078 0 : flush_sigqueue_mask(&mask, ¤t->pending);
4079 0 : recalc_sigpending();
4080 : }
4081 0 : spin_unlock_irq(¤t->sighand->siglock);
4082 0 : }
4083 : EXPORT_SYMBOL(kernel_sigaction);
4084 :
4085 0 : void __weak sigaction_compat_abi(struct k_sigaction *act,
4086 : struct k_sigaction *oact)
4087 : {
4088 0 : }
4089 :
4090 0 : int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
4091 : {
4092 0 : struct task_struct *p = current, *t;
4093 : struct k_sigaction *k;
4094 : sigset_t mask;
4095 :
4096 0 : if (!valid_signal(sig) || sig < 1 || (act && sig_kernel_only(sig)))
4097 : return -EINVAL;
4098 :
4099 0 : k = &p->sighand->action[sig-1];
4100 :
4101 0 : spin_lock_irq(&p->sighand->siglock);
4102 0 : if (k->sa.sa_flags & SA_IMMUTABLE) {
4103 0 : spin_unlock_irq(&p->sighand->siglock);
4104 0 : return -EINVAL;
4105 : }
4106 0 : if (oact)
4107 0 : *oact = *k;
4108 :
4109 : /*
4110 : * Make sure that we never accidentally claim to support SA_UNSUPPORTED,
4111 : * e.g. by having an architecture use the bit in their uapi.
4112 : */
4113 : BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED);
4114 :
4115 : /*
4116 : * Clear unknown flag bits in order to allow userspace to detect missing
4117 : * support for flag bits and to allow the kernel to use non-uapi bits
4118 : * internally.
4119 : */
4120 0 : if (act)
4121 0 : act->sa.sa_flags &= UAPI_SA_FLAGS;
4122 0 : if (oact)
4123 0 : oact->sa.sa_flags &= UAPI_SA_FLAGS;
4124 :
4125 0 : sigaction_compat_abi(act, oact);
4126 :
4127 0 : if (act) {
4128 0 : sigdelsetmask(&act->sa.sa_mask,
4129 : sigmask(SIGKILL) | sigmask(SIGSTOP));
4130 0 : *k = *act;
4131 : /*
4132 : * POSIX 3.3.1.3:
4133 : * "Setting a signal action to SIG_IGN for a signal that is
4134 : * pending shall cause the pending signal to be discarded,
4135 : * whether or not it is blocked."
4136 : *
4137 : * "Setting a signal action to SIG_DFL for a signal that is
4138 : * pending and whose default action is to ignore the signal
4139 : * (for example, SIGCHLD), shall cause the pending signal to
4140 : * be discarded, whether or not it is blocked"
4141 : */
4142 0 : if (sig_handler_ignored(sig_handler(p, sig), sig)) {
4143 0 : sigemptyset(&mask);
4144 0 : sigaddset(&mask, sig);
4145 0 : flush_sigqueue_mask(&mask, &p->signal->shared_pending);
4146 0 : for_each_thread(p, t)
4147 0 : flush_sigqueue_mask(&mask, &t->pending);
4148 : }
4149 : }
4150 :
4151 0 : spin_unlock_irq(&p->sighand->siglock);
4152 0 : return 0;
4153 : }
4154 :
4155 : #ifdef CONFIG_DYNAMIC_SIGFRAME
4156 : static inline void sigaltstack_lock(void)
4157 : __acquires(¤t->sighand->siglock)
4158 : {
4159 : spin_lock_irq(¤t->sighand->siglock);
4160 : }
4161 :
4162 : static inline void sigaltstack_unlock(void)
4163 : __releases(¤t->sighand->siglock)
4164 : {
4165 : spin_unlock_irq(¤t->sighand->siglock);
4166 : }
4167 : #else
4168 : static inline void sigaltstack_lock(void) { }
4169 : static inline void sigaltstack_unlock(void) { }
4170 : #endif
4171 :
4172 : static int
4173 0 : do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
4174 : size_t min_ss_size)
4175 : {
4176 0 : struct task_struct *t = current;
4177 0 : int ret = 0;
4178 :
4179 0 : if (oss) {
4180 0 : memset(oss, 0, sizeof(stack_t));
4181 0 : oss->ss_sp = (void __user *) t->sas_ss_sp;
4182 0 : oss->ss_size = t->sas_ss_size;
4183 0 : oss->ss_flags = sas_ss_flags(sp) |
4184 0 : (current->sas_ss_flags & SS_FLAG_BITS);
4185 : }
4186 :
4187 0 : if (ss) {
4188 0 : void __user *ss_sp = ss->ss_sp;
4189 0 : size_t ss_size = ss->ss_size;
4190 0 : unsigned ss_flags = ss->ss_flags;
4191 : int ss_mode;
4192 :
4193 0 : if (unlikely(on_sig_stack(sp)))
4194 : return -EPERM;
4195 :
4196 0 : ss_mode = ss_flags & ~SS_FLAG_BITS;
4197 0 : if (unlikely(ss_mode != SS_DISABLE && ss_mode != SS_ONSTACK &&
4198 : ss_mode != 0))
4199 : return -EINVAL;
4200 :
4201 : /*
4202 : * Return before taking any locks if no actual
4203 : * sigaltstack changes were requested.
