Files
android_kernel_xiaomi_sm8450/kernel/signal.c
Greg Kroah-Hartman 18cd39b706 Merge tag 'android12-5.10.136_r00' into android12-5.10
This is the merge of the upstream LTS release of 5.10.136 into the
android12-5.10 branch.

It contains the following commits:

ee965fe12d Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
b7247246f6 Merge 5.10.136 into android12-5.10-lts
6eae1503dd Linux 5.10.136
1bea03b44e x86/speculation: Add LFENCE to RSB fill sequence
509c2c9fe7 x86/speculation: Add RSB VM Exit protections
e5b556a7b2 macintosh/adb: fix oob read in do_adb_query() function
75742ffc36 Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
40e2e7f1bf Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
9c45bb363e Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
3a292cb181 Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
1a2a2e3456 Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
e81f95d030 Bluetooth: btusb: Add support of IMC Networks PID 0x3568
918ce738e2 Bluetooth: hci_bcm: Add DT compatible for CYW55572
033a4455d9 Bluetooth: hci_bcm: Add BCM4349B1 variant
50763f0ac0 selftests: KVM: Handle compiler optimizations in ucall
a56e1ccdb7 tools/kvm_stat: fix display of error when multiple processes are found
3c77292d52 crypto: arm64/poly1305 - fix a read out-of-bound
e2c63e1afd ACPI: APEI: Better fix to avoid spamming the console with old error logs
6ccff35588 ACPI: video: Shortening quirk list by identifying Clevo by board_name only
a2b472b152 ACPI: video: Force backlight native for some TongFang devices
a01a4e9f5d tun: avoid double free in tun_free_netdev
1069087e2f selftests/bpf: Check dst_port only on the client socket
042fb1c281 selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
78c8397132 ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
4f3b852336 ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
45b69848a2 x86/speculation: Make all RETbleed mitigations 64-bit only
30abcdabf2 Merge 5.10.135 into android12-5.10-lts
f6ce9a9115 Merge 5.10.134 into android12-5.10-lts
4fd9cb57a3 Linux 5.10.135
4bfc9dc608 selftests: bpf: Don't run sk_lookup in verifier tests
6d3fad2b44 bpf: Add PROG_TEST_RUN support for sk_lookup programs
6aad811b37 bpf: Consolidate shared test timing code
545fc3524c x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
14b494b7aa xfs: Enforce attr3 buffer recovery order
e5f9d4e0f8 xfs: logging the on disk inode LSN can make it go backwards
c1268acaa0 xfs: remove dead stale buf unpin handling code
c85cbb0b21 xfs: hold buffer across unpin and potential shutdown processing
d8f5bb0a09 xfs: force the log offline when log intent item recovery fails
eccacbcbfd xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
17c8097fb0 xfs: prevent UAF in xfs_log_item_in_current_chkpt
6d3605f84e xfs: xfs_log_force_lsn isn't passed a LSN
41fbfdaba9 xfs: refactor xfs_file_fsync
aadc39fd5b docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed
c4cd52ab1e EDAC/ghes: Set the DIMM label unconditionally
c454639172 ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow
e500aa9f2d mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
2670f76a56 page_alloc: fix invalid watermark check on a negative value
8014246694 ARM: crypto: comment out gcc warning that breaks clang builds
6f3505588d sctp: leave the err path free in sctp_stream_init to sctp_stream_free
510e5b3791 sfc: disable softirqs for ptp TX
3ec42508a6 perf symbol: Correct address for bss symbols
6807897695 virtio-net: fix the race between refill work and close
440dccd80f netfilter: nf_queue: do not allow packet truncation below transport header offset
aeb2ff9f9f sctp: fix sleep in atomic context bug in timer handlers
fad6caf9b1 i40e: Fix interface init with MSI interrupts (no MSI-X)
e4a7acd6b4 tcp: Fix data-races around sysctl_tcp_reflect_tos.
f310fb69a0 tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
d2476f2059 tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
4832397891 tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
530a4da37e net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa()
6e0e0464f1 macsec: always read MACSEC_SA_ATTR_PN as a u64
2daf0a1261 macsec: limit replay window size with XPN
0755c9d05a macsec: fix error message in macsec_add_rxsa and _txsa
54c295a30f macsec: fix NULL deref in macsec_add_rxsa
034bfadc8f Documentation: fix sctp_wmem in ip-sysctl.rst
4aea33f404 tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
c4e6029a85 tcp: Fix a data-race around sysctl_tcp_autocorking.
83edb788e6 tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
f47e7e5b49 tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
5584fe9718 net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
b399ffafff igmp: Fix data-races around sysctl_igmp_qrv.
4c1318dabe net/tls: Remove the context from the list in tls_device_down
8008e797ec ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
a84b8b53a5 net: ping6: Fix memleak in ipv6_renew_options().
c37c7f35d7 tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
9ffb4fdfd8 tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
3e93312583 tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
77ac046a9a Revert "tcp: change pingpong threshold to 3"
54a73d6544 scsi: ufs: host: Hold reference returned by of_parse_phandle()
160f79561e ice: do not setup vlan for loopback VSI
9ed6f97c8d ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
2b4b373271 tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
3fb21b67c0 tcp: Fix a data-race around sysctl_tcp_nometrics_save.
81c45f49e6 tcp: Fix a data-race around sysctl_tcp_frto.
312ce3901f tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
3cddb7a7a5 tcp: Fix a data-race around sysctl_tcp_app_win.
f10a5f905a tcp: Fix data-races around sysctl_tcp_dsack.
7fa8999b31 watch_queue: Fix missing locking in add_watch_to_object()
45a84f04a9 watch_queue: Fix missing rcu annotation
b38a8802c5 nouveau/svm: Fix to migrate all requested pages
bd46ca4146 s390/archrandom: prevent CPACF trng invocations in interrupt context
1228934cf2 ntfs: fix use-after-free in ntfs_ucsncmp()
5528990512 Revert "ocfs2: mount shared volume without ha stack"
de5d4654ac Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
a46cc20143 Merge 5.10.133 into android12-5.10-lts
3f05c6dd13 ANDROID: fix up 5.10.132 merge with the virtio_mmio.c driver
7a62a4b621 Linux 5.10.134
bb1990a300 watch-queue: remove spurious double semicolon
f7c1fc0dec net: usb: ax88179_178a needs FLAG_SEND_ZLP
08afa87f58 tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
a4bb7ef2d6 tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
c84986d097 tty: drop tty_schedule_flip()
4d374625cc tty: the rest, stop using tty_schedule_flip()
6a81848252 tty: drivers/tty/, stop using tty_schedule_flip()
0adf21eec5 watchqueue: make sure to serialize 'wqueue->defunct' properly
c0a3a9eb26 x86/alternative: Report missing return thunk details
b7b9e5cc8b x86/amd: Use IBPB for firmware calls
14fc9233aa Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
f44e65e6f0 Bluetooth: SCO: Fix sco_send_frame returning skb->len
a8feae8bd2 Bluetooth: Fix passing NULL to PTR_ERR
5283591c84 Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
341a029cf3 Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
3cce0e771f Bluetooth: Add bt_skb_sendmmsg helper
c87b2bc9d7 Bluetooth: Add bt_skb_sendmsg helper
4faf4bbc2d ALSA: memalloc: Align buffer allocations in page size
d1dc861cd6 bitfield.h: Fix "type of reg too small for mask" test
f62ffdb5e2 drm/imx/dcss: fix unused but set variable warnings
577b624689 dlm: fix pending remove if msg allocation fails
cdcd20aa2c x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
26d5eb3c25 sched/deadline: Fix BUG_ON condition for deboosted tasks
0c722a32f2 bpf: Make sure mac_header was set before using it
ddb3f0b688 mm/mempolicy: fix uninit-value in mpol_rebind_policy()
3616776bc5 KVM: Don't null dereference ops->destroy
684896e675 spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers
0648526633 tcp: Fix data-races around sysctl_tcp_max_reordering.
805f1c7ce4 tcp: Fix a data-race around sysctl_tcp_rfc1337.
03bb3892f3 tcp: Fix a data-race around sysctl_tcp_stdurg.
daa8b5b869 tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
0e3f82a03e tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
cc133e4f4b tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
d8781f7cd0 tcp: Fix data-races around sysctl_tcp_recovery.
11e8b013d1 tcp: Fix a data-race around sysctl_tcp_early_retrans.
ffc388f6f0 tcp: Fix data-races around sysctl knobs related to SYN option.
fcaef69c79 udp: Fix a data-race around sysctl_udp_l3mdev_accept.
9add240f76 ip: Fix data-races around sysctl_ip_prot_sock.
e045d672ba ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
36f1d9c607 drm/imx/dcss: Add missing of_node_put() in fail path
665cbe91de be2net: Fix buffer overflow in be_get_module_eeprom
4752392855 gpio: pca953x: use the correct register address when regcache sync during init
a941e6d5ba gpio: pca953x: use the correct range when do regmap sync
928ded3fc1 gpio: pca953x: only use single read/write for No AI mode
b82de63f8f ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
6f949e5615 i40e: Fix erroneous adapter reinitialization during recovery process
c6af943249 iavf: Fix handling of dummy receive descriptors
0dc2f19d8c tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
22938534c6 tcp: Fix data-races around sysctl_tcp_fastopen.
b3ce32e33a tcp: Fix data-races around sysctl_max_syn_backlog.
b6c189aa80 tcp: Fix a data-race around sysctl_tcp_tw_reuse.
fd6f1284e3 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
768e424607 tcp: Fix data-races around some timeout sysctl knobs.
474510e174 tcp: Fix data-races around sysctl_tcp_reordering.
dc1a78a2b2 tcp: Fix data-races around sysctl_tcp_syncookies.
fc489055e7 tcp: Fix data-races around keepalive sysctl knobs.
f85119fb3f igmp: Fix data-races around sysctl_igmp_max_msf.
7d26db0053 igmp: Fix a data-race around sysctl_igmp_max_memberships.
473aad9ad5 igmp: Fix data-races around sysctl_igmp_llm_reports.
e80ff0b966 net/tls: Fix race in TLS device down flow
a3ac79f38d net: stmmac: fix dma queue left shift overflow issue
f3da643d87 i2c: cadence: Change large transfer count reset logic to be unconditional
dd7b5ba44b net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
c61aede097 tcp: Fix a data-race around sysctl_tcp_probe_interval.
d452ce36f2 tcp: Fix a data-race around sysctl_tcp_probe_threshold.
d5bece4df6 tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
97992e8fef tcp: Fix data-races around sysctl_tcp_min_snd_mss.
514d2254c7 tcp: Fix data-races around sysctl_tcp_base_mss.
77a04845f0 tcp: Fix data-races around sysctl_tcp_mtu_probing.
d4f65615db tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
0ee76fe01f ip: Fix a data-race around sysctl_fwmark_reflect.
611ba70e5a ip: Fix a data-race around sysctl_ip_autobind_reuse.
94269132d0 ip: Fix data-races around sysctl_ip_nonlocal_bind.
11038fa781 ip: Fix data-races around sysctl_ip_fwd_update_priority.
b96ed5ccb0 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
5e343e3ef4 ip: Fix data-races around sysctl_ip_no_pmtu_disc.
