
This is the merge of the upstream LTS release of 5.10.136 into the android12-5.10 branch. It contains the following commits:ee965fe12d
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'b7247246f6
Merge 5.10.136 into android12-5.10-lts6eae1503dd
Linux 5.10.1361bea03b44e
x86/speculation: Add LFENCE to RSB fill sequence509c2c9fe7
x86/speculation: Add RSB VM Exit protectionse5b556a7b2
macintosh/adb: fix oob read in do_adb_query() function75742ffc36
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x358640e2e7f1bf
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x35879c45bb363e
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC5583a292cb181
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x16751a2a2e3456
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007e81f95d030
Bluetooth: btusb: Add support of IMC Networks PID 0x3568918ce738e2
Bluetooth: hci_bcm: Add DT compatible for CYW55572033a4455d9
Bluetooth: hci_bcm: Add BCM4349B1 variant50763f0ac0
selftests: KVM: Handle compiler optimizations in ucalla56e1ccdb7
tools/kvm_stat: fix display of error when multiple processes are found3c77292d52
crypto: arm64/poly1305 - fix a read out-of-bounde2c63e1afd
ACPI: APEI: Better fix to avoid spamming the console with old error logs6ccff35588
ACPI: video: Shortening quirk list by identifying Clevo by board_name onlya2b472b152
ACPI: video: Force backlight native for some TongFang devicesa01a4e9f5d
tun: avoid double free in tun_free_netdev1069087e2f
selftests/bpf: Check dst_port only on the client socket042fb1c281
selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads78c8397132
ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()4f3b852336
ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()45b69848a2
x86/speculation: Make all RETbleed mitigations 64-bit only30abcdabf2
Merge 5.10.135 into android12-5.10-ltsf6ce9a9115
Merge 5.10.134 into android12-5.10-lts4fd9cb57a3
Linux 5.10.1354bfc9dc608
selftests: bpf: Don't run sk_lookup in verifier tests6d3fad2b44
bpf: Add PROG_TEST_RUN support for sk_lookup programs6aad811b37
bpf: Consolidate shared test timing code545fc3524c
x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available14b494b7aa
xfs: Enforce attr3 buffer recovery ordere5f9d4e0f8
xfs: logging the on disk inode LSN can make it go backwardsc1268acaa0
xfs: remove dead stale buf unpin handling codec85cbb0b21
xfs: hold buffer across unpin and potential shutdown processingd8f5bb0a09
xfs: force the log offline when log intent item recovery failseccacbcbfd
xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes17c8097fb0
xfs: prevent UAF in xfs_log_item_in_current_chkpt6d3605f84e
xfs: xfs_log_force_lsn isn't passed a LSN41fbfdaba9
xfs: refactor xfs_file_fsyncaadc39fd5b
docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleedc4cd52ab1e
EDAC/ghes: Set the DIMM label unconditionallyc454639172
ARM: 9216/1: Fix MAX_DMA_ADDRESS overflowe500aa9f2d
mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.2670f76a56
page_alloc: fix invalid watermark check on a negative value8014246694
ARM: crypto: comment out gcc warning that breaks clang builds6f3505588d
sctp: leave the err path free in sctp_stream_init to sctp_stream_free510e5b3791
sfc: disable softirqs for ptp TX3ec42508a6
perf symbol: Correct address for bss symbols6807897695
virtio-net: fix the race between refill work and close440dccd80f
netfilter: nf_queue: do not allow packet truncation below transport header offsetaeb2ff9f9f
sctp: fix sleep in atomic context bug in timer handlersfad6caf9b1
i40e: Fix interface init with MSI interrupts (no MSI-X)e4a7acd6b4
tcp: Fix data-races around sysctl_tcp_reflect_tos.f310fb69a0
tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.d2476f2059
tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.4832397891
tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.530a4da37e
net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa()6e0e0464f1
macsec: always read MACSEC_SA_ATTR_PN as a u642daf0a1261
macsec: limit replay window size with XPN0755c9d05a
macsec: fix error message in macsec_add_rxsa and _txsa54c295a30f
macsec: fix NULL deref in macsec_add_rxsa034bfadc8f
Documentation: fix sctp_wmem in ip-sysctl.rst4aea33f404
tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.c4e6029a85
tcp: Fix a data-race around sysctl_tcp_autocorking.83edb788e6
tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.f47e7e5b49
tcp: Fix a data-race around sysctl_tcp_min_tso_segs.5584fe9718
net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()b399ffafff
igmp: Fix data-races around sysctl_igmp_qrv.4c1318dabe
net/tls: Remove the context from the list in tls_device_down8008e797ec
ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptra84b8b53a5
net: ping6: Fix memleak in ipv6_renew_options().c37c7f35d7
tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.9ffb4fdfd8
tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.3e93312583
tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.77ac046a9a
Revert "tcp: change pingpong threshold to 3"54a73d6544
scsi: ufs: host: Hold reference returned by of_parse_phandle()160f79561e
ice: do not setup vlan for loopback VSI9ed6f97c8d
ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)2b4b373271
tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.3fb21b67c0
tcp: Fix a data-race around sysctl_tcp_nometrics_save.81c45f49e6
tcp: Fix a data-race around sysctl_tcp_frto.312ce3901f
tcp: Fix a data-race around sysctl_tcp_adv_win_scale.3cddb7a7a5
tcp: Fix a data-race around sysctl_tcp_app_win.f10a5f905a
tcp: Fix data-races around sysctl_tcp_dsack.7fa8999b31
watch_queue: Fix missing locking in add_watch_to_object()45a84f04a9
watch_queue: Fix missing rcu annotationb38a8802c5
nouveau/svm: Fix to migrate all requested pagesbd46ca4146
s390/archrandom: prevent CPACF trng invocations in interrupt context1228934cf2
ntfs: fix use-after-free in ntfs_ucsncmp()5528990512
Revert "ocfs2: mount shared volume without ha stack"de5d4654ac
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_puta46cc20143
Merge 5.10.133 into android12-5.10-lts3f05c6dd13
ANDROID: fix up 5.10.132 merge with the virtio_mmio.c driver7a62a4b621
Linux 5.10.134bb1990a300
watch-queue: remove spurious double semicolonf7c1fc0dec
net: usb: ax88179_178a needs FLAG_SEND_ZLP08afa87f58
tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()a4bb7ef2d6
tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()c84986d097
tty: drop tty_schedule_flip()4d374625cc
tty: the rest, stop using tty_schedule_flip()6a81848252
tty: drivers/tty/, stop using tty_schedule_flip()0adf21eec5
watchqueue: make sure to serialize 'wqueue->defunct' properlyc0a3a9eb26
x86/alternative: Report missing return thunk detailsb7b9e5cc8b
x86/amd: Use IBPB for firmware calls14fc9233aa
Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunksf44e65e6f0
Bluetooth: SCO: Fix sco_send_frame returning skb->lena8feae8bd2
Bluetooth: Fix passing NULL to PTR_ERR5283591c84
Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg341a029cf3
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg3cce0e771f
Bluetooth: Add bt_skb_sendmmsg helperc87b2bc9d7
Bluetooth: Add bt_skb_sendmsg helper4faf4bbc2d
ALSA: memalloc: Align buffer allocations in page sized1dc861cd6
bitfield.h: Fix "type of reg too small for mask" testf62ffdb5e2
drm/imx/dcss: fix unused but set variable warnings577b624689
dlm: fix pending remove if msg allocation failscdcd20aa2c
x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts26d5eb3c25
sched/deadline: Fix BUG_ON condition for deboosted tasks0c722a32f2
bpf: Make sure mac_header was set before using itddb3f0b688
mm/mempolicy: fix uninit-value in mpol_rebind_policy()3616776bc5
KVM: Don't null dereference ops->destroy684896e675
spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers0648526633
tcp: Fix data-races around sysctl_tcp_max_reordering.805f1c7ce4
tcp: Fix a data-race around sysctl_tcp_rfc1337.03bb3892f3
tcp: Fix a data-race around sysctl_tcp_stdurg.daa8b5b869
tcp: Fix a data-race around sysctl_tcp_retrans_collapse.0e3f82a03e
tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.cc133e4f4b
tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.d8781f7cd0
tcp: Fix data-races around sysctl_tcp_recovery.11e8b013d1
tcp: Fix a data-race around sysctl_tcp_early_retrans.ffc388f6f0
tcp: Fix data-races around sysctl knobs related to SYN option.fcaef69c79
udp: Fix a data-race around sysctl_udp_l3mdev_accept.9add240f76
ip: Fix data-races around sysctl_ip_prot_sock.e045d672ba
ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.36f1d9c607
drm/imx/dcss: Add missing of_node_put() in fail path665cbe91de
be2net: Fix buffer overflow in be_get_module_eeprom4752392855
gpio: pca953x: use the correct register address when regcache sync during inita941e6d5ba
gpio: pca953x: use the correct range when do regmap sync928ded3fc1
gpio: pca953x: only use single read/write for No AI modeb82de63f8f
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero6f949e5615
i40e: Fix erroneous adapter reinitialization during recovery processc6af943249
iavf: Fix handling of dummy receive descriptors0dc2f19d8c
tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.22938534c6
tcp: Fix data-races around sysctl_tcp_fastopen.b3ce32e33a
tcp: Fix data-races around sysctl_max_syn_backlog.b6c189aa80
tcp: Fix a data-race around sysctl_tcp_tw_reuse.fd6f1284e3
tcp: Fix a data-race around sysctl_tcp_notsent_lowat.768e424607
tcp: Fix data-races around some timeout sysctl knobs.474510e174
tcp: Fix data-races around sysctl_tcp_reordering.dc1a78a2b2
tcp: Fix data-races around sysctl_tcp_syncookies.fc489055e7
tcp: Fix data-races around keepalive sysctl knobs.f85119fb3f
igmp: Fix data-races around sysctl_igmp_max_msf.7d26db0053
igmp: Fix a data-race around sysctl_igmp_max_memberships.473aad9ad5
igmp: Fix data-races around sysctl_igmp_llm_reports.e80ff0b966
net/tls: Fix race in TLS device down flowa3ac79f38d
net: stmmac: fix dma queue left shift overflow issuef3da643d87
i2c: cadence: Change large transfer count reset logic to be unconditionaldd7b5ba44b
net: stmmac: fix unbalanced ptp clock issue in suspend/resume flowc61aede097
tcp: Fix a data-race around sysctl_tcp_probe_interval.d452ce36f2
tcp: Fix a data-race around sysctl_tcp_probe_threshold.d5bece4df6
tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.97992e8fef
tcp: Fix data-races around sysctl_tcp_min_snd_mss.514d2254c7
tcp: Fix data-races around sysctl_tcp_base_mss.77a04845f0
tcp: Fix data-races around sysctl_tcp_mtu_probing.d4f65615db
tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.0ee76fe01f
ip: Fix a data-race around sysctl_fwmark_reflect.611ba70e5a
ip: Fix a data-race around sysctl_ip_autobind_reuse.94269132d0
ip: Fix data-races around sysctl_ip_nonlocal_bind.11038fa781
ip: Fix data-races around sysctl_ip_fwd_update_priority.b96ed5ccb0
ip: Fix data-races around sysctl_ip_fwd_use_pmtu.5e343e3ef4
ip: Fix data-races around sysctl_ip_no_pmtu_disc.77836dbe35
igc: Reinstate IGC_REMOVED logic and implement it properlyfb6031203e
drm/amdgpu/display: add quirk handling for stutter mode43128b3eee
perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()5694b162f2
pinctrl: ralink: Check for null return of devm_kcalloc493ceca327
power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe47b696dd65
xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()3777ea39f0
serial: mvebu-uart: correctly report configured baudrate valuee744aad0c4
PCI: hv: Fix interrupt mapping for multi-MSI522bd31d6b
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()73bf070408
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSIf1d2f1ce05
PCI: hv: Fix multi-MSI to allow more than one MSI vectorb07240ce4a
Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch"4f900c37f1
net: inline rollback_registered_many()bf2f3d1970
net: move rollback_registered_many()672fac0a43
net: inline rollback_registered()b1158677d4
net: move net_set_todo inside rollback_registered()2e11856ec3
net: make sure devices go through netdev_wait_all_refsed6964ff47
net: make free_netdev() more lenient with unregistering devices2686f62fa7
docs: net: explain struct net_device lifetime7a99c7c32c
xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE2ee0cab11f
io_uring: Use original task for req identity in io_identity_cow()ab5050fd74
lockdown: Fix kexec lockdown bypass with ima policy426336de35
mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication15155fa898
riscv: add as-options for modules with assembly compontents31f3bb363a
pinctrl: stm32: fix optional IRQ support to gpiosbbc03f7ab8
Revert "cgroup: Use separate src/dst nodes when preloading css_sets for migration"0c724b692d
Merge 5.10.132 into android12-5.10-ltsccdb3f9143
Merge 5.10.131 into android12-5.10-lts50c9c56f73
Merge 5.10.130 into android12-5.10-lts2be16baf4d
Merge 5.10.129 into android12-5.10-lts96fb478c9d
Merge 5.10.128 into android12-5.10-lts195692d0ab
Merge 5.10.127 into android12-5.10-ltsf93a6ac3d6
Merge 5.10.126 into android12-5.10-lts36c687c707
Merge 5.10.125 into android12-5.10-lts4e3458d6d3
Merge 5.10.124 into android12-5.10-ltsfa431a5707
Merge 5.10.123 into android12-5.10-lts8a8eb074ed
Merge 5.10.122 into android12-5.10-lts0ced6946ac
Revert "drm: fix EDID struct for old ARM OABI format"dca272b05d
Revert "mailbox: forward the hrtimer if not queued and under a lock"a73f6da5a3
Revert "Fonts: Make font size unsigned in font_desc"8324f66c71
Revert "parisc/stifb: Keep track of hardware path of graphics card"26e506a63e
Revert "Bluetooth: Interleave with allowlist scan"8046f2ad50
Revert "Bluetooth: use inclusive language when filtering devices"b41a77c33b
Revert "Bluetooth: use hdev lock for accept_list and reject_list in conn req"fe07069084
Revert "thermal/drivers/core: Use a char pointer for the cooling device name"361d75b4c1
Revert "thermal/core: Fix memory leak in __thermal_cooling_device_register()"090d920be9
Revert "thermal/core: fix a UAF bug in __thermal_cooling_device_register()"2dc56158cb
Revert "thermal/core: Fix memory leak in the error path"28fd8700b4
Revert "ALSA: jack: Access input_dev under mutex"8636671438
Revert "gpiolib: of: Introduce hook for missing gpio-ranges"0889c70b1f
Revert "pinctrl: bcm2835: implement hook for missing gpio-ranges"eaa4878a26
Revert "ext4: fix use-after-free in ext4_rename_dir_prepare"f004760d69
Revert "ext4: verify dir block before splitting it"5034934536
Linux 5.10.1332fc7f18ba2
tools headers: Remove broken definition of __LITTLE_ENDIAN060e39b8c2
tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - againfbf60f83e2
objtool: Fix elf_create_undef_symbol() endianness39065d5434
kvm: fix objtool relocation warning6849ed81a3
x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds8e2774270a
um: Add missing apply_returns()725da3e67c
x86/bugs: Remove apostrophe typo81604506c2
tools headers cpufeatures: Sync with the kernel sources3f93b8630a
tools arch x86: Sync the msr-index.h copy with the kernel sources2ef1b06cea
KVM: emulate: do not adjust size of fastop and setcc subroutines8e31dfd630
x86/kvm: fix FASTOP_SIZE when return thunks are enabled5779e2f0cc
efi/x86: use naked RET on mixed mode call wrapperabf88ff134
x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_currentecc0d92a9f
x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit95d89ec7db
x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub668cb1ddf0
x86/xen: Fix initialisation in hypercall_page after rethunk81f20e5000
x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted844947eee3
tools/insn: Restore the relative include paths for cross buildingc035ca88b0
x86/static_call: Serialize __static_call_fixup() properlyeb38964b6f
x86/speculation: Disable RRSBA behaviorc2ca992144
x86/kexec: Disable RET on kexec51552b6b52
x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported609336351d
x86/bugs: Add Cannon lake to RETBleed affected CPU listb24fdd0f1c
x86/retbleed: Add fine grained Kconfig knobsf7851ed697
x86/cpu/amd: Enumerate BTC_NOa74f5d23e6
x86/common: Stamp out the stepping madness4d7f72b6e1
x86/speculation: Fill RSB on vmexit for IBRS47ae76fb27
KVM: VMX: Fix IBRS handling after vmexit5269be9111
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS84061fff2a
KVM: VMX: Convert launched argument to flags07401c2311
KVM: VMX: Flatten __vmx_vcpu_run()df93717a32
objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}1dbefa5772
x86/speculation: Remove x86_spec_ctrl_maskce11f91b21
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exitaad83db22e
x86/speculation: Fix SPEC_CTRL write on SMT state changed29c07912a
x86/speculation: Fix firmware entry SPEC_CTRL handlingf1b01ace81
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=nea1aa926f4
x86/cpu/amd: Add Spectral Chicken0d1a8a16e6
objtool: Add entry UNRET validationfbab1c94eb
x86/bugs: Do IBPB fallback check only oncec8845b8754
x86/bugs: Add retbleed=ibpbf728eff263
x86/xen: Rename SYS* entry points28aa3fa0b2
objtool: Update Retpoline validation55bba093fd
intel_idle: Disable IBRS during long idlee8142e2d6c
x86/bugs: Report Intel retbleed vulnerabilitya0f8ef71d7
x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()dabc2a1b40
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS6d7e13ccc4
x86/bugs: Optimize SPEC_CTRL MSR writes3dddacf8c3
x86/entry: Add kernel IBRS implementation9e727e0d94
x86/bugs: Keep a per-CPU IA32_SPEC_CTRL valuea989e75136
x86/bugs: Enable STIBP for JMP2RET3f29791d56
x86/bugs: Add AMD retbleed= boot parameter876750cca4
x86/bugs: Report AMD retbleed vulnerabilitydf748593c5
x86: Add magic AMD return-thunkc70d6f8214
objtool: Treat .text.__x86.* as noinstrc9eb5dcdc8
x86: Use return-thunk in asm code5b2edaf709
x86/sev: Avoid using __x86_return_thunkd6eb50e9b7
x86/vsyscall_emu/64: Don't use RET in vsyscall emulationee4996f07d
x86/kvm: Fix SETcc emulation for return thunkse0e06a9227
x86/bpf: Use alternative RET encoding00b136bb62
x86/ftrace: Use alternative RET encoding7723edf5ed
x86,static_call: Use alternative RET encoding446eb6f089
objtool: skip non-text sections when adding return-thunk sites8bdb25f7ae
x86,objtool: Create .return_sites716410960b
x86: Undo return-thunk damage270de63cf4
x86/retpoline: Use -mfunction-return37b9bb0941
Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}3e519ed8d5
x86/retpoline: Swizzle retpoline thunk6a2b142886
x86/retpoline: Cleanup some #ifdeferyfeec5277d5
x86/cpufeatures: Move RETPOLINE flags to word 117070bbb66c
x86/kvm/vmx: Make noinstr cleanaccb8cfd50
x86/realmode: build with -D__DISABLE_EXPORTS236b959da9
objtool: Fix objtool regression on x32 systems148811a842
x86/entry: Remove skip_r11rcxe1db6c8a69
objtool: Fix symbol creation3e8afd072d
objtool: Fix type of reloc::addend42ec4d7135
objtool: Fix code relocs vs weak symbols831d5c07b7
objtool: Fix SLS validation for kcov tail-call replacement9728af8857
crypto: x86/poly1305 - Fixup SLS03c5c33e04
objtool: Default ignore INT3 for unreachablebef21f88b4
kvm/emulate: Fix SETcc emulation function offsets with SLS494ed76c14
tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy'e9925a4584
x86: Add straight-line-speculation mitigation0f8532c283
objtool: Add straight-line-speculation validation1f6e6683c4
x86/alternative: Relax text_poke_bp() constraint277f4ddc36
x86: Prepare inline-asm for straight-line-speculation3c91e22576
x86: Prepare asm files for straight-line-speculationa512fcd881
x86/lib/atomic64_386_32: Rename thingsc2746d567d
bpf,x86: Respect X86_FEATURE_RETPOLINE*1713e5c4f8
bpf,x86: Simplify computing label offsets38a80a3ca2
x86/alternative: Add debug prints to apply_retpolines()3d13ee0d41
x86/alternative: Try inline spectre_v2=retpoline,amdb0e2dc9506
x86/alternative: Handle Jcc __x86_indirect_thunk_\reg381fd04c97
x86/alternative: Implement .retpoline_sites support6eb95718f3
x86/retpoline: Create a retpoline thunk array0de47ad5b9
x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h41ef958070
x86/asm: Fixup odd GEN-for-each-reg.h usage8ef808b3f4
x86/asm: Fix register orderccb8fc65a3
x86/retpoline: Remove unused replacement symbols908bd980a8
objtool,x86: Replace alternatives with .retpoline_sites023e78bbf1
objtool: Explicitly avoid self modifying code in .altinstr_replacement6e4676f438
objtool: Classify symbolsacc0be56b4
objtool: Handle __sanitize_cov*() tail calls9d7ec2418a
objtool: Introduce CFI hashe8b1128fb0
objtool: Make .altinstructions section entry size consistent1afa44480b
objtool: Remove reloc symbol type checks in get_alt_entry()e7118a25a8
objtool: print out the symbol type when complaining about it7ea0731957
objtool: Teach get_alt_entry() about more relocation types364e463097
objtool: Don't make .altinstructions writablef231b2ee85
objtool/x86: Ignore __x86_indirect_alt_* symbolse32542e9ed
objtool: Only rewrite unconditional retpoline thunk callsa031925382
objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()76474a9dd3
x86/alternative: Optimize single-byte NOPs at an arbitrary positionf3fe1b141d
objtool: Support asm jump tables0b2c8bf498
objtool/x86: Rewrite retpoline thunk callsed7783dca5
objtool: Skip magical retpoline .altinstr_replacemente87c18c4a9
objtool: Cache instruction relocs33092b4866
objtool: Keep track of retpoline call sites8a6d73f7db
objtool: Add elf_create_undef_symbol()b69e1b4b68
objtool: Extract elf_symbol_add()da962cd0a2
objtool: Extract elf_strtab_concat()b37c439250
objtool: Create reloc sections implicitlyfcdb7926d3
objtool: Add elf_create_reloc() helperc9049cf480
objtool: Rework the elf_rebuild_reloc_section() logicd42fa5bf19
objtool: Handle per arch retpoline naming6e95f8caff
objtool: Correctly handle retpoline thunk calls28ca351296
x86/retpoline: Simplify retpolinese68db6f780
x86/alternatives: Optimize optimize_nops()9a6471666b
x86: Add insn_decode_kernel()d9cd219114
x86/alternative: Use insn_decode()e6f8dc86a1
x86/insn-eval: Handle return values from the decoder6bc6875b82
x86/insn: Add an insn_decode() API76c513c87f
x86/insn: Add a __ignore_sync_check__ markera3d96c7439
x86/insn: Rename insn_decode() to insn_decode_from_regs()fd80da64cf
x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()341e6178c1
x86/alternative: Support ALTERNATIVE_TERNARY0c4c698569
x86/alternative: Support not-featurec9cf908b89
x86/alternative: Merge include files5f93d900b9
x86/xen: Support objtool vmlinux.o validation in xen-head.Sb626e17c11
x86/xen: Support objtool validation in xen-asm.S3116dee270
objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC53e89bc78e
objtool: Assume only ELF functions do sibling calls3e674f2652
objtool: Support retpoline jump detection for vmlinux.o917a4f6348
objtool: Support stack layout changes in alternativese9197d768f
objtool: Add 'alt_group' struct1d516bd72a
objtool: Refactor ORC section generationdd87aa5f61
KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw0ca2ba6e4d
KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S0e8e989142
Merge 5.10.121 into android12-5.10-lts2de0a17df4
Merge 5.10.120 into android12-5.10-lts7748091a31
Linux 5.10.13206a5dc3911
x86/pat: Fix x86_has_pat_wp()d9cb6fabc9
serial: 8250: Fix PM usage_count for console handovere1bd94dd9e
serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottleb8c4661126
serial: stm32: Clear prev values before setting RTS delays039ffe436a
serial: 8250: fix return error code in serial8250_request_std_resource()bfee93c9a6
vt: fix memory overlapping when deleting chars in the buffer5450430199
tty: serial: samsung_tty: set dma burst_size to 10e5668ed7b
usb: dwc3: gadget: Fix event pending checkf1e01a42dc
usb: typec: add missing uevent when partner support PD61ab5d644e
USB: serial: ftdi_sio: add Belimo device ids58b94325ee
signal handling: don't use BUG_ON() for debugginge75f692b79
nvme-pci: phison e16 has bogus namespace ids54bf0b8c75
Revert "can: xilinx_can: Limit CANFD brp to 2"35ce2c64e5
ARM: dts: stm32: use the correct clock source for CEC on stm32mp151227ee155ea
soc: ixp4xx/npe: Fix unused match warning136d7987fc
x86: Clear .brk area at early bootfd830d8dd5
irqchip: or1k-pic: Undefine mask_ack for level triggered hardwaredae43b3792
ASoC: madera: Fix event generation for rate controlscae4b78f3c
ASoC: madera: Fix event generation for OUT1 demuxa7634527cb
ASoC: cs47l15: Fix event generation for low power mux control41f97b0ecf
ASoC: dapm: Initialise kcontrol data for mux/demux controls11a14e4f31
ASoC: wm5110: Fix DRE control6cbbe59fdc
ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flowef1e38532f
pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()13fb9105cf
ASoC: ops: Fix off by one in range control validation67dc32542a
net: sfp: fix memory leak in sfp_probe()104594de27
nvme: fix regression when disconnect a recovering ctrl5504e63832
nvme-tcp: always fail a request when sending it failedde876f36f9
NFC: nxp-nci: don't print header length mismatch on i2c errorefa78f2ae3
net: tipc: fix possible refcount leak in tipc_sk_create()bacfef0bf2
platform/x86: hp-wmi: Ignore Sanitization Mode event3ea9dbf7c2
cpufreq: pmac32-cpufreq: Fix refcount leak bug24cd0b9bfd
scsi: hisi_sas: Limit max hw sectors for v3 HWc458ebd659
netfilter: br_netfilter: do not skip all hooks with 0 priority93135dca8c
virtio_mmio: Restore guest page size on resumed611580032
virtio_mmio: Add missing PM calls to freeze/restore31e16a5e11
mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGEc713de1d80
net/tls: Check for errors in tls_device_initeb58fd350a
KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()c2978d0124
net: atlantic: remove aq_nic_deinit() when resume38e081ee06
net: atlantic: remove deep parameter on suspend/resume functionsb82e4ad58a
sfc: fix kernel panic when creating VF2d4efc9a0e
seg6: bpf: fix skb checksum in bpf_push_seg6_encap()7b38df59a8
seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors834fa0a22f
seg6: fix skb checksum evaluation in SRH encapsulation/insertionc224050081
sfc: fix use after free when disabling sriovc1d9702ceb
ima: Fix potential memory leak in ima_init_crypto()eb360267e1
ima: force signature verification when CONFIG_KEXEC_SIG is configured29c6a632f8
net: ftgmac100: Hold reference returned by of_get_child_by_name()a51040d4b1
nexthop: Fix data-races around nexthop_compat_mode.2c56958de8
ipv4: Fix data-races around sysctl_ip_dynaddr.038a87b3e4
raw: Fix a data-race around sysctl_raw_l3mdev_accept.38d78c7b4b
icmp: Fix a data-race around sysctl_icmp_ratemask.4ebf261532
icmp: Fix a data-race around sysctl_icmp_ratelimit.b8871d9186
sysctl: Fix data-races in proc_dointvec_ms_jiffies().2744e302e7
drm/i915/gt: Serialize TLB invalidates with GT resets636e5dbaf0
drm/i915/selftests: fix a couple IS_ERR() vs NULL tests359f2bca79
ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zeroe1aa73454a
ARM: dts: at91: sama5d2: Fix typo in i2s1 node418b191d5f
ipv4: Fix a data-race around sysctl_fib_sync_mem.e088ceb73c
icmp: Fix data-races around sysctl.fe2a35fa2c
cipso: Fix data-races around sysctl.f5811b8df2
net: Fix data-races around sysctl_mem.d54b6ef53c
inetpeer: Fix data-races around sysctl.6481a8a72a
tcp: Fix a data-race around sysctl_tcp_max_orphans.609ce7ff75
sysctl: Fix data races in proc_dointvec_jiffies().a5ee448d38
sysctl: Fix data races in proc_doulongvec_minmax().e3a2144b3b
sysctl: Fix data races in proc_douintvec_minmax().71ddde27c2
sysctl: Fix data races in proc_dointvec_minmax().d5d54714e3
sysctl: Fix data races in proc_douintvec().80cc28a4b4
sysctl: Fix data races in proc_dointvec().9cc8edc571
net: stmmac: dwc-qos: Disable split header for Tegra194cd201332cc
ASoC: Intel: Skylake: Correct the handling of fmt_config flexible arrayfbb87a0ed2
ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks()bb8bf80387
ASoC: tas2764: Fix amp gain register offset & defaultf1cd988de4
ASoC: tas2764: Correct playback volume range52d1b4250c
ASoC: tas2764: Fix and extend FSYNC polarity handling249fe2d20d
ASoC: tas2764: Add post reset delaysf160a1f970
ASoC: sgtl5000: Fix noise on shutdown/remove831e190175
ima: Fix a potential integer overflow in ima_appraise_measurement592f3bad00
drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()4cb5c1950b
net/mlx5e: Fix capability check for updating vnic env counters6eb1d0c370
net/mlx5e: kTLS, Fix build time constant test in RXc87d5211be
net/mlx5e: kTLS, Fix build time constant test in TXd6cab2e06c
ARM: 9210/1: Mark the FDT_FIXED sections as shareable3d82fba7d3
ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle0c300e294d
spi: amd: Limit max transfer and message sized8d42c92fe
ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count91f90b571f
ext4: fix race condition between ext4_write and ext4_convert_inline_data9d883b3f00
Revert "evm: Fix memleak in init_desc"41007669fc
sh: convert nommu io{re,un}map() to static inline functionsea4dbcfb95
nilfs2: fix incorrect masking of permission flags for symlinks14e63942d6
fs/remap: constrain dedupe of EOF blocks0581613df7
drm/panfrost: Fix shrinker list corruption by madvise IOCTL2e760fe05d
drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() errorc1ea39a77c
btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents7657e39585
cgroup: Use separate src/dst nodes when preloading css_sets for migratione013ea2a51
wifi: mac80211: fix queue selection for mesh/OCB interfacesdb6e8c3015
ARM: 9214/1: alignment: advance IT state after emulating Thumb instructionf851e4f402
ARM: 9213/1: Print message about disabled Spectre workarounds only oncefa40bb3a5f
ip: fix dflt addr selection for connected nexthop4d3e0fb05e
net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer78a1400c42
tracing/histograms: Fix memory leak problem931dbcc2e0
mm: split huge PUD on wp_huge_pud fallback91530f675e
fix race between exit_itimers() and /proc/pid/timersb9c32a6886
xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue782a6b07b1
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptopcacac3e13a
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc22108ab39027a
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc6714d0d15d184
ALSA: hda/realtek: Fix headset mic for Acer SF313-51b642a3476a
ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model4486bbe928
ALSA: hda - Add fixup for Dell Latitidue E54308f95261a00
Linux 5.10.131cc5ee0e0ee
Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"ebc9fb07d2
ANDROID: random: fix CRC issues with the mergee61ebc6383
ANDROID: change function signatures for some random functions.830f0202d7
ANDROID: cpu/hotplug: avoid breaking Android ABI by fusing cpuhp stepsfee299e72e
ANDROID: random: add back removed callback functions6cc2db3cde
UPSTREAM: Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"05982f0cbb
UPSTREAM: lib/crypto: add prompts back to crypto librariesf2eb31a498
Merge 5.10.119 into android12-5.10-lts26ae9c3614
Linux 5.10.1308365b151fd
dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate37147e22cd
dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate1be247db20
dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly7b721f5aec
dmaengine: pl330: Fix lockdep warning about non-static keye23cfb3fdc
ida: don't use BUG_ON() for debugging37995f034f
dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typoca4a919584
misc: rtsx_usb: set return value in rsp_buf alloc err pathff79e0ca2b
misc: rtsx_usb: use separate command and response buffersaf7d9d4abe
misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer86884017bb
dmaengine: imx-sdma: Allow imx8m for imx7 FW revs9b329edd77
i2c: cadence: Unregister the clk notifier in error path26938bd28c
r8169: fix accessing unset transport header904f622ec7
selftests: forwarding: fix error message in learning_test9906c22340
selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT859b889029
selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT23cdc57d88
ibmvnic: Properly dispose of all skbs during a failover.2b4659c145
i40e: Fix dropped jumbo frames statistics5561bddd05
xsk: Clear page contiguity bit when unmapping pool87d2bb8882
ARM: dts: at91: sama5d2_icp: fix eeprom compatibles9b7d8e28b6
ARM: dts: at91: sam9x60ek: fix eeprom compatible and sizeade03e5ea7
ARM: at91: pm: use proper compatibles for sam9x60's rtc and rttb40ac801cb
ARM: at91: pm: use proper compatible for sama5d2's rtc4c3e73a66a
arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo1d0c3ced2d
pinctrl: sunxi: sunxi_pconf_set: use correct offsete1cda2a03d
arm64: dts: imx8mp-evk: correct I2C3 pad settings2ade1b1d92
arm64: dts: imx8mp-evk: correct gpio-led pad settings17b3883ba5
arm64: dts: imx8mp-evk: correct the uart2 pinctl value43319ee6a0
arm64: dts: imx8mp-evk: correct mmc pad settings6bf74a1e74
arm64: dts: qcom: msm8994: Fix CPU6/7 reg values2c0d10ce00
pinctrl: sunxi: a83t: Fix NAND function name for some pins3d90607e7e
ARM: meson: Fix refcount leak in meson_smp_prepare_cpuse14930e9f9
xfs: remove incorrect ASSERT in xfs_rename852952ea0e
can: kvaser_usb: kvaser_usb_leaf: fix bittiming limitsa741e762e1
can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regressionf439d08ef1
can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info79af7be44c
powerpc/powernv: delay rng platform device creation until later in boot19104425c9
video: of_display_timing.h: include errno.h96fa24eb1a
memregion: Fix memregion_free() fallback definitiond6931bff1c
PM: runtime: Redefine pm_runtime_release_supplier()cecb806c76
fbcon: Prevent that screen size is smaller than font sizeb727561ddc
fbcon: Disallow setting font bigger than screen sizeb81212828a
fbmem: Check virtual screen sizes in fb_set_var()d03e8ed72d
fbdev: fbmem: Fix logo center image dx issue963c80f070
iommu/vt-d: Fix PCI bus rescan device hot add0a5e36dbcb
netfilter: nf_tables: stricter validation of element data4a6430b99f
netfilter: nft_set_pipapo: release elements in clone from abort path4f59d12efe
net: rose: fix UAF bug caused by rose_t0timer_expiry0085da9df3
usbnet: fix memory leak in error casee917be1f83
bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals9adec73349
bpf: Fix incorrect verifier simulation around jmp32's jeq/jned0b8e22399
can: gs_usb: gs_usb_open/close(): fix memory leakb6f4b347a1
can: grcan: grcan_probe(): remove extra of_node_get()85cd41070d
can: bcm: use call_rcu() instead of costly synchronize_rcu()b75d4bec85
ALSA: hda/realtek: Add quirk for Clevo L140PU6c32496964
mm/slub: add missing TID updates on slab deactivation7208d1236f
Linux 5.10.1290e21ef1801
clocksource/drivers/ixp4xx: remove EXPORT_SYMBOL_GPL from ixp4xx_timer_setup()7055e34462
net: usb: qmi_wwan: add Telit 0x1070 compositionf1a53bb27f
net: usb: qmi_wwan: add Telit 0x1060 composition43c8d33ce3
xen/arm: Fix race in RB-tree based P2M accounting547b7c640d
xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()cbbd2d2531
xen/blkfront: force data bouncing when backend is untrusted4923217af5
xen/netfront: force data bouncing when backend is untrusted728d68bfe6
xen/netfront: fix leaking data in shared pagescfea428030
xen/blkfront: fix leaking data in shared pagesd341e5a754
selftests/rseq: Change type of rseq_offset to ptrdiff_t7e617278bf
selftests/rseq: x86-32: use %gs segment selector for accessing rseq thread area27f6361cb4
selftests/rseq: x86-64: use %fs segment selector for accessing rseq thread areaa4312e2d81
selftests/rseq: Fix: work-around asm goto compiler bugs7e1a0a9a44
selftests/rseq: Remove arm/mips asm goto compiler work-aroundba4d79af71
selftests/rseq: Fix warnings about #if checks of undefined tokens35c6f5047f
selftests/rseq: Fix ppc32 offsets by using long rather than off_tdbc1f0ee60
selftests/rseq: Fix ppc32 missing instruction selection "u" and "x" for load/stored4f631ea2d
selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big endiane85fdae4df
selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35c79e564535
selftests/rseq: Introduce thread pointer getters4a78bf83e2
selftests/rseq: Introduce rseq_get_abi() helper3c2a416c80
selftests/rseq: Remove volatile from __rseq_abi68e1232c6e
selftests/rseq: Remove useless assignment to cpu variable3e77ed4f90
selftests/rseq: introduce own copy of rseq uapi header54cd556487
selftests/rseq: remove ARRAY_SIZE define from individual tests14894cf692
hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() failsf72d410dbf
ipv6/sit: fix ipip6_tunnel_get_prl return value25055da22a
sit: use min652fd40eb0
drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c79963021fd
xen/gntdev: Avoid blocking in unmap_grant_pages()5f614f5f70
tcp: add a missing nf_reset_ct() in 3WHS handling9203dfb3ed
xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_rangef874e16870
xfs: update superblock counters correctly for !lazysbcount7ab7458d7a
xfs: fix xfs_trans slab cache namef12968a5a4
xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAXda61388f9a
xfs: Skip repetitive warnings about mount options6b7dab812c
xfs: rename variable mp to parsing_mpb261cd005a
xfs: use current->journal_info for detecting transaction recursionc36d41b65e
net: tun: avoid disabling NAPI twice59c51c3b54
tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()c9fc52c173
io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->iopriob8def021ac
epic100: fix use after free on rmmod456bc33887
tipc: move bc link creation back to tipc_node_create09f9946235
NFC: nxp-nci: Don't issue a zero length i2c_master_read()7d363362e0
nfc: nfcmrvl: Fix irq_of_parse_and_map() return value63b2fe509f
net: bonding: fix use-after-free after 802.3ad slave unbind7597ed348e
net: bonding: fix possible NULL deref in rlb codeac12337229
net/sched: act_api: Notify user space if any actions were flushed before error91d3bb82c4
netfilter: nft_dynset: restore set element counter when failing to update4b480a7940
s390: remove unneeded 'select BUILD_BIN2C'e65027fdeb
PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events653bdcd833
caif_virtio: fix race between virtio_device_ready() and ndo_open()208ff79675
NFSD: restore EINVAL error translation in nfsd_commit()db82bb6054
net: ipv6: unexport __init-annotated seg6_hmac_net_init()eb1757ca20
usbnet: fix memory allocation in helpersfae2a9fb1e
linux/dim: Fix divide by 0 in RDMA DIMb0cab8b517
RDMA/cm: Fix memory leak in ib_cm_insert_listen9de276dfb2
RDMA/qedr: Fix reporting QP timeout attributea42bd00f00
net: dp83822: disable rx error interrupt9c06d84855
net: dp83822: disable false carrier interruptc70ca16f72
net: tun: stop NAPI when detaching queuesbec1be0a74
net: tun: unlink NAPI from device on destruction0b2499c801
net: dsa: bcm_sf2: force pause link settings3f55912a1a
selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP testf7b8fb4584
virtio-net: fix race between ndo_open() and virtio_device_ready()c0a28f2ddf
net: usb: ax88179_178a: Fix packet receiving8f74cb27c2
net: rose: fix UAF bugs caused by timer handler6a0b9512a6
SUNRPC: Fix READ_PLUS crashered03a650fb
s390/archrandom: simplify back to earlier design and initialize earlierd8bca518d5