4204 : */
4205 0 : if (t->sas_ss_sp == (unsigned long)ss_sp &&
4206 0 : t->sas_ss_size == ss_size &&
4207 0 : t->sas_ss_flags == ss_flags)
4208 : return 0;
4209 :
4210 : sigaltstack_lock();
4211 0 : if (ss_mode == SS_DISABLE) {
4212 : ss_size = 0;
4213 : ss_sp = NULL;
4214 : } else {
4215 0 : if (unlikely(ss_size < min_ss_size))
4216 0 : ret = -ENOMEM;
4217 : if (!sigaltstack_size_valid(ss_size))
4218 : ret = -ENOMEM;
4219 : }
4220 0 : if (!ret) {
4221 0 : t->sas_ss_sp = (unsigned long) ss_sp;
4222 0 : t->sas_ss_size = ss_size;
4223 0 : t->sas_ss_flags = ss_flags;
4224 : }
4225 : sigaltstack_unlock();
4226 : }
4227 : return ret;
4228 : }
4229 :
4230 0 : SYSCALL_DEFINE2(sigaltstack,const stack_t __user *,uss, stack_t __user *,uoss)
4231 : {
4232 : stack_t new, old;
4233 : int err;
4234 0 : if (uss && copy_from_user(&new, uss, sizeof(stack_t)))
4235 : return -EFAULT;
4236 0 : err = do_sigaltstack(uss ? &new : NULL, uoss ? &old : NULL,
4237 0 : current_user_stack_pointer(),
4238 : MINSIGSTKSZ);
4239 0 : if (!err && uoss && copy_to_user(uoss, &old, sizeof(stack_t)))
4240 0 : err = -EFAULT;
4241 0 : return err;
4242 : }
4243 :
4244 0 : int restore_altstack(const stack_t __user *uss)
4245 : {
4246 : stack_t new;
4247 0 : if (copy_from_user(&new, uss, sizeof(stack_t)))
4248 : return -EFAULT;
4249 0 : (void)do_sigaltstack(&new, NULL, current_user_stack_pointer(),
4250 : MINSIGSTKSZ);
4251 : /* squash all but EFAULT for now */
4252 0 : return 0;
4253 : }
4254 :
4255 0 : int __save_altstack(stack_t __user *uss, unsigned long sp)
4256 : {
4257 0 : struct task_struct *t = current;
4258 0 : int err = __put_user((void __user *)t->sas_ss_sp, &uss->ss_sp) |
4259 0 : __put_user(t->sas_ss_flags, &uss->ss_flags) |
4260 0 : __put_user(t->sas_ss_size, &uss->ss_size);
4261 0 : return err;
4262 : }
4263 :
4264 : #ifdef CONFIG_COMPAT
4265 : static int do_compat_sigaltstack(const compat_stack_t __user *uss_ptr,
4266 : compat_stack_t __user *uoss_ptr)
4267 : {
4268 : stack_t uss, uoss;
4269 : int ret;
4270 :
4271 : if (uss_ptr) {
4272 : compat_stack_t uss32;
4273 : if (copy_from_user(&uss32, uss_ptr, sizeof(compat_stack_t)))
4274 : return -EFAULT;
4275 : uss.ss_sp = compat_ptr(uss32.ss_sp);
4276 : uss.ss_flags = uss32.ss_flags;
4277 : uss.ss_size = uss32.ss_size;
4278 : }
4279 : ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss,
4280 : compat_user_stack_pointer(),
