diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-01-30 14:18:52 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-01-30 14:18:52 -0800 |
commit | d4173023e63cb85ec02eda02d1789bf078719f00 (patch) | |
tree | a07f5e8d8a98f99c576fedb95035e5289c64276c /include | |
parent | 0aebc6a440b942df6221a7765f077f02217e0114 (diff) | |
parent | c0f45555b82450a56c0da11866163b764aeb1a21 (diff) |
Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull siginfo cleanups from Eric Biederman:
"Long ago when 2.4 was just a testing release copy_siginfo_to_user was
made to copy individual fields to userspace, possibly for efficiency
and to ensure initialized values were not copied to userspace.
Unfortunately the design was complex, it's assumptions unstated, and
humans are fallible and so while it worked much of the time that
design failed to ensure unitialized memory is not copied to userspace.
This set of changes is part of a new design to clean up siginfo and
simplify things, and hopefully make the siginfo handling robust enough
that a simple inspection of the code can be made to ensure we don't
copy any unitializied fields to userspace.
The design is to unify struct siginfo and struct compat_siginfo into a
single definition that is shared between all architectures so that
anyone adding to the set of information shared with struct siginfo can
see the whole picture. Hopefully ensuring all future si_code
assignments are arch independent.
The design is to unify copy_siginfo_to_user32 and
copy_siginfo_from_user32 so that those function are complete and cope
with all of the different cases documented in signinfo_layout. I don't
think there was a single implementation of either of those functions
that was complete and correct before my changes unified them.
The design is to introduce a series of helpers including
force_siginfo_fault that take the values that are needed in struct
siginfo and build the siginfo structure for their callers. Ensuring
struct siginfo is built correctly.
The remaining work for 4.17 (unless someone thinks it is post -rc1
material) is to push usage of those helpers down into the
architectures so that architecture specific code will not need to deal
with the fiddly work of intializing struct siginfo, and then when
struct siginfo is guaranteed to be fully initialized change copy
siginfo_to_user into a simple wrapper around copy_to_user.
Further there is work in progress on the issues that have been
documented requires arch specific knowledge to sort out.
The changes below fix or at least document all of the issues that have
been found with siginfo generation. Then proceed to unify struct
siginfo the 32 bit helpers that copy siginfo to and from userspace,
and generally clean up anything that is not arch specific with regards
to siginfo generation.
It is a lot but with the unification you can of siginfo you can
already see the code reduction in the kernel"
* 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (45 commits)
signal/memory-failure: Use force_sig_mceerr and send_sig_mceerr
mm/memory_failure: Remove unused trapno from memory_failure
signal/ptrace: Add force_sig_ptrace_errno_trap and use it where needed
signal/powerpc: Remove unnecessary signal_code parameter of do_send_trap
signal: Helpers for faults with specialized siginfo layouts
signal: Add send_sig_fault and force_sig_fault
signal: Replace memset(info,...) with clear_siginfo for clarity
signal: Don't use structure initializers for struct siginfo
signal/arm64: Better isolate the COMPAT_TASK portion of ptrace_hbptriggered
ptrace: Use copy_siginfo in setsiginfo and getsiginfo
signal: Unify and correct copy_siginfo_to_user32
signal: Remove the code to clear siginfo before calling copy_siginfo_from_user32
signal: Unify and correct copy_siginfo_from_user32
signal/blackfin: Remove pointless UID16_SIGINFO_COMPAT_NEEDED
signal/blackfin: Move the blackfin specific si_codes to asm-generic/siginfo.h
signal/tile: Move the tile specific si_codes to asm-generic/siginfo.h
signal/frv: Move the frv specific si_codes to asm-generic/siginfo.h
signal/ia64: Move the ia64 specific si_codes to asm-generic/siginfo.h
signal/powerpc: Remove redefinition of NSIGTRAP on powerpc
signal: Move addr_lsb into the _sigfault union for clarity
...