dm raid: fix KASAN warning in raid5_add_disks9bf2b0757b
dm raid: fix accesses beyond end of raid member array213c550deb
powerpc/bpf: Fix use of user_pt_regs in uapi68a34e478a
powerpc/book3e: Fix PUD allocation size in map_kernel_page()e188bbdb92
powerpc/prom_init: Fix kernel config grepe6a7d30b65
nvdimm: Fix badblocks clear off-by-one error0b99c4a189
nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G)e77804158b
ipv6: take care of disable_policy when restoring routes03b9e01659
drm/amdgpu: To flush tlb for MMHUB of RAVEN seriesea86c1430c
Linux 5.10.1282d10984d99
net: mscc: ocelot: allow unregistered IP multicast flooding6a656280e7
powerpc/ftrace: Remove ftrace init tramp once kernel init is complete6b734f7b70
xfs: check sb_meta_uuid for dabuf buffer recovery071e750ffb
xfs: remove all COW fork extents when remounting readonly1e76bd4c67
xfs: Fix the free logic of state in xfs_attr_node_hasname0cdccc05da
xfs: punch out data fork delalloc blocks on COW writeback failuredb3f8110c3
xfs: use kmem_cache_free() for kmem_cache objects09c9902cd8
bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init()c4ff3ffe01
tick/nohz: unexport __init-annotated tick_nohz_full_setup()069fff50d4
drm: remove drm_fb_helper_modinit52dc7f3f6f
MAINTAINERS: add Amir as xfs maintainer for 5.10.yfa7f6a5f56
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'deb587b1a4
Linux 5.10.1271cca46c205
powerpc/pseries: wire up rng during setup_arch()95d73d510b
kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt)feb5ab7986
random: update comment from copy_to_user() -> copy_to_iter()959bbaf5b7
modpost: fix section mismatch check for exported init/exit sectionsc980392af1
ARM: cns3xxx: Fix refcount leak in cns3xxx_init889aad2203
memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings44a5b3a073
ARM: Fix refcount leak in axxia_boot_secondary30bbfeb480
soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe68f28d52e6
ARM: exynos: Fix refcount leak in exynos_map_pmu59fdf10814
ARM: dts: imx6qdl: correct PU regulator ramp delayfb70bd8675
ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY nodef78acc4288
powerpc/powernv: wire up rng during setup_arch7db1ba660b
powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address1f5a9205a3
powerpc: Enable execve syscall exit tracepointca144919af
parisc: Enable ARCH_HAS_STRICT_MODULE_RWXa1c902349a
parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STIaf0ff2da01
xtensa: Fix refcount leak bug in time.c6c0839cf1b
xtensa: xtfpga: Fix refcount leak bug in setup501652a2ad
iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_clientd40514d440
iio: adc: axp288: Override TS pin bias current for some modelsd579c893dd
iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message62284d45e2
iio: adc: stm32: Fix ADCs iteration in irq handlere3ebb9d16c
iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)3e0af68b99
iio: adc: stm32: fix maximum clock rate for stm32mp15xb07a30a774
iio: trigger: sysfs: fix use-after-free on remove399788e819
iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()c1ec7d52a2
iio: accel: mma8452: ignore the return value of reset operation42caf44906
iio:accel:mxc4005: rearrange iio trigger get and registere26dcf6279
iio:accel:bma180: rearrange iio trigger get and registerf26379e199
iio:chemical:ccs811: rearrange iio trigger get and register4b6cdcff7c
f2fs: attach inline_data after setting compression2d7bdb6a5a
usb: chipidea: udc: check request status before setting device address656eca37aa
USB: gadget: Fix double-free bug in raw_gadget driver54604108be
usb: gadget: Fix non-unique driver names in raw-gadget driverd87dec22fd
xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI114080d04a
xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCIb8142a8465
xhci: turn off port power in shutdown116c3e81b0
usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMICa547662534
iio: adc: vf610: fix conversion mode sysfs node name58c3a27e9c
iio: mma8452: fix probe fail when device tree compatible is used.5ee016f612
s390/cpumf: Handle events cycles and instructions identicalabe487a88a
gpio: winbond: Fix error code in winbond_gpio_get()30531e0d7b
nvme: move the Samsung X5 quirk entry to the core quirks169f7d7705
nvme-pci: add NO APST quirk for Kioxia device938f594266
nvme-pci: allocate nvme_command within driver pduba388d4e9a
nvme: don't check nvme_req flags for new reqe7ccaa1aba
nvme: mark nvme_setup_passsthru() inline3ee62a1f07
nvme: split nvme_alloc_request()fe06c692cd
nvme: centralize setting the timeout in nvme_alloc_requestafbc954e78
Revert "net/tls: fix tls_sk_proto_close executed repeatedly"340fbdc801
virtio_net: fix xdp_rxq_info bug after suspend/resume3bccf82169
igb: Make DMA faster when CPU is active on the PCIe link7d7450363f
regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips40b3815b2c
ice: ethtool: advertise 1000M speeds properly7b564e3254
afs: Fix dynamic root getattr3c22192db0
MIPS: Remove repetitive increase irq_err_countcc649a7865
x86/xen: Remove undefined behavior in setup_features()b60c375ad1
selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh20119c1e0f
udmabuf: add back sanity checke82376b632
net/tls: fix tls_sk_proto_close executed repeatedlycec9867ee5
erspan: do not assume transport header is always setacf76125bb
drm/msm/dp: fix connect/disconnect handled at irq_hpd61f8f4034c
drm/msm/dp: promote irq_hpd handle to handle link training correctlyd11cb08215
drm/msm/dp: deinitialize mainlink if link training failed3d67cb00cb
drm/msm/dp: fixes wrong connection state caused by failure of link trainefb2b69160
drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind()d16a433982
drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf363fd6e346
net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms2e3216b929
bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiersc12a2c9b1b
igb: fix a use-after-free issue in igb_clean_tx_ring361c5521c1
tipc: fix use-after-free Read in tipc_named_reinitf299d3fbe4
tipc: simplify the finalize work queueab7f565ac7
phy: aquantia: Fix AN when higher speeds than 1G are not advertiseda51c199e4d
bpf, x86: Fix tail call count offset calculation on bpf2bpf call4ae116428e
drm/sun4i: Fix crash during suspend after component bind failure516760f1d2
bpf: Fix request_sock leak in sk lookup helpers505a375eea
drm/msm: use for_each_sgtable_sg to iterate over scatterlist10eb239e29
scsi: scsi_debug: Fix zone transition to full condition15cc30ac2a
netfilter: use get_random_u32 instead of prandom95f80c8843
netfilter: nftables: add nft_parse_register_store() and use itec9b0a8d30
netfilter: nftables: add nft_parse_register_load() and use it8adedb4711
drm/msm: Fix double pm_runtime_disable() call8682335375
USB: serial: option: add Quectel RM500K module support9e6e063e54
USB: serial: option: add Quectel EM05-G modem0b3006a862
USB: serial: option: add Telit LE910Cx 0x1250 compositionf6a266e0dc
dm mirror log: clear log bits up to BITS_PER_LONG boundary03d1874b82
dm era: commit metadata in postsuspend after worker stops273106c2df
ata: libata: add qc->flags in ata_qc_complete_template tracepoint156427b312
mtd: rawnand: gpmi: Fix setting busy timeout setting07e56884cd
mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing0ae82e1ccb
btrfs: add error messages to all unrecognized mount options49e3e449bc
net: openvswitch: fix parsing of nw_proto for IPv6 fragments1508658aec
ALSA: hda/realtek: Add quirk for Clevo NS50PU6e8e503159
ALSA: hda/realtek: Add quirk for Clevo PD70PNT80307458a1
ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly7fcbc89d47
ALSA: hda/realtek - ALC897 headset MIC no soundf5ea433d56
ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop6437329060
ALSA: hda/conexant: Fix missing beep setup12a6be5d11
ALSA: hda/via: Fix missing beep setup5e80f923b8
random: quiet urandom warning ratelimit suppression message310ebbd9f5
random: schedule mix_interrupt_randomness() less often3acb7dc242
vt: drop old FONT ioctls9cae50bdfa
Linux 5.10.126fb2fbb3c10
io_uring: use separate list entry for iopoll requests6a7c3bcc3c
Linux 5.10.125df3f3bb505
io_uring: add missing item types for various requests1a264b3a69
arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfera1508d164e
serial: core: Initialize rs485 RTS polarity already on probe7ccb026ecb
tcp: drop the hash_32() part from the index calculation9429b75bc2
tcp: increase source port perturb table to 2^1624b922a5da
tcp: dynamically allocate the perturb table used by source portsd28e64b1c6
tcp: add small random increments to the source portdd46a868fc
tcp: use different parts of the port_offset for index and offset743acb5207
tcp: add some entropy in __inet_hash_connect()16b1994679
usb: gadget: u_ether: fix regression in setting fixed MAC address355be61311
zonefs: fix zonefs_iomap_begin() for readsee4677b78e
s390/mm: use non-quiescing sske for KVM switch to keyed guest73c2a811f6
Revert "xfrm: Add possibility to set the default to block if we have no policy"e21944a82a
Revert "net: xfrm: fix shift-out-of-bounce"f7160ab103
Revert "xfrm: make user policy API complete"df0ff8d194
Revert "xfrm: notify default policy on update"4ead88c0e8
Revert "xfrm: fix dflt policy check when there is no policy configured"42dadcf0a8
Revert "xfrm: rework default policy structure"ece9c2a70f
Revert "xfrm: fix "disable_policy" flag use when arriving from different devices"9dcde7a741
Revert "include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage"4f3fee72a7
Linux 5.10.124e0b6018894
clk: imx8mp: fix usb_root_clk parenta3e50506ea
powerpc/book3e: get rid of #include <generated/compile.h>ff4443f3fc
igc: Enable PCIe PTMf0a7adff63
Revert "PCI: Make pci_enable_ptm() private"e1513a714d
net: openvswitch: fix misuse of the cached connection on tuple changes09b55dc90b
net/sched: act_police: more accurate MTU policing73bc8a5e8e
dma-direct: don't over-decrypt memoryaa9a001efa
virtio-pci: Remove wrong address verification in vp_del_vqs()be98641034
ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine401bef1f95
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leakd6be031a2f
KVM: x86: Account a variety of miscellaneous allocationsd74d7865e2
KVM: arm64: Don't read a HW interrupt pending state in user contextbfd004a1d3
ext4: add reserved GDT blocks check0ca74dacfd
ext4: make variable "count" signed6fdaf31ad5
ext4: fix bug_on ext4_mb_use_inode_pae27430c1f1
drm/amd/display: Cap OLED brightness per max frame-average luminanceba751f0d25
dm mirror log: round up region bitmap size to BITS_PER_LONG33ba36351e
serial: 8250: Store to lsr_save_flags after lsr read57901c658f
usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probea44a8a762f
usb: dwc2: Fix memory leak in dwc2_hcd_init791da3e6c8
USB: serial: io_ti: add Agilent E5805A support0e13274bc6
USB: serial: option: add support for Cinterion MV31 with new baselined721986e96
crypto: memneq - move into lib/308b8f31c0
comedi: vmk80xx: fix expression for tx buffer size9308be3d9a
mei: me: add raptor lake point S DID9ea9c92275
i2c: designware: Use standard optional ref clock implementation506a88a5bf
irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions7c9dd9d23f
irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitionse52a58b79f
irqchip/gic/realview: Fix refcount leak in realview_gic_of_init716587a57a
i2c: npcm7xx: Add check for platform_driver_registerb559ef9dfc
faddr2line: Fix overlapping text section failures, the sequel7fa28a7c3d
block: Fix handling of offline queues in blk_mq_alloc_request_hctx()2d825fb53b
certs/blacklist_hashes.c: fix const confusion in certs blacklistbc28fde909
arm64: ftrace: consistently handle PLTs.e177f17fe4
arm64: ftrace: fix branch range checks64072389be
net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg28069e026e
net: bgmac: Fix an erroneous kfree() in bgmac_remove()984793f255
mlxsw: spectrum_cnt: Reorder counter poolsb90ae84a8a
nvme: add device name to warning in uuid_show()42f7cbe2c2
nvme: use sysfs_emit instead of sprintf63b26fe025
drm/i915/reset: Fix error_state_read ptr + offset use2b2180449a
misc: atmel-ssc: Fix IRQ check in ssc_probe65ca4db68b
tty: goldfish: Fix free_irq() on remove5334455067
Drivers: hv: vmbus: Release cpu lock in error case814092927a
i40e: Fix call trace in setup_tx_descriptors43dfd1169c
i40e: Fix calculating the number of queue pairsef4d73da0a
i40e: Fix adding ADQ filter to TC0db965e2757
clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()8acc3e228e
pNFS: Avoid a live lock condition in pnfs_update_layout()03ea83324a
pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE4603a37f6e
random: credit cpu and bootloader seeds by default9d667348dc
gpio: dwapb: Don't print error on -EPROBE_DEFERf3c8bfd6dc
MIPS: Loongson-3: fix compile mips cpu_hwmon as module build error.85340c0634
mellanox: mlx5: avoid uninitialized variable warning with gcc-1238c519df8e
net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_fragb8879ca1fd
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg0eeec1a8b0
nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred6c18f47f47
virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failedd539feb6df
ALSA: hda/realtek - Add HW8326 support16dd002eb8
scsi: pmcraid: Fix missing resource cleanup in error case410b692621
scsi: ipr: Fix missing/incorrect resource cleanup in error case85acc5bf05
scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion916145bf9d
scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topologyf416fee125
scsi: vmw_pvscsi: Expand vcpuHint to 16 bits0e9994b865
Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq2e640e5e44
ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()a572c74402
ASoC: es8328: Fix event generation for deemphasis controlc7b8c3758f
ASoC: wm8962: Fix suspend while playing music8656623bdc
quota: Prevent memory allocation recursion while holding dq_lock36cd19e7d4
ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()440b2a62da
ASoC: cs42l51: Correct minimum value for SX volume controlf93d8fe3dc
ASoC: cs42l56: Correct typo in minimum level for SX volume controls13e5b76d3d
ASoC: cs42l52: Correct TLV for Bypass Volumeb8a47bcc4d
ASoC: cs53l30: Correct number of volume levels on SX controls70e355867d
ASoC: cs35l36: Update digital volume TLVcb6a0b83f1
ASoC: cs42l52: Fix TLV scales for mixer controlsd7be05aff2
dma-debug: make things less spammy under memory pressure1b54c00657
ASoC: nau8822: Add operation for internal PLL off and on2c9548bc26
powerpc/kasan: Silence KASAN warnings in __get_wchan()b5699bff1d
arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART328bbdca6a7
bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()f14816f2f9
nfsd: Replace use of rwsem with errseq_t56a7f57da5
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"2a59239b22
Linux 5.10.123aa238a92cc
x86/speculation/mmio: Print SMT warningbde15fdcce
KVM: x86/speculation: Disable Fill buffer clear within guests6df693dca3
x86/speculation/mmio: Reuse SRBDS mitigation for SBDScf1c01a5e4
x86/speculation/srbds: Update SRBDS mitigation selection001415e4e6
x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data3eb1180564
x86/speculation/mmio: Enable CPU Fill buffer clearing on idle56f0bca5e9
x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations26f6f231f6
x86/speculation/mmio: Add mitigation for Processor MMIO Stale Dataf83d4e5be4
x86/speculation: Add a common function for MD_CLEAR mitigation updatee66310bc96
x86/speculation/mmio: Enumerate Processor MMIO Stale Data bugf8a85334a5
Documentation: Add documentation for Processor MMIO Stale Data5754c570a5
Linux 5.10.1229ba2b4ac35
tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd5e34b49756
dmaengine: idxd: add missing callback function to support DMA_INTERRUPTb8c17121f0
zonefs: fix handling of explicit_open option on mountef51997771
PCI: qcom: Fix pipe clock imbalance63bcb9da91
md/raid0: Ignore RAID0 layout if the second zone has only one device418db40cc7
interconnect: Restore sync state by ignoring ipa-virt in provider countbcae8f8338
interconnect: qcom: sc7180: Drop IP0 interconnectsfe6caf5122
powerpc/mm: Switch obsolete dssall to .long3be74fc0af
powerpc/32: Fix overread/overwrite of thread_struct via ptracefa0d3d71dc
drm/atomic: Force bridge self-refresh-exit on CRTC switchdbe04e874d
drm/bridge: analogix_dp: Support PSR-exit to disable transition61297ee0c3
Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag2dba96d19d
ixgbe: fix unexpected VLAN Rx in promisc mode on VF91620cded9
ixgbe: fix bcast packets Rx on VF after promisc removalcdd9227373
nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION54423649bc
nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling4f0a2c46f5
nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTIONc4e4c07d86
net: phy: dp83867: retrigger SGMII AN when link change133c9870cd
mmc: block: Fix CQE recovery reset success0248a8c844
ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files471a413201
cifs: fix reconnect on smb3 mount types9023ecfd33
cifs: return errors during session setup during reconnectsb423cd2a81
ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 202194bd216d17
ALSA: hda/conexant - Fix loopback issue with CX2063213639c970f
scripts/gdb: change kernel config dumping methodb6ea26873e
vringh: Fix loop descriptors check in the indirect cases362e3b3a59
nodemask: Fix return values to be unsigneda262e1255b
cifs: version operations for smb20 unneeded when legacy support disabled01137d8980
s390/gmap: voluntarily schedule during key settingf72df77600
nbd: fix io hung while disconnecting device122e4adaff
nbd: fix race between nbd_alloc_config() and module removalc0868f6e72
nbd: call genl_unregister_family() first in nbd_cleanup()cb8da20d71
jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds320acaf84a
x86/cpu: Elide KCSAN for cpu_has() and friends8287687821
modpost: fix undefined behavior of is_arm_mapping_symbol()fee8ae0a0b
drm/radeon: fix a possible null pointer dereference3e57686830
ceph: allow ceph.dir.rctime xattr to be updatable7fa8312879
Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"ebfe279725
scsi: myrb: Fix up null pointer access on myrb_cleanup()7eb32f286e
md: protect md_unregister_thread from reentrancy668c3f9fa2
watchdog: wdat_wdt: Stop watchdog when rebooting the systeme20bc8b5a2
kernfs: Separate kernfs_pr_cont_buf and rename_lock.1e3b3a5762
serial: msm_serial: disable interrupts in __msm_console_write()ff727ab0b7
staging: rtl8712: fix uninit-value in r871xu_drv_init()33ef21d554
staging: rtl8712: fix uninit-value in usb_read8() and friendsf3f754d72d
clocksource/drivers/sp804: Avoid error on multiple instancesabf3b22261
extcon: Modify extcon device to be created after driver data is set41ec946694
misc: rtsx: set NULL intfdata when probe fails5b0c0298f7
usb: dwc2: gadget: don't reset gadget's driver->bus468fe959ea
sysrq: do not omit current cpu when showing backtrace of all active CPUsf4cb24706c
USB: hcd-pci: Fully suspend across freeze/thaw cycleffe9440d69
drivers: usb: host: Fix deadlock in oxu_bus_suspend()6e2273eefa
drivers: tty: serial: Fix deadlock in sa1100_set_termios()ee105039d3
USB: host: isp116x: check return value after calling platform_get_resource()0f69d7d5e9
drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()66f769762f
drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()cb7147afd3
tty: Fix a possible resource leak in icom_probed68d5e68b7
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()61ca1b97ad
lkdtm/usercopy: Expand size of "out of frame" object7821d743ab
iio: st_sensors: Add a local lock for protecting odr5a89a92efc
staging: rtl8712: fix a potential memory leak in r871xu_drv_init()8caa4b7d41
iio: dummy: iio_simple_dummy: check the return value of kstrdup()f091e29ed8
drm: imx: fix compiler warning with gcc-1296bf5ed057
net: altera: Fix refcount leak in altera_tse_mdio_createfbeb8dfa8b
ip_gre: test csum_start instead of transport header1981cd7a77
net/mlx5: fs, fail conflicting actions652418d82b
net/mlx5: Rearm the FW tracer after each tracer event5d9c1b081a
net: ipv6: unexport __init-annotated seg6_hmac_init()be3884d5cd
net: xfrm: unexport __init-annotated xfrm4_protocol_init()7759c32228
net: mdio: unexport __init-annotated mdio_bus_init()b585b87fd5
SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()3d8122e169
net/mlx4_en: Fix wrong return value on ioctl EEPROM query failurec2ae49a113
net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list0cf7aaff29
bpf, arm64: Clear prog->jited_len along prog->jitedc61848500a
af_unix: Fix a data-race in unix_dgram_peer_wake_me().be9581f4fd
xen: unexport __init-annotated xen_xlate_map_ballooned_pages()86c87d2c03
netfilter: nf_tables: bail out early if hardware offload is not supported330c0c6cd2
netfilter: nf_tables: memleak flow rule from commit path67e2d44873
netfilter: nf_tables: release new hooks on unsupported flowtable flags19cb3ece14
ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probeec5548066d
netfilter: nf_tables: always initialize flowtable hook list in transaction7fd03e34f0
powerpc/kasan: Force thread size increase with KASAN7a248f9c74
netfilter: nf_tables: delete flowtable hooks via transaction list9edafbc7ec
netfilter: nat: really support inet nat without l3 address8dbae5affb
xprtrdma: treat all calls not a bcall when bc_serv is NULL8b3d5bafb1
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()c09b873f3f
video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen10ee5b9644f
NFSv4: Don't hold the layoutget locks across multiple RPC calls95a0ba85c1
dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type2c08cae19d
m68knommu: fix undefined reference to `_init_sp'd99f04df32
m68knommu: set ZERO_PAGE() to the allocated zeroed page344a55ccf5
i2c: cadence: Increase timeout per message if necessary32bea51fe4
f2fs: remove WARN_ON in f2fs_is_valid_blkaddr54c1e0e3bb
iommu/arm-smmu-v3: check return value after calling platform_get_resource()3660db29b0
iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()9e801c891a
tracing: Avoid adding tracer option before update_tracer_options1788e6dbb6
tracing: Fix sleeping function called from invalid context on RT kernel2f452a3306
bootconfig: Make the bootconfig.o as a normal object filec667b3872a
mips: cpc: Fix refcount leak in mips_cpc_default_phys_base76b226eaf0
dmaengine: idxd: set DMA_INTERRUPT cap bit32be2b805a
perf c2c: Fix sorting in percent_rmt_hitm_cmp()71cbce7503
driver core: Fix wait_for_device_probe() & deferred_probe_timeout interactionb8fac8e321
tipc: check attribute length for bearer namec1f0187025
scsi: sd: Fix potential NULL pointer dereferenced2e297eaf4
afs: Fix infinite loop found by xfstest generic/67604622d6318
gpio: pca953x: use the correct register address to do regcache sync0a0f7f8414
tcp: tcp_rtx_synack() can be called from process contexte05dd93826
net: sched: add barrier to fix packet stuck problem for lockless qdisce9fe72b95d
net/mlx5e: Update netdev features after changing XDP stateb50eef7a38
net/mlx5: correct ECE offset in query qp outputea5edd015f
net/mlx5: Don't use already freed action pointerbf2af9b243
sfc: fix wrong tx channel offset with efx_separate_tx_channels8f81a4113e
sfc: fix considering that all channels have TX queues7ac3a034d9
nfp: only report pause frame configuration for physical device630e0a10c0
net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct smc_wr_tx_pend_priv *"b97550e380
riscv: read-only pages should not be writable8f49e1694c
bpf: Fix probe read error in ___bpf_prog_run()6d8d3f68cb
ubi: ubi_create_volume: Fix use-after-free when volume creation failedf413e4d7cd
ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not empty3252d327f9
jffs2: fix memory leak in jffs2_do_fill_super741e49eacd
modpost: fix removing numeric suffixes42658e47f1
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_registerf7ba2cc57f
net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks71ae30662e
net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()503a3fd646
net: sched: fixed barrier to prevent skbuff sticking in qdisc backlogee89d7fd49
s390/crypto: fix scatterwalk_unmap() callers in AES-GCMe892a7e60f
clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value1d7361679f
ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition910b1cdf6c
watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probeb3354f2046
watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking36ee9ffca8
driver core: fix deadlock in __device_attach823f24f2e3
driver: base: fix UAF when driver_attach failed7a6337bfed
bus: ti-sysc: Fix warnings for unbind for serial985706bd3b
firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle94acaaad47
serial: stm32-usart: Correct CSIZE, bits, and parityb7e560d2ff
serial: st-asc: Sanitize CSIZE and correct PARENB for CS7afcfc3183c
serial: sifive: Sanitize CSIZE and c_iflaga9f6bee486
serial: sh-sci: Don't allow CS5-600456b932e
serial: txx9: Don't allow CS5-622e975796f
serial: rda-uart: Don't allow CS5-6ff4ce2979b
serial: digicolor-usart: Don't allow CS5-65cd331bcf0
serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485260792d5c9
serial: meson: acquire port->lock in startup()82bfea344e
rtc: mt6397: check return value after calling platform_get_resource()d54a51b518
clocksource/drivers/riscv: Events are stopped during CPU suspend5b3e990f85
soc: rockchip: Fix refcount leak in rockchip_grf_initcfe8a0967d
extcon: ptn5150: Add queue work sync before driver release96414e2cdc
coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier47ebc50dc2
serial: sifive: Report actual baud base rather than fixed 115200ab35308bbd
phy: qcom-qmp: fix pipe-clock imbalance on power-on failure52f327a45c
rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() failsc10333c451
iio: adc: sc27xx: Fine tune the scale calibration values3747429834
iio: adc: sc27xx: fix read big scale voltage not rightb30f2315a3
iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout43823ceb26
iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check6f01c0fb8e
usb: typec: mux: Check dev_set_name() return value7027c890ff
firmware: stratix10-svc: fix a missing check on list iterator70ece3c5ec
misc: fastrpc: fix an incorrect NULL check on list iterator2a1bf8e5ad
usb: dwc3: pci: Fix pm_runtime_get_sync() error checking8ae4fed195
rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value572211d631
pwm: lp3943: Fix duty calculation in case period was clampedf9782b26d6
staging: fieldbus: Fix the error handling path in anybuss_host_common_probe()b382c0c3b8
usb: musb: Fix missing of_node_put() in omap2430_probe6b7cf22122
USB: storage: karma: fix rio_karma_init returne100742823
usb: usbip: add missing device lock on tweak configuration cmdbcbb795a9e
usb: usbip: fix a refcount leak in stub_probe()4e3a2d77bd
tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_gete27376f5aa
tty: n_tty: Restore EOF push handling behavior11bc6eff3a
tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probeee6c33b29e
tty: goldfish: Use tty_port_destroy() to destroy port56ac04f35f
lkdtm/bugs: Check for the NULL pointer after calling kmalloc03efa70eb0
iio: adc: ad7124: Remove shift from scan_type4610b06761
staging: greybus: codecs: fix type confusion of list iterator variable1509d2335d
pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boardse2e52b40ef
Linux 5.10.12147c1680e51
md: bcache: check the return value of kzalloc() in detached_dev_do_request()a67100f426
ext4: only allow test_dummy_encryption when supported96662c7746
MIPS: IP30: Remove incorrect `cpu_has_fpu' override57e561573f
MIPS: IP27: Remove incorrect `cpu_has_fpu' overridebb55ca1612
RDMA/rxe: Generate a completion for unsupported/invalid opcode72268945b1
Revert "random: use static branch for crng_ready()"6b03dc67dd
block: fix bio_clone_blkg_association() to associate with proper blkcg_gq51f724bffa
bfq: Make sure bfqg for which we are queueing requests is online0285718e28
bfq: Get rid of __bio_blkcg() usage80b0a2b3df
bfq: Remove pointless bfq_init_rq() calls13599aac1b
bfq: Drop pointless unlock-lock pair7d172b9dc9
bfq: Avoid merging queues with different parents54cdc10ac7
thermal/core: Fix memory leak in the error pathb132abaa65
thermal/core: fix a UAF bug in __thermal_cooling_device_register()ec1378f2fa
kseltest/cgroup: Make test_stress.sh work if run interactively82b2b60b67
xfs: assert in xfs_btree_del_cursor should take into account errorf1916a88c8
xfs: consider shutdown in bmapbt cursor delete asserte3ffe7387c
xfs: force log and push AIL to clear pinned inodes when aborting mount0b229d03d0
xfs: restore shutdown check in mapped write fault path3d05a855dc
xfs: fix incorrect root dquot corruption error when switching group/project quota types893cf5f68a
xfs: fix chown leaking delalloc quota blocks when fssetxattr fails643ceee253
xfs: sync lazy sb accounting on quiesce of read-only mountsaf26bfb04a
xfs: set inode size after creating symlinkd27f0000d7
net: ipa: fix page free in ipa_endpoint_replenish_one()70124d94f4
net: ipa: fix page free in ipa_endpoint_trans_release()2156dc3904
phy: qcom-qmp: fix reset-controller leak on probe errors67e3404889
coresight: core: Fix coresight device probe failure issue77692c02e1
blk-iolatency: Fix inflight count imbalances and IO hangs on offline19e5aac38a
vdpasim: allow to enable a vq repeatedlyec029087df
dt-bindings: gpio: altera: correct interrupt-cells0ac587c61f
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.06182c71a0c
SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_opd6b9b220d1
ARM: pxa: maybe fix gpio lookup tables39c61f4f7f
ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries6f3673c8d8
phy: qcom-qmp: fix struct clk leak on probe errors09a84dad95
arm64: dts: qcom: ipq8074: fix the sleep clock frequency591c3481b1
gma500: fix an incorrect NULL check on list iteratorc521f42dd2
tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator10c5088a31
serial: pch: don't overwrite xmit->buf[0] by x_char59afd4f287
bcache: avoid journal no-space deadlock by reserving 1 journal bucket0cf22f234e
bcache: remove incremental dirty sector counting for bch_sectors_dirty_init()3f686b249b
bcache: improve multithreaded bch_sectors_dirty_init()46c2b5f81c
bcache: improve multithreaded bch_btree_check()4e2fbe8cda
stm: ltdc: fix two incorrect NULL checks on list iteratordc12a64cf8
carl9170: tx: fix an incorrect use of list iterator8f1bc0edf5
ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control769ec2a824
rtl818x: Prevent using not initialized queuesd787a57a17
xtensa/simdisk: fix proc_read_simdisk()63758dd959
hugetlb: fix huge_pmd_unshare address update90ad54714e
nodemask.h: fix compilation error with GCC12e9514bce2f
iommu/msm: Fix an incorrect NULL check on list iterator82c888e51c
ftrace: Clean up hash direct_functions on register failuresc26ccbaeb8
kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]cf0dabc374
um: Fix out-of-bounds read in LDT setup7f8fd5dd43
um: chan_user: Fix winch_tramp() return value873069e393
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx22741dd048
cfg80211: declare MODULE_FIRMWARE for regulatory.dbe87fedad4a
irqchip: irq-xtensa-mx: fix initial IRQ affinitybe7ae7cd1c
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39xdf7f0f8be3
csky: patch_text: Fixup last cpu should be master31dca00d0c
RDMA/hfi1: Fix potential integer multiplication overflow errors09408080ad
Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bugb67adaec34
ima: remove the IMA_TEMPLATE Kconfig option577a959cb0
media: coda: Add more H264 levels for CODA9604005f6a25c
media: coda: Fix reported H264 profiled09dad0057
mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N08788b917b
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_writeb2b0144422
md: fix an incorrect NULL check in md_reload_sb2401f1cf3d
md: fix an incorrect NULL check in does_sb_need_changinge28321e013
drm/i915/dsi: fix VBT send packet port selection for ICL+495ac77576
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUXaddf0ae792
drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator97a9ec86cc
drm/nouveau/clk: Fix an incorrect NULL check on list iterator436cff507f
drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gembe585921f2
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.556e404691
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabledf297dc2364
scsi: dc395x: Fix a missing check on list iterator337e365507
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock4ca3ac06e7
dlm: fix missing lkb refcount handling899bc44291
dlm: fix plock invalid read74114d26e9
s390/perf: obtain sie_block from the right address7994d89012
mm, compaction: fast_find_migrateblock() should return pfn in the target zone99fd821f56
PCI: qcom: Fix unbalanced PHY init on probe errorsc0e129dafc
PCI: qcom: Fix runtime PM imbalance on probe errors2b4c6ad382
PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299058cb6d86b
tracing: Fix potential double free in create_var_ref()a2b9edc3f8
ACPI: property: Release subnode properties with data nodesff4cafa517
ext4: avoid cycles in directory h-treeda2f059192
ext4: verify dir block before splitting it4fd58b5cf1
ext4: fix bug_on in __es_tree_searchcc5b09cb6d
ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state1b061af037
ext4: fix bug_on in ext4_writepagesadf490083c
ext4: fix warning in ext4_handle_inode_extensiondd887f83ea
ext4: fix use-after-free in ext4_rename_dir_prepare70a7dea846
bfq: Track whether bfq_group is still onlineb06691af08
bfq: Update cgroup information before merging bio4dfc12f8c9
bfq: Split shared queues on move between cgroupsc072cab98b
efi: Do not import certificates from UEFI Secure Boot for T2 Macs9a9dc60da7
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pagesc1ad58de13
iwlwifi: mvm: fix assert 1F04 upon reconfig6118bbdf69
wifi: mac80211: fix use-after-free in chanctx codeefdefbe8b7
f2fs: fix to do sanity check for inline inode2221a2d410
f2fs: fix fallocate to use file_modified to update permissions consistentlyef221b738b
f2fs: fix to do sanity check on total_data_blocks196f72e089
f2fs: don't need inode lock for system hidden quota2e790aa378
f2fs: fix deadloop in foreground GCccd58045be
f2fs: fix to clear dirty inode in f2fs_evict_inode()a34d7b4989
f2fs: fix to do sanity check on block address in f2fs_do_zero_range()2766ddaf45
f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()d8b6aaeb9a
perf jevents: Fix event syntax error caused by ExtSelc8c2802407
perf c2c: Use stdio interface if slang is not supportedc9542f5f90
i2c: rcar: fix PM ref counts in probe error pathsebd4f37ac1
i2c: npcm: Handle spurious interrupts5c0dfca6b9
i2c: npcm: Correct register access width06cb0f056b
i2c: npcm: Fix timeout calculationde6f6b5400
iommu/amd: Increase timeout waiting for GA log enablement3cfb546439
dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()13d8d11dfa
dmaengine: stm32-mdma: rework interrupt handler0f87bd8b5f
dmaengine: stm32-mdma: remove GISR1 registerc1c4405222
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup96fdbb1c85
NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout83839a333f
NFS: Don't report errors from nfs_pageio_complete() more than once040242365c
NFS: Do not report flush errors in nfs_write_end()c5a0e59bbe
NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS418b9fa434
NFS: Do not report EINTR/ERESTARTSYS as mapping errors6073af7815
dmaengine: idxd: Fix the error handling path in idxd_cdev_register()f57696bc63
i2c: at91: Initialize dma_buf in at91_twi_xfer()8e49773a75
MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmonec5ded7acb
cpufreq: mediatek: Unregister platform device on exit9d91400fff
cpufreq: mediatek: Use module_init and add module_exitc7b0ec9744
cpufreq: mediatek: add missing platform_driver_unregister() on error in mtk_cpufreq_driver_initfb02d6b543
i2c: at91: use dma safe buffersda748d263a
iommu/mediatek: Add list_del in mtk_iommu_remove51d584704d
f2fs: fix dereference of stale list iterator after loop body0e0faa1431
OPP: call of_node_put() on error path in _bandwidth_supported()baf86afed7
Input: stmfts - do not leave device disabled in stmfts_input_openfc0750e659
RDMA/hfi1: Prevent use of lock before it is initializedbb2220e067
mailbox: forward the hrtimer if not queued and under a locka1d4941d9a
mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()46fd994763
powerpc/fsl_rio: Fix refcount leak in fsl_rio_setupb8ef79697b
macintosh: via-pmu and via-cuda need RTC_LIBcca915d691
powerpc/perf: Fix the threshold compare group constraint for power97620a280da
powerpc/64: Only WARN if __pa()/__va() called with bad addresses9b28515641
hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume()40d428b528
PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits6e07ccc7d5
Input: sparcspkr - fix refcount leak in bbc_beep_probe76badb0a4d
crypto: cryptd - Protect per-CPU resource by disabling BH.40c41a7bfd
crypto: sun8i-ss - handle zero sized sg5bea8f700a
crypto: sun8i-ss - rework handling of IV9834b13e8b
tty: fix deadlock caused by calling printk() under tty_port->locka21d4dab77
PCI: imx6: Fix PERST# start-up sequence2a9d3b5118
ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()f061ddfed9
proc: fix dentry/inode overinstantiating under /proc/${pid}/netab0c26e441
ASoC: atmel-classd: Remove endianness flag on class d componentb716e4168d
ASoC: atmel-pdmic: Remove endianness flag on pdmic component456105105e
powerpc/4xx/cpm: Fix return value of __setup() handlerde5bc92318
powerpc/idle: Fix return value of __setup() handlerf991879762
pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()f7c290eac8
powerpc/8xx: export 'cpm_setbrg' for modules49a5b1735c
drivers/base/memory: fix an unlikely reference counting issue in __add_memory_block()c121942917
dax: fix cache flush on PMD-mapped pagesd8a5bdc767
drivers/base/node.c: fix compaction sysfs file leak84958f066d
pinctrl: mvebu: Fix irq_of_parse_and_map() return value8a8b40d007
nvdimm: Allow overwrite in the presence of disabled dimms641649f31e
nvdimm: Fix firmware activation deadlock scenarios1052f22e12
firmware: arm_scmi: Fix list protocols enumeration in the base protocol7a55a5159d
scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()17d9d7d264
mfd: ipaq-micro: Fix error check return value of platform_get_irq()82c6c8a66c
powerpc/fadump: fix PT_LOAD segment for boot memory area08b053d32b
arm: mediatek: select arch timer for mt7629ceb61ab22d
pinctrl: bcm2835: implement hook for missing gpio-rangescda45b715d
gpiolib: of: Introduce hook for missing gpio-rangesa26dfdf0a6
crypto: marvell/cesa - ECB does not IVee89d8dee5
misc: ocxl: fix possible double free in ocxl_file_register_afu22c3fea20a
ARM: dts: bcm2835-rpi-b: Fix GPIO line names0a4ee6cdaa
ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LEDbd7ffc171c
ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2Cdaffdb0830
ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT95000ae680
ARM: dts: stm32: Fix PHY post-reset delay on Avenger96b439f7addd
can: xilinx_can: mark bit timing constants as const875a17c3ad
platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctlsb0bf87b1b3
ARM: dts: imx6dl-colibri: Fix I2C pinmuxingacd2313bd9
platform/chrome: cros_ec: fix error handling in cros_ec_register()e690350d3d
KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple faultfd7dca68a6
KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry259c1fad9f
soc: qcom: llcc: Add MODULE_DEVICE_TABLE()ca7ce579a7
ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocksacd99f384c
PCI: dwc: Fix setting error return on MSI DMA mapping failure92b7cab307
PCI: rockchip: Fix find_first_zero_bit() limit266f5cf692
PCI: cadence: Fix find_first_zero_bit() limita409d0b1f9
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc7cbe94d296
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc8365341798
ARM: dts: suniv: F1C100: fix watchdog compatibleea4f1c6bb9
memory: samsung: exynos5422-dmc: Avoid some over memory allocation3960629bb5
arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk33990c5f04da02
net/smc: postpone sk_refcnt increment in connect()8096e2d7c0
hinic: Avoid some over memory allocationdc7753d600
net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()4790963ef4
rxrpc: Fix decision on when to generate an IDLE ACK3eef677a25
rxrpc: Don't let ack.previousPacket regress573de88fc1
rxrpc: Fix overlapping ACK accounting4f1c34ee60
rxrpc: Don't try to resend the request if we're receiving the reply5b4826657d
rxrpc: Fix listen() setting the bar too high for the prealloc rings541224201e
hv_netvsc: Fix potential dereference of NULL pointerdeb16df525
net: stmmac: fix out-of-bounds access in a selftest5c2b34d072
net: stmmac: selftests: Use kcalloc() instead of kzalloc()7386f69041
ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()d015f6f694
NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx7a5e6a4898
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()8bbf522a2c
thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe18530bedd2
thermal/core: Fix memory leak in __thermal_cooling_device_register()dcf5ffc91c
thermal/drivers/core: Use a char pointer for the cooling device name79098339ac
thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe8360380295
thermal/drivers/bcm2711: Don't clamp temperature at zero3161044e75
drm/i915: Fix CFI violation with show_dynamic_id()ffbcfb1688
drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path2679de7d04
x86/sev: Annotate stack change in the #VC handler656aa3c51f
drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()48e82ce8cd
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_initd54ac6ca48
ext4: reject the 'commit' option on ext2 filesystems63b7c08995
media: rkvdec: h264: Fix bit depth wrap in pps packetb4805a77d5
media: rkvdec: h264: Fix dpb_valid implementation82239e30ab
media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource()5c24566294
media: ov7670: remove ov7670_power_off from ov7670_remove510e879420
ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*33411945c9
net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init8113eedbab
sctp: read sk->sk_bound_dev_if once in sctp_rcv()6950ee32c1
lsm,selinux: pass flowi_common instead of flowi to the LSM hooksa67a1661cf
m68k: math-emu: Fix dependencies of math emulation support4dcae15ff8
nvme: set dma alignment to dword8ace1e6355
Bluetooth: use hdev lock for accept_list and reject_list in conn req792f8b0e74
Bluetooth: use inclusive language when filtering devicesd763aa352c
Bluetooth: use inclusive language in HCI role commentsc024f6f11d
Bluetooth: LL privacy allow RPA394df9f17e
Bluetooth: L2CAP: Rudimentary typo fixes5702c3c657
Bluetooth: Interleave with allowlist scan36c644c63b
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeoutfc68385fcb
media: vsp1: Fix offset calculation for plane croppinga3304766d9
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init7d792640d3
media: exynos4-is: Change clk_disable to clk_disable_unprepareb3e4837358
media: st-delta: Fix PM disable depth imbalance in delta_probe8e4e0c4ac5
media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe0572a5bd38
media: aspeed: Fix an error handling path in aspeed_video_probe()34feaea3aa
scripts/faddr2line: Fix overlapping text section failures1472fb1c74
kselftest/cgroup: fix test_stress.sh to use OUTPUT dircacea459f9
ASoC: samsung: Fix refcount leak in aries_audio_probec1b08aa568
ASoC: samsung: Use dev_err_probe() helper9f564e29a5
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt2a0da7641e
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probee84aaf23ca
ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe4024affd53
ath11k: Don't check arvif->is_started before sending management frames779d41c80b
perf/amd/ibs: Use interrupt regs ip for stack unwinding37a9db0ee7
regulator: qcom_smd: Fix up PM8950 regulator configuratione2786db0a7
Revert "cpufreq: Fix possible race in cpufreq online error path"560dcbe1c7
spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()f40549ce20
iomap: iomap_write_failed fix7a79ab2596
media: uvcvideo: Fix missing check to determine if element is found in listd50b26221f
drm/msm: return an error pointer in msm_gem_prime_get_sg_table()883f1d52a5
drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected49dc28b4b2
drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detecteda10092daba
drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()369a712442
regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET018ebe4c18
arm64: fix types in copy_highpage()49bfbaf6a0
x86/mm: Cleanup the control_va_addr_alignment() __setup handler0d5c8ac922
irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return valuef4b503b4ef
irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value5e76e51633
irqchip/exiu: Fix acknowledgment of edge triggered interrupts35abf2081f
x86: Fix return value of __setup handlers940b12435b
virtio_blk: fix the discard_granularity and discard_alignment queue limits23716d7614
perf tools: Use Python devtools for version autodetection rather than runtime3451852312
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()e19ece6f24
drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H5a26a49470
drm/msm: add missing include to msm_drv.c7b815e91ff
drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()d9cb951d11
drm/msm/hdmi: check return value after calling platform_get_resource_byname()e99755e6a9
drm/msm/dsi: fix error checks and return values for DSI xmit functions3574e0b290
drm/msm/dp: fix error check return value of irq_of_parse_and_map()04204612dd
drm/msm/dp: stop event kernel thread when DP unbind134760263f
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resumed5773db56c
perf tools: Add missing headers needed by util/data.he251a33fe8
ASoC: rk3328: fix disabling mclk on pclk probe failuree2fef34d78
x86/speculation: Add missing prototype for unpriv_ebpf_notify()81f1ddffdc
mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()b6ecf2b7e6
x86/pm: Fix false positive kmemleak report in msr_build_context()0e1cd4edef
mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check()ab88c8d906
libbpf: Fix logic for finding matching program for CO-RE relocation97b56f17b3
selftests/resctrl: Fix null pointer dereference on open failedc54d66c514
scsi: ufs: core: Exclude UECxx from SFR dump list02192ee936
scsi: ufs: qcom: Fix ufs_qcom_resume()328cfeac73
drm/msm/dpu: adjust display_v_end for eDP and DPcc68e53f9a
of: overlay: do not break notify on NOTIFY_{OK|STOP}f929416d5c
fsnotify: fix wrong lockdep annotations94845fc422
inotify: show inotify mask flags in proc fdinfof2c68c5289
ALSA: pcm: Check for null pointer of pointer substream before dereferencing itd764a7d647
drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01b6b70cd3dd
media: hantro: Empty encoder capture buffers by default461e4c1f19
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix96c848afbd
cpufreq: Fix possible race in cpufreq online error path172789fd95
spi: img-spfi: Fix pm_runtime_get_sync() error checking147a376c1a
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rqf35c3f2374
drm/bridge: Fix error handling in analogix_dp_probe6d0726725c
HID: elan: Fix potential double free in elan_input_configured39d4bd3f59
HID: hid-led: fix maximum brightness for Dream Cheeky3c68daf4a3
mtd: rawnand: denali: Use managed device resourcesdd2b1d70ef
EDAC/dmc520: Don't print an error for each unconfigured interrupt linebea6985099
drbd: fix duplicate array initializer3eba802d47
target: remove an incorrect unmap zeroes data deductione7681199bb
efi: Add missing prototype for efi_capsule_setup_info2a1b5110c9
NFC: NULL out the dev->rfkill to prevent UAF8e357f086d
net: dsa: mt7530: 1G can also support 1000BASE-X link mode4565d5be8b
scftorture: Fix distribution of short handler delays58eff5b73f
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeoutb4c7dd0037
drm: mali-dp: potential dereference of null pointer78a3e9fcdb
drm/komeda: Fix an undefined behavior bug in komeda_plane_add()3cea0259ed
nl80211: show SSID for P2P_GO interfaces6c0a8c771a
bpf: Fix excessive memory allocation in stack_map_alloc()7ff76dc2d8
libbpf: Don't error out on CO-RE relos for overriden weak subprogs84b0e23e10
drm/vc4: txp: Force alpha to be 0xff if it's disabledac904216b8
drm/vc4: txp: Don't set TXP_VSTART_AT_EOF15cec7dfd3
drm/vc4: hvs: Reset muxes at probe time2268f190af
drm/mediatek: Fix mtk_cec_mask()032f8c67fe
drm/ingenic: Reset pixclock rate when parent clock rate changes58c7c01577
x86/delay: Fix the wrong asm constraint in delay_loop()f279c49f17
ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probefb66e0512e
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe35db6e2e99
spi: qcom-qspi: Add minItems to interconnect-names187ecfc3b7
drm/bridge: adv7511: clean up CEC adapter when probe fails9072d62785
drm/edid: fix invalid EDID extension block filtering0d6dc3efb1
ath9k: fix ar9003_get_eepmisc822dac24b4
ath11k: acquire ab->base_lock in unassign when finding the peer by addr3ed327b77d
dt-bindings: display: sitronix, st7735r: Fix backlight in example61bbbde9b6
drm: fix EDID struct for old ARM OABI formatcc80d3c37c
RDMA/hfi1: Prevent panic when SDMA is disableddfc308d6f2
powerpc/iommu: Add missing of_node_put in iommu_init_early_dartb4e14e9beb
macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled0230055fa6
powerpc/powernv: fix missing of_node_put in uv_init()6a61a97106
powerpc/xics: fix refcount leak in icp_opal_init()8a665c2791
powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr5a3767ac79
tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolateeff3587b9c
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()21a3effe44
ARM: hisi: Add missing of_node_put after of_find_compatible_noded2b3b380c1
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROMd146e2a986
ARM: versatile: Add missing of_node_put in dcscb_initb646e0cfeb
pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()c16f1b3d72
fat: add ratelimit to fat*_ent_bread()f20c7cd2b2
powerpc/fadump: Fix fadump to work with a different endian capture kernel039966775c
ARM: OMAP1: clock: Fix UART rate reporting algorithm9dfa8d087b
fs: jfs: fix possible NULL pointer dereference in dbFree()05efc4591f
soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc0f9091f202
crypto: ccree - use fine grained DMA mapping dir86b091b689
PM / devfreq: rk3399_dmc: Disable edev on remove()7e391ec939
arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels countc400439adc
ARM: dts: s5pv210: align DMA channels with dtschema0521c52978
ARM: dts: ox820: align interrupt controller node name with dtschema968a668376
IB/rdmavt: add missing locks in rvt_ruc_loopback6a2e275834
gfs2: use i_lock spin_lock for inode qadata92ef7a8719
selftests/bpf: fix btf_dump/btf_dump due to recent clang change340cf91293
eth: tg3: silence the GCC 12 array-bounds warningcb2ca93f8f
rxrpc, afs: Fix selection of abort codes4a4e2e90ec
rxrpc: Return an error to sendmsg if call failed6c18a0fcd6
m68k: atari: Make Atari ROM port I/O write macros return void76744a016e
x86/microcode: Add explicit CPU vendor dependencyf29fb46232
can: mcp251xfd: silence clang's -Wunaligned-access warningff383c1879
ASoC: rt1015p: remove dependency on GPIOLIBc73aee1946
ASoC: max98357a: remove dependency on GPIOLIB86c02171bd
media: exynos4-is: Fix compile warningabb5594ae2
net: phy: micrel: Allow probing without .driver_data8d33585ffa
nbd: Fix hung on disconnect request if socket is closed before1a5a3dfd9f
ASoC: rt5645: Fix errorenous cleanup orderaf98940dd3
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags8671aeeef2
openrisc: start CPU timer early in boot22cdbb1354
media: cec-adap.c: fix is_configuring state4cf6ba9367
media: imon: reorganize serializationf3915b4665
media: coda: limit frame interval enumeration to supported encoder frame sizes8ddc89437c
media: rga: fix possible memory leak in rga_probef9413b9023
rtlwifi: Use pr_warn instead of WARN_ONCEeb7a71b7b2
ipmi: Fix pr_fmt to avoid compilation issuesfa390c8b62
ipmi:ssif: Check for NULL msg when handling events and messages0b7c1dc7ee
ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default1ecd01d77c
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMICa61583744e
spi: stm32-qspi: Fix wait_cmd timeout in APM mode0c05c03c51
perf/amd/ibs: Cascade pmu init functions' return value4605458398
s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES312c43e98e
net: remove two BUG() from skb_checksum_help()4f99bde59e
ASoC: tscs454: Add endianness flag in snd_soc_component_driver296f8ca0f7
HID: bigben: fix slab-out-of-bounds Write in bigben_probe3ee67465f7
drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo6f19abe031
mlxsw: Treat LLDP packets as controlb30e727f09
mlxsw: spectrum_dcb: Do not warn about priority changesd68a5eb7b3
ASoC: dapm: Don't fold register value changes into notifications9b42659cb3
net/mlx5: fs, delete the FTE when there are no rules attached to it4d85201adb
ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL0325c08ae2
drm: msm: fix error check return value of irq_of_parse_and_map()ad97425d23
arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall8aa3750986
ath10k: skip ath10k_halt during suspend for driver state RESTARTING20ad91d08a
drm/amd/pm: fix the compile warningb5cd108143
drm/plane: Move range check for format_count earlier8c3fe9ff80
ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 40860afa4f4e1
ath11k: disable spectral scan during spectral deinitfa1b509d41
scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()1869f9bfaf
scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync()508add11af
scsi: megaraid: Fix error check return value of register_chrdev()95050b9847
drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit90281cadf5
mmc: jz4740: Apply DMA engine limits to maximum segment sizee69e93120f
md/bitmap: don't set sb values if can't pass sanity check3f94169aff
media: cx25821: Fix the warning when removing the moduleca17e7a532
media: pci: cx23885: Fix the error handling in cx23885_initdev()27ad46da44
media: venus: hfi: avoid null dereference in deinite68270a786
ath9k: fix QCA9561 PA bias levelca1ce20689
drm/amd/pm: fix double free in si_parse_power_table()3102e9d7e5
tools/power turbostat: fix ICX DRAM power numbersfbfeb9bc94
spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA directione2b8681769
ALSA: jack: Access input_dev under mutex005990e30d
sfc: ef10: Fix assigning negative value to unsigned variable10f30cba8f
rcu: Make TASKS_RUDE_RCU select IRQ_WORK1c6c3f2336
rcu-tasks: Fix race in schedule and flush workc977d63b8c
drm/komeda: return early if drm_universal_plane_init() fails.cd97a481ea
ACPICA: Avoid cache flush inside virtual machines29cb802966
x86/platform/uv: Update TSC sync state for UV559dd1a07ee
fbcon: Consistently protect deferred_takeover with console_lock()5bfb65e92f
ipv6: fix locking issues with loops over idev->addr_list98d1dc32f8
ipw2x00: Fix potential NULL dereference in libipw_xmit()cc575b8558
b43: Fix assigning negative value to unsigned variable4ae5a2ccf5
b43legacy: Fix assigning negative value to unsigned variable74ad0d7450
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queuefadc626cae
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modesc6380d9d2d
iommu/vt-d: Add RPLS to quirk list to skip TE disabling509e9710b8
btrfs: repair super block num_devices automatically4093eea47d
btrfs: add "0x" prefix for unsupported optional featuresb49516583f
ptrace: Reimplement PTRACE_KILL by always sending SIGKILLf8ef79687b
ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP6580673b17
ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP92fb46536a
perf/x86/intel: Fix event constraints for ICLb4acb8e7f1
x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails860e44f21f
parisc/stifb: Keep track of hardware path of graphics card78e008dca2
Fonts: Make font size unsigned in font_descc5b9b7fb12
xhci: Allow host runtime PM as default for Intel Alder Lake N xHCIc9ac773715
cifs: when extending a file with falloc we should make files not-sparsece4627f09e
usb: core: hcd: Add support for deferring roothub registrationa2532c4417
usb: dwc3: gadget: Move null pinter check to proper place0420275d64
USB: new quirk for Dell Gen 2 devices19b3fe8a7c
USB: serial: option: add Quectel BG95 modem40bdb5ec95
ALSA: usb-audio: Cancel pending work at closing a MIDI substream1cf70d5c15
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS223368eaf6
ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptopd2f3acde3d
riscv: Fix irq_work when SMP is disabled4a5c7a61ff
riscv: Initialize thread pointer before calling C functions6b45437959
parisc/stifb: Implement fb_is_primary_device()9cef71ecea
binfmt_flat: do not stop relocating GOT entries prematurely on riscv43ca8e1dfb
Merge 5.10.118 into android12-5.10-lts70dd2d169d
Linux 5.10.120886eeb0460
bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes7f845de286
bpf: Fix potential array overflow in bpf_trampoline_get_progs()3097f38e91
NFSD: Fix possible sleep during nfsd4_release_lockowner()78a62e09d8
NFS: Memory allocation failures are not server fatal errors1d100fcc1d
docs: submitting-patches: Fix crossref to 'The canonical patch format'ebbbffae71
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()5933a191ac
tpm: Fix buffer access in tpm2_get_tpm_pt()0c56e5d0e6
HID: multitouch: add quirks to enable Lenovo X12 trackpointd6822d82c0
HID: multitouch: Add support for Google Whiskers Touchpad0f03885059
raid5: introduce MD_BROKEN8df42bcd36
dm verity: set DM_TARGET_IMMUTABLE feature flage39b536d70
dm stats: add cond_resched when looping over entries4617778417
dm crypt: make printing of the key constant-timebb64957c47
dm integrity: fix error code in dm_integrity_ctr()8845027e55
ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries4989bb0334
Bluetooth: hci_qca: Use del_timer_sync() before freeingfae05b2314
zsmalloc: fix races between asynchronous zspage free and page migration6a1cc25494
crypto: ecrdsa - Fix incorrect use of vli_cmpc013f7d1cd
crypto: caam - fix i.MX6SX entropy delay value3d8fc6e28f
KVM: x86: avoid calling x86 emulator without a decoded instructiona2a3fa5b61
x86, kvm: use correct GFP flags for preemption disabled4a9f3a9c28
x86/kvm: Alloc dummy async #PF token outside of raw spinlock4c4a11c74a
KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator91a36ec160
netfilter: conntrack: re-fetch conntrack after insertionc0aff1faf6
netfilter: nf_tables: sanitize nft_set_desc_concat_parse()44f1ce5530
crypto: drbg - make reseeding from get_random_bytes() synchronouse744e34a3c
crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()54700e82a7
crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()b2bef5500e
crypto: drbg - prepare for more fine-grained tracking of seeding state630192aa45
lib/crypto: add prompts back to crypto libraries82f723b8a5
exfat: check if cluster num is valid1f0681f3bd
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()2728d95c6c
xfs: Fix CIL throttle hang when CIL space used going backwardsa9e7f19a55
xfs: fix an ABBA deadlock in xfs_rename72464fd2b4
xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks45d97f70da
xfs: show the proper user quota optionsf20e67b455
xfs: detect overflows in bmbt recordsffc8d61387
net: ipa: compute proper aggregation limit8adb751d29
io_uring: fix using under-expanded iters57d01bcae7
io_uring: don't re-import iovecs from callbacks6029f86740
assoc_array: Fix BUG_ON during garbage collectb96b4aa65b
cfg80211: set custom regdomain after wiphy registration8fbd54ab06
pipe: Fix missing lock in pipe_resize_ring()cd720fad8b
pipe: make poll_usage boolean and annotate its accessea62d169b6
netfilter: nf_tables: disallow non-stateful expression in sets earlier5525af175b
drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllersf0749aecb2
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging828309eee5
net: ftgmac100: Disable hardware checksum on AST2600640397afdf
nfc: pn533: Fix buggy cleanup orderac8d5eb26c
net: af_key: check encryption module availability consistencyd007f49ab7
percpu_ref_init(): clean ->percpu_count_ref on failure75e35951d6
pinctrl: sunxi: fix f1c100s uart2 function56c31ac1d8
Linux 5.10.1197c57f21349
ALSA: ctxfi: Add SB046x PCI ID514f587340
random: check for signals after page of pool writes18c261e948
random: wire up fops->splice_{read,write}_iter()cf8f8d3758
random: convert to using fops->write_iter()affa1ae522
random: convert to using fops->read_iter()4bb374a118
random: unify batched entropy implementations552ae8e484
random: move randomize_page() into mm where it belongs5f2a040b2f
random: move initialization functions out of hot pages02102b63bd
random: make consistent use of buf and len33783ca355
random: use proper return types on get_random_{int,long}_wait()1fdd7eef21
random: remove extern from functions in header811afd06e0
random: use static branch for crng_ready()04d61b96bd
random: credit architectural init the exact amount5123cc61e2
random: handle latent entropy and command line from random_init()9320e087f2
random: use proper jiffies comparison macro31ac294037
random: remove ratelimiting for in-kernel unseeded randomnessb50f2830b3
random: move initialization out of reseeding hot path4c4110c052
random: avoid initializing twice in credit racecef9010b78
random: use symbolic constants for crng_init states30e9f36266
siphash: use one source of truth for siphash permutations772edeb8c7
random: help compiler out with fast_mix() by using simpler arguments1841347233
random: do not use input pool from hard IRQs999b0c9e8a
random: order timer entropy functions below interrupt functionsce3c4ff381
random: do not pretend to handle premature next security model24d3275685
random: use first 128 bits of input as fast init273aebb50b
random: do not use batches when !crng_ready()f4c98fe1d1
random: insist on random_get_entropy() existing in order to simplifyffcfdd5de9
xtensa: use fallback for random_get_entropy() instead of zeroe1ea0e26d3
sparc: use fallback for random_get_entropy() instead of zeroa5092be129
um: use fallback for random_get_entropy() instead of zero25d4fdf1f0
x86/tsc: Use fallback for random_get_entropy() instead of zero0b93f40cbe
nios2: use fallback for random_get_entropy() instead of zerofdca775081
arm: use fallback for random_get_entropy() instead of zerod5531246af
mips: use fallback for random_get_entropy() instead of just c0 random714def4497
riscv: use fallback for random_get_entropy() instead of zero84397906a6
m68k: use fallback for random_get_entropy() instead of zero7690be1adf
timekeeping: Add raw clock fallback for random_get_entropy()07b5d0b3e2
powerpc: define get_cycles macro for arch-override30ee01bcdc
alpha: define get_cycles macro for arch-overridec55a863c30
parisc: define get_cycles macro for arch-override641d1fbd96
s390: define get_cycles macro for arch-overridec895438b17
ia64: define get_cycles macro for arch-override7d9eab78be
init: call time_init() before rand_initialize()ec25e386d3
random: fix sysctl documentation nits9dff512945
random: document crng_fast_key_erasure() destination possibilitya1b5c849d8
random: make random_get_entropy() return an unsigned long72a9ec8d75
random: allow partial reads if later user copies fail1805d20dfb
random: check for signals every PAGE_SIZE chunk of /dev/[u]random9641d9b430
random: check for signal_pending() outside of need_resched() check26ee8fa4df
random: do not allow user to keep crng key around on stackbb515a5bef
random: do not split fast init input in add_hwgenerator_randomness()be0d4e3e96
random: mix build-time latent entropy into pool at initbb563d06c5
random: re-add removed comment about get_random_{u32,u64} reseedingf3bc5eca83
random: treat bootloader trust toggle the same way as cpu trust toggle7cb6782146
random: skip fast_init if hwrng provides large chunk of entropy083ab33951
random: check for signal and try earlier when generating entropy20da9c6079
random: reseed more often immediately after booting9891211dfe
random: make consistent usage of crng_ready()95a1c94a1b
random: use SipHash as interrupt entropy accumulator849e7b744c
random: replace custom notifier chain with standard one66307429b5
random: don't let 644 read-only sysctls be written to4c74ca006a
random: give sysctl_random_min_urandom_seed a more sensible value0964a76fd5
random: do crng pre-init loading in worker rather than irq192d4c6cb3
random: unify cycles_t and jiffies usage and types47f0e89b71
random: cleanup UUID handling9b0e0e2714
random: only wake up writers after zap if threshold was passedc47f215ab3
random: round-robin registers as ulong, not u325064550d42
random: clear fast pool, crng, and batches in cpuhp bring up6e1cb84cc6
random: pull add_hwgenerator_randomness() declaration into random.h32252548b5
random: check for crng_init == 0 in add_device_randomness()684e9fe92d
random: unify early init crng load accountingf656bd0011
random: do not take pool spinlock at boot5d73e69a5d
random: defer fast pool mixing to worker7873321cd8
random: rewrite header introductory comment6d1671b6d2
random: group sysctl functions21ae543e3a
random: group userspace read/write functionsf04580811d
random: group entropy collection functionse9ff357860
random: group entropy extraction functionsd7e5b1925a
random: group crng functions6b1ffb3b5a
random: group initialization wait functions6c9cee1555
random: remove whitespace and reorder includes7b0f36f7c2
random: remove useless header commentb390181654
random: introduce drain_entropy() helper to declutter crng_reseed()0971c1c2fd
random: deobfuscate irq u32/u64 contributionsae1b8f1954
random: add proper SPDX header9342656c01
random: remove unused tracepoints17ad693cd2
random: remove ifdef'd out interrupt bench28683a1885
random: tie batched entropy generation to base_crng generationadc32acf23
random: fix locking for crng_init in crng_reseed()bb63851c25
random: zero buffer after reading entropy from userspace63c1aae40a
random: remove outdated INT_MAX >> 6 check in urandom_read()07280d2c3f
random: make more consistent use of integer types655a69cb41
random: use hash function for crng_slow_load()95026060d8
random: use simpler fast key erasure flow on per-cpu keys732872aa2c
random: absorb fast pool into input pool after fast load7a5b9ca583
random: do not xor RDRAND when writing into /dev/random16a6e4ae71
random: ensure early RDSEED goes through mixer on initc521bf08ee
random: inline leaves of rand_initialize()70377ee074
random: get rid of secondary crngsc36e71b5a5
random: use RDSEED instead of RDRAND in entropy extraction1d1582e5fe
random: fix locking in crng_fast_load()0762b7d1f1
random: remove batched entropy locking8d07e2a226
random: remove use_input_pool parameter from crng_reseed()b07fcd9e53
random: make credit_entropy_bits() always safe32d1d7ce3a
random: always wake up entropy writers after extraction9852922061
random: use linear min-entropy accumulation creditingbb9c45cfb9
random: simplify entropy debitingde0727c0c4
random: use computational hash for entropy extractione0cc561e47
random: only call crng_finalize_init() for primary_crng480fd91dcd
random: access primary_pool directly rather than through pointer0b9e36e895
random: continually use hwgenerator randomness6d2d29f051
random: simplify arithmetic function flow in account()a0653a9ec1
random: selectively clang-format where it makes sensebccc8d9231
random: access input_pool_data directly rather than through pointera9db850c21
random: cleanup fractional entropy shift constantsedd294052e
random: prepend remaining pool constants with POOL_f87f50b843
random: de-duplicate INPUT_POOL constants09ae6b8519
random: remove unused OUTPUT_POOL constants8cc5260c19
random: rather than entropy_store abstraction, use global5897e06ac1
random: remove unused extract_entropy() reserved argumentae093ca125
random: remove incomplete last_data logic7abbc9809f
random: cleanup integer typesc9e108e36d
random: cleanup poolinfo abstraction8a3b78f917
random: fix typo in comments0ad5d6384d
random: don't reset crng_init_cnt on urandom_read()17420c77f0
random: avoid superfluous call to RDRAND in CRNG extractionc245231aec
random: early initialization of ChaCha constantsefaddd56bc
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs6443204102
random: harmonize "crng init done" messagesca57d51126
random: mix bootloader randomness into pool542d8ebedb
random: do not re-init if crng_reseed completes before primary init2bfdf588a8
random: do not sign extend bytes for rotation when mixing685200b076
random: use BLAKE2s instead of SHA1 in extraction33c30bfe4f
random: remove unused irq_flags argument from add_interrupt_randomness()b57a888740
random: document add_hwgenerator_randomness() with other input functionsae33c501e0
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI07918ddba3
lib/crypto: sha1: re-roll loops to reduce code size5fb6a3ba3a
lib/crypto: blake2s: move hmac construction into wireguard62531d446a
lib/crypto: blake2s: include as built-inaec0878b1d
crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>030d3443aa
crypto: blake2s - adjust include guard namingfea91e9070
crypto: blake2s - add comment for blake2s_state fieldsd45ae768b7
crypto: blake2s - optimize blake2s initialization6c362b7c77
crypto: blake2s - share the "shash" API boilerplate code72e5b68f33
crypto: blake2s - move update and final logic to internal/blake2s.he467a55bd0
crypto: blake2s - remove unneeded includes198a19d7ee
crypto: x86/blake2s - define shash_alg structs using macros89f9ee998e
crypto: blake2s - define shash_alg structs using macros0f8fcf5b6e
crypto: lib/blake2s - Move selftest prototype into header filec3a4645d80
MAINTAINERS: add git tree for random.cc4882c6e1e
MAINTAINERS: co-maintain random.cacb198c4d1
random: remove dead code left over from blocking pool6227458fef
random: avoid arch_get_random_seed_long() when collecting IRQ randomness257fbea15a
ACPI: sysfs: Fix BERT error region memory mapping14fa2769ea
ACPI: sysfs: Make sparse happy about address space in use0debc69f00
media: vim2m: initialize the media device earliered0e71cc3f
media: vim2m: Register video device after setting up internalsa5c68f457f
secure_seq: use the 64 bits of the siphash for port offset calculation33f1b4a27a
tcp: change source port randomizarion at connect() time9b4aa0d80b
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID74c6e5d584
KVM: x86: Properly handle APF vs disabled LAPIC situationc06e5f751a
staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()a8f4d63142
lockdown: also lock down previous kgdb usec204ee3350
Linux 5.10.11856642f6af2
module: check for exit sections in layout_sections() instead of module_init_section()633be494c3
include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage61a4cc41e5
afs: Fix afs_getattr() to refetch file status if callback break occurred606011cb6a
i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe()030de84d45
module: treat exit sections the same as init sections when !CONFIG_MODULE_UNLOAD355141fdbf
dt-bindings: pinctrl: aspeed-g6: remove FWQSPID groupd30fdf7d13
Input: ili210x - fix reset timinga698bf1f72
arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs696292b9b5
net: atlantic: verify hw_head_ lies within TX buffer ringcd66ab20a8
net: atlantic: add check for MAX_SKB_FRAGS9bee8b4275
net: atlantic: reduce scope of is_rsc_complete9b84e83a92
net: atlantic: fix "frag[0] not initialized"0ae23a1d47
net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()d4c6e5cebc
ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one()3a6dee284f
nl80211: fix locking in nl80211_set_tx_bitrate_mask()efe580c436
selftests: add ping test with ping_group_range tuned1cfbf6d3a7
nl80211: validate S1G channel widtha0f5ff2049
mac80211: fix rx reordering with non explicit / psmp ack policye21d734fd0
scsi: qla2xxx: Fix missed DMA unmap for aborted commandsc5af341747
perf bench numa: Address compiler error on s390210ea7da5c
gpio: mvebu/pwm: Refuse requests with inverted polarity30d4721fec
gpio: gpio-vf610: do not touch other bits when set the target bitea8a9cb4a7
riscv: dts: sifive: fu540-c000: align dma node name with dtschemadfd1f0cb62
net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.579061f391
igb: skip phy status check where unavailablea89888648e
ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb21756b45d8d
ARM: 9196/1: spectre-bhb: enable for Cortex-A157b676abe32
net: af_key: add check for pfkey_broadcast in function pfkey_process697f3219ee
net/mlx5e: Properly block LRO when XDP is enabledb503d0228c
NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc42d4287cc1
net/qla3xxx: Fix a test in ql_reset_work()d35bf8d766
clk: at91: generated: consider range when calculating best rate9e0e75a5e7
ice: fix possible under reporting of ethtool Tx and Rx statistics6e2caee5cd
net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()a54d86cf41
net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()201e5b5c27
net: systemport: Fix an error handling path in bcm_sysport_probe()9bfe898e2b
net/sched: act_pedit: sanitize shift argument before usage47f04f95ed
xfrm: fix "disable_policy" flag use when arriving from different devices0d2e9d8000
xfrm: rework default policy structure57c1bbe709
xfrm: fix dflt policy check when there is no policy configured9856c3a129
xfrm: notify default policy on update20fd28df40
xfrm: make user policy API completeab610ee1d1
net: xfrm: fix shift-out-of-bounce5b7f84b1f9
xfrm: Add possibility to set the default to block if we have no policy243e72e204
net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm1bc27eb71b
net: macb: Increment rx bd head after allocating skb and buffer998e305bd1
net: ipa: record proper RX transaction count0599d5a8b4
ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group0a2847d448
pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrld8ca684c3d
ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi3fc2846099
dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspacee5289affba
drm/dp/mst: fix a possible memory leak in fetch_monitor_name()8ceca1a069
libceph: fix potential use-after-free on linger ping and resends233a3cc60e
crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ6013ef5f51
arm64: mte: Ensure the cleared tags are visible before setting the PTEa817f78ed6
arm64: paravirt: Use RCU read locks to guard stolen_timeb49bc8d615
KVM: x86/mmu: Update number of zapped pages even if page list is stable146128ba26
PCI/PM: Avoid putting Elo i2 PCIe Ports in D3coldec0d801d1a
Fix double fget() in vhost_net_set_backend()b42e5e3a84
selinux: fix bad cleanup on error in hashtab_duplicate()3ee8e109c3
perf: Fix sys_perf_event_open() race against self18fb7d533c
ALSA: hda/realtek: Add quirk for TongFang devices with pop noise3eaf770163
ALSA: wavefront: Proper check of get_user() errora34d018b6e
ALSA: usb-audio: Restore Rane SL-1 quirkf3f2247ac3
Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""e2cfa7b093
Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"fe5ac3da50
nilfs2: fix lockdep warnings during disk space reclamationd626fcdabe
nilfs2: fix lockdep warnings in page operations for btree nodesaca18bacdb
ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()0acaf9cacd
platform/chrome: cros_ec_debugfs: detach log reader wq from devm5a19f3c2d3
drbd: remove usage of list iterator variable after loop9b7f321106
MIPS: lantiq: check the return value of kzalloc()05c073b1ad
fs: fix an infinite loop in iomap_fiemap00d8b06a4e
rtc: mc146818-lib: Fix the AltCentury for AMD platforms87fd0dd43e
nvme-multipath: fix hang when disk goes live over reconnect3663d6023a
tools/virtio: compile with -pthread5a4cbcb3df
vhost_vdpa: don't setup irq offloading when irq_num < 0f0931ee125
s390/pci: improve zpci_dev reference counting7d3f69cbde
ALSA: hda/realtek: Enable headset mic on Lenovo P360a59450656b
crypto: x86/chacha20 - Avoid spurious jumps to other functions39acee8aea
crypto: stm32 - fix reference leak in stm32_crc_remove703c80ff43
rtc: sun6i: Fix time overflow handlingbab037ebbe
gfs2: Disable page faults during lockless buffered readse803f12ea2
nvme-pci: add quirks for Samsung X5 SSDs5565fc538d
Input: stmfts - fix reference leak in stmfts_input_opend5e88c2d76
Input: add bounds checking to input_set_capability()ea6a86886c
um: Cleanup syscall_handler_t definition/cast, fix warningc39b91fcd5
rtc: pcf2127: fix bug when reading alarm registers2b4e5a2d7d
rtc: fix use-after-free on device removal67136fff5b
igc: Update I226_K device IDd0229838b6
igc: Remove phy->type checking170110adbe
igc: Remove _I_PHY_ID checking55c820c1b2
Revert "drm/i915/opregion: check port number bounds for SWSCI display power state"911b362678
floppy: use a statically allocated error counter3c48558be5
io_uring: always grab file table for deferred statxa1a2c957da
usb: gadget: fix race when gadget driver register via ioctl ABI updated to add a new symbol that is needed to be tracked: Leaf changes summary: 1 artifact changed Changed leaf types summary: 0 leaf type changed Removed/Changed/Added functions summary: 0 Removed, 0 Changed, 1 Added function Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 0 Added variable 1 Added function: [A] 'function bool rng_is_initialized()' Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib7f64defc72960f3603eb23b9a401a9fd42ec217
4682 lines
120 KiB
C
4682 lines
120 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* linux/kernel/signal.c
|
|
*
|
|
* Copyright (C) 1991, 1992 Linus Torvalds
|
|
*
|
|
* 1997-11-02 Modified for POSIX.1b signals by Richard Henderson
|
|
*
|
|
* 2003-06-02 Jim Houston - Concurrent Computer Corp.