4281 : COMPAT_MINSIGSTKSZ);
4282 : if (ret >= 0 && uoss_ptr) {
4283 : compat_stack_t old;
4284 : memset(&old, 0, sizeof(old));
4285 : old.ss_sp = ptr_to_compat(uoss.ss_sp);
4286 : old.ss_flags = uoss.ss_flags;
4287 : old.ss_size = uoss.ss_size;
4288 : if (copy_to_user(uoss_ptr, &old, sizeof(compat_stack_t)))
4289 : ret = -EFAULT;
4290 : }
4291 : return ret;
4292 : }
4293 :
4294 : COMPAT_SYSCALL_DEFINE2(sigaltstack,
4295 : const compat_stack_t __user *, uss_ptr,
4296 : compat_stack_t __user *, uoss_ptr)
4297 : {
4298 : return do_compat_sigaltstack(uss_ptr, uoss_ptr);
4299 : }
4300 :
4301 : int compat_restore_altstack(const compat_stack_t __user *uss)
4302 : {
4303 : int err = do_compat_sigaltstack(uss, NULL);
4304 : /* squash all but -EFAULT for now */
4305 : return err == -EFAULT ? err : 0;
4306 : }
4307 :
4308 : int __compat_save_altstack(compat_stack_t __user *uss, unsigned long sp)
4309 : {
4310 : int err;
4311 : struct task_struct *t = current;
4312 : err = __put_user(ptr_to_compat((void __user *)t->sas_ss_sp),
4313 : &uss->ss_sp) |
4314 : __put_user(t->sas_ss_flags, &uss->ss_flags) |
4315 : __put_user(t->sas_ss_size, &uss->ss_size);
4316 : return err;
4317 : }
4318 : #endif
4319 :
4320 : #ifdef __ARCH_WANT_SYS_SIGPENDING
4321 :
4322 : /**
4323 : * sys_sigpending - examine pending signals
4324 : * @uset: where mask of pending signal is returned
4325 : */
4326 0 : SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, uset)
4327 : {
4328 : sigset_t set;
4329 :
4330 : if (sizeof(old_sigset_t) > sizeof(*uset))
4331 : return -EINVAL;
4332 :
4333 0 : do_sigpending(&set);
4334 :
4335 0 : if (copy_to_user(uset, &set, sizeof(old_sigset_t)))
4336 : return -EFAULT;
4337 :
4338 0 : return 0;
4339 : }
4340 :
4341 : #ifdef CONFIG_COMPAT
4342 : COMPAT_SYSCALL_DEFINE1(sigpending, compat_old_sigset_t __user *, set32)
4343 : {
4344 : sigset_t set;
4345 :
4346 : do_sigpending(&set);
4347 :
4348 : return put_user(set.sig[0], set32);
4349 : }
4350 : #endif
4351 :
4352 : #endif
4353 :
4354 : #ifdef __ARCH_WANT_SYS_SIGPROCMASK
4355 : /**
4356 : * sys_sigprocmask - examine and change blocked signals
4357 : * @how: whether to add, remove, or set signals
4358 : * @nset: signals to add or remove (if non-null)
4359 : * @oset: previous value of signal mask if non-null
4360 : *
4361 : * Some platforms have their own version with special arguments;
4362 : * others support only sys_rt_sigprocmask.