77836dbe35 igc: Reinstate IGC_REMOVED logic and implement it properly
fb6031203e drm/amdgpu/display: add quirk handling for stutter mode
43128b3eee perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
5694b162f2 pinctrl: ralink: Check for null return of devm_kcalloc
493ceca327 power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
47b696dd65 xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()
3777ea39f0 serial: mvebu-uart: correctly report configured baudrate value
e744aad0c4 PCI: hv: Fix interrupt mapping for multi-MSI
522bd31d6b PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
73bf070408 PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
f1d2f1ce05 PCI: hv: Fix multi-MSI to allow more than one MSI vector
b07240ce4a Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch"
4f900c37f1 net: inline rollback_registered_many()
bf2f3d1970 net: move rollback_registered_many()
672fac0a43 net: inline rollback_registered()
b1158677d4 net: move net_set_todo inside rollback_registered()
2e11856ec3 net: make sure devices go through netdev_wait_all_refs
ed6964ff47 net: make free_netdev() more lenient with unregistering devices
2686f62fa7 docs: net: explain struct net_device lifetime
7a99c7c32c xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
2ee0cab11f io_uring: Use original task for req identity in io_identity_cow()
ab5050fd74 lockdown: Fix kexec lockdown bypass with ima policy
426336de35 mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
15155fa898 riscv: add as-options for modules with assembly compontents
31f3bb363a pinctrl: stm32: fix optional IRQ support to gpios
bbc03f7ab8 Revert "cgroup: Use separate src/dst nodes when preloading css_sets for migration"
0c724b692d Merge 5.10.132 into android12-5.10-lts
ccdb3f9143 Merge 5.10.131 into android12-5.10-lts
50c9c56f73 Merge 5.10.130 into android12-5.10-lts
2be16baf4d Merge 5.10.129 into android12-5.10-lts
96fb478c9d Merge 5.10.128 into android12-5.10-lts
195692d0ab Merge 5.10.127 into android12-5.10-lts
f93a6ac3d6 Merge 5.10.126 into android12-5.10-lts
36c687c707 Merge 5.10.125 into android12-5.10-lts
4e3458d6d3 Merge 5.10.124 into android12-5.10-lts
fa431a5707 Merge 5.10.123 into android12-5.10-lts
8a8eb074ed Merge 5.10.122 into android12-5.10-lts
0ced6946ac Revert "drm: fix EDID struct for old ARM OABI format"
dca272b05d Revert "mailbox: forward the hrtimer if not queued and under a lock"
a73f6da5a3 Revert "Fonts: Make font size unsigned in font_desc"
8324f66c71 Revert "parisc/stifb: Keep track of hardware path of graphics card"
26e506a63e Revert "Bluetooth: Interleave with allowlist scan"
8046f2ad50 Revert "Bluetooth: use inclusive language when filtering devices"
b41a77c33b Revert "Bluetooth: use hdev lock for accept_list and reject_list in conn req"
fe07069084 Revert "thermal/drivers/core: Use a char pointer for the cooling device name"
361d75b4c1 Revert "thermal/core: Fix memory leak in __thermal_cooling_device_register()"
090d920be9 Revert "thermal/core: fix a UAF bug in __thermal_cooling_device_register()"
2dc56158cb Revert "thermal/core: Fix memory leak in the error path"
28fd8700b4 Revert "ALSA: jack: Access input_dev under mutex"
8636671438 Revert "gpiolib: of: Introduce hook for missing gpio-ranges"
0889c70b1f Revert "pinctrl: bcm2835: implement hook for missing gpio-ranges"
eaa4878a26 Revert "ext4: fix use-after-free in ext4_rename_dir_prepare"
f004760d69 Revert "ext4: verify dir block before splitting it"
5034934536 Linux 5.10.133
2fc7f18ba2 tools headers: Remove broken definition of __LITTLE_ENDIAN
060e39b8c2 tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again
fbf60f83e2 objtool: Fix elf_create_undef_symbol() endianness
39065d5434 kvm: fix objtool relocation warning
6849ed81a3 x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
8e2774270a um: Add missing apply_returns()
725da3e67c x86/bugs: Remove apostrophe typo
81604506c2 tools headers cpufeatures: Sync with the kernel sources
3f93b8630a tools arch x86: Sync the msr-index.h copy with the kernel sources
2ef1b06cea KVM: emulate: do not adjust size of fastop and setcc subroutines
8e31dfd630 x86/kvm: fix FASTOP_SIZE when return thunks are enabled
5779e2f0cc efi/x86: use naked RET on mixed mode call wrapper
abf88ff134 x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
ecc0d92a9f x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
95d89ec7db x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
668cb1ddf0 x86/xen: Fix initialisation in hypercall_page after rethunk
81f20e5000 x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
844947eee3 tools/insn: Restore the relative include paths for cross building
c035ca88b0 x86/static_call: Serialize __static_call_fixup() properly
eb38964b6f x86/speculation: Disable RRSBA behavior
c2ca992144 x86/kexec: Disable RET on kexec
51552b6b52 x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
609336351d x86/bugs: Add Cannon lake to RETBleed affected CPU list
b24fdd0f1c x86/retbleed: Add fine grained Kconfig knobs
f7851ed697 x86/cpu/amd: Enumerate BTC_NO
a74f5d23e6 x86/common: Stamp out the stepping madness
4d7f72b6e1 x86/speculation: Fill RSB on vmexit for IBRS
47ae76fb27 KVM: VMX: Fix IBRS handling after vmexit
5269be9111 KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
84061fff2a KVM: VMX: Convert launched argument to flags
07401c2311 KVM: VMX: Flatten __vmx_vcpu_run()
df93717a32 objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
1dbefa5772 x86/speculation: Remove x86_spec_ctrl_mask
ce11f91b21 x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
aad83db22e x86/speculation: Fix SPEC_CTRL write on SMT state change
d29c07912a x86/speculation: Fix firmware entry SPEC_CTRL handling
f1b01ace81 x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
ea1aa926f4 x86/cpu/amd: Add Spectral Chicken
0d1a8a16e6 objtool: Add entry UNRET validation
fbab1c94eb x86/bugs: Do IBPB fallback check only once
c8845b8754 x86/bugs: Add retbleed=ibpb
f728eff263 x86/xen: Rename SYS* entry points
28aa3fa0b2 objtool: Update Retpoline validation
55bba093fd intel_idle: Disable IBRS during long idle
e8142e2d6c x86/bugs: Report Intel retbleed vulnerability
a0f8ef71d7 x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
dabc2a1b40 x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
6d7e13ccc4 x86/bugs: Optimize SPEC_CTRL MSR writes
3dddacf8c3 x86/entry: Add kernel IBRS implementation
9e727e0d94 x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
a989e75136 x86/bugs: Enable STIBP for JMP2RET
3f29791d56 x86/bugs: Add AMD retbleed= boot parameter
876750cca4 x86/bugs: Report AMD retbleed vulnerability
df748593c5 x86: Add magic AMD return-thunk
c70d6f8214 objtool: Treat .text.__x86.* as noinstr
c9eb5dcdc8 x86: Use return-thunk in asm code
5b2edaf709 x86/sev: Avoid using __x86_return_thunk
d6eb50e9b7 x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
ee4996f07d x86/kvm: Fix SETcc emulation for return thunks
e0e06a9227 x86/bpf: Use alternative RET encoding
00b136bb62 x86/ftrace: Use alternative RET encoding
7723edf5ed x86,static_call: Use alternative RET encoding
446eb6f089 objtool: skip non-text sections when adding return-thunk sites
8bdb25f7ae x86,objtool: Create .return_sites
716410960b x86: Undo return-thunk damage
270de63cf4 x86/retpoline: Use -mfunction-return
37b9bb0941 Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
3e519ed8d5 x86/retpoline: Swizzle retpoline thunk
6a2b142886 x86/retpoline: Cleanup some #ifdefery
feec5277d5 x86/cpufeatures: Move RETPOLINE flags to word 11
7070bbb66c x86/kvm/vmx: Make noinstr clean
accb8cfd50 x86/realmode: build with -D__DISABLE_EXPORTS
236b959da9 objtool: Fix objtool regression on x32 systems
148811a842 x86/entry: Remove skip_r11rcx
e1db6c8a69 objtool: Fix symbol creation
3e8afd072d objtool: Fix type of reloc::addend
42ec4d7135 objtool: Fix code relocs vs weak symbols
831d5c07b7 objtool: Fix SLS validation for kcov tail-call replacement
9728af8857 crypto: x86/poly1305 - Fixup SLS
03c5c33e04 objtool: Default ignore INT3 for unreachable
bef21f88b4 kvm/emulate: Fix SETcc emulation function offsets with SLS
494ed76c14 tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy'
e9925a4584 x86: Add straight-line-speculation mitigation
0f8532c283 objtool: Add straight-line-speculation validation
1f6e6683c4 x86/alternative: Relax text_poke_bp() constraint
277f4ddc36 x86: Prepare inline-asm for straight-line-speculation
3c91e22576 x86: Prepare asm files for straight-line-speculation
a512fcd881 x86/lib/atomic64_386_32: Rename things
c2746d567d bpf,x86: Respect X86_FEATURE_RETPOLINE*
1713e5c4f8 bpf,x86: Simplify computing label offsets
38a80a3ca2 x86/alternative: Add debug prints to apply_retpolines()
3d13ee0d41 x86/alternative: Try inline spectre_v2=retpoline,amd
b0e2dc9506 x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
381fd04c97 x86/alternative: Implement .retpoline_sites support
6eb95718f3 x86/retpoline: Create a retpoline thunk array
0de47ad5b9 x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
41ef958070 x86/asm: Fixup odd GEN-for-each-reg.h usage
8ef808b3f4 x86/asm: Fix register order
ccb8fc65a3 x86/retpoline: Remove unused replacement symbols
908bd980a8 objtool,x86: Replace alternatives with .retpoline_sites
023e78bbf1 objtool: Explicitly avoid self modifying code in .altinstr_replacement
6e4676f438 objtool: Classify symbols
acc0be56b4 objtool: Handle __sanitize_cov*() tail calls
9d7ec2418a objtool: Introduce CFI hash
e8b1128fb0 objtool: Make .altinstructions section entry size consistent
1afa44480b objtool: Remove reloc symbol type checks in get_alt_entry()
e7118a25a8 objtool: print out the symbol type when complaining about it
7ea0731957 objtool: Teach get_alt_entry() about more relocation types
364e463097 objtool: Don't make .altinstructions writable
f231b2ee85 objtool/x86: Ignore __x86_indirect_alt_* symbols
e32542e9ed objtool: Only rewrite unconditional retpoline thunk calls
a031925382 objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
76474a9dd3 x86/alternative: Optimize single-byte NOPs at an arbitrary position
f3fe1b141d objtool: Support asm jump tables
0b2c8bf498 objtool/x86: Rewrite retpoline thunk calls
ed7783dca5 objtool: Skip magical retpoline .altinstr_replacement
e87c18c4a9 objtool: Cache instruction relocs
33092b4866 objtool: Keep track of retpoline call sites
8a6d73f7db objtool: Add elf_create_undef_symbol()
b69e1b4b68 objtool: Extract elf_symbol_add()
da962cd0a2 objtool: Extract elf_strtab_concat()
b37c439250 objtool: Create reloc sections implicitly
fcdb7926d3 objtool: Add elf_create_reloc() helper
c9049cf480 objtool: Rework the elf_rebuild_reloc_section() logic
d42fa5bf19 objtool: Handle per arch retpoline naming
6e95f8caff objtool: Correctly handle retpoline thunk calls
28ca351296 x86/retpoline: Simplify retpolines
e68db6f780 x86/alternatives: Optimize optimize_nops()
9a6471666b x86: Add insn_decode_kernel()
d9cd219114 x86/alternative: Use insn_decode()
e6f8dc86a1 x86/insn-eval: Handle return values from the decoder
6bc6875b82 x86/insn: Add an insn_decode() API
76c513c87f x86/insn: Add a __ignore_sync_check__ marker
a3d96c7439 x86/insn: Rename insn_decode() to insn_decode_from_regs()
fd80da64cf x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
341e6178c1 x86/alternative: Support ALTERNATIVE_TERNARY
0c4c698569 x86/alternative: Support not-feature
c9cf908b89 x86/alternative: Merge include files
5f93d900b9 x86/xen: Support objtool vmlinux.o validation in xen-head.S
b626e17c11 x86/xen: Support objtool validation in xen-asm.S
3116dee270 objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
53e89bc78e objtool: Assume only ELF functions do sibling calls
3e674f2652 objtool: Support retpoline jump detection for vmlinux.o
917a4f6348 objtool: Support stack layout changes in alternatives
e9197d768f objtool: Add 'alt_group' struct
1d516bd72a objtool: Refactor ORC section generation
dd87aa5f61 KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
0ca2ba6e4d KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
0e8e989142 Merge 5.10.121 into android12-5.10-lts
2de0a17df4 Merge 5.10.120 into android12-5.10-lts
7748091a31 Linux 5.10.132
06a5dc3911 x86/pat: Fix x86_has_pat_wp()
d9cb6fabc9 serial: 8250: Fix PM usage_count for console handover
e1bd94dd9e serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
b8c4661126 serial: stm32: Clear prev values before setting RTS delays
039ffe436a serial: 8250: fix return error code in serial8250_request_std_resource()
bfee93c9a6 vt: fix memory overlapping when deleting chars in the buffer
5450430199 tty: serial: samsung_tty: set dma burst_size to 1
0e5668ed7b usb: dwc3: gadget: Fix event pending check
f1e01a42dc usb: typec: add missing uevent when partner support PD
61ab5d644e USB: serial: ftdi_sio: add Belimo device ids
58b94325ee signal handling: don't use BUG_ON() for debugging
e75f692b79 nvme-pci: phison e16 has bogus namespace ids
54bf0b8c75 Revert "can: xilinx_can: Limit CANFD brp to 2"
35ce2c64e5 ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
227ee155ea soc: ixp4xx/npe: Fix unused match warning
136d7987fc x86: Clear .brk area at early boot
fd830d8dd5 irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
dae43b3792 ASoC: madera: Fix event generation for rate controls
cae4b78f3c ASoC: madera: Fix event generation for OUT1 demux
a7634527cb ASoC: cs47l15: Fix event generation for low power mux control
41f97b0ecf ASoC: dapm: Initialise kcontrol data for mux/demux controls
11a14e4f31 ASoC: wm5110: Fix DRE control
6cbbe59fdc ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
ef1e38532f pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
13fb9105cf ASoC: ops: Fix off by one in range control validation
67dc32542a net: sfp: fix memory leak in sfp_probe()
104594de27 nvme: fix regression when disconnect a recovering ctrl
5504e63832 nvme-tcp: always fail a request when sending it failed
de876f36f9 NFC: nxp-nci: don't print header length mismatch on i2c error
efa78f2ae3 net: tipc: fix possible refcount leak in tipc_sk_create()
bacfef0bf2 platform/x86: hp-wmi: Ignore Sanitization Mode event
3ea9dbf7c2 cpufreq: pmac32-cpufreq: Fix refcount leak bug
24cd0b9bfd scsi: hisi_sas: Limit max hw sectors for v3 HW
c458ebd659 netfilter: br_netfilter: do not skip all hooks with 0 priority
93135dca8c virtio_mmio: Restore guest page size on resume
d611580032 virtio_mmio: Add missing PM calls to freeze/restore
31e16a5e11 mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
c713de1d80 net/tls: Check for errors in tls_device_init
eb58fd350a KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()
c2978d0124 net: atlantic: remove aq_nic_deinit() when resume
38e081ee06 net: atlantic: remove deep parameter on suspend/resume functions
b82e4ad58a sfc: fix kernel panic when creating VF
2d4efc9a0e seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
7b38df59a8 seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
834fa0a22f seg6: fix skb checksum evaluation in SRH encapsulation/insertion
c224050081 sfc: fix use after free when disabling sriov
c1d9702ceb ima: Fix potential memory leak in ima_init_crypto()
eb360267e1 ima: force signature verification when CONFIG_KEXEC_SIG is configured
29c6a632f8 net: ftgmac100: Hold reference returned by of_get_child_by_name()
a51040d4b1 nexthop: Fix data-races around nexthop_compat_mode.
2c56958de8 ipv4: Fix data-races around sysctl_ip_dynaddr.
038a87b3e4 raw: Fix a data-race around sysctl_raw_l3mdev_accept.
38d78c7b4b icmp: Fix a data-race around sysctl_icmp_ratemask.
4ebf261532 icmp: Fix a data-race around sysctl_icmp_ratelimit.
b8871d9186 sysctl: Fix data-races in proc_dointvec_ms_jiffies().
2744e302e7 drm/i915/gt: Serialize TLB invalidates with GT resets
636e5dbaf0 drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
359f2bca79 ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
e1aa73454a ARM: dts: at91: sama5d2: Fix typo in i2s1 node
418b191d5f ipv4: Fix a data-race around sysctl_fib_sync_mem.
e088ceb73c icmp: Fix data-races around sysctl.
fe2a35fa2c cipso: Fix data-races around sysctl.
f5811b8df2 net: Fix data-races around sysctl_mem.
d54b6ef53c inetpeer: Fix data-races around sysctl.
6481a8a72a tcp: Fix a data-race around sysctl_tcp_max_orphans.
609ce7ff75 sysctl: Fix data races in proc_dointvec_jiffies().
a5ee448d38 sysctl: Fix data races in proc_doulongvec_minmax().
e3a2144b3b sysctl: Fix data races in proc_douintvec_minmax().
