Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull siginfo updates from Eric Biederman: "I have been slowly sorting out siginfo and this is the culmination of that work. The primary result is in several ways the signal infrastructure has been made less error prone. The code has been updated so that manually specifying SEND_SIG_FORCED is never necessary. The conversion to the new siginfo sending functions is now complete, which makes it difficult to send a signal without filling in the proper siginfo fields. At the tail end of the patchset comes the optimization of decreasing the size of struct siginfo in the kernel from 128 bytes to about 48 bytes on 64bit. The fundamental observation that enables this is by definition none of the known ways to use struct siginfo uses the extra bytes. This comes at the cost of a small user space observable difference. For the rare case of siginfo being injected into the kernel only what can be copied into kernel_siginfo is delivered to the destination, the rest of the bytes are set to 0. For cases where the signal and the si_code are known this is safe, because we know those bytes are not used. For cases where the signal and si_code combination is unknown the bits that won't fit into struct kernel_siginfo are tested to verify they are zero, and the send fails if they are not. I made an extensive search through userspace code and I could not find anything that would break because of the above change. If it turns out I did break something it will take just the revert of a single change to restore kernel_siginfo to the same size as userspace siginfo. Testing did reveal dependencies on preferring the signo passed to sigqueueinfo over si->signo, so bit the bullet and added the complexity necessary to handle that case. Testing also revealed bad things can happen if a negative signal number is passed into the system calls. Something no sane application will do but something a malicious program or a fuzzer might do. So I have fixed the code that performs the bounds checks to ensure negative signal numbers are handled" * 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (80 commits) signal: Guard against negative signal numbers in copy_siginfo_from_user32 signal: Guard against negative signal numbers in copy_siginfo_from_user signal: In sigqueueinfo prefer sig not si_signo signal: Use a smaller struct siginfo in the kernel signal: Distinguish between kernel_siginfo and siginfo signal: Introduce copy_siginfo_from_user and use it's return value signal: Remove the need for __ARCH_SI_PREABLE_SIZE and SI_PAD_SIZE signal: Fail sigqueueinfo if si_signo != sig signal/sparc: Move EMT_TAGOVF into the generic siginfo.h signal/unicore32: Use force_sig_fault where appropriate signal/unicore32: Generate siginfo in ucs32_notify_die signal/unicore32: Use send_sig_fault where appropriate signal/arc: Use force_sig_fault where appropriate signal/arc: Push siginfo generation into unhandled_exception signal/ia64: Use force_sig_fault where appropriate signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn signal/ia64: Use the generic force_sigsegv in setup_frame signal/arm/kvm: Use send_sig_mceerr signal/arm: Use send_sig_fault where appropriate signal/arm: Use force_sig_fault where appropriate ...
This commit is contained in:
Linus Torvalds
@@ -10,18 +10,7 @@ typedef union sigval {
|
||||
void __user *sival_ptr;
|
||||
} sigval_t;
|
||||
|
||||
/*
|
||||
* This is the size (including padding) of the part of the
|
||||
* struct siginfo that is before the union.
|
||||
*/
|
||||
#ifndef __ARCH_SI_PREAMBLE_SIZE
|
||||
#define __ARCH_SI_PREAMBLE_SIZE (3 * sizeof(int))
|
||||
#endif
|
||||
|
||||
#define SI_MAX_SIZE 128
|
||||
#ifndef SI_PAD_SIZE
|
||||
#define SI_PAD_SIZE ((SI_MAX_SIZE - __ARCH_SI_PREAMBLE_SIZE) / sizeof(int))
|
||||
#endif
|
||||
|
||||
/*
|
||||
* The default "si_band" type is "long", as specified by POSIX.
|
||||
@@ -40,96 +29,108 @@ typedef union sigval {
|
||||
#define __ARCH_SI_ATTRIBUTES
|
||||
#endif
|
||||
|
||||
typedef struct siginfo {
|
||||
int si_signo;
|
||||
#ifndef __ARCH_HAS_SWAPPED_SIGINFO
|
||||
int si_errno;
|
||||
int si_code;
|
||||
#else
|
||||
int si_code;
|
||||
int si_errno;
|
||||
#endif
|
||||
union __sifields {
|
||||
/* kill() */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* sender's pid */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
} _kill;
|
||||
|
||||
union {
|
||||
int _pad[SI_PAD_SIZE];
|
||||
/* POSIX.1b timers */
|
||||
struct {
|
||||
__kernel_timer_t _tid; /* timer id */
|
||||
int _overrun; /* overrun count */
|
||||
sigval_t _sigval; /* same as below */
|
||||
int _sys_private; /* not to be passed to user */
|
||||
} _timer;
|
||||
|
||||
/* kill() */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* sender's pid */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