4363 : */
4364 :
4365 0 : SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, nset,
4366 : old_sigset_t __user *, oset)
4367 : {
4368 : old_sigset_t old_set, new_set;
4369 : sigset_t new_blocked;
4370 :
4371 0 : old_set = current->blocked.sig[0];
4372 :
4373 0 : if (nset) {
4374 0 : if (copy_from_user(&new_set, nset, sizeof(*nset)))
4375 : return -EFAULT;
4376 :
4377 0 : new_blocked = current->blocked;
4378 :
4379 0 : switch (how) {
4380 : case SIG_BLOCK:
4381 0 : sigaddsetmask(&new_blocked, new_set);
4382 : break;
4383 : case SIG_UNBLOCK:
4384 0 : sigdelsetmask(&new_blocked, new_set);
4385 : break;
4386 : case SIG_SETMASK:
4387 0 : new_blocked.sig[0] = new_set;
4388 0 : break;
4389 : default:
4390 : return -EINVAL;
4391 : }
4392 :
4393 : set_current_blocked(&new_blocked);
4394 : }
4395 :
4396 0 : if (oset) {
4397 0 : if (copy_to_user(oset, &old_set, sizeof(*oset)))
4398 : return -EFAULT;
4399 : }
4400 :
4401 : return 0;
4402 : }
4403 : #endif /* __ARCH_WANT_SYS_SIGPROCMASK */
4404 :
4405 : #ifndef CONFIG_ODD_RT_SIGACTION
4406 : /**
4407 : * sys_rt_sigaction - alter an action taken by a process
4408 : * @sig: signal to be sent
4409 : * @act: new sigaction
4410 : * @oact: used to save the previous sigaction
4411 : * @sigsetsize: size of sigset_t type
4412 : */
4413 0 : SYSCALL_DEFINE4(rt_sigaction, int, sig,
4414 : const struct sigaction __user *, act,
4415 : struct sigaction __user *, oact,
4416 : size_t, sigsetsize)
4417 : {
4418 : struct k_sigaction new_sa, old_sa;
4419 : int ret;
4420 :
4421 : /* XXX: Don't preclude handling different sized sigset_t's. */
4422 0 : if (sigsetsize != sizeof(sigset_t))
4423 : return -EINVAL;
4424 :
4425 0 : if (act && copy_from_user(&new_sa.sa, act, sizeof(new_sa.sa)))
4426 : return -EFAULT;
4427 :
4428 0 : ret = do_sigaction(sig, act ? &new_sa : NULL, oact ? &old_sa : NULL);
4429 0 : if (ret)
4430 0 : return ret;
4431 :
4432 0 : if (oact && copy_to_user(oact, &old_sa.sa, sizeof(old_sa.sa)))
4433 : return -EFAULT;
4434 :
4435 : return 0;
4436 : }
4437 : #ifdef CONFIG_COMPAT
4438 : COMPAT_SYSCALL_DEFINE4(rt_sigaction, int, sig,
4439 : const struct compat_sigaction __user *, act,
4440 : struct compat_sigaction __user *, oact,
4441 : compat_size_t, sigsetsize)
4442 : {
4443 : struct k_sigaction new_ka, old_ka;
4444 : #ifdef __ARCH_HAS_SA_RESTORER
4445 : compat_uptr_t restorer;
4446 : #endif
4447 : int ret;
4448 :
4449 : /* XXX: Don't preclude handling different sized sigset_t's. */
4450 : if (sigsetsize != sizeof(compat_sigset_t))
4451 : return -EINVAL;
4452 :
4453 : if (act) {
4454 : compat_uptr_t handler;
4455 : ret = get_user(handler, &act->sa_handler);
4456 : new_ka.sa.sa_handler = compat_ptr(handler);
4457 : #ifdef __ARCH_HAS_SA_RESTORER
4458 : ret |= get_user(restorer, &act->sa_restorer);
4459 : new_ka.sa.sa_restorer = compat_ptr(restorer);
4460 : #endif
4461 : ret |= get_compat_sigset(&new_ka.sa.sa_mask, &act->sa_mask);
4462 : ret |= get_user(new_ka.sa.sa_flags, &act->sa_flags);
4463 : if (ret)
4464 : return -EFAULT;
4465 : }
4466 :
4467 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4468 : if (!ret && oact) {
4469 : ret = put_user(ptr_to_compat(old_ka.sa.sa_handler),
4470 : &oact->sa_handler);
4471 : ret |= put_compat_sigset(&oact->sa_mask, &old_ka.sa.sa_mask,
4472 : sizeof(oact->sa_mask));
4473 : ret |= put_user(old_ka.sa.sa_flags, &oact->sa_flags);
4474 : #ifdef __ARCH_HAS_SA_RESTORER
4475 : ret |= put_user(ptr_to_compat(old_ka.sa.sa_restorer),