|
|
* Changes to use preallocated sigqueue structures
|
|
* to allow signals to be sent reliably.
|
|
*/
|
|
|
|
#include <linux/slab.h>
|
|
#include <linux/export.h>
|
|
#include <linux/init.h>
|
|
#include <linux/sched/mm.h>
|
|
#include <linux/sched/user.h>
|
|
#include <linux/sched/debug.h>
|
|
#include <linux/sched/task.h>
|
|
#include <linux/sched/task_stack.h>
|
|
#include <linux/sched/cputime.h>
|
|
#include <linux/file.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/proc_fs.h>
|
|
#include <linux/tty.h>
|
|
#include <linux/binfmts.h>
|
|
#include <linux/coredump.h>
|
|
#include <linux/security.h>
|
|
#include <linux/syscalls.h>
|
|
#include <linux/ptrace.h>
|
|
#include <linux/signal.h>
|
|
#include <linux/signalfd.h>
|
|
#include <linux/ratelimit.h>
|
|
#include <linux/tracehook.h>
|
|
#include <linux/capability.h>
|
|
#include <linux/freezer.h>
|
|
#include <linux/pid_namespace.h>
|
|
#include <linux/nsproxy.h>
|
|
#include <linux/user_namespace.h>
|
|
#include <linux/uprobes.h>
|
|
#include <linux/compat.h>
|
|
#include <linux/cn_proc.h>
|
|
#include <linux/compiler.h>
|
|
#include <linux/posix-timers.h>
|
|
#include <linux/livepatch.h>
|
|
#include <linux/cgroup.h>
|
|
#include <linux/audit.h>
|
|
#include <linux/oom.h>
|
|
|
|
#define CREATE_TRACE_POINTS
|
|
#include <trace/events/signal.h>
|
|
|
|
#include <asm/param.h>
|
|
#include <linux/uaccess.h>
|
|
#include <asm/unistd.h>
|
|
#include <asm/siginfo.h>
|
|
#include <asm/cacheflush.h>
|
|
|
|
#undef CREATE_TRACE_POINTS
|
|
#include <trace/hooks/signal.h>
|
|
/*
|
|
* SLAB caches for signal bits.
|
|
*/
|
|
|
|
static struct kmem_cache *sigqueue_cachep;
|
|
|
|
int print_fatal_signals __read_mostly;
|
|
|
|
static void __user *sig_handler(struct task_struct *t, int sig)
|
|
{
|
|
return t->sighand->action[sig - 1].sa.sa_handler;
|
|
}
|
|
|
|
static inline bool sig_handler_ignored(void __user *handler, int sig)
|
|
{
|
|
/* Is it explicitly or implicitly ignored? */
|
|
return handler == SIG_IGN ||
|
|
(handler == SIG_DFL && sig_kernel_ignore(sig));
|
|
}
|
|
|
|
static bool sig_task_ignored(struct task_struct *t, int sig, bool force)
|
|
{
|
|
void __user *handler;
|
|
|
|
handler = sig_handler(t, sig);
|
|
|
|
/* SIGKILL and SIGSTOP may not be sent to the global init */
|
|
if (unlikely(is_global_init(t) && sig_kernel_only(sig)))
|
|
return true;
|
|
|
|
if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) &&
|
|
handler == SIG_DFL && !(force && sig_kernel_only(sig)))
|
|
return true;
|
|
|
|
/* Only allow kernel generated signals to this kthread */
|
|
if (unlikely((t->flags & PF_KTHREAD) &&
|
|
(handler == SIG_KTHREAD_KERNEL) && !force))
|
|
return true;
|
|
|
|
return sig_handler_ignored(handler, sig);
|
|
}
|
|
|
|
static bool sig_ignored(struct task_struct *t, int sig, bool force)
|
|
{
|
|
/*
|
|
* Blocked signals are never ignored, since the
|
|
* signal handler may change by the time it is
|
|
* unblocked.
|
|
*/
|
|
if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig))
|
|
return false;
|
|
|
|
/*
|
|
* Tracers may want to know about even ignored signal unless it
|
|
* is SIGKILL which can't be reported anyway but can be ignored
|
|
* by SIGNAL_UNKILLABLE task.
|
|
*/
|
|
if (t->ptrace && sig != SIGKILL)
|
|
return false;
|
|
|
|
return sig_task_ignored(t, sig, force);
|
|
}
|
|
|
|
/*
|
|
* Re-calculate pending state from the set of locally pending
|
|
* signals, globally pending signals, and blocked signals.
|
|
*/
|
|
static inline bool has_pending_signals(sigset_t *signal, sigset_t *blocked)
|
|
{
|
|
unsigned long ready;
|
|
long i;
|
|
|
|
switch (_NSIG_WORDS) {
|
|
default:
|
|
for (i = _NSIG_WORDS, ready = 0; --i >= 0 ;)
|
|
ready |= signal->sig[i] &~ blocked->sig[i];
|
|
break;
|
|
|
|
case 4: ready = signal->sig[3] &~ blocked->sig[3];
|
|
ready |= signal->sig[2] &~ blocked->sig[2];
|
|
ready |= signal->sig[1] &~ blocked->sig[1];
|
|
ready |= signal->sig[0] &~ blocked->sig[0];
|
|
break;
|
|
|
|
case 2: ready = signal->sig[1] &~ blocked->sig[1];
|
|
ready |= signal->sig[0] &~ blocked->sig[0];
|
|
break;
|
|
|
|
case 1: ready = signal->sig[0] &~ blocked->sig[0];
|
|
}
|
|
return ready != 0;
|
|
}
|
|
|
|
#define PENDING(p,b) has_pending_signals(&(p)->signal, (b))
|
|
|
|
static bool recalc_sigpending_tsk(struct task_struct *t)
|
|
{
|
|
if ((t->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) ||
|
|
PENDING(&t->pending, &t->blocked) ||
|
|
PENDING(&t->signal->shared_pending, &t->blocked) ||
|
|
cgroup_task_frozen(t)) {
|
|
set_tsk_thread_flag(t, TIF_SIGPENDING);
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* We must never clear the flag in another thread, or in current
|
|
* when it's possible the current syscall is returning -ERESTART*.
|
|
* So we don't clear it here, and only callers who know they should do.
|
|
*/
|
|
return false;
|
|
}
|
|
|
|
/*
|
|
* After recalculating TIF_SIGPENDING, we need to make sure the task wakes up.
|
|
* This is superfluous when called on current, the wakeup is a harmless no-op.
|
|
*/
|
|
void recalc_sigpending_and_wake(struct task_struct *t)
|
|
{
|
|
if (recalc_sigpending_tsk(t))
|
|
signal_wake_up(t, 0);
|
|
}
|
|
|
|
void recalc_sigpending(void)
|
|
{
|
|
if (!recalc_sigpending_tsk(current) && !freezing(current) &&
|
|
!klp_patch_pending(current))
|
|
clear_thread_flag(TIF_SIGPENDING);
|
|
|
|
}
|
|
EXPORT_SYMBOL(recalc_sigpending);
|
|
|
|
void calculate_sigpending(void)
|
|
{
|
|
/* Have any signals or users of TIF_SIGPENDING been delayed
|
|
* until after fork?
|
|
*/
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
set_tsk_thread_flag(current, TIF_SIGPENDING);
|
|
recalc_sigpending();
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
}
|
|
|
|
/* Given the mask, find the first available signal that should be serviced. */
|
|
|
|
#define SYNCHRONOUS_MASK \
|
|
(sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \
|
|
sigmask(SIGTRAP) | sigmask(SIGFPE) | sigmask(SIGSYS))
|
|
|
|
int next_signal(struct sigpending *pending, sigset_t *mask)
|
|
{
|
|
unsigned long i, *s, *m, x;
|
|
int sig = 0;
|
|
|
|
s = pending->signal.sig;
|
|
m = mask->sig;
|
|
|
|
/*
|
|
* Handle the first word specially: it contains the
|
|
* synchronous signals that need to be dequeued first.
|
|
*/
|
|
x = *s &~ *m;
|
|
if (x) {
|
|
if (x & SYNCHRONOUS_MASK)
|
|
x &= SYNCHRONOUS_MASK;
|
|
sig = ffz(~x) + 1;
|
|
return sig;
|
|
}
|
|
|
|
switch (_NSIG_WORDS) {
|
|
default:
|
|
for (i = 1; i < _NSIG_WORDS; ++i) {
|
|
x = *++s &~ *++m;
|
|
if (!x)
|
|
continue;
|
|
sig = ffz(~x) + i*_NSIG_BPW + 1;
|
|
break;
|
|
}
|
|
break;
|
|
|
|
case 2:
|
|
x = s[1] &~ m[1];
|
|
if (!x)
|
|
break;
|
|
sig = ffz(~x) + _NSIG_BPW + 1;
|
|
break;
|
|
|
|
case 1:
|
|
/* Nothing to do */
|
|
break;
|
|
}
|
|
|
|
return sig;
|
|
}
|
|
|
|
static inline void print_dropped_signal(int sig)
|
|
{
|
|
static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
|
|
|
|
if (!print_fatal_signals)
|
|
return;
|
|
|
|
if (!__ratelimit(&ratelimit_state))
|
|
return;
|
|
|
|
pr_info("%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
|
|
current->comm, current->pid, sig);
|
|
}
|
|
|
|
/**
|
|
* task_set_jobctl_pending - set jobctl pending bits
|
|
* @task: target task
|
|
* @mask: pending bits to set
|
|
*
|
|
* Clear @mask from @task->jobctl. @mask must be subset of
|
|
* %JOBCTL_PENDING_MASK | %JOBCTL_STOP_CONSUME | %JOBCTL_STOP_SIGMASK |
|
|
* %JOBCTL_TRAPPING. If stop signo is being set, the existing signo is
|
|
* cleared. If @task is already being killed or exiting, this function
|
|
* becomes noop.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @task->sighand->siglock held.
|
|
*
|
|
* RETURNS:
|
|
* %true if @mask is set, %false if made noop because @task was dying.
|
|
*/
|
|
bool task_set_jobctl_pending(struct task_struct *task, unsigned long mask)
|
|
{
|
|
BUG_ON(mask & ~(JOBCTL_PENDING_MASK | JOBCTL_STOP_CONSUME |
|
|
JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
|
|
BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
|
|
|
|
if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
|
|
return false;
|
|
|
|
if (mask & JOBCTL_STOP_SIGMASK)
|
|
task->jobctl &= ~JOBCTL_STOP_SIGMASK;
|
|
|
|
task->jobctl |= mask;
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* task_clear_jobctl_trapping - clear jobctl trapping bit
|
|
* @task: target task
|
|
*
|
|
* If JOBCTL_TRAPPING is set, a ptracer is waiting for us to enter TRACED.
|
|
* Clear it and wake up the ptracer. Note that we don't need any further
|
|
* locking. @task->siglock guarantees that @task->parent points to the
|
|
* ptracer.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @task->sighand->siglock held.
|
|
*/
|
|
void task_clear_jobctl_trapping(struct task_struct *task)
|
|
{
|
|
if (unlikely(task->jobctl & JOBCTL_TRAPPING)) {
|
|
task->jobctl &= ~JOBCTL_TRAPPING;
|
|
smp_mb(); /* advised by wake_up_bit() */
|
|
wake_up_bit(&task->jobctl, JOBCTL_TRAPPING_BIT);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* task_clear_jobctl_pending - clear jobctl pending bits
|
|
* @task: target task
|
|
* @mask: pending bits to clear
|
|
*
|
|
* Clear @mask from @task->jobctl. @mask must be subset of
|
|
* %JOBCTL_PENDING_MASK. If %JOBCTL_STOP_PENDING is being cleared, other
|
|
* STOP bits are cleared together.
|
|
*
|
|
* If clearing of @mask leaves no stop or trap pending, this function calls
|
|
* task_clear_jobctl_trapping().
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @task->sighand->siglock held.
|
|
*/
|
|
void task_clear_jobctl_pending(struct task_struct *task, unsigned long mask)
|
|
{
|
|
BUG_ON(mask & ~JOBCTL_PENDING_MASK);
|
|
|
|
if (mask & JOBCTL_STOP_PENDING)
|
|
mask |= JOBCTL_STOP_CONSUME | JOBCTL_STOP_DEQUEUED;
|
|
|
|
task->jobctl &= ~mask;
|
|
|
|
if (!(task->jobctl & JOBCTL_PENDING_MASK))
|
|
task_clear_jobctl_trapping(task);
|
|
}
|
|
|
|
/**
|
|
* task_participate_group_stop - participate in a group stop
|
|
* @task: task participating in a group stop
|
|
*
|
|
* @task has %JOBCTL_STOP_PENDING set and is participating in a group stop.
|
|
* Group stop states are cleared and the group stop count is consumed if
|
|
* %JOBCTL_STOP_CONSUME was set. If the consumption completes the group
|
|
* stop, the appropriate `SIGNAL_*` flags are set.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @task->sighand->siglock held.
|
|
*
|
|
* RETURNS:
|
|
* %true if group stop completion should be notified to the parent, %false
|
|
* otherwise.
|
|
*/
|
|
static bool task_participate_group_stop(struct task_struct *task)
|
|
{
|
|
struct signal_struct *sig = task->signal;
|
|
bool consume = task->jobctl & JOBCTL_STOP_CONSUME;
|
|
|
|
WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING));
|
|
|
|
task_clear_jobctl_pending(task, JOBCTL_STOP_PENDING);
|
|
|
|
if (!consume)
|
|
return false;
|
|
|
|
if (!WARN_ON_ONCE(sig->group_stop_count == 0))
|
|
sig->group_stop_count--;
|
|
|
|
/*
|
|
* Tell the caller to notify completion iff we are entering into a
|
|
* fresh group stop. Read comment in do_signal_stop() for details.
|
|
*/
|
|
if (!sig->group_stop_count && !(sig->flags & SIGNAL_STOP_STOPPED)) {
|
|
signal_set_stop_flags(sig, SIGNAL_STOP_STOPPED);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
void task_join_group_stop(struct task_struct *task)
|
|
{
|
|
unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK;
|
|
struct signal_struct *sig = current->signal;
|
|
|
|
if (sig->group_stop_count) {
|
|
sig->group_stop_count++;
|
|
mask |= JOBCTL_STOP_CONSUME;
|
|
} else if (!(sig->flags & SIGNAL_STOP_STOPPED))
|
|
return;
|
|
|
|
/* Have the new thread join an on-going signal group stop */
|
|
task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING);
|
|
}
|
|
|
|
/*
|
|
* allocate a new signal queue record
|
|
* - this may be called without locks if and only if t == current, otherwise an
|
|
* appropriate lock must be held to stop the target task from exiting
|
|
*/
|
|
static struct sigqueue *
|
|
__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
|
|
{
|
|
struct sigqueue *q = NULL;
|
|
struct user_struct *user;
|
|
int sigpending;
|
|
|
|
/*
|
|
* Protect access to @t credentials. This can go away when all
|
|
* callers hold rcu read lock.
|
|
*
|
|
* NOTE! A pending signal will hold on to the user refcount,
|
|
* and we get/put the refcount only when the sigpending count
|
|
* changes from/to zero.
|
|
*/
|
|
rcu_read_lock();
|
|
user = __task_cred(t)->user;
|
|
sigpending = atomic_inc_return(&user->sigpending);
|
|
if (sigpending == 1)
|
|
get_uid(user);
|
|
rcu_read_unlock();
|
|
|
|
if (override_rlimit || likely(sigpending <= task_rlimit(t, RLIMIT_SIGPENDING))) {
|
|
q = kmem_cache_alloc(sigqueue_cachep, flags);
|
|
} else {
|
|
print_dropped_signal(sig);
|
|
}
|
|
|
|
if (unlikely(q == NULL)) {
|
|
if (atomic_dec_and_test(&user->sigpending))
|
|
free_uid(user);
|
|
} else {
|
|
INIT_LIST_HEAD(&q->list);
|
|
q->flags = 0;
|
|
q->user = user;
|
|
}
|
|
|
|
return q;
|
|
}
|
|
|
|
static void __sigqueue_free(struct sigqueue *q)
|
|
{
|
|
if (q->flags & SIGQUEUE_PREALLOC)
|
|
return;
|
|
if (atomic_dec_and_test(&q->user->sigpending))
|
|
free_uid(q->user);
|
|
kmem_cache_free(sigqueue_cachep, q);
|
|
}
|
|
|
|
void flush_sigqueue(struct sigpending *queue)
|
|
{
|
|
struct sigqueue *q;
|
|
|
|
sigemptyset(&queue->signal);
|
|
while (!list_empty(&queue->list)) {
|
|
q = list_entry(queue->list.next, struct sigqueue , list);
|
|
list_del_init(&q->list);
|
|
__sigqueue_free(q);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Flush all pending signals for this kthread.
|
|
*/
|
|
void flush_signals(struct task_struct *t)
|
|
{
|
|
unsigned long flags;
|
|
|
|
spin_lock_irqsave(&t->sighand->siglock, flags);
|
|
clear_tsk_thread_flag(t, TIF_SIGPENDING);
|
|
flush_sigqueue(&t->pending);
|
|
flush_sigqueue(&t->signal->shared_pending);
|
|
spin_unlock_irqrestore(&t->sighand->siglock, flags);
|
|
}
|
|
EXPORT_SYMBOL(flush_signals);
|
|
|
|
#ifdef CONFIG_POSIX_TIMERS
|
|
static void __flush_itimer_signals(struct sigpending *pending)
|
|
{
|
|
sigset_t signal, retain;
|
|
struct sigqueue *q, *n;
|
|
|
|
signal = pending->signal;
|
|
sigemptyset(&retain);
|
|
|
|
list_for_each_entry_safe(q, n, &pending->list, list) {
|
|
int sig = q->info.si_signo;
|
|
|
|
if (likely(q->info.si_code != SI_TIMER)) {
|
|
sigaddset(&retain, sig);
|
|
} else {
|
|
sigdelset(&signal, sig);
|
|
list_del_init(&q->list);
|
|
__sigqueue_free(q);
|
|
}
|
|
}
|
|
|
|
sigorsets(&pending->signal, &signal, &retain);
|
|
}
|
|
|
|
void flush_itimer_signals(void)
|
|
{
|
|
struct task_struct *tsk = current;
|
|
unsigned long flags;
|
|
|
|
spin_lock_irqsave(&tsk->sighand->siglock, flags);
|
|
__flush_itimer_signals(&tsk->pending);
|
|
__flush_itimer_signals(&tsk->signal->shared_pending);
|
|
spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
|
|
}
|
|
#endif
|
|
|
|
void ignore_signals(struct task_struct *t)
|
|
{
|
|
int i;
|
|
|
|
for (i = 0; i < _NSIG; ++i)
|
|
t->sighand->action[i].sa.sa_handler = SIG_IGN;
|
|
|
|
flush_signals(t);
|
|
}
|
|
|
|
/*
|
|
* Flush all handlers for a task.
|
|
*/
|
|
|
|
void
|
|
flush_signal_handlers(struct task_struct *t, int force_default)
|
|
{
|
|
int i;
|
|
struct k_sigaction *ka = &t->sighand->action[0];
|
|
for (i = _NSIG ; i != 0 ; i--) {
|
|
if (force_default || ka->sa.sa_handler != SIG_IGN)
|
|
ka->sa.sa_handler = SIG_DFL;
|
|
ka->sa.sa_flags = 0;
|
|
#ifdef __ARCH_HAS_SA_RESTORER
|
|
ka->sa.sa_restorer = NULL;
|
|
#endif
|
|
sigemptyset(&ka->sa.sa_mask);
|
|
ka++;
|
|
}
|
|
}
|
|
|
|
bool unhandled_signal(struct task_struct *tsk, int sig)
|
|
{
|
|
void __user *handler = tsk->sighand->action[sig-1].sa.sa_handler;
|
|
if (is_global_init(tsk))
|
|
return true;
|
|
|
|
if (handler != SIG_IGN && handler != SIG_DFL)
|
|
return false;
|
|
|
|
/* if ptraced, let the tracer determine */
|
|
return !tsk->ptrace;
|
|
}
|
|
|
|
static void collect_signal(int sig, struct sigpending *list, kernel_siginfo_t *info,
|
|
bool *resched_timer)
|
|
{
|
|
struct sigqueue *q, *first = NULL;
|
|
|
|
/*
|
|
* Collect the siginfo appropriate to this signal. Check if
|
|
* there is another siginfo for the same signal.
|
|
*/
|
|
list_for_each_entry(q, &list->list, list) {
|
|
if (q->info.si_signo == sig) {
|
|
if (first)
|
|
goto still_pending;
|
|
first = q;
|
|
}
|
|
}
|
|
|
|
sigdelset(&list->signal, sig);
|
|
|
|
if (first) {
|
|
still_pending:
|
|
list_del_init(&first->list);
|
|
copy_siginfo(info, &first->info);
|
|
|
|
*resched_timer =
|
|
(first->flags & SIGQUEUE_PREALLOC) &&
|
|
(info->si_code == SI_TIMER) &&
|
|
(info->si_sys_private);
|
|
|
|
__sigqueue_free(first);
|
|
} else {
|
|
/*
|
|
* Ok, it wasn't in the queue. This must be
|
|
* a fast-pathed signal or we must have been
|
|
* out of queue space. So zero out the info.
|
|
*/
|
|
clear_siginfo(info);
|
|
info->si_signo = sig;
|
|
info->si_errno = 0;
|
|
info->si_code = SI_USER;
|
|
info->si_pid = 0;
|
|
info->si_uid = 0;
|
|
}
|
|
}
|
|
|
|
static int __dequeue_signal(struct sigpending *pending, sigset_t *mask,
|
|
kernel_siginfo_t *info, bool *resched_timer)
|
|
{
|
|
int sig = next_signal(pending, mask);
|
|
|
|
if (sig)
|
|
collect_signal(sig, pending, info, resched_timer);
|
|
return sig;
|
|
}
|
|
|
|
/*
|
|
* Dequeue a signal and return the element to the caller, which is
|
|
* expected to free it.
|
|
*
|
|
* All callers have to hold the siglock.
|
|
*/
|
|
int dequeue_signal(struct task_struct *tsk, sigset_t *mask, kernel_siginfo_t *info)
|
|
{
|
|
bool resched_timer = false;
|
|
int signr;
|
|
|
|
/* We only dequeue private signals from ourselves, we don't let
|
|
* signalfd steal them
|
|
*/
|
|
signr = __dequeue_signal(&tsk->pending, mask, info, &resched_timer);
|
|
if (!signr) {
|
|
signr = __dequeue_signal(&tsk->signal->shared_pending,
|
|
mask, info, &resched_timer);
|
|
#ifdef CONFIG_POSIX_TIMERS
|
|
/*
|
|
* itimer signal ?
|
|
*
|
|
* itimers are process shared and we restart periodic
|
|
* itimers in the signal delivery path to prevent DoS
|
|
* attacks in the high resolution timer case. This is
|
|
* compliant with the old way of self-restarting
|
|
* itimers, as the SIGALRM is a legacy signal and only
|
|
* queued once. Changing the restart behaviour to
|
|
* restart the timer in the signal dequeue path is
|
|
* reducing the timer noise on heavy loaded !highres
|
|
* systems too.
|
|
*/
|
|
if (unlikely(signr == SIGALRM)) {
|
|
struct hrtimer *tmr = &tsk->signal->real_timer;
|
|
|
|
if (!hrtimer_is_queued(tmr) &&
|
|
tsk->signal->it_real_incr != 0) {
|
|
hrtimer_forward(tmr, tmr->base->get_time(),
|
|
tsk->signal->it_real_incr);
|
|
hrtimer_restart(tmr);
|
|
}
|
|
}
|
|
#endif
|
|
}
|
|
|
|
recalc_sigpending();
|
|
if (!signr)
|
|
return 0;
|
|
|
|
if (unlikely(sig_kernel_stop(signr))) {
|
|
/*
|
|
* Set a marker that we have dequeued a stop signal. Our
|
|
* caller might release the siglock and then the pending
|
|
* stop signal it is about to process is no longer in the
|
|
* pending bitmasks, but must still be cleared by a SIGCONT
|
|
* (and overruled by a SIGKILL). So those cases clear this
|
|
* shared flag after we've set it. Note that this flag may
|
|
* remain set after the signal we return is ignored or
|
|
* handled. That doesn't matter because its only purpose
|
|
* is to alert stop-signal processing code when another
|
|
* processor has come along and cleared the flag.
|
|
*/
|
|
current->jobctl |= JOBCTL_STOP_DEQUEUED;
|
|
}
|
|
#ifdef CONFIG_POSIX_TIMERS
|
|
if (resched_timer) {
|
|
/*
|
|
* Release the siglock to ensure proper locking order
|
|
* of timer locks outside of siglocks. Note, we leave
|
|
* irqs disabled here, since the posix-timers code is
|
|
* about to disable them again anyway.