71ddde27c2 sysctl: Fix data races in proc_dointvec_minmax().
d5d54714e3 sysctl: Fix data races in proc_douintvec().
80cc28a4b4 sysctl: Fix data races in proc_dointvec().
9cc8edc571 net: stmmac: dwc-qos: Disable split header for Tegra194
cd201332cc ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
fbb87a0ed2 ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks()
bb8bf80387 ASoC: tas2764: Fix amp gain register offset & default
f1cd988de4 ASoC: tas2764: Correct playback volume range
52d1b4250c ASoC: tas2764: Fix and extend FSYNC polarity handling
249fe2d20d ASoC: tas2764: Add post reset delays
f160a1f970 ASoC: sgtl5000: Fix noise on shutdown/remove
831e190175 ima: Fix a potential integer overflow in ima_appraise_measurement
592f3bad00 drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
4cb5c1950b net/mlx5e: Fix capability check for updating vnic env counters
6eb1d0c370 net/mlx5e: kTLS, Fix build time constant test in RX
c87d5211be net/mlx5e: kTLS, Fix build time constant test in TX
d6cab2e06c ARM: 9210/1: Mark the FDT_FIXED sections as shareable
3d82fba7d3 ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
0c300e294d spi: amd: Limit max transfer and message size
d8d42c92fe ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count
91f90b571f ext4: fix race condition between ext4_write and ext4_convert_inline_data
9d883b3f00 Revert "evm: Fix memleak in init_desc"
41007669fc sh: convert nommu io{re,un}map() to static inline functions
ea4dbcfb95 nilfs2: fix incorrect masking of permission flags for symlinks
14e63942d6 fs/remap: constrain dedupe of EOF blocks
0581613df7 drm/panfrost: Fix shrinker list corruption by madvise IOCTL
2e760fe05d drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error
c1ea39a77c btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents
7657e39585 cgroup: Use separate src/dst nodes when preloading css_sets for migration
e013ea2a51 wifi: mac80211: fix queue selection for mesh/OCB interfaces
db6e8c3015 ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
f851e4f402 ARM: 9213/1: Print message about disabled Spectre workarounds only once
fa40bb3a5f ip: fix dflt addr selection for connected nexthop
4d3e0fb05e net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer
78a1400c42 tracing/histograms: Fix memory leak problem
931dbcc2e0 mm: split huge PUD on wp_huge_pud fallback
91530f675e fix race between exit_itimers() and /proc/pid/timers
b9c32a6886 xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
782a6b07b1 ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
cacac3e13a ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
08ab39027a ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
4d0d15d184 ALSA: hda/realtek: Fix headset mic for Acer SF313-51
b642a3476a ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
4486bbe928 ALSA: hda - Add fixup for Dell Latitidue E5430
8f95261a00 Linux 5.10.131
cc5ee0e0ee Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
ebc9fb07d2 ANDROID: random: fix CRC issues with the merge
e61ebc6383 ANDROID: change function signatures for some random functions.
830f0202d7 ANDROID: cpu/hotplug: avoid breaking Android ABI by fusing cpuhp steps
fee299e72e ANDROID: random: add back removed callback functions
6cc2db3cde UPSTREAM: Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
05982f0cbb UPSTREAM: lib/crypto: add prompts back to crypto libraries
f2eb31a498 Merge 5.10.119 into android12-5.10-lts
26ae9c3614 Linux 5.10.130
8365b151fd dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
37147e22cd dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
1be247db20 dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
7b721f5aec dmaengine: pl330: Fix lockdep warning about non-static key
e23cfb3fdc ida: don't use BUG_ON() for debugging
37995f034f dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
ca4a919584 misc: rtsx_usb: set return value in rsp_buf alloc err path
ff79e0ca2b misc: rtsx_usb: use separate command and response buffers
af7d9d4abe misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
86884017bb dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
9b329edd77 i2c: cadence: Unregister the clk notifier in error path
26938bd28c r8169: fix accessing unset transport header
904f622ec7 selftests: forwarding: fix error message in learning_test
9906c22340 selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT
859b889029 selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT
23cdc57d88 ibmvnic: Properly dispose of all skbs during a failover.
2b4659c145 i40e: Fix dropped jumbo frames statistics
5561bddd05 xsk: Clear page contiguity bit when unmapping pool
87d2bb8882 ARM: dts: at91: sama5d2_icp: fix eeprom compatibles
9b7d8e28b6 ARM: dts: at91: sam9x60ek: fix eeprom compatible and size
ade03e5ea7 ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt
b40ac801cb ARM: at91: pm: use proper compatible for sama5d2's rtc
4c3e73a66a arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
1d0c3ced2d pinctrl: sunxi: sunxi_pconf_set: use correct offset
e1cda2a03d arm64: dts: imx8mp-evk: correct I2C3 pad settings
2ade1b1d92 arm64: dts: imx8mp-evk: correct gpio-led pad settings
17b3883ba5 arm64: dts: imx8mp-evk: correct the uart2 pinctl value
43319ee6a0 arm64: dts: imx8mp-evk: correct mmc pad settings
6bf74a1e74 arm64: dts: qcom: msm8994: Fix CPU6/7 reg values
2c0d10ce00 pinctrl: sunxi: a83t: Fix NAND function name for some pins
3d90607e7e ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
e14930e9f9 xfs: remove incorrect ASSERT in xfs_rename
852952ea0e can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
a741e762e1 can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
f439d08ef1 can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info
79af7be44c powerpc/powernv: delay rng platform device creation until later in boot
19104425c9 video: of_display_timing.h: include errno.h
96fa24eb1a memregion: Fix memregion_free() fallback definition
d6931bff1c PM: runtime: Redefine pm_runtime_release_supplier()
cecb806c76 fbcon: Prevent that screen size is smaller than font size
b727561ddc fbcon: Disallow setting font bigger than screen size
b81212828a fbmem: Check virtual screen sizes in fb_set_var()
d03e8ed72d fbdev: fbmem: Fix logo center image dx issue
963c80f070 iommu/vt-d: Fix PCI bus rescan device hot add
0a5e36dbcb netfilter: nf_tables: stricter validation of element data
4a6430b99f netfilter: nft_set_pipapo: release elements in clone from abort path
4f59d12efe net: rose: fix UAF bug caused by rose_t0timer_expiry
0085da9df3 usbnet: fix memory leak in error case
e917be1f83 bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
9adec73349 bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
d0b8e22399 can: gs_usb: gs_usb_open/close(): fix memory leak
b6f4b347a1 can: grcan: grcan_probe(): remove extra of_node_get()
85cd41070d can: bcm: use call_rcu() instead of costly synchronize_rcu()
b75d4bec85 ALSA: hda/realtek: Add quirk for Clevo L140PU
6c32496964 mm/slub: add missing TID updates on slab deactivation
7208d1236f Linux 5.10.129
0e21ef1801 clocksource/drivers/ixp4xx: remove EXPORT_SYMBOL_GPL from ixp4xx_timer_setup()
7055e34462 net: usb: qmi_wwan: add Telit 0x1070 composition
f1a53bb27f net: usb: qmi_wwan: add Telit 0x1060 composition
43c8d33ce3 xen/arm: Fix race in RB-tree based P2M accounting
547b7c640d xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()
cbbd2d2531 xen/blkfront: force data bouncing when backend is untrusted
4923217af5 xen/netfront: force data bouncing when backend is untrusted
728d68bfe6 xen/netfront: fix leaking data in shared pages
cfea428030 xen/blkfront: fix leaking data in shared pages
d341e5a754 selftests/rseq: Change type of rseq_offset to ptrdiff_t
7e617278bf selftests/rseq: x86-32: use %gs segment selector for accessing rseq thread area
27f6361cb4 selftests/rseq: x86-64: use %fs segment selector for accessing rseq thread area
a4312e2d81 selftests/rseq: Fix: work-around asm goto compiler bugs
7e1a0a9a44 selftests/rseq: Remove arm/mips asm goto compiler work-around
ba4d79af71 selftests/rseq: Fix warnings about #if checks of undefined tokens
35c6f5047f selftests/rseq: Fix ppc32 offsets by using long rather than off_t
dbc1f0ee60 selftests/rseq: Fix ppc32 missing instruction selection "u" and "x" for load/store
d4f631ea2d selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big endian
e85fdae4df selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35
c79e564535 selftests/rseq: Introduce thread pointer getters
4a78bf83e2 selftests/rseq: Introduce rseq_get_abi() helper
3c2a416c80 selftests/rseq: Remove volatile from __rseq_abi
68e1232c6e selftests/rseq: Remove useless assignment to cpu variable
3e77ed4f90 selftests/rseq: introduce own copy of rseq uapi header
54cd556487 selftests/rseq: remove ARRAY_SIZE define from individual tests
14894cf692 hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails
f72d410dbf ipv6/sit: fix ipip6_tunnel_get_prl return value
25055da22a sit: use min
652fd40eb0 drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
79963021fd xen/gntdev: Avoid blocking in unmap_grant_pages()
5f614f5f70 tcp: add a missing nf_reset_ct() in 3WHS handling
9203dfb3ed xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
f874e16870 xfs: update superblock counters correctly for !lazysbcount
7ab7458d7a xfs: fix xfs_trans slab cache name
f12968a5a4 xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
da61388f9a xfs: Skip repetitive warnings about mount options
6b7dab812c xfs: rename variable mp to parsing_mp
b261cd005a xfs: use current->journal_info for detecting transaction recursion
c36d41b65e net: tun: avoid disabling NAPI twice
59c51c3b54 tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
c9fc52c173 io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
b8def021ac epic100: fix use after free on rmmod
456bc33887 tipc: move bc link creation back to tipc_node_create
09f9946235 NFC: nxp-nci: Don't issue a zero length i2c_master_read()
7d363362e0 nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
63b2fe509f net: bonding: fix use-after-free after 802.3ad slave unbind
7597ed348e net: bonding: fix possible NULL deref in rlb code
ac12337229 net/sched: act_api: Notify user space if any actions were flushed before error
91d3bb82c4 netfilter: nft_dynset: restore set element counter when failing to update
4b480a7940 s390: remove unneeded 'select BUILD_BIN2C'
e65027fdeb PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events
653bdcd833 caif_virtio: fix race between virtio_device_ready() and ndo_open()
208ff79675 NFSD: restore EINVAL error translation in nfsd_commit()
db82bb6054 net: ipv6: unexport __init-annotated seg6_hmac_net_init()
eb1757ca20 usbnet: fix memory allocation in helpers
fae2a9fb1e linux/dim: Fix divide by 0 in RDMA DIM
b0cab8b517 RDMA/cm: Fix memory leak in ib_cm_insert_listen
9de276dfb2 RDMA/qedr: Fix reporting QP timeout attribute
a42bd00f00 net: dp83822: disable rx error interrupt
9c06d84855 net: dp83822: disable false carrier interrupt
c70ca16f72 net: tun: stop NAPI when detaching queues
bec1be0a74 net: tun: unlink NAPI from device on destruction
0b2499c801 net: dsa: bcm_sf2: force pause link settings
3f55912a1a selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test
f7b8fb4584 virtio-net: fix race between ndo_open() and virtio_device_ready()
c0a28f2ddf net: usb: ax88179_178a: Fix packet receiving
8f74cb27c2 net: rose: fix UAF bugs caused by timer handler
6a0b9512a6 SUNRPC: Fix READ_PLUS crasher
ed03a650fb s390/archrandom: simplify back to earlier design and initialize earlier
d8bca518d5 dm raid: fix KASAN warning in raid5_add_disks
9bf2b0757b dm raid: fix accesses beyond end of raid member array
213c550deb powerpc/bpf: Fix use of user_pt_regs in uapi
68a34e478a powerpc/book3e: Fix PUD allocation size in map_kernel_page()
e188bbdb92 powerpc/prom_init: Fix kernel config grep
e6a7d30b65 nvdimm: Fix badblocks clear off-by-one error
0b99c4a189 nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G)
e77804158b ipv6: take care of disable_policy when restoring routes
03b9e01659 drm/amdgpu: To flush tlb for MMHUB of RAVEN series
ea86c1430c Linux 5.10.128
2d10984d99 net: mscc: ocelot: allow unregistered IP multicast flooding
6a656280e7 powerpc/ftrace: Remove ftrace init tramp once kernel init is complete
6b734f7b70 xfs: check sb_meta_uuid for dabuf buffer recovery
071e750ffb xfs: remove all COW fork extents when remounting readonly
1e76bd4c67 xfs: Fix the free logic of state in xfs_attr_node_hasname
0cdccc05da xfs: punch out data fork delalloc blocks on COW writeback failure
db3f8110c3 xfs: use kmem_cache_free() for kmem_cache objects
09c9902cd8 bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init()
c4ff3ffe01 tick/nohz: unexport __init-annotated tick_nohz_full_setup()
069fff50d4 drm: remove drm_fb_helper_modinit
52dc7f3f6f MAINTAINERS: add Amir as xfs maintainer for 5.10.y
fa7f6a5f56 Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
deb587b1a4 Linux 5.10.127
1cca46c205 powerpc/pseries: wire up rng during setup_arch()
95d73d510b kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt)
feb5ab7986 random: update comment from copy_to_user() -> copy_to_iter()
959bbaf5b7 modpost: fix section mismatch check for exported init/exit sections
c980392af1 ARM: cns3xxx: Fix refcount leak in cns3xxx_init
889aad2203 memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings
44a5b3a073 ARM: Fix refcount leak in axxia_boot_secondary
30bbfeb480 soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
68f28d52e6 ARM: exynos: Fix refcount leak in exynos_map_pmu
59fdf10814 ARM: dts: imx6qdl: correct PU regulator ramp delay
fb70bd8675 ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node
f78acc4288 powerpc/powernv: wire up rng during setup_arch
7db1ba660b powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
1f5a9205a3 powerpc: Enable execve syscall exit tracepoint
ca144919af parisc: Enable ARCH_HAS_STRICT_MODULE_RWX
a1c902349a parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI
af0ff2da01 xtensa: Fix refcount leak bug in time.c
6c0839cf1b xtensa: xtfpga: Fix refcount leak bug in setup
501652a2ad iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
d40514d440 iio: adc: axp288: Override TS pin bias current for some models
d579c893dd iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message
62284d45e2 iio: adc: stm32: Fix ADCs iteration in irq handler
e3ebb9d16c iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
3e0af68b99 iio: adc: stm32: fix maximum clock rate for stm32mp15x
b07a30a774 iio: trigger: sysfs: fix use-after-free on remove
399788e819 iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
c1ec7d52a2 iio: accel: mma8452: ignore the return value of reset operation
42caf44906 iio:accel:mxc4005: rearrange iio trigger get and register
e26dcf6279 iio:accel:bma180: rearrange iio trigger get and register
f26379e199 iio:chemical:ccs811: rearrange iio trigger get and register
4b6cdcff7c f2fs: attach inline_data after setting compression
2d7bdb6a5a usb: chipidea: udc: check request status before setting device address
656eca37aa USB: gadget: Fix double-free bug in raw_gadget driver
54604108be usb: gadget: Fix non-unique driver names in raw-gadget driver
d87dec22fd xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
114080d04a xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
b8142a8465 xhci: turn off port power in shutdown
116c3e81b0 usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC
a547662534 iio: adc: vf610: fix conversion mode sysfs node name
58c3a27e9c iio: mma8452: fix probe fail when device tree compatible is used.