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/compat.h | 100 | ||||
-rw-r--r-- | include/linux/mm.h | 4 | ||||
-rw-r--r-- | include/linux/sched/signal.h | 28 | ||||
-rw-r--r-- | include/linux/signal.h | 15 | ||||
-rw-r--r-- | include/uapi/asm-generic/siginfo.h | 109 |
5 files changed, 220 insertions, 36 deletions
diff --git a/include/linux/compat.h b/include/linux/compat.h index 0fc36406f32c..8a9643857c4a 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -157,6 +157,104 @@ struct compat_sigaction { compat_sigset_t sa_mask __packed; }; +typedef union compat_sigval { + compat_int_t sival_int; + compat_uptr_t sival_ptr; +} compat_sigval_t; + +typedef struct compat_siginfo { + int si_signo; +#ifndef __ARCH_HAS_SWAPPED_SIGINFO + int si_errno; + int si_code; +#else + int si_code; + int si_errno; +#endif + + union { + int _pad[128/sizeof(int) - 3]; + + /* kill() */ + struct { + compat_pid_t _pid; /* sender's pid */ + __compat_uid32_t _uid; /* sender's uid */ + } _kill; + + /* POSIX.1b timers */ + struct { + compat_timer_t _tid; /* timer id */ + int _overrun; /* overrun count */ + compat_sigval_t _sigval; /* same as below */ + } _timer; + + /* POSIX.1b signals */ + struct { + compat_pid_t _pid; /* sender's pid */ + __compat_uid32_t _uid; /* sender's uid */ + compat_sigval_t _sigval; + } _rt; + + /* SIGCHLD */ + struct { + compat_pid_t _pid; /* which child */ + __compat_uid32_t _uid; /* sender's uid */ + int _status; /* exit code */ + compat_clock_t _utime; + compat_clock_t _stime; + } _sigchld; + +#ifdef CONFIG_X86_X32_ABI + /* SIGCHLD (x32 version) */ + struct { + compat_pid_t _pid; /* which child */ + __compat_uid32_t _uid; /* sender's uid */ + int _status; /* exit code */ + compat_s64 _utime; + compat_s64 _stime; + } _sigchld_x32; +#endif + + /* SIGILL, SIGFPE, SIGSEGV, SIGBUS, SIGTRAP, SIGEMT */ + struct { + compat_uptr_t _addr; /* faulting insn/memory ref. */ +#ifdef __ARCH_SI_TRAPNO + int _trapno; /* TRAP # which caused the signal */ +#endif + union { + /* + * used when si_code=BUS_MCEERR_AR or + * used when si_code=BUS_MCEERR_AO + */ + short int _addr_lsb; /* Valid LSB of the reported address. */ + /* used when si_code=SEGV_BNDERR */ + struct { + short _dummy_bnd; + compat_uptr_t _lower; + compat_uptr_t _upper; + } _addr_bnd; + /* used when si_code=SEGV_PKUERR */ + struct { + short _dummy_pkey; + u32 _pkey; + } _addr_pkey; + }; + } _sigfault; + + /* SIGPOLL */ + struct { + compat_long_t _band; /* POLL_IN, POLL_OUT, POLL_MSG */ + int _fd; + } _sigpoll; + + struct { + compat_uptr_t _call_addr; /* calling user insn */ + int _syscall; /* triggering system call number */ + unsigned int _arch; /* AUDIT_ARCH_* of syscall */ + } _sigsys; + } _sifields; +} compat_siginfo_t; + /* * These functions operate on 32- or 64-bit specs depending on * COMPAT_USE_64BIT_TIME, hence the void user pointer arguments. @@ -412,7 +510,7 @@ long compat_get_bitmap(unsigned long *mask, const compat_ulong_t __user *umask, unsigned long bitmap_size); long compat_put_bitmap(compat_ulong_t __user *umask, unsigned long *mask, unsigned long bitmap_size); -int copy_siginfo_from_user32(siginfo_t *to, struct compat_siginfo __user *from); +int copy_siginfo_from_user32(siginfo_t *to, const struct compat_siginfo __user *from); int copy_siginfo_to_user32(struct compat_siginfo __user *to, const siginfo_t *from); int get_compat_sigevent(struct sigevent *event, const struct compat_sigevent __user *u_event); diff --git