|
|
*/
|
|
spin_unlock(&tsk->sighand->siglock);
|
|
posixtimer_rearm(info);
|
|
spin_lock(&tsk->sighand->siglock);
|
|
|
|
/* Don't expose the si_sys_private value to userspace */
|
|
info->si_sys_private = 0;
|
|
}
|
|
#endif
|
|
return signr;
|
|
}
|
|
EXPORT_SYMBOL_GPL(dequeue_signal);
|
|
|
|
static int dequeue_synchronous_signal(kernel_siginfo_t *info)
|
|
{
|
|
struct task_struct *tsk = current;
|
|
struct sigpending *pending = &tsk->pending;
|
|
struct sigqueue *q, *sync = NULL;
|
|
|
|
/*
|
|
* Might a synchronous signal be in the queue?
|
|
*/
|
|
if (!((pending->signal.sig[0] & ~tsk->blocked.sig[0]) & SYNCHRONOUS_MASK))
|
|
return 0;
|
|
|
|
/*
|
|
* Return the first synchronous signal in the queue.
|
|
*/
|
|
list_for_each_entry(q, &pending->list, list) {
|
|
/* Synchronous signals have a positive si_code */
|
|
if ((q->info.si_code > SI_USER) &&
|
|
(sigmask(q->info.si_signo) & SYNCHRONOUS_MASK)) {
|
|
sync = q;
|
|
goto next;
|
|
}
|
|
}
|
|
return 0;
|
|
next:
|
|
/*
|
|
* Check if there is another siginfo for the same signal.
|
|
*/
|
|
list_for_each_entry_continue(q, &pending->list, list) {
|
|
if (q->info.si_signo == sync->info.si_signo)
|
|
goto still_pending;
|
|
}
|
|
|
|
sigdelset(&pending->signal, sync->info.si_signo);
|
|
recalc_sigpending();
|
|
still_pending:
|
|
list_del_init(&sync->list);
|
|
copy_siginfo(info, &sync->info);
|
|
__sigqueue_free(sync);
|
|
return info->si_signo;
|
|
}
|
|
|
|
/*
|
|
* Tell a process that it has a new active signal..
|
|
*
|
|
* NOTE! we rely on the previous spin_lock to
|
|
* lock interrupts for us! We can only be called with
|
|
* "siglock" held, and the local interrupt must
|
|
* have been disabled when that got acquired!
|
|
*
|
|
* No need to set need_resched since signal event passing
|
|
* goes through ->blocked
|
|
*/
|
|
void signal_wake_up_state(struct task_struct *t, unsigned int state)
|
|
{
|
|
set_tsk_thread_flag(t, TIF_SIGPENDING);
|
|
/*
|
|
* TASK_WAKEKILL also means wake it up in the stopped/traced/killable
|
|
* case. We don't check t->state here because there is a race with it
|
|
* executing another processor and just now entering stopped state.
|
|
* By using wake_up_state, we ensure the process will wake up and
|
|
* handle its death signal.
|
|
*/
|
|
if (!wake_up_state(t, state | TASK_INTERRUPTIBLE))
|
|
kick_process(t);
|
|
}
|
|
|
|
/*
|
|
* Remove signals in mask from the pending set and queue.
|
|
* Returns 1 if any signals were found.
|
|
*
|
|
* All callers must be holding the siglock.
|
|
*/
|
|
static void flush_sigqueue_mask(sigset_t *mask, struct sigpending *s)
|
|
{
|
|
struct sigqueue *q, *n;
|
|
sigset_t m;
|
|
|
|
sigandsets(&m, mask, &s->signal);
|
|
if (sigisemptyset(&m))
|
|
return;
|
|
|
|
sigandnsets(&s->signal, &s->signal, mask);
|
|
list_for_each_entry_safe(q, n, &s->list, list) {
|
|
if (sigismember(mask, q->info.si_signo)) {
|
|
list_del_init(&q->list);
|
|
__sigqueue_free(q);
|
|
}
|
|
}
|
|
}
|
|
|
|
static inline int is_si_special(const struct kernel_siginfo *info)
|
|
{
|
|
return info <= SEND_SIG_PRIV;
|
|
}
|
|
|
|
static inline bool si_fromuser(const struct kernel_siginfo *info)
|
|
{
|
|
return info == SEND_SIG_NOINFO ||
|
|
(!is_si_special(info) && SI_FROMUSER(info));
|
|
}
|
|
|
|
/*
|
|
* called with RCU read lock from check_kill_permission()
|
|
*/
|
|
static bool kill_ok_by_cred(struct task_struct *t)
|
|
{
|
|
const struct cred *cred = current_cred();
|
|
const struct cred *tcred = __task_cred(t);
|
|
|
|
return uid_eq(cred->euid, tcred->suid) ||
|
|
uid_eq(cred->euid, tcred->uid) ||
|
|
uid_eq(cred->uid, tcred->suid) ||
|
|
uid_eq(cred->uid, tcred->uid) ||
|
|
ns_capable(tcred->user_ns, CAP_KILL);
|
|
}
|
|
|
|
/*
|
|
* Bad permissions for sending the signal
|
|
* - the caller must hold the RCU read lock
|
|
*/
|
|
static int check_kill_permission(int sig, struct kernel_siginfo *info,
|
|
struct task_struct *t)
|
|
{
|
|
struct pid *sid;
|
|
int error;
|
|
|
|
if (!valid_signal(sig))
|
|
return -EINVAL;
|
|
|
|
if (!si_fromuser(info))
|
|
return 0;
|
|
|
|
error = audit_signal_info(sig, t); /* Let audit system see the signal */
|
|
if (error)
|
|
return error;
|
|
|
|
if (!same_thread_group(current, t) &&
|
|
!kill_ok_by_cred(t)) {
|
|
switch (sig) {
|
|
case SIGCONT:
|
|
sid = task_session(t);
|
|
/*
|
|
* We don't return the error if sid == NULL. The
|
|
* task was unhashed, the caller must notice this.
|
|
*/
|
|
if (!sid || sid == task_session(current))
|
|
break;
|
|
fallthrough;
|
|
default:
|
|
return -EPERM;
|
|
}
|
|
}
|
|
|
|
return security_task_kill(t, info, sig, NULL);
|
|
}
|
|
|
|
/**
|
|
* ptrace_trap_notify - schedule trap to notify ptracer
|
|
* @t: tracee wanting to notify tracer
|
|
*
|
|
* This function schedules sticky ptrace trap which is cleared on the next
|
|
* TRAP_STOP to notify ptracer of an event. @t must have been seized by
|
|
* ptracer.
|
|
*
|
|
* If @t is running, STOP trap will be taken. If trapped for STOP and
|
|
* ptracer is listening for events, tracee is woken up so that it can
|
|
* re-trap for the new event. If trapped otherwise, STOP trap will be
|
|
* eventually taken without returning to userland after the existing traps
|
|
* are finished by PTRACE_CONT.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @task->sighand->siglock held.
|
|
*/
|
|
static void ptrace_trap_notify(struct task_struct *t)
|
|
{
|
|
WARN_ON_ONCE(!(t->ptrace & PT_SEIZED));
|
|
assert_spin_locked(&t->sighand->siglock);
|
|
|
|
task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY);
|
|
ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING);
|
|
}
|
|
|
|
/*
|
|
* Handle magic process-wide effects of stop/continue signals. Unlike
|
|
* the signal actions, these happen immediately at signal-generation
|
|
* time regardless of blocking, ignoring, or handling. This does the
|
|
* actual continuing for SIGCONT, but not the actual stopping for stop
|
|
* signals. The process stop is done as a signal action for SIG_DFL.
|
|
*
|
|
* Returns true if the signal should be actually delivered, otherwise
|
|
* it should be dropped.
|
|
*/
|
|
static bool prepare_signal(int sig, struct task_struct *p, bool force)
|
|
{
|
|
struct signal_struct *signal = p->signal;
|
|
struct task_struct *t;
|
|
sigset_t flush;
|
|
|
|
if (signal->flags & (SIGNAL_GROUP_EXIT | SIGNAL_GROUP_COREDUMP)) {
|
|
if (!(signal->flags & SIGNAL_GROUP_EXIT))
|
|
return sig == SIGKILL;
|
|
/*
|
|
* The process is in the middle of dying, nothing to do.
|
|
*/
|
|
} else if (sig_kernel_stop(sig)) {
|
|
/*
|
|
* This is a stop signal. Remove SIGCONT from all queues.
|
|
*/
|
|
siginitset(&flush, sigmask(SIGCONT));
|
|
flush_sigqueue_mask(&flush, &signal->shared_pending);
|
|
for_each_thread(p, t)
|
|
flush_sigqueue_mask(&flush, &t->pending);
|
|
} else if (sig == SIGCONT) {
|
|
unsigned int why;
|
|
/*
|
|
* Remove all stop signals from all queues, wake all threads.
|
|
*/
|
|
siginitset(&flush, SIG_KERNEL_STOP_MASK);
|
|
flush_sigqueue_mask(&flush, &signal->shared_pending);
|
|
for_each_thread(p, t) {
|
|
flush_sigqueue_mask(&flush, &t->pending);
|
|
task_clear_jobctl_pending(t, JOBCTL_STOP_PENDING);
|
|
if (likely(!(t->ptrace & PT_SEIZED)))
|
|
wake_up_state(t, __TASK_STOPPED);
|
|
else
|
|
ptrace_trap_notify(t);
|
|
}
|
|
|
|
/*
|
|
* Notify the parent with CLD_CONTINUED if we were stopped.
|
|
*
|
|
* If we were in the middle of a group stop, we pretend it
|
|
* was already finished, and then continued. Since SIGCHLD
|
|
* doesn't queue we report only CLD_STOPPED, as if the next
|
|
* CLD_CONTINUED was dropped.
|
|
*/
|
|
why = 0;
|
|
if (signal->flags & SIGNAL_STOP_STOPPED)
|
|
why |= SIGNAL_CLD_CONTINUED;
|
|
else if (signal->group_stop_count)
|
|
why |= SIGNAL_CLD_STOPPED;
|
|
|
|
if (why) {
|
|
/*
|
|
* The first thread which returns from do_signal_stop()
|
|
* will take ->siglock, notice SIGNAL_CLD_MASK, and
|
|
* notify its parent. See get_signal().
|
|
*/
|
|
signal_set_stop_flags(signal, why | SIGNAL_STOP_CONTINUED);
|
|
signal->group_stop_count = 0;
|
|
signal->group_exit_code = 0;
|
|
}
|
|
}
|
|
|
|
return !sig_ignored(p, sig, force);
|
|
}
|
|
|
|
/*
|
|
* Test if P wants to take SIG. After we've checked all threads with this,
|
|
* it's equivalent to finding no threads not blocking SIG. Any threads not
|
|
* blocking SIG were ruled out because they are not running and already
|
|
* have pending signals. Such threads will dequeue from the shared queue
|
|
* as soon as they're available, so putting the signal on the shared queue
|
|
* will be equivalent to sending it to one such thread.
|
|
*/
|
|
static inline bool wants_signal(int sig, struct task_struct *p)
|
|
{
|
|
if (sigismember(&p->blocked, sig))
|
|
return false;
|
|
|
|
if (p->flags & PF_EXITING)
|
|
return false;
|
|
|
|
if (sig == SIGKILL)
|
|
return true;
|
|
|
|
if (task_is_stopped_or_traced(p))
|
|
return false;
|
|
|
|
return task_curr(p) || !signal_pending(p);
|
|
}
|
|
|
|
static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
|
|
{
|
|
struct signal_struct *signal = p->signal;
|
|
struct task_struct *t;
|
|
|
|
/*
|
|
* Now find a thread we can wake up to take the signal off the queue.
|
|
*
|
|
* If the main thread wants the signal, it gets first crack.
|
|
* Probably the least surprising to the average bear.
|
|
*/
|
|
if (wants_signal(sig, p))
|
|
t = p;
|
|
else if ((type == PIDTYPE_PID) || thread_group_empty(p))
|
|
/*
|
|
* There is just one thread and it does not need to be woken.
|
|
* It will dequeue unblocked signals before it runs again.
|
|
*/
|
|
return;
|
|
else {
|
|
/*
|
|
* Otherwise try to find a suitable thread.
|
|
*/
|
|
t = signal->curr_target;
|
|
while (!wants_signal(sig, t)) {
|
|
t = next_thread(t);
|
|
if (t == signal->curr_target)
|
|
/*
|
|
* No thread needs to be woken.
|
|
* Any eligible threads will see
|
|
* the signal in the queue soon.
|
|
*/
|
|
return;
|
|
}
|
|
signal->curr_target = t;
|
|
}
|
|
|
|
/*
|
|
* Found a killable thread. If the signal will be fatal,
|
|
* then start taking the whole group down immediately.
|
|
*/
|
|
if (sig_fatal(p, sig) &&
|
|
!(signal->flags & SIGNAL_GROUP_EXIT) &&
|
|
!sigismember(&t->real_blocked, sig) &&
|
|
(sig == SIGKILL || !p->ptrace)) {
|
|
/*
|
|
* This signal will be fatal to the whole group.
|
|
*/
|
|
if (!sig_kernel_coredump(sig)) {
|
|
/*
|
|
* Start a group exit and wake everybody up.
|
|
* This way we don't have other threads
|
|
* running and doing things after a slower
|
|
* thread has the fatal signal pending.
|
|
*/
|
|
signal->flags = SIGNAL_GROUP_EXIT;
|
|
signal->group_exit_code = sig;
|
|
signal->group_stop_count = 0;
|
|
t = p;
|
|
do {
|
|
task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
|
|
sigaddset(&t->pending.signal, SIGKILL);
|
|
signal_wake_up(t, 1);
|
|
} while_each_thread(p, t);
|
|
return;
|
|
}
|
|
}
|
|
|
|
/*
|
|
* The signal is already in the shared-pending queue.
|
|
* Tell the chosen thread to wake up and dequeue it.
|
|
*/
|
|
signal_wake_up(t, sig == SIGKILL);
|
|
return;
|
|
}
|
|
|
|
static inline bool legacy_queue(struct sigpending *signals, int sig)
|
|
{
|
|
return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
|
|
}
|
|
|
|
static int __send_signal(int sig, struct kernel_siginfo *info, struct task_struct *t,
|
|
enum pid_type type, bool force)
|
|
{
|
|
struct sigpending *pending;
|
|
struct sigqueue *q;
|
|
int override_rlimit;
|
|
int ret = 0, result;
|
|
|
|
assert_spin_locked(&t->sighand->siglock);
|
|
|
|
result = TRACE_SIGNAL_IGNORED;
|
|
if (!prepare_signal(sig, t, force))
|
|
goto ret;
|
|
|
|
pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
|
|
/*
|
|
* Short-circuit ignored signals and support queuing
|
|
* exactly one non-rt signal, so that we can get more
|
|
* detailed information about the cause of the signal.
|
|
*/
|
|
result = TRACE_SIGNAL_ALREADY_PENDING;
|
|
if (legacy_queue(pending, sig))
|
|
goto ret;
|
|
|
|
result = TRACE_SIGNAL_DELIVERED;
|
|
/*
|
|
* Skip useless siginfo allocation for SIGKILL and kernel threads.
|
|
*/
|
|
if ((sig == SIGKILL) || (t->flags & PF_KTHREAD))
|
|
goto out_set;
|
|
|
|
/*
|
|
* Real-time signals must be queued if sent by sigqueue, or
|
|
* some other real-time mechanism. It is implementation
|
|
* defined whether kill() does so. We attempt to do so, on
|
|
* the principle of least surprise, but since kill is not
|
|
* allowed to fail with EAGAIN when low on memory we just
|
|
* make sure at least one signal gets delivered and don't
|
|
* pass on the info struct.
|
|
*/
|
|
if (sig < SIGRTMIN)
|
|
override_rlimit = (is_si_special(info) || info->si_code >= 0);
|
|
else
|
|
override_rlimit = 0;
|
|
|
|
q = __sigqueue_alloc(sig, t, GFP_ATOMIC, override_rlimit);
|
|
if (q) {
|
|
list_add_tail(&q->list, &pending->list);
|
|
switch ((unsigned long) info) {
|
|
case (unsigned long) SEND_SIG_NOINFO:
|
|
clear_siginfo(&q->info);
|
|
q->info.si_signo = sig;
|
|
q->info.si_errno = 0;
|
|
q->info.si_code = SI_USER;
|
|
q->info.si_pid = task_tgid_nr_ns(current,
|
|
task_active_pid_ns(t));
|
|
rcu_read_lock();
|
|
q->info.si_uid =
|
|
from_kuid_munged(task_cred_xxx(t, user_ns),
|
|
current_uid());
|
|
rcu_read_unlock();
|
|
break;
|
|
case (unsigned long) SEND_SIG_PRIV:
|
|
clear_siginfo(&q->info);
|
|
q->info.si_signo = sig;
|
|
q->info.si_errno = 0;
|
|
q->info.si_code = SI_KERNEL;
|
|
q->info.si_pid = 0;
|
|
q->info.si_uid = 0;
|
|
break;
|
|
default:
|
|
copy_siginfo(&q->info, info);
|
|
break;
|
|
}
|
|
} else if (!is_si_special(info) &&
|
|
sig >= SIGRTMIN && info->si_code != SI_USER) {
|
|
/*
|
|
* Queue overflow, abort. We may abort if the
|
|
* signal was rt and sent by user using something
|
|
* other than kill().
|
|
*/
|
|
result = TRACE_SIGNAL_OVERFLOW_FAIL;
|
|
ret = -EAGAIN;
|
|
goto ret;
|
|
} else {
|
|
/*
|
|
* This is a silent loss of information. We still
|
|
* send the signal, but the *info bits are lost.
|
|
*/
|
|
result = TRACE_SIGNAL_LOSE_INFO;
|
|
}
|
|
|
|
out_set:
|
|
signalfd_notify(t, sig);
|
|
sigaddset(&pending->signal, sig);
|
|
|
|
/* Let multiprocess signals appear after on-going forks */
|
|
if (type > PIDTYPE_TGID) {
|
|
struct multiprocess_signals *delayed;
|
|
hlist_for_each_entry(delayed, &t->signal->multiprocess, node) {
|
|
sigset_t *signal = &delayed->signal;
|
|
/* Can't queue both a stop and a continue signal */
|
|
if (sig == SIGCONT)
|
|
sigdelsetmask(signal, SIG_KERNEL_STOP_MASK);
|
|
else if (sig_kernel_stop(sig))
|
|
sigdelset(signal, SIGCONT);
|
|
sigaddset(signal, sig);
|
|
}
|
|
}
|
|
|
|
complete_signal(sig, t, type);
|
|
ret:
|
|
trace_signal_generate(sig, info, t, type != PIDTYPE_PID, result);
|
|
return ret;
|
|
}
|
|
|
|
static inline bool has_si_pid_and_uid(struct kernel_siginfo *info)
|
|
{
|
|
bool ret = false;
|
|
switch (siginfo_layout(info->si_signo, info->si_code)) {
|
|
case SIL_KILL:
|
|
case SIL_CHLD:
|
|
case SIL_RT:
|
|
ret = true;
|
|
break;
|
|
case SIL_TIMER:
|
|
case SIL_POLL:
|
|
case SIL_FAULT:
|
|
case SIL_FAULT_MCEERR:
|
|
case SIL_FAULT_BNDERR:
|
|
case SIL_FAULT_PKUERR:
|
|
case SIL_SYS:
|
|
ret = false;
|
|
break;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static int send_signal(int sig, struct kernel_siginfo *info, struct task_struct *t,
|
|
enum pid_type type)
|
|
{
|
|
/* Should SIGKILL or SIGSTOP be received by a pid namespace init? */
|
|
bool force = false;
|
|
|
|
if (info == SEND_SIG_NOINFO) {
|
|
/* Force if sent from an ancestor pid namespace */
|
|
force = !task_pid_nr_ns(current, task_active_pid_ns(t));
|
|
} else if (info == SEND_SIG_PRIV) {
|
|
/* Don't ignore kernel generated signals */
|
|
force = true;
|
|
} else if (has_si_pid_and_uid(info)) {
|
|
/* SIGKILL and SIGSTOP is special or has ids */
|
|
struct user_namespace *t_user_ns;
|
|
|
|
rcu_read_lock();
|
|
t_user_ns = task_cred_xxx(t, user_ns);
|
|
if (current_user_ns() != t_user_ns) {
|
|
kuid_t uid = make_kuid(current_user_ns(), info->si_uid);
|
|
info->si_uid = from_kuid_munged(t_user_ns, uid);
|
|
}
|
|
rcu_read_unlock();
|
|
|
|
/* A kernel generated signal? */
|
|
force = (info->si_code == SI_KERNEL);
|
|
|
|
/* From an ancestor pid namespace? */
|
|
if (!task_pid_nr_ns(current, task_active_pid_ns(t))) {
|
|
info->si_pid = 0;
|
|
force = true;
|
|
}
|
|
}
|
|
return __send_signal(sig, info, t, type, force);
|
|
}
|
|
|
|
static void print_fatal_signal(int signr)
|
|
{
|
|
struct pt_regs *regs = signal_pt_regs();
|
|
pr_info("potentially unexpected fatal signal %d.\n", signr);
|
|
|
|
#if defined(__i386__) && !defined(__arch_um__)
|
|
pr_info("code at %08lx: ", regs->ip);
|
|
{
|
|
int i;
|
|
for (i = 0; i < 16; i++) {
|
|
unsigned char insn;
|
|
|
|
if (get_user(insn, (unsigned char *)(regs->ip + i)))
|
|
break;
|
|
pr_cont("%02x ", insn);
|
|
}
|
|
}
|
|
pr_cont("\n");
|
|
#endif
|
|
preempt_disable();
|
|
show_regs(regs);
|
|
preempt_enable();
|
|
}
|
|
|
|
static int __init setup_print_fatal_signals(char *str)
|
|
{
|
|
get_option (&str, &print_fatal_signals);
|
|
|
|
return 1;
|
|
}
|
|
|
|
__setup("print-fatal-signals=", setup_print_fatal_signals);
|
|
|
|
int
|
|
__group_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
|
|
{
|
|
return send_signal(sig, info, p, PIDTYPE_TGID);
|
|
}
|
|
|
|
int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p,
|
|
enum pid_type type)
|
|
{
|
|
unsigned long flags;
|
|
int ret = -ESRCH;
|
|
trace_android_vh_do_send_sig_info(sig, current, p);
|
|
if (lock_task_sighand(p, &flags)) {
|
|
ret = send_signal(sig, info, p, type);
|
|
unlock_task_sighand(p, &flags);
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* Force a signal that the process can't ignore: if necessary
|
|
* we unblock the signal and change any SIG_IGN to SIG_DFL.
|
|
*
|
|
* Note: If we unblock the signal, we always reset it to SIG_DFL,
|
|
* since we do not want to have a signal handler that was blocked
|
|
* be invoked when user space had explicitly blocked it.
|
|
*
|
|
* We don't want to have recursive SIGSEGV's etc, for example,
|
|
* that is why we also clear SIGNAL_UNKILLABLE.
|
|
*/
|
|
static int
|
|
force_sig_info_to_task(struct kernel_siginfo *info, struct task_struct *t)
|
|
{
|
|
unsigned long int flags;
|
|
int ret, blocked, ignored;
|
|
struct k_sigaction *action;
|
|
int sig = info->si_signo;
|
|
|
|
spin_lock_irqsave(&t->sighand->siglock, flags);
|
|
action = &t->sighand->action[sig-1];
|
|
ignored = action->sa.sa_handler == SIG_IGN;
|
|
blocked = sigismember(&t->blocked, sig);
|
|
if (blocked || ignored) {
|
|
action->sa.sa_handler = SIG_DFL;
|
|
if (blocked) {
|
|
sigdelset(&t->blocked, sig);
|
|
recalc_sigpending_and_wake(t);
|
|
}
|
|
}
|
|
/*
|
|
* Don't clear SIGNAL_UNKILLABLE for traced tasks, users won't expect
|
|
* debugging to leave init killable.
|
|
*/
|
|
if (action->sa.sa_handler == SIG_DFL && !t->ptrace)
|
|
t->signal->flags &= ~SIGNAL_UNKILLABLE;
|
|
ret = send_signal(sig, info, t, PIDTYPE_PID);
|
|
spin_unlock_irqrestore(&t->sighand->siglock, flags);
|
|
|
|
return ret;
|
|
}
|
|
|
|
int force_sig_info(struct kernel_siginfo *info)
|
|
{
|
|
return force_sig_info_to_task(info, current);
|
|
}
|
|
|
|
/*
|
|
* Nuke all other threads in the group.
|
|
*/
|
|
int zap_other_threads(struct task_struct *p)
|
|
{
|
|
struct task_struct *t = p;
|
|
int count = 0;
|
|
|
|
p->signal->group_stop_count = 0;
|
|
|
|
while_each_thread(p, t) {
|
|
task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
|
|
count++;
|
|
|
|
/* Don't bother with already dead threads */
|
|
if (t->exit_state)
|
|
continue;
|
|
sigaddset(&t->pending.signal, SIGKILL);
|
|
signal_wake_up(t, 1);
|
|
}
|
|
|
|
return count;
|
|
}
|
|
|
|
struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
|
|
unsigned long *flags)
|
|
{
|
|
struct sighand_struct *sighand;
|
|
|
|
rcu_read_lock();
|
|
for (;;) {
|
|
sighand = rcu_dereference(tsk->sighand);
|
|
if (unlikely(sighand == NULL))
|
|
break;
|
|
|
|
/*
|
|
* This sighand can be already freed and even reused, but
|
|
* we rely on SLAB_TYPESAFE_BY_RCU and sighand_ctor() which
|
|
* initializes ->siglock: this slab can't go away, it has
|
|
* the same object type, ->siglock can't be reinitialized.
|
|
*
|
|
* We need to ensure that tsk->sighand is still the same
|
|
* after we take the lock, we can race with de_thread() or
|
|
* __exit_signal(). In the latter case the next iteration
|
|
* must see ->sighand == NULL.
|
|
*/
|
|
spin_lock_irqsave(&sighand->siglock, *flags);
|
|
if (likely(sighand == rcu_access_pointer(tsk->sighand)))
|
|
break;
|
|
spin_unlock_irqrestore(&sighand->siglock, *flags);
|
|
}
|
|
rcu_read_unlock();
|
|
|
|
return sighand;
|
|
}
|
|
|
|
/*
|
|
* send signal info to all the members of a group
|
|
*/
|
|
int group_send_sig_info(int sig, struct kernel_siginfo *info,
|
|
struct task_struct *p, enum pid_type type)
|
|
{
|
|
int ret;
|
|
|
|
rcu_read_lock();
|
|
ret = check_kill_permission(sig, info, p);
|
|
rcu_read_unlock();
|
|
|
|
if (!ret && sig) {
|
|
ret = do_send_sig_info(sig, info, p, type);
|
|
if (!ret && sig == SIGKILL) {
|
|
bool reap = false;
|
|
|
|
trace_android_vh_process_killed(current, &reap);
|
|
trace_android_vh_killed_process(current, p, &reap);
|
|
if (reap)
|
|
add_to_oom_reaper(p);
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* __kill_pgrp_info() sends a signal to a process group: this is what the tty
|
|
* control characters do (^C, ^Z etc)
|
|
* - the caller must hold at least a readlock on tasklist_lock
|
|
*/
|
|
int __kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp)
|
|
{
|
|
struct task_struct *p = NULL;
|
|
int retval, success;
|
|
|
|
success = 0;
|
|
retval = -ESRCH;
|
|
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
|
|
int err = group_send_sig_info(sig, info, p, PIDTYPE_PGID);
|
|
success |= !err;
|
|
retval = err;
|
|
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
|
|
return success ? 0 : retval;
|
|
}
|
|
|
|
int kill_pid_info(int sig, struct kernel_siginfo *info, struct pid *pid)
|
|
{
|
|
int error = -ESRCH;
|
|
struct task_struct *p;
|
|
|
|
for (;;) {
|
|
rcu_read_lock();
|
|
p = pid_task(pid, PIDTYPE_PID);
|
|
if (p)
|
|
error = group_send_sig_info(sig, info, p, PIDTYPE_TGID);
|
|
rcu_read_unlock();
|
|
if (likely(!p || error != -ESRCH))
|
|
return error;
|
|
|
|
/*
|
|
* The task was unhashed in between, try again. If it
|
|
* is dead, pid_task() will return NULL, if we race with
|
|
* de_thread() it will find the new leader.
|
|
*/
|
|
}
|
|
}
|
|
|
|
static int kill_proc_info(int sig, struct kernel_siginfo *info, pid_t pid)
|
|
{
|
|
int error;
|
|
rcu_read_lock();
|
|
error = kill_pid_info(sig, info, find_vpid(pid));
|
|
rcu_read_unlock();
|
|
return error;
|
|
}
|
|
|
|
static inline bool kill_as_cred_perm(const struct cred *cred,
|
|
struct task_struct *target)
|
|
{
|
|
const struct cred *pcred = __task_cred(target);
|
|
|
|
return uid_eq(cred->euid, pcred->suid) ||
|
|
uid_eq(cred->euid, pcred->uid) ||
|
|
uid_eq(cred->uid, pcred->suid) ||
|
|
uid_eq(cred->uid, pcred->uid);
|
|
}
|
|
|
|
/*
|
|
* The usb asyncio usage of siginfo is wrong. The glibc support
|
|
* for asyncio which uses SI_ASYNCIO assumes the layout is SIL_RT.
|
|
* AKA after the generic fields:
|
|
* kernel_pid_t si_pid;
|
|
* kernel_uid32_t si_uid;
|
|
* sigval_t si_value;
|
|
*
|
|
* Unfortunately when usb generates SI_ASYNCIO it assumes the layout
|
|
* after the generic fields is:
|
|
* void __user *si_addr;
|
|
*
|
|
* This is a practical problem when there is a 64bit big endian kernel
|
|
* and a 32bit userspace. As the 32bit address will encoded in the low
|
|
* 32bits of the pointer. Those low 32bits will be stored at higher
|
|
* address than appear in a 32 bit pointer. So userspace will not
|
|
* see the address it was expecting for it's completions.
|
|
*
|
|
* There is nothing in the encoding that can allow
|
|
* copy_siginfo_to_user32 to detect this confusion of formats, so
|
|
* handle this by requiring the caller of kill_pid_usb_asyncio to
|
|
* notice when this situration takes place and to store the 32bit
|
|
* pointer in sival_int, instead of sival_addr of the sigval_t addr
|
|
* parameter.
|
|
*/
|
|
int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
|
|
struct pid *pid, const struct cred *cred)
|
|
{
|
|
struct kernel_siginfo info;
|
|
struct task_struct *p;
|
|
unsigned long flags;
|
|
int ret = -EINVAL;
|
|
|
|
if (!valid_signal(sig))
|
|
return ret;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = errno;
|
|
info.si_code = SI_ASYNCIO;
|
|
*((sigval_t *)&info.si_pid) = addr;
|
|
|
|
rcu_read_lock();
|
|
p = pid_task(pid, PIDTYPE_PID);
|
|
if (!p) {
|
|
ret = -ESRCH;
|
|
goto out_unlock;
|
|
}
|
|
if (!kill_as_cred_perm(cred, p)) {
|
|
ret = -EPERM;
|
|
goto out_unlock;
|
|
}
|
|
ret = security_task_kill(p, &info, sig, cred);
|
|
if (ret)
|
|
goto out_unlock;
|
|
|
|
if (sig) {
|
|
if (lock_task_sighand(p, &flags)) {
|
|
ret = __send_signal(sig, &info, p, PIDTYPE_TGID, false);
|
|
unlock_task_sighand(p, &flags);
|
|
} else
|
|
ret = -ESRCH;
|
|
}
|
|
out_unlock:
|
|
rcu_read_unlock();
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio);
|
|
|
|
/*
|
|
* kill_something_info() interprets pid in interesting ways just like kill(2).
|
|
*
|
|
* POSIX specifies that kill(-1,sig) is unspecified, but what we have
|
|
* is probably wrong. Should make it like BSD or SYSV.
|
|
*/
|
|
|
|
static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
|
|
{
|
|
int ret;
|
|
|
|
if (pid > 0)
|
|
return kill_proc_info(sig, info, pid);
|
|
|
|
/* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */
|
|
if (pid == INT_MIN)
|
|
return -ESRCH;
|
|
|
|
read_lock(&tasklist_lock);
|
|
if (pid != -1) {
|
|
ret = __kill_pgrp_info(sig, info,
|
|
pid ? find_vpid(-pid) : task_pgrp(current));
|
|
} else {
|
|
int retval = 0, count = 0;
|
|
struct task_struct * p;
|
|
|
|
for_each_process(p) {
|
|
if (task_pid_vnr(p) > 1 &&
|
|
!same_thread_group(p, current)) {
|
|
int err = group_send_sig_info(sig, info, p,
|
|
PIDTYPE_MAX);
|
|
++count;
|
|
if (err != -EPERM)
|
|
retval = err;
|
|
}
|
|
}
|
|
ret = count ? retval : -ESRCH;
|
|
}
|
|
read_unlock(&tasklist_lock);
|
|
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* These are for backward compatibility with the rest of the kernel source.
|
|
*/
|
|
|
|
int send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
|
|
{
|
|
/*
|
|
* Make sure legacy kernel users don't send in bad values
|
|
* (normal paths check this in check_kill_permission).
|
|
*/
|
|
if (!valid_signal(sig))
|
|
return -EINVAL;
|
|
|
|
return do_send_sig_info(sig, info, p, PIDTYPE_PID);
|
|
}
|
|
EXPORT_SYMBOL(send_sig_info);
|
|
|
|
#define __si_special(priv) \
|
|
((priv) ? SEND_SIG_PRIV : SEND_SIG_NOINFO)
|
|
|
|
int
|
|
send_sig(int sig, struct task_struct *p, int priv)
|
|
{
|
|
return send_sig_info(sig, __si_special(priv), p);
|
|
}
|
|
EXPORT_SYMBOL(send_sig);
|
|
|
|
void force_sig(int sig)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = 0;
|
|
info.si_code = SI_KERNEL;
|
|
info.si_pid = 0;
|
|
info.si_uid = 0;
|
|
force_sig_info(&info);
|
|
}
|
|
EXPORT_SYMBOL(force_sig);
|
|
|
|
/*
|
|
* When things go south during signal handling, we
|
|
* will force a SIGSEGV. And if the signal that caused
|
|
* the problem was already a SIGSEGV, we'll want to
|
|
* make sure we don't even try to deliver the signal..