4476 : &oact->sa_restorer);
4477 : #endif
4478 : }
4479 : return ret;
4480 : }
4481 : #endif
4482 : #endif /* !CONFIG_ODD_RT_SIGACTION */
4483 :
4484 : #ifdef CONFIG_OLD_SIGACTION
4485 : SYSCALL_DEFINE3(sigaction, int, sig,
4486 : const struct old_sigaction __user *, act,
4487 : struct old_sigaction __user *, oact)
4488 : {
4489 : struct k_sigaction new_ka, old_ka;
4490 : int ret;
4491 :
4492 : if (act) {
4493 : old_sigset_t mask;
4494 : if (!access_ok(act, sizeof(*act)) ||
4495 : __get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
4496 : __get_user(new_ka.sa.sa_restorer, &act->sa_restorer) ||
4497 : __get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
4498 : __get_user(mask, &act->sa_mask))
4499 : return -EFAULT;
4500 : #ifdef __ARCH_HAS_KA_RESTORER
4501 : new_ka.ka_restorer = NULL;
4502 : #endif
4503 : siginitset(&new_ka.sa.sa_mask, mask);
4504 : }
4505 :
4506 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4507 :
4508 : if (!ret && oact) {
4509 : if (!access_ok(oact, sizeof(*oact)) ||
4510 : __put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
4511 : __put_user(old_ka.sa.sa_restorer, &oact->sa_restorer) ||
4512 : __put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
4513 : __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
4514 : return -EFAULT;
4515 : }
4516 :
4517 : return ret;
4518 : }
4519 : #endif
4520 : #ifdef CONFIG_COMPAT_OLD_SIGACTION
4521 : COMPAT_SYSCALL_DEFINE3(sigaction, int, sig,
4522 : const struct compat_old_sigaction __user *, act,
4523 : struct compat_old_sigaction __user *, oact)
4524 : {
4525 : struct k_sigaction new_ka, old_ka;
4526 : int ret;
4527 : compat_old_sigset_t mask;
4528 : compat_uptr_t handler, restorer;
4529 :
4530 : if (act) {
4531 : if (!access_ok(act, sizeof(*act)) ||
4532 : __get_user(handler, &act->sa_handler) ||
4533 : __get_user(restorer, &act->sa_restorer) ||
4534 : __get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
4535 : __get_user(mask, &act->sa_mask))
4536 : return -EFAULT;
4537 :
4538 : #ifdef __ARCH_HAS_KA_RESTORER
4539 : new_ka.ka_restorer = NULL;
4540 : #endif
4541 : new_ka.sa.sa_handler = compat_ptr(handler);
4542 : new_ka.sa.sa_restorer = compat_ptr(restorer);
4543 : siginitset(&new_ka.sa.sa_mask, mask);
4544 : }
4545 :
4546 : ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
4547 :
4548 : if (!ret && oact) {
4549 : if (!access_ok(oact, sizeof(*oact)) ||
4550 : __put_user(ptr_to_compat(old_ka.sa.sa_handler),
4551 : &oact->sa_handler) ||
4552 : __put_user(ptr_to_compat(old_ka.sa.sa_restorer),
4553 : &oact->sa_restorer) ||
4554 : __put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
4555 : __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
4556 : return -EFAULT;
4557 : }
4558 : return ret;
4559 : }
4560 : #endif
4561 :
4562 : #ifdef CONFIG_SGETMASK_SYSCALL
4563 :
4564 : /*
4565 : * For backwards compatibility. Functionality superseded by sigprocmask.
4566 : */
4567 : SYSCALL_DEFINE0(sgetmask)
4568 : {
4569 : /* SMP safe */
4570 : return current->blocked.sig[0];
4571 : }
4572 :
4573 : SYSCALL_DEFINE1(ssetmask, int, newmask)
4574 : {
4575 : int old = current->blocked.sig[0];
4576 : sigset_t newset;
4577 :
4578 : siginitset(&newset, newmask);
4579 : set_current_blocked(&newset);
4580 :
4581 : return old;
4582 : }
4583 : #endif /* CONFIG_SGETMASK_SYSCALL */
4584 :
4585 : #ifdef __ARCH_WANT_SYS_SIGNAL
4586 : /*
4587 : * For backwards compatibility. Functionality superseded by sigaction.