5ee016f612 s390/cpumf: Handle events cycles and instructions identical
abe487a88a gpio: winbond: Fix error code in winbond_gpio_get()
30531e0d7b nvme: move the Samsung X5 quirk entry to the core quirks
169f7d7705 nvme-pci: add NO APST quirk for Kioxia device
938f594266 nvme-pci: allocate nvme_command within driver pdu
ba388d4e9a nvme: don't check nvme_req flags for new req
e7ccaa1aba nvme: mark nvme_setup_passsthru() inline
3ee62a1f07 nvme: split nvme_alloc_request()
fe06c692cd nvme: centralize setting the timeout in nvme_alloc_request
afbc954e78 Revert "net/tls: fix tls_sk_proto_close executed repeatedly"
340fbdc801 virtio_net: fix xdp_rxq_info bug after suspend/resume
3bccf82169 igb: Make DMA faster when CPU is active on the PCIe link
7d7450363f regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
40b3815b2c ice: ethtool: advertise 1000M speeds properly
7b564e3254 afs: Fix dynamic root getattr
3c22192db0 MIPS: Remove repetitive increase irq_err_count
cc649a7865 x86/xen: Remove undefined behavior in setup_features()
b60c375ad1 selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
20119c1e0f udmabuf: add back sanity check
e82376b632 net/tls: fix tls_sk_proto_close executed repeatedly
cec9867ee5 erspan: do not assume transport header is always set
acf76125bb drm/msm/dp: fix connect/disconnect handled at irq_hpd
61f8f4034c drm/msm/dp: promote irq_hpd handle to handle link training correctly
d11cb08215 drm/msm/dp: deinitialize mainlink if link training failed
3d67cb00cb drm/msm/dp: fixes wrong connection state caused by failure of link train
efb2b69160 drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind()
d16a433982 drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
363fd6e346 net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
2e3216b929 bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
c12a2c9b1b igb: fix a use-after-free issue in igb_clean_tx_ring
361c5521c1 tipc: fix use-after-free Read in tipc_named_reinit
f299d3fbe4 tipc: simplify the finalize work queue
ab7f565ac7 phy: aquantia: Fix AN when higher speeds than 1G are not advertised
a51c199e4d bpf, x86: Fix tail call count offset calculation on bpf2bpf call
4ae116428e drm/sun4i: Fix crash during suspend after component bind failure
516760f1d2 bpf: Fix request_sock leak in sk lookup helpers
505a375eea drm/msm: use for_each_sgtable_sg to iterate over scatterlist
10eb239e29 scsi: scsi_debug: Fix zone transition to full condition
15cc30ac2a netfilter: use get_random_u32 instead of prandom
95f80c8843 netfilter: nftables: add nft_parse_register_store() and use it
ec9b0a8d30 netfilter: nftables: add nft_parse_register_load() and use it
8adedb4711 drm/msm: Fix double pm_runtime_disable() call
8682335375 USB: serial: option: add Quectel RM500K module support
9e6e063e54 USB: serial: option: add Quectel EM05-G modem
0b3006a862 USB: serial: option: add Telit LE910Cx 0x1250 composition
f6a266e0dc dm mirror log: clear log bits up to BITS_PER_LONG boundary
03d1874b82 dm era: commit metadata in postsuspend after worker stops
273106c2df ata: libata: add qc->flags in ata_qc_complete_template tracepoint
156427b312 mtd: rawnand: gpmi: Fix setting busy timeout setting
07e56884cd mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
0ae82e1ccb btrfs: add error messages to all unrecognized mount options
49e3e449bc net: openvswitch: fix parsing of nw_proto for IPv6 fragments
1508658aec ALSA: hda/realtek: Add quirk for Clevo NS50PU
6e8e503159 ALSA: hda/realtek: Add quirk for Clevo PD70PNT
80307458a1 ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
7fcbc89d47 ALSA: hda/realtek - ALC897 headset MIC no sound
f5ea433d56 ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
6437329060 ALSA: hda/conexant: Fix missing beep setup
12a6be5d11 ALSA: hda/via: Fix missing beep setup
5e80f923b8 random: quiet urandom warning ratelimit suppression message
310ebbd9f5 random: schedule mix_interrupt_randomness() less often
3acb7dc242 vt: drop old FONT ioctls
9cae50bdfa Linux 5.10.126
fb2fbb3c10 io_uring: use separate list entry for iopoll requests
6a7c3bcc3c Linux 5.10.125
df3f3bb505 io_uring: add missing item types for various requests
1a264b3a69 arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
a1508d164e serial: core: Initialize rs485 RTS polarity already on probe
7ccb026ecb tcp: drop the hash_32() part from the index calculation
9429b75bc2 tcp: increase source port perturb table to 2^16
24b922a5da tcp: dynamically allocate the perturb table used by source ports
d28e64b1c6 tcp: add small random increments to the source port
dd46a868fc tcp: use different parts of the port_offset for index and offset
743acb5207 tcp: add some entropy in __inet_hash_connect()
16b1994679 usb: gadget: u_ether: fix regression in setting fixed MAC address
355be61311 zonefs: fix zonefs_iomap_begin() for reads
ee4677b78e s390/mm: use non-quiescing sske for KVM switch to keyed guest
73c2a811f6 Revert "xfrm: Add possibility to set the default to block if we have no policy"
e21944a82a Revert "net: xfrm: fix shift-out-of-bounce"
f7160ab103 Revert "xfrm: make user policy API complete"
df0ff8d194 Revert "xfrm: notify default policy on update"
4ead88c0e8 Revert "xfrm: fix dflt policy check when there is no policy configured"
42dadcf0a8 Revert "xfrm: rework default policy structure"
ece9c2a70f Revert "xfrm: fix "disable_policy" flag use when arriving from different devices"
9dcde7a741 Revert "include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage"
4f3fee72a7 Linux 5.10.124
e0b6018894 clk: imx8mp: fix usb_root_clk parent
a3e50506ea powerpc/book3e: get rid of #include <generated/compile.h>
ff4443f3fc igc: Enable PCIe PTM
f0a7adff63 Revert "PCI: Make pci_enable_ptm() private"
e1513a714d net: openvswitch: fix misuse of the cached connection on tuple changes
09b55dc90b net/sched: act_police: more accurate MTU policing
73bc8a5e8e dma-direct: don't over-decrypt memory
aa9a001efa virtio-pci: Remove wrong address verification in vp_del_vqs()
be98641034 ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
401bef1f95 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
d6be031a2f KVM: x86: Account a variety of miscellaneous allocations
d74d7865e2 KVM: arm64: Don't read a HW interrupt pending state in user context
bfd004a1d3 ext4: add reserved GDT blocks check
0ca74dacfd ext4: make variable "count" signed
6fdaf31ad5 ext4: fix bug_on ext4_mb_use_inode_pa
e27430c1f1 drm/amd/display: Cap OLED brightness per max frame-average luminance
ba751f0d25 dm mirror log: round up region bitmap size to BITS_PER_LONG
33ba36351e serial: 8250: Store to lsr_save_flags after lsr read
57901c658f usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
a44a8a762f usb: dwc2: Fix memory leak in dwc2_hcd_init
791da3e6c8 USB: serial: io_ti: add Agilent E5805A support
0e13274bc6 USB: serial: option: add support for Cinterion MV31 with new baseline
d721986e96 crypto: memneq - move into lib/
308b8f31c0 comedi: vmk80xx: fix expression for tx buffer size
9308be3d9a mei: me: add raptor lake point S DID
9ea9c92275 i2c: designware: Use standard optional ref clock implementation
506a88a5bf irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions
7c9dd9d23f irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions
e52a58b79f irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
716587a57a i2c: npcm7xx: Add check for platform_driver_register
b559ef9dfc faddr2line: Fix overlapping text section failures, the sequel
7fa28a7c3d block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
2d825fb53b certs/blacklist_hashes.c: fix const confusion in certs blacklist
bc28fde909 arm64: ftrace: consistently handle PLTs.
e177f17fe4 arm64: ftrace: fix branch range checks
64072389be net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
28069e026e net: bgmac: Fix an erroneous kfree() in bgmac_remove()
984793f255 mlxsw: spectrum_cnt: Reorder counter pools
b90ae84a8a nvme: add device name to warning in uuid_show()
42f7cbe2c2 nvme: use sysfs_emit instead of sprintf
63b26fe025 drm/i915/reset: Fix error_state_read ptr + offset use
2b2180449a misc: atmel-ssc: Fix IRQ check in ssc_probe
65ca4db68b tty: goldfish: Fix free_irq() on remove
5334455067 Drivers: hv: vmbus: Release cpu lock in error case
814092927a i40e: Fix call trace in setup_tx_descriptors
43dfd1169c i40e: Fix calculating the number of queue pairs
ef4d73da0a i40e: Fix adding ADQ filter to TC0
db965e2757 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
8acc3e228e pNFS: Avoid a live lock condition in pnfs_update_layout()
03ea83324a pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
4603a37f6e random: credit cpu and bootloader seeds by default
9d667348dc gpio: dwapb: Don't print error on -EPROBE_DEFER
f3c8bfd6dc MIPS: Loongson-3: fix compile mips cpu_hwmon as module build error.
85340c0634 mellanox: mlx5: avoid uninitialized variable warning with gcc-12
38c519df8e net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag
b8879ca1fd ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
0eeec1a8b0 nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
6c18f47f47 virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed
d539feb6df ALSA: hda/realtek - Add HW8326 support
16dd002eb8 scsi: pmcraid: Fix missing resource cleanup in error case
410b692621 scsi: ipr: Fix missing/incorrect resource cleanup in error case
85acc5bf05 scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion
916145bf9d scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
f416fee125 scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
0e9994b865 Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq
2e640e5e44 ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()
a572c74402 ASoC: es8328: Fix event generation for deemphasis control
c7b8c3758f ASoC: wm8962: Fix suspend while playing music
8656623bdc quota: Prevent memory allocation recursion while holding dq_lock
36cd19e7d4 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
440b2a62da ASoC: cs42l51: Correct minimum value for SX volume control
f93d8fe3dc ASoC: cs42l56: Correct typo in minimum level for SX volume controls
13e5b76d3d ASoC: cs42l52: Correct TLV for Bypass Volume
b8a47bcc4d ASoC: cs53l30: Correct number of volume levels on SX controls
70e355867d ASoC: cs35l36: Update digital volume TLV
cb6a0b83f1 ASoC: cs42l52: Fix TLV scales for mixer controls
d7be05aff2 dma-debug: make things less spammy under memory pressure
1b54c00657 ASoC: nau8822: Add operation for internal PLL off and on
2c9548bc26 powerpc/kasan: Silence KASAN warnings in __get_wchan()
b5699bff1d arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART3
28bbdca6a7 bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
f14816f2f9 nfsd: Replace use of rwsem with errseq_t
56a7f57da5 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
2a59239b22 Linux 5.10.123
aa238a92cc x86/speculation/mmio: Print SMT warning
bde15fdcce KVM: x86/speculation: Disable Fill buffer clear within guests
6df693dca3 x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
cf1c01a5e4 x86/speculation/srbds: Update SRBDS mitigation selection
001415e4e6 x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
3eb1180564 x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
56f0bca5e9 x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
26f6f231f6 x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
f83d4e5be4 x86/speculation: Add a common function for MD_CLEAR mitigation update
e66310bc96 x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
f8a85334a5 Documentation: Add documentation for Processor MMIO Stale Data
5754c570a5 Linux 5.10.122
9ba2b4ac35 tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
5e34b49756 dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
b8c17121f0 zonefs: fix handling of explicit_open option on mount
ef51997771 PCI: qcom: Fix pipe clock imbalance
63bcb9da91 md/raid0: Ignore RAID0 layout if the second zone has only one device
418db40cc7 interconnect: Restore sync state by ignoring ipa-virt in provider count
bcae8f8338 interconnect: qcom: sc7180: Drop IP0 interconnects
fe6caf5122 powerpc/mm: Switch obsolete dssall to .long
3be74fc0af powerpc/32: Fix overread/overwrite of thread_struct via ptrace
fa0d3d71dc drm/atomic: Force bridge self-refresh-exit on CRTC switch
dbe04e874d drm/bridge: analogix_dp: Support PSR-exit to disable transition
61297ee0c3 Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
2dba96d19d ixgbe: fix unexpected VLAN Rx in promisc mode on VF
91620cded9 ixgbe: fix bcast packets Rx on VF after promisc removal
cdd9227373 nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
54423649bc nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
4f0a2c46f5 nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
c4e4c07d86 net: phy: dp83867: retrigger SGMII AN when link change
133c9870cd mmc: block: Fix CQE recovery reset success
0248a8c844 ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
471a413201 cifs: fix reconnect on smb3 mount types
9023ecfd33 cifs: return errors during session setup during reconnects
b423cd2a81 ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021
94bd216d17 ALSA: hda/conexant - Fix loopback issue with CX20632
13639c970f scripts/gdb: change kernel config dumping method
b6ea26873e vringh: Fix loop descriptors check in the indirect cases
362e3b3a59 nodemask: Fix return values to be unsigned
a262e1255b cifs: version operations for smb20 unneeded when legacy support disabled
01137d8980 s390/gmap: voluntarily schedule during key setting
f72df77600 nbd: fix io hung while disconnecting device
122e4adaff nbd: fix race between nbd_alloc_config() and module removal
c0868f6e72 nbd: call genl_unregister_family() first in nbd_cleanup()
cb8da20d71 jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
320acaf84a x86/cpu: Elide KCSAN for cpu_has() and friends
8287687821 modpost: fix undefined behavior of is_arm_mapping_symbol()
fee8ae0a0b drm/radeon: fix a possible null pointer dereference
3e57686830 ceph: allow ceph.dir.rctime xattr to be updatable
7fa8312879 Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
ebfe279725 scsi: myrb: Fix up null pointer access on myrb_cleanup()
7eb32f286e md: protect md_unregister_thread from reentrancy
668c3f9fa2 watchdog: wdat_wdt: Stop watchdog when rebooting the system
e20bc8b5a2 kernfs: Separate kernfs_pr_cont_buf and rename_lock.