|
|
*/
|
|
void force_sigsegv(int sig)
|
|
{
|
|
struct task_struct *p = current;
|
|
|
|
if (sig == SIGSEGV) {
|
|
unsigned long flags;
|
|
spin_lock_irqsave(&p->sighand->siglock, flags);
|
|
p->sighand->action[sig - 1].sa.sa_handler = SIG_DFL;
|
|
spin_unlock_irqrestore(&p->sighand->siglock, flags);
|
|
}
|
|
force_sig(SIGSEGV);
|
|
}
|
|
|
|
int force_sig_fault_to_task(int sig, int code, void __user *addr
|
|
___ARCH_SI_TRAPNO(int trapno)
|
|
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
|
|
, struct task_struct *t)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = 0;
|
|
info.si_code = code;
|
|
info.si_addr = addr;
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
info.si_trapno = trapno;
|
|
#endif
|
|
#ifdef __ia64__
|
|
info.si_imm = imm;
|
|
info.si_flags = flags;
|
|
info.si_isr = isr;
|
|
#endif
|
|
return force_sig_info_to_task(&info, t);
|
|
}
|
|
|
|
int force_sig_fault(int sig, int code, void __user *addr
|
|
___ARCH_SI_TRAPNO(int trapno)
|
|
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr))
|
|
{
|
|
return force_sig_fault_to_task(sig, code, addr
|
|
___ARCH_SI_TRAPNO(trapno)
|
|
___ARCH_SI_IA64(imm, flags, isr), current);
|
|
}
|
|
|
|
int send_sig_fault(int sig, int code, void __user *addr
|
|
___ARCH_SI_TRAPNO(int trapno)
|
|
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
|
|
, struct task_struct *t)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = 0;
|
|
info.si_code = code;
|
|
info.si_addr = addr;
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
info.si_trapno = trapno;
|
|
#endif
|
|
#ifdef __ia64__
|
|
info.si_imm = imm;
|
|
info.si_flags = flags;
|
|
info.si_isr = isr;
|
|
#endif
|
|
return send_sig_info(info.si_signo, &info, t);
|
|
}
|
|
|
|
int force_sig_mceerr(int code, void __user *addr, short lsb)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGBUS;
|
|
info.si_errno = 0;
|
|
info.si_code = code;
|
|
info.si_addr = addr;
|
|
info.si_addr_lsb = lsb;
|
|
return force_sig_info(&info);
|
|
}
|
|
|
|
int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *t)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGBUS;
|
|
info.si_errno = 0;
|
|
info.si_code = code;
|
|
info.si_addr = addr;
|
|
info.si_addr_lsb = lsb;
|
|
return send_sig_info(info.si_signo, &info, t);
|
|
}
|
|
EXPORT_SYMBOL(send_sig_mceerr);
|
|
|
|
int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGSEGV;
|
|
info.si_errno = 0;
|
|
info.si_code = SEGV_BNDERR;
|
|
info.si_addr = addr;
|
|
info.si_lower = lower;
|
|
info.si_upper = upper;
|
|
return force_sig_info(&info);
|
|
}
|
|
|
|
#ifdef SEGV_PKUERR
|
|
int force_sig_pkuerr(void __user *addr, u32 pkey)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGSEGV;
|
|
info.si_errno = 0;
|
|
info.si_code = SEGV_PKUERR;
|
|
info.si_addr = addr;
|
|
info.si_pkey = pkey;
|
|
return force_sig_info(&info);
|
|
}
|
|
#endif
|
|
|
|
/* For the crazy architectures that include trap information in
|
|
* the errno field, instead of an actual errno value.
|
|
*/
|
|
int force_sig_ptrace_errno_trap(int errno, void __user *addr)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGTRAP;
|
|
info.si_errno = errno;
|
|
info.si_code = TRAP_HWBKPT;
|
|
info.si_addr = addr;
|
|
return force_sig_info(&info);
|
|
}
|
|
|
|
int kill_pgrp(struct pid *pid, int sig, int priv)
|
|
{
|
|
int ret;
|
|
|
|
read_lock(&tasklist_lock);
|
|
ret = __kill_pgrp_info(sig, __si_special(priv), pid);
|
|
read_unlock(&tasklist_lock);
|
|
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL(kill_pgrp);
|
|
|
|
int kill_pid(struct pid *pid, int sig, int priv)
|
|
{
|
|
return kill_pid_info(sig, __si_special(priv), pid);
|
|
}
|
|
EXPORT_SYMBOL(kill_pid);
|
|
|
|
/*
|
|
* These functions support sending signals using preallocated sigqueue
|
|
* structures. This is needed "because realtime applications cannot
|
|
* afford to lose notifications of asynchronous events, like timer
|
|
* expirations or I/O completions". In the case of POSIX Timers
|
|
* we allocate the sigqueue structure from the timer_create. If this
|
|
* allocation fails we are able to report the failure to the application
|
|
* with an EAGAIN error.
|
|
*/
|
|
struct sigqueue *sigqueue_alloc(void)
|
|
{
|
|
struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
|
|
|
|
if (q)
|
|
q->flags |= SIGQUEUE_PREALLOC;
|
|
|
|
return q;
|
|
}
|
|
|
|
void sigqueue_free(struct sigqueue *q)
|
|
{
|
|
unsigned long flags;
|
|
spinlock_t *lock = ¤t->sighand->siglock;
|
|
|
|
BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
|
|
/*
|
|
* We must hold ->siglock while testing q->list
|
|
* to serialize with collect_signal() or with
|
|
* __exit_signal()->flush_sigqueue().
|
|
*/
|
|
spin_lock_irqsave(lock, flags);
|
|
q->flags &= ~SIGQUEUE_PREALLOC;
|
|
/*
|
|
* If it is queued it will be freed when dequeued,
|
|
* like the "regular" sigqueue.
|
|
*/
|
|
if (!list_empty(&q->list))
|
|
q = NULL;
|
|
spin_unlock_irqrestore(lock, flags);
|
|
|
|
if (q)
|
|
__sigqueue_free(q);
|
|
}
|
|
|
|
int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type)
|
|
{
|
|
int sig = q->info.si_signo;
|
|
struct sigpending *pending;
|
|
struct task_struct *t;
|
|
unsigned long flags;
|
|
int ret, result;
|
|
|
|
BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
|
|
|
|
ret = -1;
|
|
rcu_read_lock();
|
|
t = pid_task(pid, type);
|
|
if (!t || !likely(lock_task_sighand(t, &flags)))
|
|
goto ret;
|
|
|
|
ret = 1; /* the signal is ignored */
|
|
result = TRACE_SIGNAL_IGNORED;
|
|
if (!prepare_signal(sig, t, false))
|
|
goto out;
|
|
|
|
ret = 0;
|
|
if (unlikely(!list_empty(&q->list))) {
|
|
/*
|
|
* If an SI_TIMER entry is already queue just increment
|
|
* the overrun count.
|
|
*/
|
|
BUG_ON(q->info.si_code != SI_TIMER);
|
|
q->info.si_overrun++;
|
|
result = TRACE_SIGNAL_ALREADY_PENDING;
|
|
goto out;
|
|
}
|
|
q->info.si_overrun = 0;
|
|
|
|
signalfd_notify(t, sig);
|
|
pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
|
|
list_add_tail(&q->list, &pending->list);
|
|
sigaddset(&pending->signal, sig);
|
|
complete_signal(sig, t, type);
|
|
result = TRACE_SIGNAL_DELIVERED;
|
|
out:
|
|
trace_signal_generate(sig, &q->info, t, type != PIDTYPE_PID, result);
|
|
unlock_task_sighand(t, &flags);
|
|
ret:
|
|
rcu_read_unlock();
|
|
return ret;
|
|
}
|
|
|
|
static void do_notify_pidfd(struct task_struct *task)
|
|
{
|
|
struct pid *pid;
|
|
|
|
WARN_ON(task->exit_state == 0);
|
|
pid = task_pid(task);
|
|
wake_up_all(&pid->wait_pidfd);
|
|
}
|
|
|
|
/*
|
|
* Let a parent know about the death of a child.
|
|
* For a stopped/continued status change, use do_notify_parent_cldstop instead.
|
|
*
|
|
* Returns true if our parent ignored us and so we've switched to
|
|
* self-reaping.
|
|
*/
|
|
bool do_notify_parent(struct task_struct *tsk, int sig)
|
|
{
|
|
struct kernel_siginfo info;
|
|
unsigned long flags;
|
|
struct sighand_struct *psig;
|
|
bool autoreap = false;
|
|
u64 utime, stime;
|
|
|
|
WARN_ON_ONCE(sig == -1);
|
|
|
|
/* do_notify_parent_cldstop should have been called instead. */
|
|
WARN_ON_ONCE(task_is_stopped_or_traced(tsk));
|
|
|
|
WARN_ON_ONCE(!tsk->ptrace &&
|
|
(tsk->group_leader != tsk || !thread_group_empty(tsk)));
|
|
|
|
/* Wake up all pidfd waiters */
|
|
do_notify_pidfd(tsk);
|
|
|
|
if (sig != SIGCHLD) {
|
|
/*
|
|
* This is only possible if parent == real_parent.
|
|
* Check if it has changed security domain.
|
|
*/
|
|
if (tsk->parent_exec_id != READ_ONCE(tsk->parent->self_exec_id))
|
|
sig = SIGCHLD;
|
|
}
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = 0;
|
|
/*
|
|
* We are under tasklist_lock here so our parent is tied to
|
|
* us and cannot change.
|
|
*
|
|
* task_active_pid_ns will always return the same pid namespace
|
|
* until a task passes through release_task.
|
|
*
|
|
* write_lock() currently calls preempt_disable() which is the
|
|
* same as rcu_read_lock(), but according to Oleg, this is not
|
|
* correct to rely on this
|
|
*/
|
|
rcu_read_lock();
|
|
info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(tsk->parent));
|
|
info.si_uid = from_kuid_munged(task_cred_xxx(tsk->parent, user_ns),
|
|
task_uid(tsk));
|
|
rcu_read_unlock();
|
|
|
|
task_cputime(tsk, &utime, &stime);
|
|
info.si_utime = nsec_to_clock_t(utime + tsk->signal->utime);
|
|
info.si_stime = nsec_to_clock_t(stime + tsk->signal->stime);
|
|
|
|
info.si_status = tsk->exit_code & 0x7f;
|
|
if (tsk->exit_code & 0x80)
|
|
info.si_code = CLD_DUMPED;
|
|
else if (tsk->exit_code & 0x7f)
|
|
info.si_code = CLD_KILLED;
|
|
else {
|
|
info.si_code = CLD_EXITED;
|
|
info.si_status = tsk->exit_code >> 8;
|
|
}
|
|
|
|
psig = tsk->parent->sighand;
|
|
spin_lock_irqsave(&psig->siglock, flags);
|
|
if (!tsk->ptrace && sig == SIGCHLD &&
|
|
(psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
|
|
(psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
|
|
/*
|
|
* We are exiting and our parent doesn't care. POSIX.1
|
|
* defines special semantics for setting SIGCHLD to SIG_IGN
|
|
* or setting the SA_NOCLDWAIT flag: we should be reaped
|
|
* automatically and not left for our parent's wait4 call.
|
|
* Rather than having the parent do it as a magic kind of
|
|
* signal handler, we just set this to tell do_exit that we
|
|
* can be cleaned up without becoming a zombie. Note that
|
|
* we still call __wake_up_parent in this case, because a
|
|
* blocked sys_wait4 might now return -ECHILD.
|
|
*
|
|
* Whether we send SIGCHLD or not for SA_NOCLDWAIT
|
|
* is implementation-defined: we do (if you don't want
|
|
* it, just use SIG_IGN instead).
|
|
*/
|
|
autoreap = true;
|
|
if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN)
|
|
sig = 0;
|
|
}
|
|
/*
|
|
* Send with __send_signal as si_pid and si_uid are in the
|
|
* parent's namespaces.
|
|
*/
|
|
if (valid_signal(sig) && sig)
|
|
__send_signal(sig, &info, tsk->parent, PIDTYPE_TGID, false);
|
|
__wake_up_parent(tsk, tsk->parent);
|
|
spin_unlock_irqrestore(&psig->siglock, flags);
|
|
|
|
return autoreap;
|
|
}
|
|
|
|
/**
|
|
* do_notify_parent_cldstop - notify parent of stopped/continued state change
|
|
* @tsk: task reporting the state change
|
|
* @for_ptracer: the notification is for ptracer
|
|
* @why: CLD_{CONTINUED|STOPPED|TRAPPED} to report
|
|
*
|
|
* Notify @tsk's parent that the stopped/continued state has changed. If
|
|
* @for_ptracer is %false, @tsk's group leader notifies to its real parent.
|
|
* If %true, @tsk reports to @tsk->parent which should be the ptracer.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with tasklist_lock at least read locked.
|
|
*/
|
|
static void do_notify_parent_cldstop(struct task_struct *tsk,
|
|
bool for_ptracer, int why)
|
|
{
|
|
struct kernel_siginfo info;
|
|
unsigned long flags;
|
|
struct task_struct *parent;
|
|
struct sighand_struct *sighand;
|
|
u64 utime, stime;
|
|
|
|
if (for_ptracer) {
|
|
parent = tsk->parent;
|
|
} else {
|
|
tsk = tsk->group_leader;
|
|
parent = tsk->real_parent;
|
|
}
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = SIGCHLD;
|
|
info.si_errno = 0;
|
|
/*
|
|
* see comment in do_notify_parent() about the following 4 lines
|
|
*/
|
|
rcu_read_lock();
|
|
info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(parent));
|
|
info.si_uid = from_kuid_munged(task_cred_xxx(parent, user_ns), task_uid(tsk));
|
|
rcu_read_unlock();
|
|
|
|
task_cputime(tsk, &utime, &stime);
|
|
info.si_utime = nsec_to_clock_t(utime);
|
|
info.si_stime = nsec_to_clock_t(stime);
|
|
|
|
info.si_code = why;
|
|
switch (why) {
|
|
case CLD_CONTINUED:
|
|
info.si_status = SIGCONT;
|
|
break;
|
|
case CLD_STOPPED:
|
|
info.si_status = tsk->signal->group_exit_code & 0x7f;
|
|
break;
|
|
case CLD_TRAPPED:
|
|
info.si_status = tsk->exit_code & 0x7f;
|
|
break;
|
|
default:
|
|
BUG();
|
|
}
|
|
|
|
sighand = parent->sighand;
|
|
spin_lock_irqsave(&sighand->siglock, flags);
|
|
if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN &&
|
|
!(sighand->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDSTOP))
|
|
__group_send_sig_info(SIGCHLD, &info, parent);
|
|
/*
|
|
* Even if SIGCHLD is not generated, we must wake up wait4 calls.
|
|
*/
|
|
__wake_up_parent(tsk, parent);
|
|
spin_unlock_irqrestore(&sighand->siglock, flags);
|
|
}
|
|
|
|
static inline bool may_ptrace_stop(void)
|
|
{
|
|
if (!likely(current->ptrace))
|
|
return false;
|
|
/*
|
|
* Are we in the middle of do_coredump?
|
|
* If so and our tracer is also part of the coredump stopping
|
|
* is a deadlock situation, and pointless because our tracer
|
|
* is dead so don't allow us to stop.
|
|
* If SIGKILL was already sent before the caller unlocked
|
|
* ->siglock we must see ->core_state != NULL. Otherwise it
|
|
* is safe to enter schedule().
|
|
*
|
|
* This is almost outdated, a task with the pending SIGKILL can't
|
|
* block in TASK_TRACED. But PTRACE_EVENT_EXIT can be reported
|
|
* after SIGKILL was already dequeued.
|
|
*/
|
|
if (unlikely(current->mm->core_state) &&
|
|
unlikely(current->mm == current->parent->mm))
|
|
return false;
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
/*
|
|
* This must be called with current->sighand->siglock held.
|
|
*
|
|
* This should be the path for all ptrace stops.
|
|
* We always set current->last_siginfo while stopped here.
|
|
* That makes it a way to test a stopped process for
|
|
* being ptrace-stopped vs being job-control-stopped.
|
|
*
|
|
* If we actually decide not to stop at all because the tracer
|
|
* is gone, we keep current->exit_code unless clear_code.
|
|
*/
|
|
static void ptrace_stop(int exit_code, int why, int clear_code, kernel_siginfo_t *info)
|
|
__releases(¤t->sighand->siglock)
|
|
__acquires(¤t->sighand->siglock)
|
|
{
|
|
bool gstop_done = false;
|
|
|
|
if (arch_ptrace_stop_needed(exit_code, info)) {
|
|
/*
|
|
* The arch code has something special to do before a
|
|
* ptrace stop. This is allowed to block, e.g. for faults
|
|
* on user stack pages. We can't keep the siglock while
|
|
* calling arch_ptrace_stop, so we must release it now.
|
|
* To preserve proper semantics, we must do this before
|
|
* any signal bookkeeping like checking group_stop_count.
|
|
*/
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
arch_ptrace_stop(exit_code, info);
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
}
|
|
|
|
/*
|
|
* schedule() will not sleep if there is a pending signal that
|
|
* can awaken the task.
|
|
*/
|
|
set_special_state(TASK_TRACED);
|
|
|
|
/*
|
|
* We're committing to trapping. TRACED should be visible before
|
|
* TRAPPING is cleared; otherwise, the tracer might fail do_wait().
|
|
* Also, transition to TRACED and updates to ->jobctl should be
|
|
* atomic with respect to siglock and should be done after the arch
|
|
* hook as siglock is released and regrabbed across it.
|
|
*
|
|
* TRACER TRACEE
|
|
*
|
|
* ptrace_attach()
|
|
* [L] wait_on_bit(JOBCTL_TRAPPING) [S] set_special_state(TRACED)
|
|
* do_wait()
|
|
* set_current_state() smp_wmb();
|
|
* ptrace_do_wait()
|
|
* wait_task_stopped()
|
|
* task_stopped_code()
|
|
* [L] task_is_traced() [S] task_clear_jobctl_trapping();
|
|
*/
|
|
smp_wmb();
|
|
|
|
current->last_siginfo = info;
|
|
current->exit_code = exit_code;
|
|
|
|
/*
|
|
* If @why is CLD_STOPPED, we're trapping to participate in a group
|
|
* stop. Do the bookkeeping. Note that if SIGCONT was delievered
|
|
* across siglock relocks since INTERRUPT was scheduled, PENDING
|
|
* could be clear now. We act as if SIGCONT is received after
|
|
* TASK_TRACED is entered - ignore it.
|
|
*/
|
|
if (why == CLD_STOPPED && (current->jobctl & JOBCTL_STOP_PENDING))
|
|
gstop_done = task_participate_group_stop(current);
|
|
|
|
/* any trap clears pending STOP trap, STOP trap clears NOTIFY */
|
|
task_clear_jobctl_pending(current, JOBCTL_TRAP_STOP);
|
|
if (info && info->si_code >> 8 == PTRACE_EVENT_STOP)
|
|
task_clear_jobctl_pending(current, JOBCTL_TRAP_NOTIFY);
|
|
|
|
/* entering a trap, clear TRAPPING */
|
|
task_clear_jobctl_trapping(current);
|
|
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
read_lock(&tasklist_lock);
|
|
if (may_ptrace_stop()) {
|
|
/*
|
|
* Notify parents of the stop.
|
|
*
|
|
* While ptraced, there are two parents - the ptracer and
|
|
* the real_parent of the group_leader. The ptracer should
|
|
* know about every stop while the real parent is only
|
|
* interested in the completion of group stop. The states
|
|
* for the two don't interact with each other. Notify
|
|
* separately unless they're gonna be duplicates.
|
|
*/
|
|
do_notify_parent_cldstop(current, true, why);
|
|
if (gstop_done && ptrace_reparented(current))
|
|
do_notify_parent_cldstop(current, false, why);
|
|
|
|
/*
|
|
* Don't want to allow preemption here, because
|
|
* sys_ptrace() needs this task to be inactive.
|
|
*
|
|
* XXX: implement read_unlock_no_resched().
|
|
*/
|
|
preempt_disable();
|
|
read_unlock(&tasklist_lock);
|
|
cgroup_enter_frozen();
|
|
preempt_enable_no_resched();
|
|
freezable_schedule();
|
|
cgroup_leave_frozen(true);
|
|
} else {
|
|
/*
|
|
* By the time we got the lock, our tracer went away.
|
|
* Don't drop the lock yet, another tracer may come.
|
|
*
|
|
* If @gstop_done, the ptracer went away between group stop
|
|
* completion and here. During detach, it would have set
|
|
* JOBCTL_STOP_PENDING on us and we'll re-enter
|
|
* TASK_STOPPED in do_signal_stop() on return, so notifying
|
|
* the real parent of the group stop completion is enough.
|
|
*/
|
|
if (gstop_done)
|
|
do_notify_parent_cldstop(current, false, why);
|
|
|
|
/* tasklist protects us from ptrace_freeze_traced() */
|
|
__set_current_state(TASK_RUNNING);
|
|
if (clear_code)
|
|
current->exit_code = 0;
|
|
read_unlock(&tasklist_lock);
|
|
}
|
|
|
|
/*
|
|
* We are back. Now reacquire the siglock before touching
|
|
* last_siginfo, so that we are sure to have synchronized with
|
|
* any signal-sending on another CPU that wants to examine it.
|
|
*/
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
current->last_siginfo = NULL;
|
|
|
|
/* LISTENING can be set only during STOP traps, clear it */
|
|
current->jobctl &= ~JOBCTL_LISTENING;
|
|
|
|
/*
|
|
* Queued signals ignored us while we were stopped for tracing.
|
|
* So check for any that we should take before resuming user mode.
|
|
* This sets TIF_SIGPENDING, but never clears it.
|
|
*/
|
|
recalc_sigpending_tsk(current);
|
|
}
|
|
|
|
static void ptrace_do_notify(int signr, int exit_code, int why)
|
|
{
|
|
kernel_siginfo_t info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = signr;
|
|
info.si_code = exit_code;
|
|
info.si_pid = task_pid_vnr(current);
|
|
info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
|
|
|
|
/* Let the debugger run. */
|
|
ptrace_stop(exit_code, why, 1, &info);
|
|
}
|
|
|
|
void ptrace_notify(int exit_code)
|
|
{
|
|
BUG_ON((exit_code & (0x7f | ~0xffff)) != SIGTRAP);
|
|
if (unlikely(current->task_works))
|
|
task_work_run();
|
|
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
ptrace_do_notify(SIGTRAP, exit_code, CLD_TRAPPED);
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
}
|
|
|
|
/**
|
|
* do_signal_stop - handle group stop for SIGSTOP and other stop signals
|
|
* @signr: signr causing group stop if initiating
|
|
*
|
|
* If %JOBCTL_STOP_PENDING is not set yet, initiate group stop with @signr
|
|
* and participate in it. If already set, participate in the existing
|
|
* group stop. If participated in a group stop (and thus slept), %true is
|
|
* returned with siglock released.
|
|
*
|
|
* If ptraced, this function doesn't handle stop itself. Instead,
|
|
* %JOBCTL_TRAP_STOP is scheduled and %false is returned with siglock
|
|
* untouched. The caller must ensure that INTERRUPT trap handling takes
|
|
* places afterwards.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @current->sighand->siglock held, which is released
|
|
* on %true return.
|
|
*
|
|
* RETURNS:
|
|
* %false if group stop is already cancelled or ptrace trap is scheduled.
|
|
* %true if participated in group stop.
|
|
*/
|
|
static bool do_signal_stop(int signr)
|
|
__releases(¤t->sighand->siglock)
|
|
{
|
|
struct signal_struct *sig = current->signal;
|
|
|
|
if (!(current->jobctl & JOBCTL_STOP_PENDING)) {
|
|
unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME;
|
|
struct task_struct *t;
|
|
|
|
/* signr will be recorded in task->jobctl for retries */
|
|
WARN_ON_ONCE(signr & ~JOBCTL_STOP_SIGMASK);
|
|
|
|
if (!likely(current->jobctl & JOBCTL_STOP_DEQUEUED) ||
|
|
unlikely(signal_group_exit(sig)))
|
|
return false;
|
|
/*
|
|
* There is no group stop already in progress. We must
|
|
* initiate one now.
|
|
*
|
|
* While ptraced, a task may be resumed while group stop is
|
|
* still in effect and then receive a stop signal and
|
|
* initiate another group stop. This deviates from the
|
|
* usual behavior as two consecutive stop signals can't
|
|
* cause two group stops when !ptraced. That is why we
|
|
* also check !task_is_stopped(t) below.
|
|
*
|
|
* The condition can be distinguished by testing whether
|
|
* SIGNAL_STOP_STOPPED is already set. Don't generate
|
|
* group_exit_code in such case.
|
|
*
|
|
* This is not necessary for SIGNAL_STOP_CONTINUED because
|
|
* an intervening stop signal is required to cause two
|
|
* continued events regardless of ptrace.
|
|
*/
|
|
if (!(sig->flags & SIGNAL_STOP_STOPPED))
|
|
sig->group_exit_code = signr;
|
|
|
|
sig->group_stop_count = 0;
|
|
|
|
if (task_set_jobctl_pending(current, signr | gstop))
|
|
sig->group_stop_count++;
|
|
|
|
t = current;
|
|
while_each_thread(current, t) {
|
|
/*
|
|
* Setting state to TASK_STOPPED for a group
|
|
* stop is always done with the siglock held,
|
|
* so this check has no races.
|
|
*/
|
|
if (!task_is_stopped(t) &&
|
|
task_set_jobctl_pending(t, signr | gstop)) {
|
|
sig->group_stop_count++;
|
|
if (likely(!(t->ptrace & PT_SEIZED)))
|
|
signal_wake_up(t, 0);
|
|
else
|
|
ptrace_trap_notify(t);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (likely(!current->ptrace)) {
|
|
int notify = 0;
|
|
|
|
/*
|
|
* If there are no other threads in the group, or if there
|
|
* is a group stop in progress and we are the last to stop,
|
|
* report to the parent.
|
|
*/
|
|
if (task_participate_group_stop(current))
|
|
notify = CLD_STOPPED;
|
|
|
|
set_special_state(TASK_STOPPED);
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
|
|
/*
|
|
* Notify the parent of the group stop completion. Because
|
|
* we're not holding either the siglock or tasklist_lock
|
|
* here, ptracer may attach inbetween; however, this is for
|
|
* group stop and should always be delivered to the real
|
|
* parent of the group leader. The new ptracer will get
|
|
* its notification when this task transitions into
|
|
* TASK_TRACED.
|
|
*/
|
|
if (notify) {
|
|
read_lock(&tasklist_lock);
|
|
do_notify_parent_cldstop(current, false, notify);
|
|
read_unlock(&tasklist_lock);
|
|
}
|
|
|
|
/* Now we don't run again until woken by SIGCONT or SIGKILL */
|
|
cgroup_enter_frozen();
|
|
freezable_schedule();
|
|
return true;
|
|
} else {
|
|
/*
|
|
* While ptraced, group stop is handled by STOP trap.
|
|
* Schedule it and let the caller deal with it.
|
|
*/
|
|
task_set_jobctl_pending(current, JOBCTL_TRAP_STOP);
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* do_jobctl_trap - take care of ptrace jobctl traps
|
|
*
|
|
* When PT_SEIZED, it's used for both group stop and explicit
|
|
* SEIZE/INTERRUPT traps. Both generate PTRACE_EVENT_STOP trap with
|
|
* accompanying siginfo. If stopped, lower eight bits of exit_code contain
|
|
* the stop signal; otherwise, %SIGTRAP.
|
|
*
|
|
* When !PT_SEIZED, it's used only for group stop trap with stop signal
|
|
* number as exit_code and no siginfo.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @current->sighand->siglock held, which may be
|
|
* released and re-acquired before returning with intervening sleep.
|
|
*/
|
|
static void do_jobctl_trap(void)
|
|
{
|
|
struct signal_struct *signal = current->signal;
|
|
int signr = current->jobctl & JOBCTL_STOP_SIGMASK;
|
|
|
|
if (current->ptrace & PT_SEIZED) {
|
|
if (!signal->group_stop_count &&
|
|
!(signal->flags & SIGNAL_STOP_STOPPED))
|
|
signr = SIGTRAP;
|
|
WARN_ON_ONCE(!signr);
|
|
ptrace_do_notify(signr, signr | (PTRACE_EVENT_STOP << 8),
|
|
CLD_STOPPED);
|
|
} else {
|
|
WARN_ON_ONCE(!signr);
|
|
ptrace_stop(signr, CLD_STOPPED, 0, NULL);
|
|
current->exit_code = 0;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* do_freezer_trap - handle the freezer jobctl trap
|
|
*
|
|
* Puts the task into frozen state, if only the task is not about to quit.
|
|
* In this case it drops JOBCTL_TRAP_FREEZE.
|
|
*
|
|
* CONTEXT:
|
|
* Must be called with @current->sighand->siglock held,
|
|
* which is always released before returning.
|
|
*/
|
|
static void do_freezer_trap(void)
|
|
__releases(¤t->sighand->siglock)
|
|
{
|
|
/*
|
|
* If there are other trap bits pending except JOBCTL_TRAP_FREEZE,
|
|
* let's make another loop to give it a chance to be handled.
|
|
* In any case, we'll return back.
|
|
*/
|
|
if ((current->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) !=
|
|
JOBCTL_TRAP_FREEZE) {
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
return;
|
|
}
|
|
|
|
/*
|
|
* Now we're sure that there is no pending fatal signal and no
|
|
* pending traps. Clear TIF_SIGPENDING to not get out of schedule()
|
|
* immediately (if there is a non-fatal signal pending), and
|
|
* put the task into sleep.
|
|
*/
|
|
__set_current_state(TASK_INTERRUPTIBLE);
|
|
clear_thread_flag(TIF_SIGPENDING);
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
cgroup_enter_frozen();
|
|
freezable_schedule();
|
|
}
|
|
|
|
static int ptrace_signal(int signr, kernel_siginfo_t *info)
|
|
{
|
|
/*
|
|
* We do not check sig_kernel_stop(signr) but set this marker
|
|
* unconditionally because we do not know whether debugger will
|
|
* change signr. This flag has no meaning unless we are going
|
|
* to stop after return from ptrace_stop(). In this case it will
|
|
* be checked in do_signal_stop(), we should only stop if it was
|
|
* not cleared by SIGCONT while we were sleeping. See also the
|
|
* comment in dequeue_signal().
|
|
*/
|
|
current->jobctl |= JOBCTL_STOP_DEQUEUED;
|
|
ptrace_stop(signr, CLD_TRAPPED, 0, info);
|
|
|
|
/* We're back. Did the debugger cancel the sig? */
|
|
signr = current->exit_code;
|
|
if (signr == 0)
|
|
return signr;
|
|
|
|
current->exit_code = 0;
|
|
|
|
/*
|
|
* Update the siginfo structure if the signal has
|
|
* changed. If the debugger wanted something
|
|
* specific in the siginfo structure then it should
|
|
* have updated *info via PTRACE_SETSIGINFO.
|
|
*/
|
|
if (signr != info->si_signo) {
|
|
clear_siginfo(info);
|
|
info->si_signo = signr;
|
|
info->si_errno = 0;
|
|
info->si_code = SI_USER;
|
|
rcu_read_lock();
|
|
info->si_pid = task_pid_vnr(current->parent);
|
|
info->si_uid = from_kuid_munged(current_user_ns(),
|
|
task_uid(current->parent));
|
|
rcu_read_unlock();
|
|
}
|
|
|
|
/* If the (new) signal is now blocked, requeue it. */
|
|
if (sigismember(¤t->blocked, signr)) {
|
|
send_signal(signr, info, current, PIDTYPE_PID);
|
|
signr = 0;
|
|
}
|
|
|
|
return signr;
|
|
}
|
|
|
|
static void hide_si_addr_tag_bits(struct ksignal *ksig)
|
|
{
|
|
switch (siginfo_layout(ksig->sig, ksig->info.si_code)) {
|
|
case SIL_FAULT:
|
|
case SIL_FAULT_MCEERR:
|
|
case SIL_FAULT_BNDERR:
|
|
case SIL_FAULT_PKUERR:
|
|
ksig->info.si_addr = arch_untagged_si_addr(
|
|
ksig->info.si_addr, ksig->sig, ksig->info.si_code);
|
|
break;
|
|
case SIL_KILL:
|
|
case SIL_TIMER:
|
|
case SIL_POLL:
|
|
case SIL_CHLD:
|
|
case SIL_RT:
|
|
case SIL_SYS:
|
|
break;
|
|
}
|
|
}
|
|
|
|
bool get_signal(struct ksignal *ksig)
|
|
{
|
|
struct sighand_struct *sighand = current->sighand;
|
|
struct signal_struct *signal = current->signal;
|
|
int signr;
|
|
|
|
if (unlikely(uprobe_deny_signal()))
|
|
return false;
|
|
|
|
/*
|
|
* Do this once, we can't return to user-mode if freezing() == T.
|
|
* do_signal_stop() and ptrace_stop() do freezable_schedule() and
|
|
* thus do not need another check after return.
|
|
*/
|
|
try_to_freeze();
|
|
|
|
relock:
|
|
spin_lock_irq(&sighand->siglock);
|
|
/*
|
|
* Make sure we can safely read ->jobctl() in task_work add. As Oleg
|
|
* states:
|
|
*
|
|
* It pairs with mb (implied by cmpxchg) before READ_ONCE. So we
|
|
* roughly have
|
|
*
|
|
* task_work_add: get_signal:
|
|
* STORE(task->task_works, new_work); STORE(task->jobctl);
|
|
* mb(); mb();
|
|
* LOAD(task->jobctl); LOAD(task->task_works);
|
|
*
|
|
* and we can rely on STORE-MB-LOAD [ in task_work_add].
|
|
*/
|
|
smp_store_mb(current->jobctl, current->jobctl & ~JOBCTL_TASK_WORK);
|
|
if (unlikely(current->task_works)) {
|
|
spin_unlock_irq(&sighand->siglock);
|
|
task_work_run();
|
|
goto relock;
|
|
}
|
|
|
|
/*
|
|
* Every stopped thread goes here after wakeup. Check to see if
|
|
* we should notify the parent, prepare_signal(SIGCONT) encodes
|
|
* the CLD_ si_code into SIGNAL_CLD_MASK bits.
|
|
*/
|
|
if (unlikely(signal->flags & SIGNAL_CLD_MASK)) {
|
|
int why;
|
|
|
|
if (signal->flags & SIGNAL_CLD_CONTINUED)
|
|
why = CLD_CONTINUED;
|
|
else
|
|
why = CLD_STOPPED;
|
|
|
|
signal->flags &= ~SIGNAL_CLD_MASK;
|
|
|
|
spin_unlock_irq(&sighand->siglock);
|
|
|
|
/*
|
|
* Notify the parent that we're continuing. This event is
|
|
* always per-process and doesn't make whole lot of sense
|
|
* for ptracers, who shouldn't consume the state via
|
|
* wait(2) either, but, for backward compatibility, notify
|
|
* the ptracer of the group leader too unless it's gonna be
|
|
* a duplicate.
|
|
*/
|
|
read_lock(&tasklist_lock);
|
|
do_notify_parent_cldstop(current, false, why);
|
|
|
|
if (ptrace_reparented(current->group_leader))
|
|
do_notify_parent_cldstop(current->group_leader,
|
|
true, why);
|
|
read_unlock(&tasklist_lock);
|
|
|
|
goto relock;
|
|
}
|
|
|
|
/* Has this task already been marked for death? */
|
|
if (signal_group_exit(signal)) {
|
|
ksig->info.si_signo = signr = SIGKILL;
|
|
sigdelset(¤t->pending.signal, SIGKILL);
|
|
trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO,
|
|
&sighand->action[SIGKILL - 1]);
|
|
recalc_sigpending();
|
|
goto fatal;
|
|
}
|
|
|
|
for (;;) {
|
|
struct k_sigaction *ka;
|
|
|
|
if (unlikely(current->jobctl & JOBCTL_STOP_PENDING) &&
|
|
do_signal_stop(0))
|
|
goto relock;
|
|
|
|
if (unlikely(current->jobctl &
|
|
(JOBCTL_TRAP_MASK | JOBCTL_TRAP_FREEZE))) {
|
|
if (current->jobctl & JOBCTL_TRAP_MASK) {
|
|
do_jobctl_trap();
|
|
spin_unlock_irq(&sighand->siglock);
|
|
} else if (current->jobctl & JOBCTL_TRAP_FREEZE)
|
|
do_freezer_trap();
|
|
|
|
goto relock;
|
|
}
|
|
|
|
/*
|
|
* If the task is leaving the frozen state, let's update
|
|
* cgroup counters and reset the frozen bit.