4588 : */
4589 0 : SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler)
4590 : {
4591 : struct k_sigaction new_sa, old_sa;
4592 : int ret;
4593 :
4594 0 : new_sa.sa.sa_handler = handler;
4595 0 : new_sa.sa.sa_flags = SA_ONESHOT | SA_NOMASK;
4596 0 : sigemptyset(&new_sa.sa.sa_mask);
4597 :
4598 0 : ret = do_sigaction(sig, &new_sa, &old_sa);
4599 :
4600 0 : return ret ? ret : (unsigned long)old_sa.sa.sa_handler;
4601 : }
4602 : #endif /* __ARCH_WANT_SYS_SIGNAL */
4603 :
4604 : #ifdef __ARCH_WANT_SYS_PAUSE
4605 :
4606 0 : SYSCALL_DEFINE0(pause)
4607 : {
4608 0 : while (!signal_pending(current)) {
4609 0 : __set_current_state(TASK_INTERRUPTIBLE);
4610 0 : schedule();
4611 : }
4612 0 : return -ERESTARTNOHAND;
4613 : }
4614 :
4615 : #endif
4616 :
4617 0 : static int sigsuspend(sigset_t *set)
4618 : {
4619 0 : current->saved_sigmask = current->blocked;
4620 : set_current_blocked(set);
4621 :
4622 0 : while (!signal_pending(current)) {
4623 0 : __set_current_state(TASK_INTERRUPTIBLE);
4624 0 : schedule();
4625 : }
4626 0 : set_restore_sigmask();
4627 0 : return -ERESTARTNOHAND;
4628 : }
4629 :
4630 : /**
4631 : * sys_rt_sigsuspend - replace the signal mask for a value with the
4632 : * @unewset value until a signal is received
4633 : * @unewset: new signal mask value
4634 : * @sigsetsize: size of sigset_t type
4635 : */
4636 0 : SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize)
4637 : {
4638 : sigset_t newset;
4639 :
4640 : /* XXX: Don't preclude handling different sized sigset_t's. */
4641 0 : if (sigsetsize != sizeof(sigset_t))
4642 : return -EINVAL;
4643 :
4644 0 : if (copy_from_user(&newset, unewset, sizeof(newset)))
4645 : return -EFAULT;
4646 0 : return sigsuspend(&newset);
4647 : }
4648 :
4649 : #ifdef CONFIG_COMPAT
4650 : COMPAT_SYSCALL_DEFINE2(rt_sigsuspend, compat_sigset_t __user *, unewset, compat_size_t, sigsetsize)
4651 : {
4652 : sigset_t newset;
4653 :
4654 : /* XXX: Don't preclude handling different sized sigset_t's. */
4655 : if (sigsetsize != sizeof(sigset_t))
4656 : return -EINVAL;
4657 :
4658 : if (get_compat_sigset(&newset, unewset))
4659 : return -EFAULT;
4660 : return sigsuspend(&newset);
4661 : }
4662 : #endif
4663 :
4664 : #ifdef CONFIG_OLD_SIGSUSPEND
4665 : SYSCALL_DEFINE1(sigsuspend, old_sigset_t, mask)
4666 : {
4667 : sigset_t blocked;
4668 : siginitset(&blocked, mask);
4669 : return sigsuspend(&blocked);
4670 : }
4671 : #endif
4672 : #ifdef CONFIG_OLD_SIGSUSPEND3
4673 : SYSCALL_DEFINE3(sigsuspend, int, unused1, int, unused2, old_sigset_t, mask)
4674 : {
4675 : sigset_t blocked;
4676 : siginitset(&blocked, mask);
4677 : return sigsuspend(&blocked);
4678 : }
4679 : #endif
4680 :
4681 0 : __weak const char *arch_vma_name(struct vm_area_struct *vma)
4682 : {
4683 0 : return NULL;
4684 : }
4685 :
4686 : static inline void siginfo_buildtime_checks(void)
4687 : {
4688 : BUILD_BUG_ON(sizeof(struct siginfo) != SI_MAX_SIZE);
4689 :
4690 : /* Verify the offsets in the two siginfos match */
4691 : #define CHECK_OFFSET(field) \
4692 : BUILD_BUG_ON(offsetof(siginfo_t, field) != offsetof(kernel_siginfo_t, field))
4693 :
4694 : /* kill */
4695 : CHECK_OFFSET(si_pid);
4696 : CHECK_OFFSET(si_uid);
4697 :
4698 : /* timer */
4699 : CHECK_OFFSET(si_tid);
4700 : CHECK_OFFSET(si_overrun);
4701 : CHECK_OFFSET(si_value);
4702 :
4703 : /* rt */