a/include/linux/mm.h b/include/linux/mm.h index ea818ff739cd..7fc92384977e 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2570,8 +2570,8 @@ enum mf_flags { MF_MUST_KILL = 1 << 2, MF_SOFT_OFFLINE = 1 << 3, }; -extern int memory_failure(unsigned long pfn, int trapno, int flags); -extern void memory_failure_queue(unsigned long pfn, int trapno, int flags); +extern int memory_failure(unsigned long pfn, int flags); +extern void memory_failure_queue(unsigned long pfn, int flags); extern int unpoison_memory(unsigned long pfn); extern int get_hwpoison_page(struct page *page); #define put_hwpoison_page(page) put_page(page) diff --git a/include/linux/sched/signal.h b/include/linux/sched/signal.h index 0aa4548fb492..23b4f9cb82db 100644 --- a/include/linux/sched/signal.h +++ b/include/linux/sched/signal.h @@ -285,6 +285,34 @@ static inline void kernel_signal_stop(void) schedule(); } +#ifdef __ARCH_SI_TRAPNO +# define ___ARCH_SI_TRAPNO(_a1) , _a1 +#else +# define ___ARCH_SI_TRAPNO(_a1) +#endif +#ifdef __ia64__ +# define ___ARCH_SI_IA64(_a1, _a2, _a3) , _a1, _a2, _a3 +#else +# define ___ARCH_SI_IA64(_a1, _a2, _a3) +#endif + +int force_sig_fault(int sig, int code, void __user *addr + ___ARCH_SI_TRAPNO(int trapno) + ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr) + , struct task_struct *t); +int send_sig_fault(int sig, int code, void __user *addr + ___ARCH_SI_TRAPNO(int trapno) + ___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr) + , struct task_struct *t); + +int force_sig_mceerr(int code, void __user *, short, struct task_struct *); +int send_sig_mceerr(int code, void __user *, short, struct task_struct *); + +int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper); +int force_sig_pkuerr(void __user *addr, u32 pkey); + +int force_sig_ptrace_errno_trap(int errno, void __user *addr); + extern int send_sig_info(int, struct siginfo *, struct task_struct *); extern int force_sigsegv(int, struct task_struct *); extern int force_sig_info(int, struct siginfo *, struct task_struct *); diff --git a/include/linux/signal.h b/include/linux/signal.h index 042968dd98f0..a9bc7e1b077e 100644 --- a/include/linux/signal.h +++ b/include/linux/signal.h @@ -11,13 +11,14 @@ struct task_struct; /* for sysctl */ extern int print_fatal_signals; -static inline void copy_siginfo(struct siginfo *to, struct siginfo *from) +static inline void copy_siginfo(struct siginfo *to, const struct siginfo *from) { - if (from->si_code < 0) - memcpy(to, from, sizeof(*to)); - else - /* _sigchld is currently the largest know union member */ - memcpy(to, from, __ARCH_SI_PREAMBLE_SIZE + sizeof(from->_sifields._sigchld)); + memcpy(to, from, sizeof(*to)); +} + +static inline void clear_siginfo(struct siginfo *info) +{ + memset(info, 0, sizeof(*info)); } int copy_siginfo_to_user(struct siginfo __user *to, const struct siginfo *from); @@ -29,9 +30,7 @@ enum siginfo_layout { SIL_FAULT, SIL_CHLD, SIL_RT, -#ifdef __ARCH_SIGSYS SIL_SYS, -#endif }; enum siginfo_layout siginfo_layout(int sig, int si_code); diff --git a/include/uapi/asm-generic/siginfo.h b/include/uapi/asm-generic/siginfo.h index e447283b8f52..254afc31e3be 100644 --- a/include/uapi/asm-generic/siginfo.h +++ b/include/uapi/asm-generic/siginfo.h @@ -23,10 +23,6 @@ typedef union sigval { #define SI_PAD_SIZE ((SI_MAX_SIZE - __ARCH_SI_PREAMBLE_SIZE) / sizeof(int)) #endif -#ifndef __ARCH_SI_UID_T -#define __ARCH_SI_UID_T __kernel_uid32_t -#endif - /* * The default "si_band" type