|
|
*/
|
|
if (unlikely(cgroup_task_frozen(current))) {
|
|
spin_unlock_irq(&sighand->siglock);
|
|
cgroup_leave_frozen(false);
|
|
goto relock;
|
|
}
|
|
|
|
/*
|
|
* Signals generated by the execution of an instruction
|
|
* need to be delivered before any other pending signals
|
|
* so that the instruction pointer in the signal stack
|
|
* frame points to the faulting instruction.
|
|
*/
|
|
signr = dequeue_synchronous_signal(&ksig->info);
|
|
if (!signr)
|
|
signr = dequeue_signal(current, ¤t->blocked, &ksig->info);
|
|
|
|
if (!signr)
|
|
break; /* will return 0 */
|
|
|
|
if (unlikely(current->ptrace) && signr != SIGKILL) {
|
|
signr = ptrace_signal(signr, &ksig->info);
|
|
if (!signr)
|
|
continue;
|
|
}
|
|
|
|
ka = &sighand->action[signr-1];
|
|
|
|
/* Trace actually delivered signals. */
|
|
trace_signal_deliver(signr, &ksig->info, ka);
|
|
|
|
if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */
|
|
continue;
|
|
if (ka->sa.sa_handler != SIG_DFL) {
|
|
/* Run the handler. */
|
|
ksig->ka = *ka;
|
|
|
|
if (ka->sa.sa_flags & SA_ONESHOT)
|
|
ka->sa.sa_handler = SIG_DFL;
|
|
|
|
break; /* will return non-zero "signr" value */
|
|
}
|
|
|
|
/*
|
|
* Now we are doing the default action for this signal.
|
|
*/
|
|
if (sig_kernel_ignore(signr)) /* Default is nothing. */
|
|
continue;
|
|
|
|
/*
|
|
* Global init gets no signals it doesn't want.
|
|
* Container-init gets no signals it doesn't want from same
|
|
* container.
|
|
*
|
|
* Note that if global/container-init sees a sig_kernel_only()
|
|
* signal here, the signal must have been generated internally
|
|
* or must have come from an ancestor namespace. In either
|
|
* case, the signal cannot be dropped.
|
|
*/
|
|
if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
|
|
!sig_kernel_only(signr))
|
|
continue;
|
|
|
|
if (sig_kernel_stop(signr)) {
|
|
/*
|
|
* The default action is to stop all threads in
|
|
* the thread group. The job control signals
|
|
* do nothing in an orphaned pgrp, but SIGSTOP
|
|
* always works. Note that siglock needs to be
|
|
* dropped during the call to is_orphaned_pgrp()
|
|
* because of lock ordering with tasklist_lock.
|
|
* This allows an intervening SIGCONT to be posted.
|
|
* We need to check for that and bail out if necessary.
|
|
*/
|
|
if (signr != SIGSTOP) {
|
|
spin_unlock_irq(&sighand->siglock);
|
|
|
|
/* signals can be posted during this window */
|
|
|
|
if (is_current_pgrp_orphaned())
|
|
goto relock;
|
|
|
|
spin_lock_irq(&sighand->siglock);
|
|
}
|
|
|
|
if (likely(do_signal_stop(ksig->info.si_signo))) {
|
|
/* It released the siglock. */
|
|
goto relock;
|
|
}
|
|
|
|
/*
|
|
* We didn't actually stop, due to a race
|
|
* with SIGCONT or something like that.
|
|
*/
|
|
continue;
|
|
}
|
|
|
|
fatal:
|
|
spin_unlock_irq(&sighand->siglock);
|
|
if (unlikely(cgroup_task_frozen(current)))
|
|
cgroup_leave_frozen(true);
|
|
|
|
/*
|
|
* Anything else is fatal, maybe with a core dump.
|
|
*/
|
|
current->flags |= PF_SIGNALED;
|
|
|
|
if (sig_kernel_coredump(signr)) {
|
|
if (print_fatal_signals)
|
|
print_fatal_signal(ksig->info.si_signo);
|
|
proc_coredump_connector(current);
|
|
/*
|
|
* If it was able to dump core, this kills all
|
|
* other threads in the group and synchronizes with
|
|
* their demise. If we lost the race with another
|
|
* thread getting here, it set group_exit_code
|
|
* first and our do_group_exit call below will use
|
|
* that value and ignore the one we pass it.
|
|
*/
|
|
do_coredump(&ksig->info);
|
|
}
|
|
|
|
/*
|
|
* Death signals, no core dump.
|
|
*/
|
|
do_group_exit(ksig->info.si_signo);
|
|
/* NOTREACHED */
|
|
}
|
|
spin_unlock_irq(&sighand->siglock);
|
|
|
|
ksig->sig = signr;
|
|
|
|
if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS))
|
|
hide_si_addr_tag_bits(ksig);
|
|
|
|
return ksig->sig > 0;
|
|
}
|
|
|
|
/**
|
|
* signal_delivered -
|
|
* @ksig: kernel signal struct
|
|
* @stepping: nonzero if debugger single-step or block-step in use
|
|
*
|
|
* This function should be called when a signal has successfully been
|
|
* delivered. It updates the blocked signals accordingly (@ksig->ka.sa.sa_mask
|
|
* is always blocked, and the signal itself is blocked unless %SA_NODEFER
|
|
* is set in @ksig->ka.sa.sa_flags. Tracing is notified.
|
|
*/
|
|
static void signal_delivered(struct ksignal *ksig, int stepping)
|
|
{
|
|
sigset_t blocked;
|
|
|
|
/* A signal was successfully delivered, and the
|
|
saved sigmask was stored on the signal frame,
|
|
and will be restored by sigreturn. So we can
|
|
simply clear the restore sigmask flag. */
|
|
clear_restore_sigmask();
|
|
|
|
sigorsets(&blocked, ¤t->blocked, &ksig->ka.sa.sa_mask);
|
|
if (!(ksig->ka.sa.sa_flags & SA_NODEFER))
|
|
sigaddset(&blocked, ksig->sig);
|
|
set_current_blocked(&blocked);
|
|
tracehook_signal_handler(stepping);
|
|
}
|
|
|
|
void signal_setup_done(int failed, struct ksignal *ksig, int stepping)
|
|
{
|
|
if (failed)
|
|
force_sigsegv(ksig->sig);
|
|
else
|
|
signal_delivered(ksig, stepping);
|
|
}
|
|
|
|
/*
|
|
* It could be that complete_signal() picked us to notify about the
|
|
* group-wide signal. Other threads should be notified now to take
|
|
* the shared signals in @which since we will not.
|
|
*/
|
|
static void retarget_shared_pending(struct task_struct *tsk, sigset_t *which)
|
|
{
|
|
sigset_t retarget;
|
|
struct task_struct *t;
|
|
|
|
sigandsets(&retarget, &tsk->signal->shared_pending.signal, which);
|
|
if (sigisemptyset(&retarget))
|
|
return;
|
|
|
|
t = tsk;
|
|
while_each_thread(tsk, t) {
|
|
if (t->flags & PF_EXITING)
|
|
continue;
|
|
|
|
if (!has_pending_signals(&retarget, &t->blocked))
|
|
continue;
|
|
/* Remove the signals this thread can handle. */
|
|
sigandsets(&retarget, &retarget, &t->blocked);
|
|
|
|
if (!signal_pending(t))
|
|
signal_wake_up(t, 0);
|
|
|
|
if (sigisemptyset(&retarget))
|
|
break;
|
|
}
|
|
}
|
|
|
|
void exit_signals(struct task_struct *tsk)
|
|
{
|
|
int group_stop = 0;
|
|
sigset_t unblocked;
|
|
|
|
/*
|
|
* @tsk is about to have PF_EXITING set - lock out users which
|
|
* expect stable threadgroup.
|
|
*/
|
|
cgroup_threadgroup_change_begin(tsk);
|
|
|
|
if (thread_group_empty(tsk) || signal_group_exit(tsk->signal)) {
|
|
tsk->flags |= PF_EXITING;
|
|
cgroup_threadgroup_change_end(tsk);
|
|
return;
|
|
}
|
|
|
|
spin_lock_irq(&tsk->sighand->siglock);
|
|
/*
|
|
* From now this task is not visible for group-wide signals,
|
|
* see wants_signal(), do_signal_stop().
|
|
*/
|
|
tsk->flags |= PF_EXITING;
|
|
|
|
cgroup_threadgroup_change_end(tsk);
|
|
|
|
if (!signal_pending(tsk))
|
|
goto out;
|
|
|
|
unblocked = tsk->blocked;
|
|
signotset(&unblocked);
|
|
retarget_shared_pending(tsk, &unblocked);
|
|
|
|
if (unlikely(tsk->jobctl & JOBCTL_STOP_PENDING) &&
|
|
task_participate_group_stop(tsk))
|
|
group_stop = CLD_STOPPED;
|
|
out:
|
|
spin_unlock_irq(&tsk->sighand->siglock);
|
|
|
|
/*
|
|
* If group stop has completed, deliver the notification. This
|
|
* should always go to the real parent of the group leader.
|
|
*/
|
|
if (unlikely(group_stop)) {
|
|
read_lock(&tasklist_lock);
|
|
do_notify_parent_cldstop(tsk, false, group_stop);
|
|
read_unlock(&tasklist_lock);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* System call entry points.
|
|
*/
|
|
|
|
/**
|
|
* sys_restart_syscall - restart a system call
|
|
*/
|
|
SYSCALL_DEFINE0(restart_syscall)
|
|
{
|
|
struct restart_block *restart = ¤t->restart_block;
|
|
return restart->fn(restart);
|
|
}
|
|
|
|
long do_no_restart_syscall(struct restart_block *param)
|
|
{
|
|
return -EINTR;
|
|
}
|
|
|
|
static void __set_task_blocked(struct task_struct *tsk, const sigset_t *newset)
|
|
{
|
|
if (signal_pending(tsk) && !thread_group_empty(tsk)) {
|
|
sigset_t newblocked;
|
|
/* A set of now blocked but previously unblocked signals. */
|
|
sigandnsets(&newblocked, newset, ¤t->blocked);
|
|
retarget_shared_pending(tsk, &newblocked);
|
|
}
|
|
tsk->blocked = *newset;
|
|
recalc_sigpending();
|
|
}
|
|
|
|
/**
|
|
* set_current_blocked - change current->blocked mask
|
|
* @newset: new mask
|
|
*
|
|
* It is wrong to change ->blocked directly, this helper should be used
|
|
* to ensure the process can't miss a shared signal we are going to block.
|
|
*/
|
|
void set_current_blocked(sigset_t *newset)
|
|
{
|
|
sigdelsetmask(newset, sigmask(SIGKILL) | sigmask(SIGSTOP));
|
|
__set_current_blocked(newset);
|
|
}
|
|
|
|
void __set_current_blocked(const sigset_t *newset)
|
|
{
|
|
struct task_struct *tsk = current;
|
|
|
|
/*
|
|
* In case the signal mask hasn't changed, there is nothing we need
|
|
* to do. The current->blocked shouldn't be modified by other task.
|
|
*/
|
|
if (sigequalsets(&tsk->blocked, newset))
|
|
return;
|
|
|
|
spin_lock_irq(&tsk->sighand->siglock);
|
|
__set_task_blocked(tsk, newset);
|
|
spin_unlock_irq(&tsk->sighand->siglock);
|
|
}
|
|
|
|
/*
|
|
* This is also useful for kernel threads that want to temporarily
|
|
* (or permanently) block certain signals.
|
|
*
|
|
* NOTE! Unlike the user-mode sys_sigprocmask(), the kernel
|
|
* interface happily blocks "unblockable" signals like SIGKILL
|
|
* and friends.
|
|
*/
|
|
int sigprocmask(int how, sigset_t *set, sigset_t *oldset)
|
|
{
|
|
struct task_struct *tsk = current;
|
|
sigset_t newset;
|
|
|
|
/* Lockless, only current can change ->blocked, never from irq */
|
|
if (oldset)
|
|
*oldset = tsk->blocked;
|
|
|
|
switch (how) {
|
|
case SIG_BLOCK:
|
|
sigorsets(&newset, &tsk->blocked, set);
|
|
break;
|
|
case SIG_UNBLOCK:
|
|
sigandnsets(&newset, &tsk->blocked, set);
|
|
break;
|
|
case SIG_SETMASK:
|
|
newset = *set;
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
__set_current_blocked(&newset);
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(sigprocmask);
|
|
|
|
/*
|
|
* The api helps set app-provided sigmasks.
|
|
*
|
|
* This is useful for syscalls such as ppoll, pselect, io_pgetevents and
|
|
* epoll_pwait where a new sigmask is passed from userland for the syscalls.
|
|
*
|
|
* Note that it does set_restore_sigmask() in advance, so it must be always
|
|
* paired with restore_saved_sigmask_unless() before return from syscall.
|
|
*/
|
|
int set_user_sigmask(const sigset_t __user *umask, size_t sigsetsize)
|
|
{
|
|
sigset_t kmask;
|
|
|
|
if (!umask)
|
|
return 0;
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
if (copy_from_user(&kmask, umask, sizeof(sigset_t)))
|
|
return -EFAULT;
|
|
|
|
set_restore_sigmask();
|
|
current->saved_sigmask = current->blocked;
|
|
set_current_blocked(&kmask);
|
|
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
int set_compat_user_sigmask(const compat_sigset_t __user *umask,
|
|
size_t sigsetsize)
|
|
{
|
|
sigset_t kmask;
|
|
|
|
if (!umask)
|
|
return 0;
|
|
if (sigsetsize != sizeof(compat_sigset_t))
|
|
return -EINVAL;
|
|
if (get_compat_sigset(&kmask, umask))
|
|
return -EFAULT;
|
|
|
|
set_restore_sigmask();
|
|
current->saved_sigmask = current->blocked;
|
|
set_current_blocked(&kmask);
|
|
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
/**
|
|
* sys_rt_sigprocmask - change the list of currently blocked signals
|
|
* @how: whether to add, remove, or set signals
|
|
* @nset: stores pending signals
|
|
* @oset: previous value of signal mask if non-null
|
|
* @sigsetsize: size of sigset_t type
|
|
*/
|
|
SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, nset,
|
|
sigset_t __user *, oset, size_t, sigsetsize)
|
|
{
|
|
sigset_t old_set, new_set;
|
|
int error;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
old_set = current->blocked;
|
|
|
|
if (nset) {
|
|
if (copy_from_user(&new_set, nset, sizeof(sigset_t)))
|
|
return -EFAULT;
|
|
sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
|
|
|
|
error = sigprocmask(how, &new_set, NULL);
|
|
if (error)
|
|
return error;
|
|
}
|
|
|
|
if (oset) {
|
|
if (copy_to_user(oset, &old_set, sizeof(sigset_t)))
|
|
return -EFAULT;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE4(rt_sigprocmask, int, how, compat_sigset_t __user *, nset,
|
|
compat_sigset_t __user *, oset, compat_size_t, sigsetsize)
|
|
{
|
|
sigset_t old_set = current->blocked;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (nset) {
|
|
sigset_t new_set;
|
|
int error;
|
|
if (get_compat_sigset(&new_set, nset))
|
|
return -EFAULT;
|
|
sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
|
|
|
|
error = sigprocmask(how, &new_set, NULL);
|
|
if (error)
|
|
return error;
|
|
}
|
|
return oset ? put_compat_sigset(oset, &old_set, sizeof(*oset)) : 0;
|
|
}
|
|
#endif
|
|
|
|
static void do_sigpending(sigset_t *set)
|
|
{
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
sigorsets(set, ¤t->pending.signal,
|
|
¤t->signal->shared_pending.signal);
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
|
|
/* Outside the lock because only this thread touches it. */
|
|
sigandsets(set, ¤t->blocked, set);
|
|
}
|
|
|
|
/**
|
|
* sys_rt_sigpending - examine a pending signal that has been raised
|
|
* while blocked
|
|
* @uset: stores pending signals
|
|
* @sigsetsize: size of sigset_t type or larger
|
|
*/
|
|
SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, uset, size_t, sigsetsize)
|
|
{
|
|
sigset_t set;
|
|
|
|
if (sigsetsize > sizeof(*uset))
|
|
return -EINVAL;
|
|
|
|
do_sigpending(&set);
|
|
|
|
if (copy_to_user(uset, &set, sigsetsize))
|
|
return -EFAULT;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE2(rt_sigpending, compat_sigset_t __user *, uset,
|
|
compat_size_t, sigsetsize)
|
|
{
|
|
sigset_t set;
|
|
|
|
if (sigsetsize > sizeof(*uset))
|
|
return -EINVAL;
|
|
|
|
do_sigpending(&set);
|
|
|
|
return put_compat_sigset(uset, &set, sigsetsize);
|
|
}
|
|
#endif
|
|
|
|
static const struct {
|
|
unsigned char limit, layout;
|
|
} sig_sicodes[] = {
|
|
[SIGILL] = { NSIGILL, SIL_FAULT },
|
|
[SIGFPE] = { NSIGFPE, SIL_FAULT },
|
|
[SIGSEGV] = { NSIGSEGV, SIL_FAULT },
|
|
[SIGBUS] = { NSIGBUS, SIL_FAULT },
|
|
[SIGTRAP] = { NSIGTRAP, SIL_FAULT },
|
|
#if defined(SIGEMT)
|
|
[SIGEMT] = { NSIGEMT, SIL_FAULT },
|
|
#endif
|
|
[SIGCHLD] = { NSIGCHLD, SIL_CHLD },
|
|
[SIGPOLL] = { NSIGPOLL, SIL_POLL },
|
|
[SIGSYS] = { NSIGSYS, SIL_SYS },
|
|
};
|
|
|
|
static bool known_siginfo_layout(unsigned sig, int si_code)
|
|
{
|
|
if (si_code == SI_KERNEL)
|
|
return true;
|
|
else if ((si_code > SI_USER)) {
|
|
if (sig_specific_sicodes(sig)) {
|
|
if (si_code <= sig_sicodes[sig].limit)
|
|
return true;
|
|
}
|
|
else if (si_code <= NSIGPOLL)
|
|
return true;
|
|
}
|
|
else if (si_code >= SI_DETHREAD)
|
|
return true;
|
|
else if (si_code == SI_ASYNCNL)
|
|
return true;
|
|
return false;
|
|
}
|
|
|
|
enum siginfo_layout siginfo_layout(unsigned sig, int si_code)
|
|
{
|
|
enum siginfo_layout layout = SIL_KILL;
|
|
if ((si_code > SI_USER) && (si_code < SI_KERNEL)) {
|
|
if ((sig < ARRAY_SIZE(sig_sicodes)) &&
|
|
(si_code <= sig_sicodes[sig].limit)) {
|
|
layout = sig_sicodes[sig].layout;
|
|
/* Handle the exceptions */
|
|
if ((sig == SIGBUS) &&
|
|
(si_code >= BUS_MCEERR_AR) && (si_code <= BUS_MCEERR_AO))
|
|
layout = SIL_FAULT_MCEERR;
|
|
else if ((sig == SIGSEGV) && (si_code == SEGV_BNDERR))
|
|
layout = SIL_FAULT_BNDERR;
|
|
#ifdef SEGV_PKUERR
|
|
else if ((sig == SIGSEGV) && (si_code == SEGV_PKUERR))
|
|
layout = SIL_FAULT_PKUERR;
|
|
#endif
|
|
}
|
|
else if (si_code <= NSIGPOLL)
|
|
layout = SIL_POLL;
|
|
} else {
|
|
if (si_code == SI_TIMER)
|
|
layout = SIL_TIMER;
|
|
else if (si_code == SI_SIGIO)
|
|
layout = SIL_POLL;
|
|
else if (si_code < 0)
|
|
layout = SIL_RT;
|
|
}
|
|
return layout;
|
|
}
|
|
|
|
static inline char __user *si_expansion(const siginfo_t __user *info)
|
|
{
|
|
return ((char __user *)info) + sizeof(struct kernel_siginfo);
|
|
}
|
|
|
|
int copy_siginfo_to_user(siginfo_t __user *to, const kernel_siginfo_t *from)
|
|
{
|
|
char __user *expansion = si_expansion(to);
|
|
if (copy_to_user(to, from , sizeof(struct kernel_siginfo)))
|
|
return -EFAULT;
|
|
if (clear_user(expansion, SI_EXPANSION_SIZE))
|
|
return -EFAULT;
|
|
return 0;
|
|
}
|
|
|
|
static int post_copy_siginfo_from_user(kernel_siginfo_t *info,
|
|
const siginfo_t __user *from)
|
|
{
|
|
if (unlikely(!known_siginfo_layout(info->si_signo, info->si_code))) {
|
|
char __user *expansion = si_expansion(from);
|
|
char buf[SI_EXPANSION_SIZE];
|
|
int i;
|
|
/*
|
|
* An unknown si_code might need more than
|
|
* sizeof(struct kernel_siginfo) bytes. Verify all of the
|
|
* extra bytes are 0. This guarantees copy_siginfo_to_user
|
|
* will return this data to userspace exactly.
|
|
*/
|
|
if (copy_from_user(&buf, expansion, SI_EXPANSION_SIZE))
|
|
return -EFAULT;
|
|
for (i = 0; i < SI_EXPANSION_SIZE; i++) {
|
|
if (buf[i] != 0)
|
|
return -E2BIG;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static int __copy_siginfo_from_user(int signo, kernel_siginfo_t *to,
|
|
const siginfo_t __user *from)
|
|
{
|
|
if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
|
|
return -EFAULT;
|
|
to->si_signo = signo;
|
|
return post_copy_siginfo_from_user(to, from);
|
|
}
|
|
|
|
int copy_siginfo_from_user(kernel_siginfo_t *to, const siginfo_t __user *from)
|
|
{
|
|
if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
|
|
return -EFAULT;
|
|
return post_copy_siginfo_from_user(to, from);
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
/**
|
|
* copy_siginfo_to_external32 - copy a kernel siginfo into a compat user siginfo
|
|
* @to: compat siginfo destination
|
|
* @from: kernel siginfo source
|
|
*
|
|
* Note: This function does not work properly for the SIGCHLD on x32, but
|
|
* fortunately it doesn't have to. The only valid callers for this function are
|
|
* copy_siginfo_to_user32, which is overriden for x32 and the coredump code.
|
|
* The latter does not care because SIGCHLD will never cause a coredump.
|
|
*/
|
|
void copy_siginfo_to_external32(struct compat_siginfo *to,
|
|
const struct kernel_siginfo *from)
|
|
{
|
|
memset(to, 0, sizeof(*to));
|
|
|
|
to->si_signo = from->si_signo;
|
|
to->si_errno = from->si_errno;
|
|
to->si_code = from->si_code;
|
|
switch(siginfo_layout(from->si_signo, from->si_code)) {
|
|
case SIL_KILL:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
break;
|
|
case SIL_TIMER:
|
|
to->si_tid = from->si_tid;
|
|
to->si_overrun = from->si_overrun;
|
|
to->si_int = from->si_int;
|
|
break;
|
|
case SIL_POLL:
|
|
to->si_band = from->si_band;
|
|
to->si_fd = from->si_fd;
|
|
break;
|
|
case SIL_FAULT:
|
|
to->si_addr = ptr_to_compat(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
break;
|
|
case SIL_FAULT_MCEERR:
|
|
to->si_addr = ptr_to_compat(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_addr_lsb = from->si_addr_lsb;
|
|
break;
|
|
case SIL_FAULT_BNDERR:
|
|
to->si_addr = ptr_to_compat(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_lower = ptr_to_compat(from->si_lower);
|
|
to->si_upper = ptr_to_compat(from->si_upper);
|
|
break;
|
|
case SIL_FAULT_PKUERR:
|
|
to->si_addr = ptr_to_compat(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_pkey = from->si_pkey;
|
|
break;
|
|
case SIL_CHLD:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
to->si_status = from->si_status;
|
|
to->si_utime = from->si_utime;
|
|
to->si_stime = from->si_stime;
|
|
break;
|
|
case SIL_RT:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
to->si_int = from->si_int;
|
|
break;
|
|
case SIL_SYS:
|
|
to->si_call_addr = ptr_to_compat(from->si_call_addr);
|
|
to->si_syscall = from->si_syscall;
|
|
to->si_arch = from->si_arch;
|
|
break;
|
|
}
|
|
}
|
|
|
|
int __copy_siginfo_to_user32(struct compat_siginfo __user *to,
|
|
const struct kernel_siginfo *from)
|
|
{
|
|
struct compat_siginfo new;
|
|
|
|
copy_siginfo_to_external32(&new, from);
|
|
if (copy_to_user(to, &new, sizeof(struct compat_siginfo)))
|
|
return -EFAULT;
|
|
return 0;
|
|
}
|
|
|
|
static int post_copy_siginfo_from_user32(kernel_siginfo_t *to,
|
|
const struct compat_siginfo *from)
|
|
{
|
|
clear_siginfo(to);
|
|
to->si_signo = from->si_signo;
|
|
to->si_errno = from->si_errno;
|
|
to->si_code = from->si_code;
|
|
switch(siginfo_layout(from->si_signo, from->si_code)) {
|
|
case SIL_KILL:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
break;
|
|
case SIL_TIMER:
|
|
to->si_tid = from->si_tid;
|
|
to->si_overrun = from->si_overrun;
|
|
to->si_int = from->si_int;
|
|
break;
|
|
case SIL_POLL:
|
|
to->si_band = from->si_band;
|
|
to->si_fd = from->si_fd;
|
|
break;
|
|
case SIL_FAULT:
|
|
to->si_addr = compat_ptr(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
break;
|
|
case SIL_FAULT_MCEERR:
|
|
to->si_addr = compat_ptr(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_addr_lsb = from->si_addr_lsb;
|
|
break;
|
|
case SIL_FAULT_BNDERR:
|
|
to->si_addr = compat_ptr(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_lower = compat_ptr(from->si_lower);
|
|
to->si_upper = compat_ptr(from->si_upper);
|
|
break;
|
|
case SIL_FAULT_PKUERR:
|
|
to->si_addr = compat_ptr(from->si_addr);
|
|
#ifdef __ARCH_SI_TRAPNO
|
|
to->si_trapno = from->si_trapno;
|
|
#endif
|
|
to->si_pkey = from->si_pkey;
|
|
break;
|
|
case SIL_CHLD:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
to->si_status = from->si_status;
|
|
#ifdef CONFIG_X86_X32_ABI
|
|
if (in_x32_syscall()) {
|
|
to->si_utime = from->_sifields._sigchld_x32._utime;
|
|
to->si_stime = from->_sifields._sigchld_x32._stime;
|
|
} else
|
|
#endif
|
|
{
|
|
to->si_utime = from->si_utime;
|
|
to->si_stime = from->si_stime;
|
|
}
|
|
break;
|
|
case SIL_RT:
|
|
to->si_pid = from->si_pid;
|
|
to->si_uid = from->si_uid;
|
|
to->si_int = from->si_int;
|
|
break;
|
|
case SIL_SYS:
|
|
to->si_call_addr = compat_ptr(from->si_call_addr);
|
|
to->si_syscall = from->si_syscall;
|
|
to->si_arch = from->si_arch;
|
|
break;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static int __copy_siginfo_from_user32(int signo, struct kernel_siginfo *to,
|
|
const struct compat_siginfo __user *ufrom)
|
|
{
|
|
struct compat_siginfo from;
|
|
|
|
if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
|
|
return -EFAULT;
|
|
|
|
from.si_signo = signo;
|
|
return post_copy_siginfo_from_user32(to, &from);
|
|
}
|
|
|
|
int copy_siginfo_from_user32(struct kernel_siginfo *to,
|
|
const struct compat_siginfo __user *ufrom)
|
|
{
|
|
struct compat_siginfo from;
|
|
|
|
if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
|
|
return -EFAULT;
|
|
|
|
return post_copy_siginfo_from_user32(to, &from);
|
|
}
|
|
#endif /* CONFIG_COMPAT */
|
|
|
|
/**
|
|
* do_sigtimedwait - wait for queued signals specified in @which
|
|
* @which: queued signals to wait for
|
|
* @info: if non-null, the signal's siginfo is returned here
|
|
* @ts: upper bound on process time suspension
|
|
*/
|
|
static int do_sigtimedwait(const sigset_t *which, kernel_siginfo_t *info,
|
|
const struct timespec64 *ts)
|
|
{
|
|
ktime_t *to = NULL, timeout = KTIME_MAX;
|
|
struct task_struct *tsk = current;
|
|
sigset_t mask = *which;
|
|
int sig, ret = 0;
|
|
|
|
if (ts) {
|
|
if (!timespec64_valid(ts))
|
|
return -EINVAL;
|
|
timeout = timespec64_to_ktime(*ts);
|
|
to = &timeout;
|
|
}
|
|
|
|
/*
|
|
* Invert the set of allowed signals to get those we want to block.
|
|
*/
|
|
sigdelsetmask(&mask, sigmask(SIGKILL) | sigmask(SIGSTOP));
|
|
signotset(&mask);
|
|
|
|
spin_lock_irq(&tsk->sighand->siglock);
|
|
sig = dequeue_signal(tsk, &mask, info);
|
|
if (!sig && timeout) {
|
|
/*
|
|
* None ready, temporarily unblock those we're interested
|
|
* while we are sleeping in so that we'll be awakened when
|
|
* they arrive. Unblocking is always fine, we can avoid
|
|
* set_current_blocked().
|
|
*/
|
|
tsk->real_blocked = tsk->blocked;
|
|
sigandsets(&tsk->blocked, &tsk->blocked, &mask);
|
|
recalc_sigpending();
|
|
spin_unlock_irq(&tsk->sighand->siglock);
|
|
|
|
__set_current_state(TASK_INTERRUPTIBLE);
|
|
ret = freezable_schedule_hrtimeout_range(to, tsk->timer_slack_ns,
|
|
HRTIMER_MODE_REL);
|
|
spin_lock_irq(&tsk->sighand->siglock);
|
|
__set_task_blocked(tsk, &tsk->real_blocked);
|
|
sigemptyset(&tsk->real_blocked);
|
|
sig = dequeue_signal(tsk, &mask, info);
|
|
}
|
|
spin_unlock_irq(&tsk->sighand->siglock);
|
|
|
|
if (sig)
|
|
return sig;
|
|
return ret ? -EINTR : -EAGAIN;
|
|
}
|
|
|
|
/**
|
|
* sys_rt_sigtimedwait - synchronously wait for queued signals specified
|
|
* in @uthese
|
|
* @uthese: queued signals to wait for
|
|
* @uinfo: if non-null, the signal's siginfo is returned here
|
|
* @uts: upper bound on process time suspension
|
|
* @sigsetsize: size of sigset_t type
|
|
*/
|
|
SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese,
|
|
siginfo_t __user *, uinfo,
|
|
const struct __kernel_timespec __user *, uts,
|
|
size_t, sigsetsize)
|
|
{
|
|
sigset_t these;
|
|
struct timespec64 ts;
|
|
kernel_siginfo_t info;
|
|
int ret;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (copy_from_user(&these, uthese, sizeof(these)))
|
|
return -EFAULT;
|
|
|
|
if (uts) {
|
|
if (get_timespec64(&ts, uts))
|
|
return -EFAULT;
|
|
}
|
|
|
|
ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
|
|
|
|
if (ret > 0 && uinfo) {
|
|
if (copy_siginfo_to_user(uinfo, &info))
|
|
ret = -EFAULT;
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT_32BIT_TIME
|
|
SYSCALL_DEFINE4(rt_sigtimedwait_time32, const sigset_t __user *, uthese,
|
|
siginfo_t __user *, uinfo,
|
|
const struct old_timespec32 __user *, uts,
|
|
size_t, sigsetsize)
|
|
{
|
|
sigset_t these;
|
|
struct timespec64 ts;
|
|
kernel_siginfo_t info;
|
|
int ret;
|
|
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (copy_from_user(&these, uthese, sizeof(these)))
|
|
return -EFAULT;
|
|
|
|
if (uts) {
|
|
if (get_old_timespec32(&ts, uts))
|
|
return -EFAULT;
|
|
}
|
|
|
|
ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
|
|
|
|
if (ret > 0 && uinfo) {
|
|
if (copy_siginfo_to_user(uinfo, &info))
|
|
ret = -EFAULT;
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time64, compat_sigset_t __user *, uthese,
|
|
struct compat_siginfo __user *, uinfo,
|
|
struct __kernel_timespec __user *, uts, compat_size_t, sigsetsize)
|
|
{
|
|
sigset_t s;
|
|
struct timespec64 t;
|
|
kernel_siginfo_t info;
|
|
long ret;
|
|
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (get_compat_sigset(&s, uthese))
|
|
return -EFAULT;
|
|
|
|
if (uts) {
|
|
if (get_timespec64(&t, uts))
|
|
return -EFAULT;
|
|
}
|
|
|
|
ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
|
|
|
|
if (ret > 0 && uinfo) {
|
|
if (copy_siginfo_to_user32(uinfo, &info))
|
|
ret = -EFAULT;
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT_32BIT_TIME
|
|
COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time32, compat_sigset_t __user *, uthese,
|
|
struct compat_siginfo __user *, uinfo,
|
|
struct old_timespec32 __user *, uts, compat_size_t, sigsetsize)
|
|
{
|
|
sigset_t s;
|
|
struct timespec64 t;
|
|
kernel_siginfo_t info;
|
|
long ret;
|
|
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (get_compat_sigset(&s, uthese))
|
|
return -EFAULT;
|
|
|
|
if (uts) {
|
|
if (get_old_timespec32(&t, uts))
|
|
return -EFAULT;
|
|
}
|
|
|
|
ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
|
|
|
|
if (ret > 0 && uinfo) {
|
|
if (copy_siginfo_to_user32(uinfo, &info))
|
|
ret = -EFAULT;
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
#endif
|
|
#endif
|
|
|
|
static inline void prepare_kill_siginfo(int sig, struct kernel_siginfo *info)
|
|
{
|
|
clear_siginfo(info);
|
|
info->si_signo = sig;
|
|
info->si_errno = 0;
|
|
info->si_code = SI_USER;
|
|
info->si_pid = task_tgid_vnr(current);
|
|
info->si_uid = from_kuid_munged(current_user_ns(), current_uid());
|
|
}
|
|
|
|
/**
|
|
* sys_kill - send a signal to a process
|
|
* @pid: the PID of the process
|
|
* @sig: signal to be sent
|
|
*/
|
|
SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
prepare_kill_siginfo(sig, &info);
|
|
|
|
return kill_something_info(sig, &info, pid);
|
|
}
|
|
|
|
/*
|
|
* Verify that the signaler and signalee either are in the same pid namespace
|
|
* or that the signaler's pid namespace is an ancestor of the signalee's pid
|
|
* namespace.