1e3b3a5762 serial: msm_serial: disable interrupts in __msm_console_write()
ff727ab0b7 staging: rtl8712: fix uninit-value in r871xu_drv_init()
33ef21d554 staging: rtl8712: fix uninit-value in usb_read8() and friends
f3f754d72d clocksource/drivers/sp804: Avoid error on multiple instances
abf3b22261 extcon: Modify extcon device to be created after driver data is set
41ec946694 misc: rtsx: set NULL intfdata when probe fails
5b0c0298f7 usb: dwc2: gadget: don't reset gadget's driver->bus
468fe959ea sysrq: do not omit current cpu when showing backtrace of all active CPUs
f4cb24706c USB: hcd-pci: Fully suspend across freeze/thaw cycle
ffe9440d69 drivers: usb: host: Fix deadlock in oxu_bus_suspend()
6e2273eefa drivers: tty: serial: Fix deadlock in sa1100_set_termios()
ee105039d3 USB: host: isp116x: check return value after calling platform_get_resource()
0f69d7d5e9 drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
66f769762f drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
cb7147afd3 tty: Fix a possible resource leak in icom_probe
d68d5e68b7 tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
61ca1b97ad lkdtm/usercopy: Expand size of "out of frame" object
7821d743ab iio: st_sensors: Add a local lock for protecting odr
5a89a92efc staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
8caa4b7d41 iio: dummy: iio_simple_dummy: check the return value of kstrdup()
f091e29ed8 drm: imx: fix compiler warning with gcc-12
96bf5ed057 net: altera: Fix refcount leak in altera_tse_mdio_create
fbeb8dfa8b ip_gre: test csum_start instead of transport header
1981cd7a77 net/mlx5: fs, fail conflicting actions
652418d82b net/mlx5: Rearm the FW tracer after each tracer event
5d9c1b081a net: ipv6: unexport __init-annotated seg6_hmac_init()
be3884d5cd net: xfrm: unexport __init-annotated xfrm4_protocol_init()
7759c32228 net: mdio: unexport __init-annotated mdio_bus_init()
b585b87fd5 SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
3d8122e169 net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
c2ae49a113 net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
0cf7aaff29 bpf, arm64: Clear prog->jited_len along prog->jited
c61848500a af_unix: Fix a data-race in unix_dgram_peer_wake_me().
be9581f4fd xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
86c87d2c03 netfilter: nf_tables: bail out early if hardware offload is not supported
330c0c6cd2 netfilter: nf_tables: memleak flow rule from commit path
67e2d44873 netfilter: nf_tables: release new hooks on unsupported flowtable flags
19cb3ece14 ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
ec5548066d netfilter: nf_tables: always initialize flowtable hook list in transaction
7fd03e34f0 powerpc/kasan: Force thread size increase with KASAN
7a248f9c74 netfilter: nf_tables: delete flowtable hooks via transaction list
9edafbc7ec netfilter: nat: really support inet nat without l3 address
8dbae5affb xprtrdma: treat all calls not a bcall when bc_serv is NULL
8b3d5bafb1 video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
c09b873f3f video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
0ee5b9644f NFSv4: Don't hold the layoutget locks across multiple RPC calls
95a0ba85c1 dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
2c08cae19d m68knommu: fix undefined reference to `_init_sp'
d99f04df32 m68knommu: set ZERO_PAGE() to the allocated zeroed page
344a55ccf5 i2c: cadence: Increase timeout per message if necessary
32bea51fe4 f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
54c1e0e3bb iommu/arm-smmu-v3: check return value after calling platform_get_resource()
3660db29b0 iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
9e801c891a tracing: Avoid adding tracer option before update_tracer_options
1788e6dbb6 tracing: Fix sleeping function called from invalid context on RT kernel
2f452a3306 bootconfig: Make the bootconfig.o as a normal object file
c667b3872a mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
76b226eaf0 dmaengine: idxd: set DMA_INTERRUPT cap bit
32be2b805a perf c2c: Fix sorting in percent_rmt_hitm_cmp()
71cbce7503 driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction
b8fac8e321 tipc: check attribute length for bearer name
c1f0187025 scsi: sd: Fix potential NULL pointer dereference
d2e297eaf4 afs: Fix infinite loop found by xfstest generic/676
04622d6318 gpio: pca953x: use the correct register address to do regcache sync
0a0f7f8414 tcp: tcp_rtx_synack() can be called from process context
e05dd93826 net: sched: add barrier to fix packet stuck problem for lockless qdisc
e9fe72b95d net/mlx5e: Update netdev features after changing XDP state
b50eef7a38 net/mlx5: correct ECE offset in query qp output
ea5edd015f net/mlx5: Don't use already freed action pointer
bf2af9b243 sfc: fix wrong tx channel offset with efx_separate_tx_channels
8f81a4113e sfc: fix considering that all channels have TX queues
7ac3a034d9 nfp: only report pause frame configuration for physical device
630e0a10c0 net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct smc_wr_tx_pend_priv *"
b97550e380 riscv: read-only pages should not be writable
8f49e1694c bpf: Fix probe read error in ___bpf_prog_run()
6d8d3f68cb ubi: ubi_create_volume: Fix use-after-free when volume creation failed
f413e4d7cd ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not empty
3252d327f9 jffs2: fix memory leak in jffs2_do_fill_super
741e49eacd modpost: fix removing numeric suffixes
42658e47f1 net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
f7ba2cc57f net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
71ae30662e net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
503a3fd646 net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
ee89d7fd49 s390/crypto: fix scatterwalk_unmap() callers in AES-GCM
e892a7e60f clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
1d7361679f ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
910b1cdf6c watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
b3354f2046 watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
36ee9ffca8 driver core: fix deadlock in __device_attach
823f24f2e3 driver: base: fix UAF when driver_attach failed
7a6337bfed bus: ti-sysc: Fix warnings for unbind for serial
985706bd3b firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
94acaaad47 serial: stm32-usart: Correct CSIZE, bits, and parity
b7e560d2ff serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
afcfc3183c serial: sifive: Sanitize CSIZE and c_iflag
a9f6bee486 serial: sh-sci: Don't allow CS5-6
00456b932e serial: txx9: Don't allow CS5-6
22e975796f serial: rda-uart: Don't allow CS5-6
ff4ce2979b serial: digicolor-usart: Don't allow CS5-6
5cd331bcf0 serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
260792d5c9 serial: meson: acquire port->lock in startup()
82bfea344e rtc: mt6397: check return value after calling platform_get_resource()
d54a51b518 clocksource/drivers/riscv: Events are stopped during CPU suspend
5b3e990f85 soc: rockchip: Fix refcount leak in rockchip_grf_init
cfe8a0967d extcon: ptn5150: Add queue work sync before driver release
96414e2cdc coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
47ebc50dc2 serial: sifive: Report actual baud base rather than fixed 115200
ab35308bbd phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
52f327a45c rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
c10333c451 iio: adc: sc27xx: Fine tune the scale calibration values
3747429834 iio: adc: sc27xx: fix read big scale voltage not right
b30f2315a3 iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout
43823ceb26 iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
6f01c0fb8e usb: typec: mux: Check dev_set_name() return value
7027c890ff firmware: stratix10-svc: fix a missing check on list iterator
70ece3c5ec misc: fastrpc: fix an incorrect NULL check on list iterator
2a1bf8e5ad usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
8ae4fed195 rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
572211d631 pwm: lp3943: Fix duty calculation in case period was clamped
f9782b26d6 staging: fieldbus: Fix the error handling path in anybuss_host_common_probe()
b382c0c3b8 usb: musb: Fix missing of_node_put() in omap2430_probe
6b7cf22122 USB: storage: karma: fix rio_karma_init return
e100742823 usb: usbip: add missing device lock on tweak configuration cmd
bcbb795a9e usb: usbip: fix a refcount leak in stub_probe()
4e3a2d77bd tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get
e27376f5aa tty: n_tty: Restore EOF push handling behavior
11bc6eff3a tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
ee6c33b29e tty: goldfish: Use tty_port_destroy() to destroy port
56ac04f35f lkdtm/bugs: Check for the NULL pointer after calling kmalloc
03efa70eb0 iio: adc: ad7124: Remove shift from scan_type
4610b06761 staging: greybus: codecs: fix type confusion of list iterator variable
1509d2335d pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
e2e52b40ef Linux 5.10.121
47c1680e51 md: bcache: check the return value of kzalloc() in detached_dev_do_request()
a67100f426 ext4: only allow test_dummy_encryption when supported
96662c7746 MIPS: IP30: Remove incorrect `cpu_has_fpu' override
57e561573f MIPS: IP27: Remove incorrect `cpu_has_fpu' override
bb55ca1612 RDMA/rxe: Generate a completion for unsupported/invalid opcode
72268945b1 Revert "random: use static branch for crng_ready()"
6b03dc67dd block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
51f724bffa bfq: Make sure bfqg for which we are queueing requests is online
0285718e28 bfq: Get rid of __bio_blkcg() usage
80b0a2b3df bfq: Remove pointless bfq_init_rq() calls
13599aac1b bfq: Drop pointless unlock-lock pair
7d172b9dc9 bfq: Avoid merging queues with different parents
54cdc10ac7 thermal/core: Fix memory leak in the error path
b132abaa65 thermal/core: fix a UAF bug in __thermal_cooling_device_register()
ec1378f2fa kseltest/cgroup: Make test_stress.sh work if run interactively
82b2b60b67 xfs: assert in xfs_btree_del_cursor should take into account error
f1916a88c8 xfs: consider shutdown in bmapbt cursor delete assert
e3ffe7387c xfs: force log and push AIL to clear pinned inodes when aborting mount
0b229d03d0 xfs: restore shutdown check in mapped write fault path
3d05a855dc xfs: fix incorrect root dquot corruption error when switching group/project quota types
893cf5f68a xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
643ceee253 xfs: sync lazy sb accounting on quiesce of read-only mounts
af26bfb04a xfs: set inode size after creating symlink
d27f0000d7 net: ipa: fix page free in ipa_endpoint_replenish_one()
70124d94f4 net: ipa: fix page free in ipa_endpoint_trans_release()
2156dc3904 phy: qcom-qmp: fix reset-controller leak on probe errors
67e3404889 coresight: core: Fix coresight device probe failure issue
77692c02e1 blk-iolatency: Fix inflight count imbalances and IO hangs on offline
19e5aac38a vdpasim: allow to enable a vq repeatedly
ec029087df dt-bindings: gpio: altera: correct interrupt-cells
0ac587c61f docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
6182c71a0c SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op
d6b9b220d1 ARM: pxa: maybe fix gpio lookup tables
39c61f4f7f ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
6f3673c8d8 phy: qcom-qmp: fix struct clk leak on probe errors
09a84dad95 arm64: dts: qcom: ipq8074: fix the sleep clock frequency
591c3481b1 gma500: fix an incorrect NULL check on list iterator
c521f42dd2 tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
10c5088a31 serial: pch: don't overwrite xmit->buf[0] by x_char
59afd4f287 bcache: avoid journal no-space deadlock by reserving 1 journal bucket
0cf22f234e bcache: remove incremental dirty sector counting for bch_sectors_dirty_init()
3f686b249b bcache: improve multithreaded bch_sectors_dirty_init()
46c2b5f81c bcache: improve multithreaded bch_btree_check()
4e2fbe8cda stm: ltdc: fix two incorrect NULL checks on list iterator
dc12a64cf8 carl9170: tx: fix an incorrect use of list iterator
8f1bc0edf5 ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
769ec2a824 rtl818x: Prevent using not initialized queues
d787a57a17 xtensa/simdisk: fix proc_read_simdisk()
63758dd959 hugetlb: fix huge_pmd_unshare address update
90ad54714e nodemask.h: fix compilation error with GCC12
e9514bce2f iommu/msm: Fix an incorrect NULL check on list iterator
82c888e51c ftrace: Clean up hash direct_functions on register failures
c26ccbaeb8 kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
cf0dabc374 um: Fix out-of-bounds read in LDT setup
7f8fd5dd43 um: chan_user: Fix winch_tramp() return value
873069e393 mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
22741dd048 cfg80211: declare MODULE_FIRMWARE for regulatory.db
e87fedad4a irqchip: irq-xtensa-mx: fix initial IRQ affinity
be7ae7cd1c irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
df7f0f8be3 csky: patch_text: Fixup last cpu should be master
31dca00d0c RDMA/hfi1: Fix potential integer multiplication overflow errors
09408080ad Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug
b67adaec34 ima: remove the IMA_TEMPLATE Kconfig option
577a959cb0 media: coda: Add more H264 levels for CODA960
4005f6a25c media: coda: Fix reported H264 profile
d09dad0057 mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
08788b917b mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
b2b0144422 md: fix an incorrect NULL check in md_reload_sb
2401f1cf3d md: fix an incorrect NULL check in does_sb_need_changing
e28321e013 drm/i915/dsi: fix VBT send packet port selection for ICL+
495ac77576 drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
addf0ae792 drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
97a9ec86cc drm/nouveau/clk: Fix an incorrect NULL check on list iterator
436cff507f drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
be585921f2 drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
556e404691 scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
f297dc2364 scsi: dc395x: Fix a missing check on list iterator
337e365507 ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
4ca3ac06e7 dlm: fix missing lkb refcount handling
899bc44291 dlm: fix plock invalid read
74114d26e9 s390/perf: obtain sie_block from the right address
7994d89012 mm, compaction: fast_find_migrateblock() should return pfn in the target zone
99fd821f56 PCI: qcom: Fix unbalanced PHY init on probe errors
c0e129dafc PCI: qcom: Fix runtime PM imbalance on probe errors
2b4c6ad382 PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
058cb6d86b tracing: Fix potential double free in create_var_ref()
a2b9edc3f8 ACPI: property: Release subnode properties with data nodes
ff4cafa517 ext4: avoid cycles in directory h-tree
da2f059192 ext4: verify dir block before splitting it
4fd58b5cf1 ext4: fix bug_on in __es_tree_search
cc5b09cb6d ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
1b061af037 ext4: fix bug_on in ext4_writepages
adf490083c ext4: fix warning in ext4_handle_inode_extension
dd887f83ea ext4: fix use-after-free in ext4_rename_dir_prepare
70a7dea846 bfq: Track whether bfq_group is still online
b06691af08 bfq: Update cgroup information before merging bio
4dfc12f8c9 bfq: Split shared queues on move between cgroups
c072cab98b efi: Do not import certificates from UEFI Secure Boot for T2 Macs
9a9dc60da7 fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
c1ad58de13 iwlwifi: mvm: fix assert 1F04 upon reconfig
6118bbdf69 wifi: mac80211: fix use-after-free in chanctx code
efdefbe8b7 f2fs: fix to do sanity check for inline inode
2221a2d410 f2fs: fix fallocate to use file_modified to update permissions consistently
ef221b738b f2fs: fix to do sanity check on total_data_blocks
196f72e089 f2fs: don't need inode lock for system hidden quota
2e790aa378 f2fs: fix deadloop in foreground GC
ccd58045be f2fs: fix to clear dirty inode in f2fs_evict_inode()
a34d7b4989 f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
2766ddaf45 f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
d8b6aaeb9a perf jevents: Fix event syntax error caused by ExtSel
c8c2802407 perf c2c: Use stdio interface if slang is not supported
c9542f5f90 i2c: rcar: fix PM ref counts in probe error paths
ebd4f37ac1 i2c: npcm: Handle spurious interrupts
5c0dfca6b9 i2c: npcm: Correct register access width
06cb0f056b i2c: npcm: Fix timeout calculation
de6f6b5400 iommu/amd: Increase timeout waiting for GA log enablement
3cfb546439 dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
13d8d11dfa dmaengine: stm32-mdma: rework interrupt handler
0f87bd8b5f dmaengine: stm32-mdma: remove GISR1 register
c1c4405222 video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
96fdbb1c85 NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
83839a333f NFS: Don't report errors from nfs_pageio_complete() more than once
040242365c NFS: Do not report flush errors in nfs_write_end()
c5a0e59bbe NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
418b9fa434 NFS: Do not report EINTR/ERESTARTSYS as mapping errors
6073af7815 dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
f57696bc63 i2c: at91: Initialize dma_buf in at91_twi_xfer()
8e49773a75 MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon
ec5ded7acb cpufreq: mediatek: Unregister platform device on exit
9d91400fff cpufreq: mediatek: Use module_init and add module_exit
c7b0ec9744 cpufreq: mediatek: add missing platform_driver_unregister() on error in mtk_cpufreq_driver_init
fb02d6b543 i2c: at91: use dma safe buffers
da748d263a iommu/mediatek: Add list_del in mtk_iommu_remove
51d584704d f2fs: fix dereference of stale list iterator after loop body
0e0faa1431 OPP: call of_node_put() on error path in _bandwidth_supported()
baf86afed7 Input: stmfts - do not leave device disabled in stmfts_input_open
fc0750e659 RDMA/hfi1: Prevent use of lock before it is initialized
bb2220e067 mailbox: forward the hrtimer if not queued and under a lock
a1d4941d9a mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
46fd994763 powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
b8ef79697b macintosh: via-pmu and via-cuda need RTC_LIB
cca915d691 powerpc/perf: Fix the threshold compare group constraint for power9
7620a280da powerpc/64: Only WARN if __pa()/__va() called with bad addresses
9b28515641 hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume()
40d428b528 PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
6e07ccc7d5 Input: sparcspkr - fix refcount leak in bbc_beep_probe
76badb0a4d crypto: cryptd - Protect per-CPU resource by disabling BH.