is "long", as specified by POSIX. * However, some architectures want to override this to "int" @@ -44,12 +40,15 @@ typedef union sigval { #define __ARCH_SI_ATTRIBUTES #endif -#ifndef HAVE_ARCH_SIGINFO_T - typedef struct siginfo { int si_signo; +#ifndef __ARCH_HAS_SWAPPED_SIGINFO int si_errno; int si_code; +#else + int si_code; + int si_errno; +#endif union { int _pad[SI_PAD_SIZE]; @@ -57,14 +56,13 @@ typedef struct siginfo { /* kill() */ struct { __kernel_pid_t _pid; /* sender's pid */ - __ARCH_SI_UID_T _uid; /* sender's uid */ + __kernel_uid32_t _uid; /* sender's uid */ } _kill; /* POSIX.1b timers */ struct { __kernel_timer_t _tid; /* timer id */ int _overrun; /* overrun count */ - char _pad[sizeof( __ARCH_SI_UID_T) - sizeof(int)]; sigval_t _sigval; /* same as below */ int _sys_private; /* not to be passed to user */ } _timer; @@ -72,34 +70,47 @@ typedef struct siginfo { /* POSIX.1b signals */ struct { __kernel_pid_t _pid; /* sender's pid */ - __ARCH_SI_UID_T _uid; /* sender's uid */ + __kernel_uid32_t _uid; /* sender's uid */ sigval_t _sigval; } _rt; /* SIGCHLD */ struct { __kernel_pid_t _pid; /* which child */ - __ARCH_SI_UID_T _uid; /* sender's uid */ + __kernel_uid32_t _uid; /* sender's uid */ int _status; /* exit code */ __ARCH_SI_CLOCK_T _utime; __ARCH_SI_CLOCK_T _stime; } _sigchld; - /* SIGILL, SIGFPE, SIGSEGV, SIGBUS */ + /* SIGILL, SIGFPE, SIGSEGV, SIGBUS, SIGTRAP, SIGEMT */ struct { void __user *_addr; /* faulting insn/memory ref. */ #ifdef __ARCH_SI_TRAPNO int _trapno; /* TRAP # which caused the signal */ #endif - short _addr_lsb; /* LSB of the reported address */ +#ifdef __ia64__ + int _imm; /* immediate value for "break" */ + unsigned int _flags; /* see ia64 si_flags */ + unsigned long _isr; /* isr */ +#endif union { + /* + * used when si_code=BUS_MCEERR_AR or + * used when si_code=BUS_MCEERR_AO + */ + short _addr_lsb; /* LSB of the reported address */ /* used when si_code=SEGV_BNDERR */ struct { + short _dummy_bnd; void __user *_lower; void __user *_upper; } _addr_bnd; /* used when si_code=SEGV_PKUERR */ - __u32 _pkey; + struct { + short _dummy_pkey; + __u32 _pkey; + } _addr_pkey; }; } _sigfault; @@ -118,10 +129,6 @@ typedef struct siginfo { } _sifields; } __ARCH_SI_ATTRIBUTES siginfo_t; -/* If the arch shares siginfo, then it has SIGSYS. */ -#define __ARCH_SIGSYS -#endif - /* * How these fields are to be accessed. */ @@ -143,14 +150,12 @@ typedef struct siginfo { #define si_addr_lsb _sifields._sigfault._addr_lsb #define si_lower _sifields._sigfault._addr_bnd._lower #define si_upper _sifields._sigfault._addr_bnd._upper -#define si_pkey _sifields._sigfault._pkey +#define si_pkey _sifields._sigfault._addr_pkey._pkey #define si_band _sifields._sigpoll._band #define si_fd _sifields._sigpoll._fd -#ifdef __ARCH_SIGSYS #define si_call_addr _sifields._sigsys._call_addr #define si_syscall _sifields._sigsys._syscall #define si_arch _sifields._sigsys._arch -#endif /* * si_code values @@ -165,6 +170,7 @@ typedef struct siginfo { #define SI_SIGIO -5 /* sent by queued SIGIO */ #define SI_TKILL -6 /* sent by tkill system call */ #define SI_DETHREAD -7 /* sent by execve() killing subsidiary threads */ +#define SI_ASYNCNL -60 /* sent by glibc async name lookup completion */ #define SI_FROMUSER(siptr) ((siptr)->si_code <= 0) #define SI_FROMKERNEL(siptr) ((siptr)->si_code > 0) @@ -173,14 +179,34 @@ typedef struct siginfo { * SIGILL si_codes */ #define ILL_ILLOPC 1 /* illegal opcode */ +#ifdef __bfin__ +# define ILL_ILLPARAOP 2 /* illegal opcode combine */ +#endif #define ILL_ILLOPN 2 /* illegal operand */ #define ILL_ILLADR 3 /* illegal addressing mode */ #define ILL_ILLTRP 4 /* illegal trap */ +#ifdef __bfin__ +# define ILL_ILLEXCPT 4 /* unrecoverable exception */ +#endif #define ILL_PRVOPC 5 /* privileged opcode */ #define ILL_PRVREG 6 /* privileged register */ #define ILL_COPROC 7 /* coprocessor error */ #define ILL_BADSTK 8 /* internal stack error */ -#define NSIGILL 8 +#ifdef __bfin__ +# define ILL_CPLB_VI 9 /* D/I CPLB protect violation */ +# define ILL_CPLB_MISS 10 /* D/I CPLB miss */ +# define ILL_CPLB_MULHIT 11 /* D/I CPLB multiple hit */ +#endif +#ifdef __tile__ +# define ILL_DBLFLT 9 /* double fault */ +# define ILL_HARDWALL 10 /* user networks hardwall violation */ +#endif +#ifdef __ia64__ +# define ILL_BADIADDR 9 /* unimplemented instruction address */ +# define __ILL_BREAK 10 /* illegal break */ +# define __ILL_BNDMOD 11 /* bundle-update (modification) in progress */ +#endif +#define NSIGILL 11 /* * SIGFPE si_codes @@ -193,15 +219,33 @@ typedef struct siginfo { #define FPE_FLTRES 6 /* floating point inexact result */ #define FPE_FLTINV 7 /* floating point invalid operation */ #define FPE_FLTSUB 8 /* subscript out of range */ -#define NSIGFPE 8 +#ifdef __frv__ +# define FPE_MDAOVF 9 /* media overflow */ +#endif +#ifdef __ia64__ +# define __FPE_DECOVF 9 /* decimal overflow */ +# define __FPE_DECDIV 10 /* decimal division by zero */ +# define __FPE_DECERR 11 /* packed decimal error */ +# define __FPE_INVASC 12 /* invalid ASCII digit */ +# define __FPE_INVDEC 13 /* invalid decimal digit */ +#endif +#define NSIGFPE 13 /* * SIGSEGV si_codes */ #define SEGV_MAPERR 1 /* address not mapped to object */ #define SEGV_ACCERR 2 /* invalid permissions for mapped object */ -#define SEGV_BNDERR 3 /* failed address bound checks */ -#define SEGV_PKUERR 4 /* failed protection key checks */ +#ifdef __bfin__ +# define SEGV_STACKFLOW 3 /* stack overflow */ +#else +# define SEGV_BNDERR 3 /* failed address bound checks */ +#endif +#ifdef __ia64__ +# define __SEGV_PSTKOVF 4 /* paragraph stack overflow */ +#else +# define SEGV_PKUERR 4 /* failed protection key checks */ +#endif #define NSIGSEGV 4 /* @@ -210,8 +254,12 @@ typedef struct siginfo { #define BUS_ADRALN 1 /* invalid address alignment */ #define BUS_ADRERR 2 /* non-existent physical address */ #define BUS_OBJERR 3 /* object specific hardware error */ +#ifdef __bfin__ +# define BUS_OPFETCH 4 /* error from instruction fetch */ +#else /* hardware memory error consumed on a machine check: action required */ -#define BUS_MCEERR_AR 4 +# define BUS_MCEERR_AR 4 +#endif /* hardware memory error detected in process but not consumed: action optional*/ #define BUS_MCEERR_AO 5 #define NSIGBUS 5 @@ -223,9 +271,20 @@ typedef struct siginfo { #define TRAP_TRACE 2 /* process trace trap */ #define TRAP_BRANCH 3 /* process taken branch trap */ #define TRAP_HWBKPT 4 /* hardware breakpoint/watchpoint */ +#ifdef __bfin__ +# define TRAP_STEP 1 /* single-step breakpoint */ +# define TRAP_TRACEFLOW 2 /* trace buffer overflow */ +# define TRAP_WATCHPT 3 /* watchpoint match */ +# define TRAP_ILLTRAP 4 /* illegal trap */ +#endif #define NSIGTRAP 4 /* + * There are an additional set of SIGTRAP si_codes used by ptrace + * that of the form: ((PTRACE_EVENT_XXX << 8) | SIGTRAP) + */ + +/* * SIGCHLD si_codes */ #define CLD_EXITED 1 /* child has exited */ |