|
|
*/
|
|
static bool access_pidfd_pidns(struct pid *pid)
|
|
{
|
|
struct pid_namespace *active = task_active_pid_ns(current);
|
|
struct pid_namespace *p = ns_of_pid(pid);
|
|
|
|
for (;;) {
|
|
if (!p)
|
|
return false;
|
|
if (p == active)
|
|
break;
|
|
p = p->parent;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
static int copy_siginfo_from_user_any(kernel_siginfo_t *kinfo, siginfo_t *info)
|
|
{
|
|
#ifdef CONFIG_COMPAT
|
|
/*
|
|
* Avoid hooking up compat syscalls and instead handle necessary
|
|
* conversions here. Note, this is a stop-gap measure and should not be
|
|
* considered a generic solution.
|
|
*/
|
|
if (in_compat_syscall())
|
|
return copy_siginfo_from_user32(
|
|
kinfo, (struct compat_siginfo __user *)info);
|
|
#endif
|
|
return copy_siginfo_from_user(kinfo, info);
|
|
}
|
|
|
|
static struct pid *pidfd_to_pid(const struct file *file)
|
|
{
|
|
struct pid *pid;
|
|
|
|
pid = pidfd_pid(file);
|
|
if (!IS_ERR(pid))
|
|
return pid;
|
|
|
|
return tgid_pidfd_to_pid(file);
|
|
}
|
|
|
|
/**
|
|
* sys_pidfd_send_signal - Signal a process through a pidfd
|
|
* @pidfd: file descriptor of the process
|
|
* @sig: signal to send
|
|
* @info: signal info
|
|
* @flags: future flags
|
|
*
|
|
* The syscall currently only signals via PIDTYPE_PID which covers
|
|
* kill(<positive-pid>, <signal>. It does not signal threads or process
|
|
* groups.
|
|
* In order to extend the syscall to threads and process groups the @flags
|
|
* argument should be used. In essence, the @flags argument will determine
|
|
* what is signaled and not the file descriptor itself. Put in other words,
|
|
* grouping is a property of the flags argument not a property of the file
|
|
* descriptor.
|
|
*
|
|
* Return: 0 on success, negative errno on failure
|
|
*/
|
|
SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig,
|
|
siginfo_t __user *, info, unsigned int, flags)
|
|
{
|
|
int ret;
|
|
struct fd f;
|
|
struct pid *pid;
|
|
kernel_siginfo_t kinfo;
|
|
|
|
/* Enforce flags be set to 0 until we add an extension. */
|
|
if (flags)
|
|
return -EINVAL;
|
|
|
|
f = fdget(pidfd);
|
|
if (!f.file)
|
|
return -EBADF;
|
|
|
|
/* Is this a pidfd? */
|
|
pid = pidfd_to_pid(f.file);
|
|
if (IS_ERR(pid)) {
|
|
ret = PTR_ERR(pid);
|
|
goto err;
|
|
}
|
|
|
|
ret = -EINVAL;
|
|
if (!access_pidfd_pidns(pid))
|
|
goto err;
|
|
|
|
if (info) {
|
|
ret = copy_siginfo_from_user_any(&kinfo, info);
|
|
if (unlikely(ret))
|
|
goto err;
|
|
|
|
ret = -EINVAL;
|
|
if (unlikely(sig != kinfo.si_signo))
|
|
goto err;
|
|
|
|
/* Only allow sending arbitrary signals to yourself. */
|
|
ret = -EPERM;
|
|
if ((task_pid(current) != pid) &&
|
|
(kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL))
|
|
goto err;
|
|
} else {
|
|
prepare_kill_siginfo(sig, &kinfo);
|
|
}
|
|
|
|
ret = kill_pid_info(sig, &kinfo, pid);
|
|
|
|
err:
|
|
fdput(f);
|
|
return ret;
|
|
}
|
|
|
|
static int
|
|
do_send_specific(pid_t tgid, pid_t pid, int sig, struct kernel_siginfo *info)
|
|
{
|
|
struct task_struct *p;
|
|
int error = -ESRCH;
|
|
|
|
rcu_read_lock();
|
|
p = find_task_by_vpid(pid);
|
|
if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) {
|
|
error = check_kill_permission(sig, info, p);
|
|
/*
|
|
* The null signal is a permissions and process existence
|
|
* probe. No signal is actually delivered.
|
|
*/
|
|
if (!error && sig) {
|
|
error = do_send_sig_info(sig, info, p, PIDTYPE_PID);
|
|
/*
|
|
* If lock_task_sighand() failed we pretend the task
|
|
* dies after receiving the signal. The window is tiny,
|
|
* and the signal is private anyway.
|
|
*/
|
|
if (unlikely(error == -ESRCH))
|
|
error = 0;
|
|
}
|
|
}
|
|
rcu_read_unlock();
|
|
|
|
return error;
|
|
}
|
|
|
|
static int do_tkill(pid_t tgid, pid_t pid, int sig)
|
|
{
|
|
struct kernel_siginfo info;
|
|
|
|
clear_siginfo(&info);
|
|
info.si_signo = sig;
|
|
info.si_errno = 0;
|
|
info.si_code = SI_TKILL;
|
|
info.si_pid = task_tgid_vnr(current);
|
|
info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
|
|
|
|
return do_send_specific(tgid, pid, sig, &info);
|
|
}
|
|
|
|
/**
|
|
* sys_tgkill - send signal to one specific thread
|
|
* @tgid: the thread group ID of the thread
|
|
* @pid: the PID of the thread
|
|
* @sig: signal to be sent
|
|
*
|
|
* This syscall also checks the @tgid and returns -ESRCH even if the PID
|
|
* exists but it's not belonging to the target process anymore. This
|
|
* method solves the problem of threads exiting and PIDs getting reused.
|
|
*/
|
|
SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig)
|
|
{
|
|
/* This is only valid for single tasks */
|
|
if (pid <= 0 || tgid <= 0)
|
|
return -EINVAL;
|
|
|
|
return do_tkill(tgid, pid, sig);
|
|
}
|
|
|
|
/**
|
|
* sys_tkill - send signal to one specific task
|
|
* @pid: the PID of the task
|
|
* @sig: signal to be sent
|
|
*
|
|
* Send a signal to only one task, even if it's a CLONE_THREAD task.
|
|
*/
|
|
SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig)
|
|
{
|
|
/* This is only valid for single tasks */
|
|
if (pid <= 0)
|
|
return -EINVAL;
|
|
|
|
return do_tkill(0, pid, sig);
|
|
}
|
|
|
|
static int do_rt_sigqueueinfo(pid_t pid, int sig, kernel_siginfo_t *info)
|
|
{
|
|
/* Not even root can pretend to send signals from the kernel.
|
|
* Nor can they impersonate a kill()/tgkill(), which adds source info.
|
|
*/
|
|
if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
|
|
(task_pid_vnr(current) != pid))
|
|
return -EPERM;
|
|
|
|
/* POSIX.1b doesn't mention process groups. */
|
|
return kill_proc_info(sig, info, pid);
|
|
}
|
|
|
|
/**
|
|
* sys_rt_sigqueueinfo - send signal information to a signal
|
|
* @pid: the PID of the thread
|
|
* @sig: signal to be sent
|
|
* @uinfo: signal info to be sent
|
|
*/
|
|
SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig,
|
|
siginfo_t __user *, uinfo)
|
|
{
|
|
kernel_siginfo_t info;
|
|
int ret = __copy_siginfo_from_user(sig, &info, uinfo);
|
|
if (unlikely(ret))
|
|
return ret;
|
|
return do_rt_sigqueueinfo(pid, sig, &info);
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE3(rt_sigqueueinfo,
|
|
compat_pid_t, pid,
|
|
int, sig,
|
|
struct compat_siginfo __user *, uinfo)
|
|
{
|
|
kernel_siginfo_t info;
|
|
int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
|
|
if (unlikely(ret))
|
|
return ret;
|
|
return do_rt_sigqueueinfo(pid, sig, &info);
|
|
}
|
|
#endif
|
|
|
|
static int do_rt_tgsigqueueinfo(pid_t tgid, pid_t pid, int sig, kernel_siginfo_t *info)
|
|
{
|
|
/* This is only valid for single tasks */
|
|
if (pid <= 0 || tgid <= 0)
|
|
return -EINVAL;
|
|
|
|
/* Not even root can pretend to send signals from the kernel.
|
|
* Nor can they impersonate a kill()/tgkill(), which adds source info.
|
|
*/
|
|
if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
|
|
(task_pid_vnr(current) != pid))
|
|
return -EPERM;
|
|
|
|
return do_send_specific(tgid, pid, sig, info);
|
|
}
|
|
|
|
SYSCALL_DEFINE4(rt_tgsigqueueinfo, pid_t, tgid, pid_t, pid, int, sig,
|
|
siginfo_t __user *, uinfo)
|
|
{
|
|
kernel_siginfo_t info;
|
|
int ret = __copy_siginfo_from_user(sig, &info, uinfo);
|
|
if (unlikely(ret))
|
|
return ret;
|
|
return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE4(rt_tgsigqueueinfo,
|
|
compat_pid_t, tgid,
|
|
compat_pid_t, pid,
|
|
int, sig,
|
|
struct compat_siginfo __user *, uinfo)
|
|
{
|
|
kernel_siginfo_t info;
|
|
int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
|
|
if (unlikely(ret))
|
|
return ret;
|
|
return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
|
|
}
|
|
#endif
|
|
|
|
/*
|
|
* For kthreads only, must not be used if cloned with CLONE_SIGHAND
|
|
*/
|
|
void kernel_sigaction(int sig, __sighandler_t action)
|
|
{
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
current->sighand->action[sig - 1].sa.sa_handler = action;
|
|
if (action == SIG_IGN) {
|
|
sigset_t mask;
|
|
|
|
sigemptyset(&mask);
|
|
sigaddset(&mask, sig);
|
|
|
|
flush_sigqueue_mask(&mask, ¤t->signal->shared_pending);
|
|
flush_sigqueue_mask(&mask, ¤t->pending);
|
|
recalc_sigpending();
|
|
}
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
}
|
|
EXPORT_SYMBOL(kernel_sigaction);
|
|
|
|
void __weak sigaction_compat_abi(struct k_sigaction *act,
|
|
struct k_sigaction *oact)
|
|
{
|
|
}
|
|
|
|
int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
|
|
{
|
|
struct task_struct *p = current, *t;
|
|
struct k_sigaction *k;
|
|
sigset_t mask;
|
|
|
|
if (!valid_signal(sig) || sig < 1 || (act && sig_kernel_only(sig)))
|
|
return -EINVAL;
|
|
|
|
k = &p->sighand->action[sig-1];
|
|
|
|
spin_lock_irq(&p->sighand->siglock);
|
|
if (oact)
|
|
*oact = *k;
|
|
|
|
/*
|
|
* Make sure that we never accidentally claim to support SA_UNSUPPORTED,
|
|
* e.g. by having an architecture use the bit in their uapi.
|
|
*/
|
|
BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED);
|
|
|
|
/*
|
|
* Clear unknown flag bits in order to allow userspace to detect missing
|
|
* support for flag bits and to allow the kernel to use non-uapi bits
|
|
* internally.
|
|
*/
|
|
if (act)
|
|
act->sa.sa_flags &= UAPI_SA_FLAGS;
|
|
if (oact)
|
|
oact->sa.sa_flags &= UAPI_SA_FLAGS;
|
|
|
|
sigaction_compat_abi(act, oact);
|
|
|
|
if (act) {
|
|
sigdelsetmask(&act->sa.sa_mask,
|
|
sigmask(SIGKILL) | sigmask(SIGSTOP));
|
|
*k = *act;
|
|
/*
|
|
* POSIX 3.3.1.3:
|
|
* "Setting a signal action to SIG_IGN for a signal that is
|
|
* pending shall cause the pending signal to be discarded,
|
|
* whether or not it is blocked."
|
|
*
|
|
* "Setting a signal action to SIG_DFL for a signal that is
|
|
* pending and whose default action is to ignore the signal
|
|
* (for example, SIGCHLD), shall cause the pending signal to
|
|
* be discarded, whether or not it is blocked"
|
|
*/
|
|
if (sig_handler_ignored(sig_handler(p, sig), sig)) {
|
|
sigemptyset(&mask);
|
|
sigaddset(&mask, sig);
|
|
flush_sigqueue_mask(&mask, &p->signal->shared_pending);
|
|
for_each_thread(p, t)
|
|
flush_sigqueue_mask(&mask, &t->pending);
|
|
}
|
|
}
|
|
|
|
spin_unlock_irq(&p->sighand->siglock);
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
|
|
size_t min_ss_size)
|
|
{
|
|
struct task_struct *t = current;
|
|
|
|
if (oss) {
|
|
memset(oss, 0, sizeof(stack_t));
|
|
oss->ss_sp = (void __user *) t->sas_ss_sp;
|
|
oss->ss_size = t->sas_ss_size;
|
|
oss->ss_flags = sas_ss_flags(sp) |
|
|
(current->sas_ss_flags & SS_FLAG_BITS);
|
|
}
|
|
|
|
if (ss) {
|
|
void __user *ss_sp = ss->ss_sp;
|
|
size_t ss_size = ss->ss_size;
|
|
unsigned ss_flags = ss->ss_flags;
|
|
int ss_mode;
|
|
|
|
if (unlikely(on_sig_stack(sp)))
|
|
return -EPERM;
|
|
|
|
ss_mode = ss_flags & ~SS_FLAG_BITS;
|
|
if (unlikely(ss_mode != SS_DISABLE && ss_mode != SS_ONSTACK &&
|
|
ss_mode != 0))
|
|
return -EINVAL;
|
|
|
|
if (ss_mode == SS_DISABLE) {
|
|
ss_size = 0;
|
|
ss_sp = NULL;
|
|
} else {
|
|
if (unlikely(ss_size < min_ss_size))
|
|
return -ENOMEM;
|
|
}
|
|
|
|
t->sas_ss_sp = (unsigned long) ss_sp;
|
|
t->sas_ss_size = ss_size;
|
|
t->sas_ss_flags = ss_flags;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
SYSCALL_DEFINE2(sigaltstack,const stack_t __user *,uss, stack_t __user *,uoss)
|
|
{
|
|
stack_t new, old;
|
|
int err;
|
|
if (uss && copy_from_user(&new, uss, sizeof(stack_t)))
|
|
return -EFAULT;
|
|
err = do_sigaltstack(uss ? &new : NULL, uoss ? &old : NULL,
|
|
current_user_stack_pointer(),
|
|
MINSIGSTKSZ);
|
|
if (!err && uoss && copy_to_user(uoss, &old, sizeof(stack_t)))
|
|
err = -EFAULT;
|
|
return err;
|
|
}
|
|
|
|
int restore_altstack(const stack_t __user *uss)
|
|
{
|
|
stack_t new;
|
|
if (copy_from_user(&new, uss, sizeof(stack_t)))
|
|
return -EFAULT;
|
|
(void)do_sigaltstack(&new, NULL, current_user_stack_pointer(),
|
|
MINSIGSTKSZ);
|
|
/* squash all but EFAULT for now */
|
|
return 0;
|
|
}
|
|
|
|
int __save_altstack(stack_t __user *uss, unsigned long sp)
|
|
{
|
|
struct task_struct *t = current;
|
|
int err = __put_user((void __user *)t->sas_ss_sp, &uss->ss_sp) |
|
|
__put_user(t->sas_ss_flags, &uss->ss_flags) |
|
|
__put_user(t->sas_ss_size, &uss->ss_size);
|
|
if (err)
|
|
return err;
|
|
if (t->sas_ss_flags & SS_AUTODISARM)
|
|
sas_ss_reset(t);
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
static int do_compat_sigaltstack(const compat_stack_t __user *uss_ptr,
|
|
compat_stack_t __user *uoss_ptr)
|
|
{
|
|
stack_t uss, uoss;
|
|
int ret;
|
|
|
|
if (uss_ptr) {
|
|
compat_stack_t uss32;
|
|
if (copy_from_user(&uss32, uss_ptr, sizeof(compat_stack_t)))
|
|
return -EFAULT;
|
|
uss.ss_sp = compat_ptr(uss32.ss_sp);
|
|
uss.ss_flags = uss32.ss_flags;
|
|
uss.ss_size = uss32.ss_size;
|
|
}
|
|
ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss,
|
|
compat_user_stack_pointer(),
|
|
COMPAT_MINSIGSTKSZ);
|
|
if (ret >= 0 && uoss_ptr) {
|
|
compat_stack_t old;
|
|
memset(&old, 0, sizeof(old));
|
|
old.ss_sp = ptr_to_compat(uoss.ss_sp);
|
|
old.ss_flags = uoss.ss_flags;
|
|
old.ss_size = uoss.ss_size;
|
|
if (copy_to_user(uoss_ptr, &old, sizeof(compat_stack_t)))
|
|
ret = -EFAULT;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
COMPAT_SYSCALL_DEFINE2(sigaltstack,
|
|
const compat_stack_t __user *, uss_ptr,
|
|
compat_stack_t __user *, uoss_ptr)
|
|
{
|
|
return do_compat_sigaltstack(uss_ptr, uoss_ptr);
|
|
}
|
|
|
|
int compat_restore_altstack(const compat_stack_t __user *uss)
|
|
{
|
|
int err = do_compat_sigaltstack(uss, NULL);
|
|
/* squash all but -EFAULT for now */
|
|
return err == -EFAULT ? err : 0;
|
|
}
|
|
|
|
int __compat_save_altstack(compat_stack_t __user *uss, unsigned long sp)
|
|
{
|
|
int err;
|
|
struct task_struct *t = current;
|
|
err = __put_user(ptr_to_compat((void __user *)t->sas_ss_sp),
|
|
&uss->ss_sp) |
|
|
__put_user(t->sas_ss_flags, &uss->ss_flags) |
|
|
__put_user(t->sas_ss_size, &uss->ss_size);
|
|
if (err)
|
|
return err;
|
|
if (t->sas_ss_flags & SS_AUTODISARM)
|
|
sas_ss_reset(t);
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
#ifdef __ARCH_WANT_SYS_SIGPENDING
|
|
|
|
/**
|
|
* sys_sigpending - examine pending signals
|
|
* @uset: where mask of pending signal is returned
|
|
*/
|
|
SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, uset)
|
|
{
|
|
sigset_t set;
|
|
|
|
if (sizeof(old_sigset_t) > sizeof(*uset))
|
|
return -EINVAL;
|
|
|
|
do_sigpending(&set);
|
|
|
|
if (copy_to_user(uset, &set, sizeof(old_sigset_t)))
|
|
return -EFAULT;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE1(sigpending, compat_old_sigset_t __user *, set32)
|
|
{
|
|
sigset_t set;
|
|
|
|
do_sigpending(&set);
|
|
|
|
return put_user(set.sig[0], set32);
|
|
}
|
|
#endif
|
|
|
|
#endif
|
|
|
|
#ifdef __ARCH_WANT_SYS_SIGPROCMASK
|
|
/**
|
|
* sys_sigprocmask - examine and change blocked signals
|
|
* @how: whether to add, remove, or set signals
|
|
* @nset: signals to add or remove (if non-null)
|
|
* @oset: previous value of signal mask if non-null
|
|
*
|
|
* Some platforms have their own version with special arguments;
|
|
* others support only sys_rt_sigprocmask.
|
|
*/
|
|
|
|
SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, nset,
|
|
old_sigset_t __user *, oset)
|
|
{
|
|
old_sigset_t old_set, new_set;
|
|
sigset_t new_blocked;
|
|
|
|
old_set = current->blocked.sig[0];
|
|
|
|
if (nset) {
|
|
if (copy_from_user(&new_set, nset, sizeof(*nset)))
|
|
return -EFAULT;
|
|
|
|
new_blocked = current->blocked;
|
|
|
|
switch (how) {
|
|
case SIG_BLOCK:
|
|
sigaddsetmask(&new_blocked, new_set);
|
|
break;
|
|
case SIG_UNBLOCK:
|
|
sigdelsetmask(&new_blocked, new_set);
|
|
break;
|
|
case SIG_SETMASK:
|
|
new_blocked.sig[0] = new_set;
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
set_current_blocked(&new_blocked);
|
|
}
|
|
|
|
if (oset) {
|
|
if (copy_to_user(oset, &old_set, sizeof(*oset)))
|
|
return -EFAULT;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
#endif /* __ARCH_WANT_SYS_SIGPROCMASK */
|
|
|
|
#ifndef CONFIG_ODD_RT_SIGACTION
|
|
/**
|
|
* sys_rt_sigaction - alter an action taken by a process
|
|
* @sig: signal to be sent
|
|
* @act: new sigaction
|
|
* @oact: used to save the previous sigaction
|
|
* @sigsetsize: size of sigset_t type
|
|
*/
|
|
SYSCALL_DEFINE4(rt_sigaction, int, sig,
|
|
const struct sigaction __user *, act,
|
|
struct sigaction __user *, oact,
|
|
size_t, sigsetsize)
|
|
{
|
|
struct k_sigaction new_sa, old_sa;
|
|
int ret;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (act && copy_from_user(&new_sa.sa, act, sizeof(new_sa.sa)))
|
|
return -EFAULT;
|
|
|
|
ret = do_sigaction(sig, act ? &new_sa : NULL, oact ? &old_sa : NULL);
|
|
if (ret)
|
|
return ret;
|
|
|
|
if (oact && copy_to_user(oact, &old_sa.sa, sizeof(old_sa.sa)))
|
|
return -EFAULT;
|
|
|
|
return 0;
|
|
}
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE4(rt_sigaction, int, sig,
|
|
const struct compat_sigaction __user *, act,
|
|
struct compat_sigaction __user *, oact,
|
|
compat_size_t, sigsetsize)
|
|
{
|
|
struct k_sigaction new_ka, old_ka;
|
|
#ifdef __ARCH_HAS_SA_RESTORER
|
|
compat_uptr_t restorer;
|
|
#endif
|
|
int ret;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(compat_sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (act) {
|
|
compat_uptr_t handler;
|
|
ret = get_user(handler, &act->sa_handler);
|
|
new_ka.sa.sa_handler = compat_ptr(handler);
|
|
#ifdef __ARCH_HAS_SA_RESTORER
|
|
ret |= get_user(restorer, &act->sa_restorer);
|
|
new_ka.sa.sa_restorer = compat_ptr(restorer);
|
|
#endif
|
|
ret |= get_compat_sigset(&new_ka.sa.sa_mask, &act->sa_mask);
|
|
ret |= get_user(new_ka.sa.sa_flags, &act->sa_flags);
|
|
if (ret)
|
|
return -EFAULT;
|
|
}
|
|
|
|
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
|
|
if (!ret && oact) {
|
|
ret = put_user(ptr_to_compat(old_ka.sa.sa_handler),
|
|
&oact->sa_handler);
|
|
ret |= put_compat_sigset(&oact->sa_mask, &old_ka.sa.sa_mask,
|
|
sizeof(oact->sa_mask));
|
|
ret |= put_user(old_ka.sa.sa_flags, &oact->sa_flags);
|
|
#ifdef __ARCH_HAS_SA_RESTORER
|
|
ret |= put_user(ptr_to_compat(old_ka.sa.sa_restorer),
|
|
&oact->sa_restorer);
|
|
#endif
|
|
}
|
|
return ret;
|
|
}
|
|
#endif
|
|
#endif /* !CONFIG_ODD_RT_SIGACTION */
|
|
|
|
#ifdef CONFIG_OLD_SIGACTION
|
|
SYSCALL_DEFINE3(sigaction, int, sig,
|
|
const struct old_sigaction __user *, act,
|
|
struct old_sigaction __user *, oact)
|
|
{
|
|
struct k_sigaction new_ka, old_ka;
|
|
int ret;
|
|
|
|
if (act) {
|
|
old_sigset_t mask;
|
|
if (!access_ok(act, sizeof(*act)) ||
|
|
__get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
|
|
__get_user(new_ka.sa.sa_restorer, &act->sa_restorer) ||
|
|
__get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
|
|
__get_user(mask, &act->sa_mask))
|
|
return -EFAULT;
|
|
#ifdef __ARCH_HAS_KA_RESTORER
|
|
new_ka.ka_restorer = NULL;
|
|
#endif
|
|
siginitset(&new_ka.sa.sa_mask, mask);
|
|
}
|
|
|
|
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
|
|
|
|
if (!ret && oact) {
|
|
if (!access_ok(oact, sizeof(*oact)) ||
|
|
__put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
|
|
__put_user(old_ka.sa.sa_restorer, &oact->sa_restorer) ||
|
|
__put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
|
|
__put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
|
|
return -EFAULT;
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
#endif
|
|
#ifdef CONFIG_COMPAT_OLD_SIGACTION
|
|
COMPAT_SYSCALL_DEFINE3(sigaction, int, sig,
|
|
const struct compat_old_sigaction __user *, act,
|
|
struct compat_old_sigaction __user *, oact)
|
|
{
|
|
struct k_sigaction new_ka, old_ka;
|
|
int ret;
|
|
compat_old_sigset_t mask;
|
|
compat_uptr_t handler, restorer;
|
|
|
|
if (act) {
|
|
if (!access_ok(act, sizeof(*act)) ||
|
|
__get_user(handler, &act->sa_handler) ||
|
|
__get_user(restorer, &act->sa_restorer) ||
|
|
__get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
|
|
__get_user(mask, &act->sa_mask))
|
|
return -EFAULT;
|
|
|
|
#ifdef __ARCH_HAS_KA_RESTORER
|
|
new_ka.ka_restorer = NULL;
|
|
#endif
|
|
new_ka.sa.sa_handler = compat_ptr(handler);
|
|
new_ka.sa.sa_restorer = compat_ptr(restorer);
|
|
siginitset(&new_ka.sa.sa_mask, mask);
|
|
}
|
|
|
|
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
|
|
|
|
if (!ret && oact) {
|
|
if (!access_ok(oact, sizeof(*oact)) ||
|
|
__put_user(ptr_to_compat(old_ka.sa.sa_handler),
|
|
&oact->sa_handler) ||
|
|
__put_user(ptr_to_compat(old_ka.sa.sa_restorer),
|
|
&oact->sa_restorer) ||
|
|
__put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
|
|
__put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
|
|
return -EFAULT;
|
|
}
|
|
return ret;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_SGETMASK_SYSCALL
|
|
|
|
/*
|
|
* For backwards compatibility. Functionality superseded by sigprocmask.
|
|
*/
|
|
SYSCALL_DEFINE0(sgetmask)
|
|
{
|
|
/* SMP safe */
|
|
return current->blocked.sig[0];
|
|
}
|
|
|
|
SYSCALL_DEFINE1(ssetmask, int, newmask)
|
|
{
|
|
int old = current->blocked.sig[0];
|
|
sigset_t newset;
|
|
|
|
siginitset(&newset, newmask);
|
|
set_current_blocked(&newset);
|
|
|
|
return old;
|
|
}
|
|
#endif /* CONFIG_SGETMASK_SYSCALL */
|
|
|
|
#ifdef __ARCH_WANT_SYS_SIGNAL
|
|
/*
|
|
* For backwards compatibility. Functionality superseded by sigaction.
|
|
*/
|
|
SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler)
|
|
{
|
|
struct k_sigaction new_sa, old_sa;
|
|
int ret;
|
|
|
|
new_sa.sa.sa_handler = handler;
|
|
new_sa.sa.sa_flags = SA_ONESHOT | SA_NOMASK;
|
|
sigemptyset(&new_sa.sa.sa_mask);
|
|
|
|
ret = do_sigaction(sig, &new_sa, &old_sa);
|
|
|
|
return ret ? ret : (unsigned long)old_sa.sa.sa_handler;
|
|
}
|
|
#endif /* __ARCH_WANT_SYS_SIGNAL */
|
|
|
|
#ifdef __ARCH_WANT_SYS_PAUSE
|
|
|
|
SYSCALL_DEFINE0(pause)
|
|
{
|
|
while (!signal_pending(current)) {
|
|
__set_current_state(TASK_INTERRUPTIBLE);
|
|
schedule();
|
|
}
|
|
return -ERESTARTNOHAND;
|
|
}
|
|
|
|
#endif
|
|
|
|
static int sigsuspend(sigset_t *set)
|
|
{
|
|
current->saved_sigmask = current->blocked;
|
|
set_current_blocked(set);
|
|
|
|
while (!signal_pending(current)) {
|
|
__set_current_state(TASK_INTERRUPTIBLE);
|
|
schedule();
|
|
}
|
|
set_restore_sigmask();
|
|
return -ERESTARTNOHAND;
|
|
}
|
|
|
|
/**
|
|
* sys_rt_sigsuspend - replace the signal mask for a value with the
|
|
* @unewset value until a signal is received
|
|
* @unewset: new signal mask value
|
|
* @sigsetsize: size of sigset_t type
|
|
*/
|
|
SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize)
|
|
{
|
|
sigset_t newset;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (copy_from_user(&newset, unewset, sizeof(newset)))
|
|
return -EFAULT;
|
|
return sigsuspend(&newset);
|
|
}
|
|
|
|
#ifdef CONFIG_COMPAT
|
|
COMPAT_SYSCALL_DEFINE2(rt_sigsuspend, compat_sigset_t __user *, unewset, compat_size_t, sigsetsize)
|
|
{
|
|
sigset_t newset;
|
|
|
|
/* XXX: Don't preclude handling different sized sigset_t's. */
|
|
if (sigsetsize != sizeof(sigset_t))
|
|
return -EINVAL;
|
|
|
|
if (get_compat_sigset(&newset, unewset))
|
|
return -EFAULT;
|
|
return sigsuspend(&newset);
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_OLD_SIGSUSPEND
|
|
SYSCALL_DEFINE1(sigsuspend, old_sigset_t, mask)
|
|
{
|
|
sigset_t blocked;
|
|
siginitset(&blocked, mask);
|
|
return sigsuspend(&blocked);
|
|
}
|
|
#endif
|
|
#ifdef CONFIG_OLD_SIGSUSPEND3
|
|
SYSCALL_DEFINE3(sigsuspend, int, unused1, int, unused2, old_sigset_t, mask)
|
|
{
|
|
sigset_t blocked;
|
|
siginitset(&blocked, mask);
|
|
return sigsuspend(&blocked);
|
|
}
|
|
#endif
|
|
|
|
__weak const char *arch_vma_name(struct vm_area_struct *vma)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
static inline void siginfo_buildtime_checks(void)
|
|
{
|
|
BUILD_BUG_ON(sizeof(struct siginfo) != SI_MAX_SIZE);
|
|
|
|
/* Verify the offsets in the two siginfos match */
|
|
#define CHECK_OFFSET(field) \
|
|
BUILD_BUG_ON(offsetof(siginfo_t, field) != offsetof(kernel_siginfo_t, field))
|
|
|
|
/* kill */
|
|
CHECK_OFFSET(si_pid);
|
|
CHECK_OFFSET(si_uid);
|
|
|
|
/* timer */
|
|
CHECK_OFFSET(si_tid);
|
|
CHECK_OFFSET(si_overrun);
|
|
CHECK_OFFSET(si_value);
|
|
|
|
/* rt */
|
|
CHECK_OFFSET(si_pid);
|
|
CHECK_OFFSET(si_uid);
|
|
CHECK_OFFSET(si_value);
|
|
|
|
/* sigchld */
|
|
CHECK_OFFSET(si_pid);
|
|
CHECK_OFFSET(si_uid);
|
|
CHECK_OFFSET(si_status);
|
|
CHECK_OFFSET(si_utime);
|
|
CHECK_OFFSET(si_stime);
|
|
|
|
/* sigfault */
|
|
CHECK_OFFSET(si_addr);
|
|
CHECK_OFFSET(si_addr_lsb);
|
|
CHECK_OFFSET(si_lower);
|
|
CHECK_OFFSET(si_upper);
|
|
CHECK_OFFSET(si_pkey);
|
|
|
|
/* sigpoll */
|
|
CHECK_OFFSET(si_band);
|
|
CHECK_OFFSET(si_fd);
|
|
|
|
/* sigsys */
|
|
CHECK_OFFSET(si_call_addr);
|
|
CHECK_OFFSET(si_syscall);
|
|
CHECK_OFFSET(si_arch);
|
|
#undef CHECK_OFFSET
|
|
|
|
/* usb asyncio */
|
|
BUILD_BUG_ON(offsetof(struct siginfo, si_pid) !=
|
|
offsetof(struct siginfo, si_addr));
|
|
if (sizeof(int) == sizeof(void __user *)) {
|
|
BUILD_BUG_ON(sizeof_field(struct siginfo, si_pid) !=
|
|
sizeof(void __user *));
|
|
} else {
|
|
BUILD_BUG_ON((sizeof_field(struct siginfo, si_pid) +
|
|
sizeof_field(struct siginfo, si_uid)) !=
|
|
sizeof(void __user *));
|
|
BUILD_BUG_ON(offsetofend(struct siginfo, si_pid) !=
|
|
offsetof(struct siginfo, si_uid));
|
|
}
|
|
#ifdef CONFIG_COMPAT
|
|
BUILD_BUG_ON(offsetof(struct compat_siginfo, si_pid) !=
|
|
offsetof(struct compat_siginfo, si_addr));
|
|
BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
|
|
sizeof(compat_uptr_t));
|
|
BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
|
|
sizeof_field(struct siginfo, si_pid));
|
|
#endif
|
|
}
|
|
|
|
void __init signals_init(void)
|
|
{
|
|
siginfo_buildtime_checks();
|
|
|
|
sigqueue_cachep = KMEM_CACHE(sigqueue, SLAB_PANIC);
|
|
}
|
|
|
|
#ifdef CONFIG_KGDB_KDB
|
|
#include <linux/kdb.h>
|
|
/*
|
|
* kdb_send_sig - Allows kdb to send signals without exposing
|
|
* signal internals. This function checks if the required locks are
|
|
* available before calling the main signal code, to avoid kdb
|
|
* deadlocks.
|
|
*/
|
|
void kdb_send_sig(struct task_struct *t, int sig)
|
|
{
|
|
static struct task_struct *kdb_prev_t;
|
|
int new_t, ret;
|
|
if (!spin_trylock(&t->sighand->siglock)) {
|
|
kdb_printf("Can't do kill command now.\n"
|
|
"The sigmask lock is held somewhere else in "
|
|
"kernel, try again later\n");
|
|
return;
|
|
}
|
|
new_t = kdb_prev_t != t;
|
|
kdb_prev_t = t;
|
|
if (t->state != TASK_RUNNING && new_t) {
|
|
spin_unlock(&t->sighand->siglock);
|
|
kdb_printf("Process is not RUNNING, sending a signal from "
|
|
"kdb risks deadlock\n"
|
|
"on the run queue locks. "
|
|
"The signal has _not_ been sent.\n"
|
|
"Reissue the kill command if you want to risk "
|
|
"the deadlock.\n");
|
|
return;
|
|
}
|
|
ret = send_signal(sig, SEND_SIG_PRIV, t, PIDTYPE_PID);
|
|
spin_unlock(&t->sighand->siglock);
|
|
if (ret)
|
|
kdb_printf("Fail to deliver Signal %d to process %d.\n",
|
|
sig, t->pid);
|
|
else
|
|
kdb_printf("Signal %d is sent to process %d.\n", sig, t->pid);
|
|
}
|
|
#endif /* CONFIG_KGDB_KDB */
|