40c41a7bfd crypto: sun8i-ss - handle zero sized sg
5bea8f700a crypto: sun8i-ss - rework handling of IV
9834b13e8b tty: fix deadlock caused by calling printk() under tty_port->lock
a21d4dab77 PCI: imx6: Fix PERST# start-up sequence
2a9d3b5118 ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
f061ddfed9 proc: fix dentry/inode overinstantiating under /proc/${pid}/net
ab0c26e441 ASoC: atmel-classd: Remove endianness flag on class d component
b716e4168d ASoC: atmel-pdmic: Remove endianness flag on pdmic component
456105105e powerpc/4xx/cpm: Fix return value of __setup() handler
de5bc92318 powerpc/idle: Fix return value of __setup() handler
f991879762 pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
f7c290eac8 powerpc/8xx: export 'cpm_setbrg' for modules
49a5b1735c drivers/base/memory: fix an unlikely reference counting issue in __add_memory_block()
c121942917 dax: fix cache flush on PMD-mapped pages
d8a5bdc767 drivers/base/node.c: fix compaction sysfs file leak
84958f066d pinctrl: mvebu: Fix irq_of_parse_and_map() return value
8a8b40d007 nvdimm: Allow overwrite in the presence of disabled dimms
641649f31e nvdimm: Fix firmware activation deadlock scenarios
1052f22e12 firmware: arm_scmi: Fix list protocols enumeration in the base protocol
7a55a5159d scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
17d9d7d264 mfd: ipaq-micro: Fix error check return value of platform_get_irq()
82c6c8a66c powerpc/fadump: fix PT_LOAD segment for boot memory area
08b053d32b arm: mediatek: select arch timer for mt7629
ceb61ab22d pinctrl: bcm2835: implement hook for missing gpio-ranges
cda45b715d gpiolib: of: Introduce hook for missing gpio-ranges
a26dfdf0a6 crypto: marvell/cesa - ECB does not IV
ee89d8dee5 misc: ocxl: fix possible double free in ocxl_file_register_afu
22c3fea20a ARM: dts: bcm2835-rpi-b: Fix GPIO line names
0a4ee6cdaa ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
bd7ffc171c ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
daffdb0830 ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
95000ae680 ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
b439f7addd can: xilinx_can: mark bit timing constants as const
875a17c3ad platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
b0bf87b1b3 ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
acd2313bd9 platform/chrome: cros_ec: fix error handling in cros_ec_register()
e690350d3d KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault
fd7dca68a6 KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry
259c1fad9f soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
ca7ce579a7 ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
acd99f384c PCI: dwc: Fix setting error return on MSI DMA mapping failure
92b7cab307 PCI: rockchip: Fix find_first_zero_bit() limit
266f5cf692 PCI: cadence: Fix find_first_zero_bit() limit
a409d0b1f9 soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
7cbe94d296 soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
8365341798 ARM: dts: suniv: F1C100: fix watchdog compatible
ea4f1c6bb9 memory: samsung: exynos5422-dmc: Avoid some over memory allocation
3960629bb5 arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
0c5f04da02 net/smc: postpone sk_refcnt increment in connect()
8096e2d7c0 hinic: Avoid some over memory allocation
dc7753d600 net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
4790963ef4 rxrpc: Fix decision on when to generate an IDLE ACK
3eef677a25 rxrpc: Don't let ack.previousPacket regress
573de88fc1 rxrpc: Fix overlapping ACK accounting
4f1c34ee60 rxrpc: Don't try to resend the request if we're receiving the reply
5b4826657d rxrpc: Fix listen() setting the bar too high for the prealloc rings
541224201e hv_netvsc: Fix potential dereference of NULL pointer
deb16df525 net: stmmac: fix out-of-bounds access in a selftest
5c2b34d072 net: stmmac: selftests: Use kcalloc() instead of kzalloc()
7386f69041 ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
d015f6f694 NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
7a5e6a4898 ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
8bbf522a2c thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
18530bedd2 thermal/core: Fix memory leak in __thermal_cooling_device_register()
dcf5ffc91c thermal/drivers/core: Use a char pointer for the cooling device name
79098339ac thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
8360380295 thermal/drivers/bcm2711: Don't clamp temperature at zero
3161044e75 drm/i915: Fix CFI violation with show_dynamic_id()
ffbcfb1688 drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
2679de7d04 x86/sev: Annotate stack change in the #VC handler
656aa3c51f drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
48e82ce8cd drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
d54ac6ca48 ext4: reject the 'commit' option on ext2 filesystems
63b7c08995 media: rkvdec: h264: Fix bit depth wrap in pps packet
b4805a77d5 media: rkvdec: h264: Fix dpb_valid implementation
82239e30ab media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource()
5c24566294 media: ov7670: remove ov7670_power_off from ov7670_remove
510e879420 ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
33411945c9 net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
8113eedbab sctp: read sk->sk_bound_dev_if once in sctp_rcv()
6950ee32c1 lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
a67a1661cf m68k: math-emu: Fix dependencies of math emulation support
4dcae15ff8 nvme: set dma alignment to dword
8ace1e6355 Bluetooth: use hdev lock for accept_list and reject_list in conn req
792f8b0e74 Bluetooth: use inclusive language when filtering devices
d763aa352c Bluetooth: use inclusive language in HCI role comments
c024f6f11d Bluetooth: LL privacy allow RPA
394df9f17e Bluetooth: L2CAP: Rudimentary typo fixes
5702c3c657 Bluetooth: Interleave with allowlist scan
36c644c63b Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
fc68385fcb media: vsp1: Fix offset calculation for plane cropping
a3304766d9 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
7d792640d3 media: exynos4-is: Change clk_disable to clk_disable_unprepare
b3e4837358 media: st-delta: Fix PM disable depth imbalance in delta_probe
8e4e0c4ac5 media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
0572a5bd38 media: aspeed: Fix an error handling path in aspeed_video_probe()
34feaea3aa scripts/faddr2line: Fix overlapping text section failures
1472fb1c74 kselftest/cgroup: fix test_stress.sh to use OUTPUT dir
cacea459f9 ASoC: samsung: Fix refcount leak in aries_audio_probe
c1b08aa568 ASoC: samsung: Use dev_err_probe() helper
9f564e29a5 regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
2a0da7641e ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
e84aaf23ca ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
4024affd53 ath11k: Don't check arvif->is_started before sending management frames
779d41c80b perf/amd/ibs: Use interrupt regs ip for stack unwinding
37a9db0ee7 regulator: qcom_smd: Fix up PM8950 regulator configuration
e2786db0a7 Revert "cpufreq: Fix possible race in cpufreq online error path"
560dcbe1c7 spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()
f40549ce20 iomap: iomap_write_failed fix
7a79ab2596 media: uvcvideo: Fix missing check to determine if element is found in list
d50b26221f drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
883f1d52a5 drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
49dc28b4b2 drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
a10092daba drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
369a712442 regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
018ebe4c18 arm64: fix types in copy_highpage()
49bfbaf6a0 x86/mm: Cleanup the control_va_addr_alignment() __setup handler
0d5c8ac922 irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
f4b503b4ef irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
5e76e51633 irqchip/exiu: Fix acknowledgment of edge triggered interrupts
35abf2081f x86: Fix return value of __setup handlers
940b12435b virtio_blk: fix the discard_granularity and discard_alignment queue limits
23716d7614 perf tools: Use Python devtools for version autodetection rather than runtime
3451852312 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
e19ece6f24 drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
5a26a49470 drm/msm: add missing include to msm_drv.c
7b815e91ff drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
d9cb951d11 drm/msm/hdmi: check return value after calling platform_get_resource_byname()
e99755e6a9 drm/msm/dsi: fix error checks and return values for DSI xmit functions
3574e0b290 drm/msm/dp: fix error check return value of irq_of_parse_and_map()
04204612dd drm/msm/dp: stop event kernel thread when DP unbind
134760263f drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
d5773db56c perf tools: Add missing headers needed by util/data.h
e251a33fe8 ASoC: rk3328: fix disabling mclk on pclk probe failure
e2fef34d78 x86/speculation: Add missing prototype for unpriv_ebpf_notify()
81f1ddffdc mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()
b6ecf2b7e6 x86/pm: Fix false positive kmemleak report in msr_build_context()
0e1cd4edef mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check()
ab88c8d906 libbpf: Fix logic for finding matching program for CO-RE relocation
97b56f17b3 selftests/resctrl: Fix null pointer dereference on open failed
c54d66c514 scsi: ufs: core: Exclude UECxx from SFR dump list
02192ee936 scsi: ufs: qcom: Fix ufs_qcom_resume()
328cfeac73 drm/msm/dpu: adjust display_v_end for eDP and DP
cc68e53f9a of: overlay: do not break notify on NOTIFY_{OK|STOP}
f929416d5c fsnotify: fix wrong lockdep annotations
94845fc422 inotify: show inotify mask flags in proc fdinfo
f2c68c5289 ALSA: pcm: Check for null pointer of pointer substream before dereferencing it
d764a7d647 drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
b6b70cd3dd media: hantro: Empty encoder capture buffers by default
461e4c1f19 ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
96c848afbd cpufreq: Fix possible race in cpufreq online error path
172789fd95 spi: img-spfi: Fix pm_runtime_get_sync() error checking
147a376c1a sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
f35c3f2374 drm/bridge: Fix error handling in analogix_dp_probe
6d0726725c HID: elan: Fix potential double free in elan_input_configured
39d4bd3f59 HID: hid-led: fix maximum brightness for Dream Cheeky
3c68daf4a3 mtd: rawnand: denali: Use managed device resources
dd2b1d70ef EDAC/dmc520: Don't print an error for each unconfigured interrupt line
bea6985099 drbd: fix duplicate array initializer
3eba802d47 target: remove an incorrect unmap zeroes data deduction
e7681199bb efi: Add missing prototype for efi_capsule_setup_info
2a1b5110c9 NFC: NULL out the dev->rfkill to prevent UAF
8e357f086d net: dsa: mt7530: 1G can also support 1000BASE-X link mode
4565d5be8b scftorture: Fix distribution of short handler delays
58eff5b73f spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
b4c7dd0037 drm: mali-dp: potential dereference of null pointer
78a3e9fcdb drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
3cea0259ed nl80211: show SSID for P2P_GO interfaces
6c0a8c771a bpf: Fix excessive memory allocation in stack_map_alloc()
7ff76dc2d8 libbpf: Don't error out on CO-RE relos for overriden weak subprogs
84b0e23e10 drm/vc4: txp: Force alpha to be 0xff if it's disabled
ac904216b8 drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
15cec7dfd3 drm/vc4: hvs: Reset muxes at probe time
2268f190af drm/mediatek: Fix mtk_cec_mask()
032f8c67fe drm/ingenic: Reset pixclock rate when parent clock rate changes
58c7c01577 x86/delay: Fix the wrong asm constraint in delay_loop()
f279c49f17 ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
fb66e0512e ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
35db6e2e99 spi: qcom-qspi: Add minItems to interconnect-names
187ecfc3b7 drm/bridge: adv7511: clean up CEC adapter when probe fails
9072d62785 drm/edid: fix invalid EDID extension block filtering
0d6dc3efb1 ath9k: fix ar9003_get_eepmisc
822dac24b4 ath11k: acquire ab->base_lock in unassign when finding the peer by addr
3ed327b77d dt-bindings: display: sitronix, st7735r: Fix backlight in example
61bbbde9b6 drm: fix EDID struct for old ARM OABI format
cc80d3c37c RDMA/hfi1: Prevent panic when SDMA is disabled
dfc308d6f2 powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
b4e14e9beb macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
0230055fa6 powerpc/powernv: fix missing of_node_put in uv_init()
6a61a97106 powerpc/xics: fix refcount leak in icp_opal_init()
8a665c2791 powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
5a3767ac79 tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
eff3587b9c PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
21a3effe44 ARM: hisi: Add missing of_node_put after of_find_compatible_node
d2b3b380c1 ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
d146e2a986 ARM: versatile: Add missing of_node_put in dcscb_init
b646e0cfeb pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()
c16f1b3d72 fat: add ratelimit to fat*_ent_bread()
f20c7cd2b2 powerpc/fadump: Fix fadump to work with a different endian capture kernel
039966775c ARM: OMAP1: clock: Fix UART rate reporting algorithm
9dfa8d087b fs: jfs: fix possible NULL pointer dereference in dbFree()
05efc4591f soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
0f9091f202 crypto: ccree - use fine grained DMA mapping dir
86b091b689 PM / devfreq: rk3399_dmc: Disable edev on remove()
7e391ec939 arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