4704 : CHECK_OFFSET(si_pid);
4705 : CHECK_OFFSET(si_uid);
4706 : CHECK_OFFSET(si_value);
4707 :
4708 : /* sigchld */
4709 : CHECK_OFFSET(si_pid);
4710 : CHECK_OFFSET(si_uid);
4711 : CHECK_OFFSET(si_status);
4712 : CHECK_OFFSET(si_utime);
4713 : CHECK_OFFSET(si_stime);
4714 :
4715 : /* sigfault */
4716 : CHECK_OFFSET(si_addr);
4717 : CHECK_OFFSET(si_trapno);
4718 : CHECK_OFFSET(si_addr_lsb);
4719 : CHECK_OFFSET(si_lower);
4720 : CHECK_OFFSET(si_upper);
4721 : CHECK_OFFSET(si_pkey);
4722 : CHECK_OFFSET(si_perf_data);
4723 : CHECK_OFFSET(si_perf_type);
4724 : CHECK_OFFSET(si_perf_flags);
4725 :
4726 : /* sigpoll */
4727 : CHECK_OFFSET(si_band);
4728 : CHECK_OFFSET(si_fd);
4729 :
4730 : /* sigsys */
4731 : CHECK_OFFSET(si_call_addr);
4732 : CHECK_OFFSET(si_syscall);
4733 : CHECK_OFFSET(si_arch);
4734 : #undef CHECK_OFFSET
4735 :
4736 : /* usb asyncio */
4737 : BUILD_BUG_ON(offsetof(struct siginfo, si_pid) !=
4738 : offsetof(struct siginfo, si_addr));
4739 : if (sizeof(int) == sizeof(void __user *)) {
4740 : BUILD_BUG_ON(sizeof_field(struct siginfo, si_pid) !=
4741 : sizeof(void __user *));
4742 : } else {
4743 : BUILD_BUG_ON((sizeof_field(struct siginfo, si_pid) +
4744 : sizeof_field(struct siginfo, si_uid)) !=
4745 : sizeof(void __user *));
4746 : BUILD_BUG_ON(offsetofend(struct siginfo, si_pid) !=
4747 : offsetof(struct siginfo, si_uid));
4748 : }
4749 : #ifdef CONFIG_COMPAT
4750 : BUILD_BUG_ON(offsetof(struct compat_siginfo, si_pid) !=
4751 : offsetof(struct compat_siginfo, si_addr));
4752 : BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
4753 : sizeof(compat_uptr_t));
4754 : BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
4755 : sizeof_field(struct siginfo, si_pid));
4756 : #endif
4757 : }
4758 :
4759 1 : void __init signals_init(void)
4760 : {
4761 : siginfo_buildtime_checks();
4762 :
4763 1 : sigqueue_cachep = KMEM_CACHE(sigqueue, SLAB_PANIC | SLAB_ACCOUNT);
4764 1 : }
4765 :
4766 : #ifdef CONFIG_KGDB_KDB
4767 : #include <linux/kdb.h>
4768 : /*
4769 : * kdb_send_sig - Allows kdb to send signals without exposing
4770 : * signal internals. This function checks if the required locks are
4771 : * available before calling the main signal code, to avoid kdb
4772 : * deadlocks.
4773 : */
4774 : void kdb_send_sig(struct task_struct *t, int sig)
4775 : {
4776 : static struct task_struct *kdb_prev_t;
4777 : int new_t, ret;
4778 : if (!spin_trylock(&t->sighand->siglock)) {
4779 : kdb_printf("Can't do kill command now.\n"
4780 : "The sigmask lock is held somewhere else in "
4781 : "kernel, try again later\n");
4782 : return;
4783 : }
4784 : new_t = kdb_prev_t != t;
4785 : kdb_prev_t = t;
4786 : if (!task_is_running(t) && new_t) {
4787 : spin_unlock(&t->sighand->siglock);
4788 : kdb_printf("Process is not RUNNING, sending a signal from "
4789 : "kdb risks deadlock\n"
4790 : "on the run queue locks. "
4791 : "The signal has _not_ been sent.\n"
4792 : "Reissue the kill command if you want to risk "
4793 : "the deadlock.\n");
4794 : return;
4795 : }
4796 : ret = send_signal_locked(sig, SEND_SIG_PRIV, t, PIDTYPE_PID);
4797 : spin_unlock(&t->sighand->siglock);
4798 : if (ret)
4799 : kdb_printf("Fail to deliver Signal %d to process %d.\n",
4800 : sig, t->pid);
4801 : else
4802 : kdb_printf("Signal %d is sent to process %d.\n", sig, t->pid);
4803 : }
4804 : #endif /* CONFIG_KGDB_KDB */
|