} _kill;
|
||||
/* POSIX.1b signals */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* sender's pid */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
sigval_t _sigval;
|
||||
} _rt;
|
||||
|
||||
/* POSIX.1b timers */
|
||||
struct {
|
||||
__kernel_timer_t _tid; /* timer id */
|
||||
int _overrun; /* overrun count */
|
||||
sigval_t _sigval; /* same as below */
|
||||
int _sys_private; /* not to be passed to user */
|
||||
} _timer;
|
||||
/* SIGCHLD */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* which child */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
int _status; /* exit code */
|
||||
__ARCH_SI_CLOCK_T _utime;
|
||||
__ARCH_SI_CLOCK_T _stime;
|
||||
} _sigchld;
|
||||
|
||||
/* POSIX.1b signals */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* sender's pid */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
sigval_t _sigval;
|
||||
} _rt;
|
||||
|
||||
/* SIGCHLD */
|
||||
struct {
|
||||
__kernel_pid_t _pid; /* which child */
|
||||
__kernel_uid32_t _uid; /* sender's uid */
|
||||
int _status; /* exit code */
|
||||
__ARCH_SI_CLOCK_T _utime;
|
||||
__ARCH_SI_CLOCK_T _stime;
|
||||
} _sigchld;
|
||||
|
||||
/* SIGILL, SIGFPE, SIGSEGV, SIGBUS, SIGTRAP, SIGEMT */
|
||||
struct {
|
||||
void __user *_addr; /* faulting insn/memory ref. */
|
||||
/* SIGILL, SIGFPE, SIGSEGV, SIGBUS, SIGTRAP, SIGEMT */
|
||||
struct {
|
||||
void __user *_addr; /* faulting insn/memory ref. */
|
||||
#ifdef __ARCH_SI_TRAPNO
|
||||
int _trapno; /* TRAP # which caused the signal */
|
||||
int _trapno; /* TRAP # which caused the signal */
|
||||
#endif
|
||||
#ifdef __ia64__
|
||||
int _imm; /* immediate value for "break" */
|
||||
unsigned int _flags; /* see ia64 si_flags */
|
||||
unsigned long _isr; /* isr */
|
||||
int _imm; /* immediate value for "break" */
|
||||
unsigned int _flags; /* see ia64 si_flags */
|
||||
unsigned long _isr; /* isr */
|
||||
#endif
|
||||
|
||||
#define __ADDR_BND_PKEY_PAD (__alignof__(void *) < sizeof(short) ? \
|
||||
sizeof(short) : __alignof__(void *))
|
||||
union {
|
||||
/*
|
||||
* used when si_code=BUS_MCEERR_AR or
|
||||
* used when si_code=BUS_MCEERR_AO
|
||||
*/
|
||||
short _addr_lsb; /* LSB of the reported address */
|
||||
/* used when si_code=SEGV_BNDERR */
|
||||
struct {
|
||||
char _dummy_bnd[__ADDR_BND_PKEY_PAD];
|
||||
void __user *_lower;
|
||||
void __user *_upper;
|
||||
} _addr_bnd;
|
||||
/* used when si_code=SEGV_PKUERR */
|
||||
struct {
|
||||
char _dummy_pkey[__ADDR_BND_PKEY_PAD];
|
||||
__u32 _pkey;
|
||||
} _addr_pkey;
|
||||
};
|
||||
} _sigfault;
|
||||
union {
|
||||
/*
|
||||
* used when si_code=BUS_MCEERR_AR or
|
||||
* used when si_code=BUS_MCEERR_AO
|
||||
*/
|
||||
short _addr_lsb; /* LSB of the reported address */
|
||||
/* used when si_code=SEGV_BNDERR */
|
||||
struct {
|
||||
char _dummy_bnd[__ADDR_BND_PKEY_PAD];
|
||||
void __user *_lower;
|
||||
void __user *_upper;
|
||||
} _addr_bnd;
|
||||
/* used when si_code=SEGV_PKUERR */
|
||||
struct {
|
||||
char _dummy_pkey[__ADDR_BND_PKEY_PAD];
|
||||
__u32 _pkey;
|
||||
} _addr_pkey;
|
||||
};
|
||||
} _sigfault;
|
||||
|
||||
/* SIGPOLL */
|
||||
struct {
|
||||
__ARCH_SI_BAND_T _band; /* POLL_IN, POLL_OUT, POLL_MSG */
|
||||
int _fd;
|
||||
} _sigpoll;
|
||||
/* SIGPOLL */
|
||||
struct {
|
||||
__ARCH_SI_BAND_T _band; /* POLL_IN, POLL_OUT, POLL_MSG */
|
||||
int _fd;
|
||||
} _sigpoll;
|
||||
|
||||
/* SIGSYS */
|
||||
struct {
|
||||
void __user *_call_addr; /* calling user insn */
|
||||
int _syscall; /* triggering system call number */
|
||||
unsigned int _arch; /* AUDIT_ARCH_* of syscall */
|
||||
} _sigsys;
|
||||
} _sifields;
|
||||
/* SIGSYS */
|
||||
struct {
|
||||
void __user *_call_addr; /* calling user insn */
|
||||
int _syscall; /* triggering system call number */
|
||||
unsigned int _arch; /* AUDIT_ARCH_* of syscall */
|
||||
} _sigsys;
|
||||
};
|
||||
|
||||
#ifndef __ARCH_HAS_SWAPPED_SIGINFO
|
||||
#define __SIGINFO \
|
||||
struct { \
|
||||
int si_signo; \
|
||||
int si_errno; \
|
||||
int si_code; \
|
||||
union __sifields _sifields; \
|
||||
}
|
||||
#else
|
||||
#define __SIGINFO \
|
||||
struct { \
|
||||
int si_signo; \
|
||||
int si_code; \
|
||||
int si_errno; \
|
||||
union __sifields _sifields; \
|
||||
}
|
||||
#endif /* __ARCH_HAS_SWAPPED_SIGINFO */
|
||||
|
||||
typedef struct siginfo {
|
||||
union {
|
||||
__SIGINFO;
|
||||
int _si_pad[SI_MAX_SIZE/sizeof(int)];
|
||||
};
|
||||
} __ARCH_SI_ATTRIBUTES siginfo_t;
|
||||
|
||||
/*
|
||||
@@ -285,6 +286,12 @@ typedef struct siginfo {
|
||||
#define SYS_SECCOMP 1 /* seccomp triggered */
|
||||
#define NSIGSYS 1
|
||||
|
||||
/*
|
||||
* SIGEMT si_codes
|
||||
*/
|
||||
#define EMT_TAGOVF 1 /* tag overflow */
|
||||
#define NSIGEMT 1
|
||||
|
||||
/*
|
||||
* sigevent definitions
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user