c400439adc ARM: dts: s5pv210: align DMA channels with dtschema
0521c52978 ARM: dts: ox820: align interrupt controller node name with dtschema
968a668376 IB/rdmavt: add missing locks in rvt_ruc_loopback
6a2e275834 gfs2: use i_lock spin_lock for inode qadata
92ef7a8719 selftests/bpf: fix btf_dump/btf_dump due to recent clang change
340cf91293 eth: tg3: silence the GCC 12 array-bounds warning
cb2ca93f8f rxrpc, afs: Fix selection of abort codes
4a4e2e90ec rxrpc: Return an error to sendmsg if call failed
6c18a0fcd6 m68k: atari: Make Atari ROM port I/O write macros return void
76744a016e x86/microcode: Add explicit CPU vendor dependency
f29fb46232 can: mcp251xfd: silence clang's -Wunaligned-access warning
ff383c1879 ASoC: rt1015p: remove dependency on GPIOLIB
c73aee1946 ASoC: max98357a: remove dependency on GPIOLIB
86c02171bd media: exynos4-is: Fix compile warning
abb5594ae2 net: phy: micrel: Allow probing without .driver_data
8d33585ffa nbd: Fix hung on disconnect request if socket is closed before
1a5a3dfd9f ASoC: rt5645: Fix errorenous cleanup order
af98940dd3 nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
8671aeeef2 openrisc: start CPU timer early in boot
22cdbb1354 media: cec-adap.c: fix is_configuring state
4cf6ba9367 media: imon: reorganize serialization
f3915b4665 media: coda: limit frame interval enumeration to supported encoder frame sizes
8ddc89437c media: rga: fix possible memory leak in rga_probe
f9413b9023 rtlwifi: Use pr_warn instead of WARN_ONCE
eb7a71b7b2 ipmi: Fix pr_fmt to avoid compilation issues
fa390c8b62 ipmi:ssif: Check for NULL msg when handling events and messages
0b7c1dc7ee ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
1ecd01d77c dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
a61583744e spi: stm32-qspi: Fix wait_cmd timeout in APM mode
0c05c03c51 perf/amd/ibs: Cascade pmu init functions' return value
4605458398 s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES
312c43e98e net: remove two BUG() from skb_checksum_help()
4f99bde59e ASoC: tscs454: Add endianness flag in snd_soc_component_driver
296f8ca0f7 HID: bigben: fix slab-out-of-bounds Write in bigben_probe
3ee67465f7 drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
6f19abe031 mlxsw: Treat LLDP packets as control
b30e727f09 mlxsw: spectrum_dcb: Do not warn about priority changes
d68a5eb7b3 ASoC: dapm: Don't fold register value changes into notifications
9b42659cb3 net/mlx5: fs, delete the FTE when there are no rules attached to it
4d85201adb ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
0325c08ae2 drm: msm: fix error check return value of irq_of_parse_and_map()
ad97425d23 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
8aa3750986 ath10k: skip ath10k_halt during suspend for driver state RESTARTING
20ad91d08a drm/amd/pm: fix the compile warning
b5cd108143 drm/plane: Move range check for format_count earlier
8c3fe9ff80 ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
60afa4f4e1 ath11k: disable spectral scan during spectral deinit
fa1b509d41 scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
1869f9bfaf scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync()
508add11af scsi: megaraid: Fix error check return value of register_chrdev()
95050b9847 drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
90281cadf5 mmc: jz4740: Apply DMA engine limits to maximum segment size
e69e93120f md/bitmap: don't set sb values if can't pass sanity check
3f94169aff media: cx25821: Fix the warning when removing the module
ca17e7a532 media: pci: cx23885: Fix the error handling in cx23885_initdev()
27ad46da44 media: venus: hfi: avoid null dereference in deinit
e68270a786 ath9k: fix QCA9561 PA bias level
ca1ce20689 drm/amd/pm: fix double free in si_parse_power_table()
3102e9d7e5 tools/power turbostat: fix ICX DRAM power numbers
fbfeb9bc94 spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction
e2b8681769 ALSA: jack: Access input_dev under mutex
005990e30d sfc: ef10: Fix assigning negative value to unsigned variable
10f30cba8f rcu: Make TASKS_RUDE_RCU select IRQ_WORK
1c6c3f2336 rcu-tasks: Fix race in schedule and flush work
c977d63b8c drm/komeda: return early if drm_universal_plane_init() fails.
cd97a481ea ACPICA: Avoid cache flush inside virtual machines
29cb802966 x86/platform/uv: Update TSC sync state for UV5
59dd1a07ee fbcon: Consistently protect deferred_takeover with console_lock()
5bfb65e92f ipv6: fix locking issues with loops over idev->addr_list
98d1dc32f8 ipw2x00: Fix potential NULL dereference in libipw_xmit()
cc575b8558 b43: Fix assigning negative value to unsigned variable
4ae5a2ccf5 b43legacy: Fix assigning negative value to unsigned variable
74ad0d7450 mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
fadc626cae drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
c6380d9d2d iommu/vt-d: Add RPLS to quirk list to skip TE disabling
509e9710b8 btrfs: repair super block num_devices automatically
4093eea47d btrfs: add "0x" prefix for unsupported optional features
b49516583f ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
f8ef79687b ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
6580673b17 ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP
92fb46536a perf/x86/intel: Fix event constraints for ICL
b4acb8e7f1 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
860e44f21f parisc/stifb: Keep track of hardware path of graphics card
78e008dca2 Fonts: Make font size unsigned in font_desc
c5b9b7fb12 xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
c9ac773715 cifs: when extending a file with falloc we should make files not-sparse
ce4627f09e usb: core: hcd: Add support for deferring roothub registration
a2532c4417 usb: dwc3: gadget: Move null pinter check to proper place
0420275d64 USB: new quirk for Dell Gen 2 devices
19b3fe8a7c USB: serial: option: add Quectel BG95 modem
40bdb5ec95 ALSA: usb-audio: Cancel pending work at closing a MIDI substream
1cf70d5c15 ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
223368eaf6 ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
d2f3acde3d riscv: Fix irq_work when SMP is disabled
4a5c7a61ff riscv: Initialize thread pointer before calling C functions
6b45437959 parisc/stifb: Implement fb_is_primary_device()
9cef71ecea binfmt_flat: do not stop relocating GOT entries prematurely on riscv
43ca8e1dfb Merge 5.10.118 into android12-5.10-lts
70dd2d169d Linux 5.10.120
886eeb0460 bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
7f845de286 bpf: Fix potential array overflow in bpf_trampoline_get_progs()
3097f38e91 NFSD: Fix possible sleep during nfsd4_release_lockowner()
78a62e09d8 NFS: Memory allocation failures are not server fatal errors
1d100fcc1d docs: submitting-patches: Fix crossref to 'The canonical patch format'
ebbbffae71 tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
5933a191ac tpm: Fix buffer access in tpm2_get_tpm_pt()
0c56e5d0e6 HID: multitouch: add quirks to enable Lenovo X12 trackpoint
d6822d82c0 HID: multitouch: Add support for Google Whiskers Touchpad
0f03885059 raid5: introduce MD_BROKEN
8df42bcd36 dm verity: set DM_TARGET_IMMUTABLE feature flag
e39b536d70 dm stats: add cond_resched when looping over entries
4617778417 dm crypt: make printing of the key constant-time
bb64957c47 dm integrity: fix error code in dm_integrity_ctr()
8845027e55 ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries
4989bb0334 Bluetooth: hci_qca: Use del_timer_sync() before freeing
fae05b2314 zsmalloc: fix races between asynchronous zspage free and page migration
6a1cc25494 crypto: ecrdsa - Fix incorrect use of vli_cmp
c013f7d1cd crypto: caam - fix i.MX6SX entropy delay value
3d8fc6e28f KVM: x86: avoid calling x86 emulator without a decoded instruction
a2a3fa5b61 x86, kvm: use correct GFP flags for preemption disabled
4a9f3a9c28 x86/kvm: Alloc dummy async #PF token outside of raw spinlock
4c4a11c74a KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator
91a36ec160 netfilter: conntrack: re-fetch conntrack after insertion
c0aff1faf6 netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
44f1ce5530 crypto: drbg - make reseeding from get_random_bytes() synchronous
e744e34a3c crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
54700e82a7 crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
b2bef5500e crypto: drbg - prepare for more fine-grained tracking of seeding state
630192aa45 lib/crypto: add prompts back to crypto libraries
82f723b8a5 exfat: check if cluster num is valid
1f0681f3bd drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
2728d95c6c xfs: Fix CIL throttle hang when CIL space used going backwards
a9e7f19a55 xfs: fix an ABBA deadlock in xfs_rename
72464fd2b4 xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
45d97f70da xfs: show the proper user quota options
f20e67b455 xfs: detect overflows in bmbt records
ffc8d61387 net: ipa: compute proper aggregation limit
8adb751d29 io_uring: fix using under-expanded iters
57d01bcae7 io_uring: don't re-import iovecs from callbacks
6029f86740 assoc_array: Fix BUG_ON during garbage collect
b96b4aa65b cfg80211: set custom regdomain after wiphy registration
8fbd54ab06 pipe: Fix missing lock in pipe_resize_ring()
cd720fad8b pipe: make poll_usage boolean and annotate its access
ea62d169b6 netfilter: nf_tables: disallow non-stateful expression in sets earlier
5525af175b drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
f0749aecb2 i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
828309eee5 net: ftgmac100: Disable hardware checksum on AST2600
640397afdf nfc: pn533: Fix buggy cleanup order
ac8d5eb26c net: af_key: check encryption module availability consistency
d007f49ab7 percpu_ref_init(): clean ->percpu_count_ref on failure
75e35951d6 pinctrl: sunxi: fix f1c100s uart2 function
56c31ac1d8 Linux 5.10.119
7c57f21349 ALSA: ctxfi: Add SB046x PCI ID
514f587340 random: check for signals after page of pool writes
18c261e948 random: wire up fops->splice_{read,write}_iter()
cf8f8d3758 random: convert to using fops->write_iter()
affa1ae522 random: convert to using fops->read_iter()
4bb374a118 random: unify batched entropy implementations
552ae8e484 random: move randomize_page() into mm where it belongs
5f2a040b2f random: move initialization functions out of hot pages
02102b63bd random: make consistent use of buf and len
33783ca355 random: use proper return types on get_random_{int,long}_wait()
1fdd7eef21 random: remove extern from functions in header
811afd06e0 random: use static branch for crng_ready()
04d61b96bd random: credit architectural init the exact amount
5123cc61e2 random: handle latent entropy and command line from random_init()
9320e087f2 random: use proper jiffies comparison macro
31ac294037 random: remove ratelimiting for in-kernel unseeded randomness
b50f2830b3 random: move initialization out of reseeding hot path
4c4110c052 random: avoid initializing twice in credit race
cef9010b78 random: use symbolic constants for crng_init states
30e9f36266 siphash: use one source of truth for siphash permutations
772edeb8c7 random: help compiler out with fast_mix() by using simpler arguments
1841347233 random: do not use input pool from hard IRQs
999b0c9e8a random: order timer entropy functions below interrupt functions
ce3c4ff381 random: do not pretend to handle premature next security model
24d3275685 random: use first 128 bits of input as fast init
273aebb50b random: do not use batches when !crng_ready()
f4c98fe1d1 random: insist on random_get_entropy() existing in order to simplify
ffcfdd5de9 xtensa: use fallback for random_get_entropy() instead of zero
e1ea0e26d3 sparc: use fallback for random_get_entropy() instead of zero
a5092be129 um: use fallback for random_get_entropy() instead of zero
25d4fdf1f0 x86/tsc: Use fallback for random_get_entropy() instead of zero
0b93f40cbe nios2: use fallback for random_get_entropy() instead of zero
fdca775081 arm: use fallback for random_get_entropy() instead of zero
d5531246af mips: use fallback for random_get_entropy() instead of just c0 random
714def4497 riscv: use fallback for random_get_entropy() instead of zero
84397906a6 m68k: use fallback for random_get_entropy() instead of zero
7690be1adf timekeeping: Add raw clock fallback for random_get_entropy()
07b5d0b3e2 powerpc: define get_cycles macro for arch-override
30ee01bcdc alpha: define get_cycles macro for arch-override
c55a863c30 parisc: define get_cycles macro for arch-override
641d1fbd96 s390: define get_cycles macro for arch-override
c895438b17 ia64: define get_cycles macro for arch-override
7d9eab78be init: call time_init() before rand_initialize()
ec25e386d3 random: fix sysctl documentation nits
9dff512945 random: document crng_fast_key_erasure() destination possibility
a1b5c849d8 random: make random_get_entropy() return an unsigned long
72a9ec8d75 random: allow partial reads if later user copies fail
1805d20dfb random: check for signals every PAGE_SIZE chunk of /dev/[u]random
9641d9b430 random: check for signal_pending() outside of need_resched() check
26ee8fa4df random: do not allow user to keep crng key around on stack
bb515a5bef random: do not split fast init input in add_hwgenerator_randomness()
be0d4e3e96 random: mix build-time latent entropy into pool at init
bb563d06c5 random: re-add removed comment about get_random_{u32,u64} reseeding
f3bc5eca83 random: treat bootloader trust toggle the same way as cpu trust toggle
7cb6782146 random: skip fast_init if hwrng provides large chunk of entropy
083ab33951 random: check for signal and try earlier when generating entropy
20da9c6079 random: reseed more often immediately after booting
9891211dfe random: make consistent usage of crng_ready()
95a1c94a1b random: use SipHash as interrupt entropy accumulator
849e7b744c random: replace custom notifier chain with standard one
66307429b5 random: don't let 644 read-only sysctls be written to
4c74ca006a random: give sysctl_random_min_urandom_seed a more sensible value
0964a76fd5 random: do crng pre-init loading in worker rather than irq
192d4c6cb3 random: unify cycles_t and jiffies usage and types
47f0e89b71 random: cleanup UUID handling
9b0e0e2714 random: only wake up writers after zap if threshold was passed
c47f215ab3 random: round-robin registers as ulong, not u32
5064550d42 random: clear fast pool, crng, and batches in cpuhp bring up
6e1cb84cc6 random: pull add_hwgenerator_randomness() declaration into random.h
32252548b5 random: check for crng_init == 0 in add_device_randomness()
684e9fe92d random: unify early init crng load accounting
f656bd0011 random: do not take pool spinlock at boot
5d73e69a5d random: defer fast pool mixing to worker
7873321cd8 random: rewrite header introductory comment
6d1671b6d2 random: group sysctl functions
21ae543e3a random: group userspace read/write functions
f04580811d random: group entropy collection functions
e9ff357860 random: group entropy extraction functions
d7e5b1925a random: group crng functions
6b1ffb3b5a random: group initialization wait functions
6c9cee1555 random: remove whitespace and reorder includes
7b0f36f7c2 random: remove useless header comment
b390181654 random: introduce drain_entropy() helper to declutter crng_reseed()
0971c1c2fd random: deobfuscate irq u32/u64 contributions
ae1b8f1954 random: add proper SPDX header
9342656c01 random: remove unused tracepoints
17ad693cd2 random: remove ifdef'd out interrupt bench
28683a1885 random: tie batched entropy generation to base_crng generation
adc32acf23 random: fix locking for crng_init in crng_reseed()
bb63851c25 random: zero buffer after reading entropy from userspace
63c1aae40a random: remove outdated INT_MAX >> 6 check in urandom_read()
07280d2c3f random: make more consistent use of integer types
655a69cb41 random: use hash function for crng_slow_load()
95026060d8 random: use simpler fast key erasure flow on per-cpu keys
732872aa2c random: absorb fast pool into input pool after fast load
7a5b9ca583 random: do not xor RDRAND when writing into /dev/random
16a6e4ae71 random: ensure early RDSEED goes through mixer on init
c521bf08ee random: inline leaves of rand_initialize()
70377ee074 random: get rid of secondary crngs
c36e71b5a5 random: use RDSEED instead of RDRAND in entropy extraction
1d1582e5fe random: fix locking in crng_fast_load()
0762b7d1f1 random: remove batched entropy locking
8d07e2a226 random: remove use_input_pool parameter from crng_reseed()
b07fcd9e53 random: make credit_entropy_bits() always safe
32d1d7ce3a random: always wake up entropy writers after extraction
9852922061 random: use linear min-entropy accumulation crediting
bb9c45cfb9 random: simplify entropy debiting
de0727c0c4 random: use computational hash for entropy extraction
e0cc561e47 random: only call crng_finalize_init() for primary_crng
480fd91dcd random: access primary_pool directly rather than through pointer
0b9e36e895 random: continually use hwgenerator randomness
6d2d29f051 random: simplify arithmetic function flow in account()
a0653a9ec1 random: selectively clang-format where it makes sense
bccc8d9231 random: access input_pool_data directly rather than through pointer
a9db850c21 random: cleanup fractional entropy shift constants
edd294052e random: prepend remaining pool constants with POOL_
f87f50b843 random: de-duplicate INPUT_POOL constants
09ae6b8519 random: remove unused OUTPUT_POOL constants
8cc5260c19 random: rather than entropy_store abstraction, use global
5897e06ac1 random: remove unused extract_entropy() reserved argument
ae093ca125 random: remove incomplete last_data logic
7abbc9809f random: cleanup integer types
c9e108e36d random: cleanup poolinfo abstraction
8a3b78f917 random: fix typo in comments
0ad5d6384d random: don't reset crng_init_cnt on urandom_read()
17420c77f0 random: avoid superfluous call to RDRAND in CRNG extraction
c245231aec random: early initialization of ChaCha constants
efaddd56bc random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
6443204102 random: harmonize "crng init done" messages
ca57d51126 random: mix bootloader randomness into pool
542d8ebedb random: do not re-init if crng_reseed completes before primary init
2bfdf588a8 random: do not sign extend bytes for rotation when mixing
685200b076 random: use BLAKE2s instead of SHA1 in extraction
33c30bfe4f random: remove unused irq_flags argument from add_interrupt_randomness()
b57a888740 random: document add_hwgenerator_randomness() with other input functions
ae33c501e0 lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
07918ddba3 lib/crypto: sha1: re-roll loops to reduce code size
5fb6a3ba3a lib/crypto: blake2s: move hmac construction into wireguard
62531d446a lib/crypto: blake2s: include as built-in
aec0878b1d crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
030d3443aa crypto: blake2s - adjust include guard naming
fea91e9070 crypto: blake2s - add comment for blake2s_state fields
d45ae768b7 crypto: blake2s - optimize blake2s initialization
6c362b7c77 crypto: blake2s - share the "shash" API boilerplate code
72e5b68f33 crypto: blake2s - move update and final logic to internal/blake2s.h
e467a55bd0 crypto: blake2s - remove unneeded includes
198a19d7ee crypto: x86/blake2s - define shash_alg structs using macros
89f9ee998e crypto: blake2s - define shash_alg structs using macros
0f8fcf5b6e crypto: lib/blake2s - Move selftest prototype into header file
c3a4645d80 MAINTAINERS: add git tree for random.c
c4882c6e1e MAINTAINERS: co-maintain random.c
acb198c4d1 random: remove dead code left over from blocking pool
6227458fef random: avoid arch_get_random_seed_long() when collecting IRQ randomness
257fbea15a ACPI: sysfs: Fix BERT error region memory mapping
14fa2769ea ACPI: sysfs: Make sparse happy about address space in use
0debc69f00 media: vim2m: initialize the media device earlier
ed0e71cc3f media: vim2m: Register video device after setting up internals
a5c68f457f secure_seq: use the 64 bits of the siphash for port offset calculation
33f1b4a27a tcp: change source port randomizarion at connect() time
9b4aa0d80b KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
74c6e5d584 KVM: x86: Properly handle APF vs disabled LAPIC situation
c06e5f751a staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
a8f4d63142 lockdown: also lock down previous kgdb use
c204ee3350 Linux 5.10.118
56642f6af2 module: check for exit sections in layout_sections() instead of module_init_section()
633be494c3 include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
61a4cc41e5 afs: Fix afs_getattr() to refetch file status if callback break occurred
606011cb6a i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe()
030de84d45 module: treat exit sections the same as init sections when !CONFIG_MODULE_UNLOAD
355141fdbf dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
d30fdf7d13 Input: ili210x - fix reset timing
a698bf1f72 arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs
696292b9b5 net: atlantic: verify hw_head_ lies within TX buffer ring
cd66ab20a8 net: atlantic: add check for MAX_SKB_FRAGS
9bee8b4275 net: atlantic: reduce scope of is_rsc_complete
9b84e83a92 net: atlantic: fix "frag[0] not initialized"
0ae23a1d47 net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()
d4c6e5cebc ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one()
3a6dee284f nl80211: fix locking in nl80211_set_tx_bitrate_mask()
efe580c436 selftests: add ping test with ping_group_range tuned
1cfbf6d3a7 nl80211: validate S1G channel width
a0f5ff2049 mac80211: fix rx reordering with non explicit / psmp ack policy
e21d734fd0 scsi: qla2xxx: Fix missed DMA unmap for aborted commands
c5af341747 perf bench numa: Address compiler error on s390
210ea7da5c gpio: mvebu/pwm: Refuse requests with inverted polarity
30d4721fec gpio: gpio-vf610: do not touch other bits when set the target bit
ea8a9cb4a7 riscv: dts: sifive: fu540-c000: align dma node name with dtschema
dfd1f0cb62 net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
579061f391 igb: skip phy status check where unavailable
a89888648e ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
1756b45d8d ARM: 9196/1: spectre-bhb: enable for Cortex-A15
7b676abe32 net: af_key: add check for pfkey_broadcast in function pfkey_process
697f3219ee net/mlx5e: Properly block LRO when XDP is enabled
b503d0228c NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
42d4287cc1 net/qla3xxx: Fix a test in ql_reset_work()
d35bf8d766 clk: at91: generated: consider range when calculating best rate
9e0e75a5e7 ice: fix possible under reporting of ethtool Tx and Rx statistics
6e2caee5cd net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
a54d86cf41 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
201e5b5c27 net: systemport: Fix an error handling path in bcm_sysport_probe()
9bfe898e2b net/sched: act_pedit: sanitize shift argument before usage
47f04f95ed xfrm: fix "disable_policy" flag use when arriving from different devices
0d2e9d8000 xfrm: rework default policy structure
57c1bbe709 xfrm: fix dflt policy check when there is no policy configured
9856c3a129 xfrm: notify default policy on update
20fd28df40 xfrm: make user policy API complete
ab610ee1d1 net: xfrm: fix shift-out-of-bounce
5b7f84b1f9 xfrm: Add possibility to set the default to block if we have no policy
243e72e204 net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
1bc27eb71b net: macb: Increment rx bd head after allocating skb and buffer
998e305bd1 net: ipa: record proper RX transaction count
0599d5a8b4 ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group
0a2847d448 pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
d8ca684c3d ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi
3fc2846099 dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
e5289affba drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
8ceca1a069 libceph: fix potential use-after-free on linger ping and resends
233a3cc60e crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
6013ef5f51 arm64: mte: Ensure the cleared tags are visible before setting the PTE
a817f78ed6 arm64: paravirt: Use RCU read locks to guard stolen_time
b49bc8d615 KVM: x86/mmu: Update number of zapped pages even if page list is stable
146128ba26 PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
ec0d801d1a Fix double fget() in vhost_net_set_backend()
b42e5e3a84 selinux: fix bad cleanup on error in hashtab_duplicate()
3ee8e109c3 perf: Fix sys_perf_event_open() race against self
18fb7d533c ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
3eaf770163 ALSA: wavefront: Proper check of get_user() error
a34d018b6e ALSA: usb-audio: Restore Rane SL-1 quirk
f3f2247ac3 Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
e2cfa7b093 Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
fe5ac3da50 nilfs2: fix lockdep warnings during disk space reclamation
d626fcdabe nilfs2: fix lockdep warnings in page operations for btree nodes
aca18bacdb ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()
0acaf9cacd platform/chrome: cros_ec_debugfs: detach log reader wq from devm
5a19f3c2d3 drbd: remove usage of list iterator variable after loop
9b7f321106 MIPS: lantiq: check the return value of kzalloc()
05c073b1ad fs: fix an infinite loop in iomap_fiemap
00d8b06a4e rtc: mc146818-lib: Fix the AltCentury for AMD platforms
87fd0dd43e nvme-multipath: fix hang when disk goes live over reconnect
3663d6023a tools/virtio: compile with -pthread
5a4cbcb3df vhost_vdpa: don't setup irq offloading when irq_num < 0
f0931ee125 s390/pci: improve zpci_dev reference counting
7d3f69cbde ALSA: hda/realtek: Enable headset mic on Lenovo P360
a59450656b crypto: x86/chacha20 - Avoid spurious jumps to other functions
39acee8aea crypto: stm32 - fix reference leak in stm32_crc_remove
703c80ff43 rtc: sun6i: Fix time overflow handling
bab037ebbe gfs2: Disable page faults during lockless buffered reads
e803f12ea2 nvme-pci: add quirks for Samsung X5 SSDs
5565fc538d Input: stmfts - fix reference leak in stmfts_input_open
d5e88c2d76 Input: add bounds checking to input_set_capability()
ea6a86886c um: Cleanup syscall_handler_t definition/cast, fix warning
c39b91fcd5 rtc: pcf2127: fix bug when reading alarm registers
2b4e5a2d7d rtc: fix use-after-free on device removal
67136fff5b igc: Update I226_K device ID
d0229838b6 igc: Remove phy->type checking
170110adbe igc: Remove _I_PHY_ID checking
55c820c1b2 Revert "drm/i915/opregion: check port number bounds for SWSCI display power state"
911b362678 floppy: use a statically allocated error counter
3c48558be5 io_uring: always grab file table for deferred statx
a1a2c957da usb: gadget: fix race when gadget driver register via ioctl

ABI updated to add a new symbol that is needed to be tracked:

Leaf changes summary: 1 artifact changed
Changed leaf types summary: 0 leaf type changed
Removed/Changed/Added functions summary: 0 Removed, 0 Changed, 1 Added function
Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 0 Added variable

1 Added function:

  [A] 'function bool rng_is_initialized()'

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ib7f64defc72960f3603eb23b9a401a9fd42ec217
2022-09-28 09:54:28 +02:00

4682 lines
120 KiB
C

// SPDX-License-Identifier: GPL-2.0-only
/*
* linux/kernel/signal.c
*
* Copyright (C) 1991, 1992 Linus Torvalds
*
* 1997-11-02 Modified for POSIX.1b signals by Richard Henderson
*
* 2003-06-02 Jim Houston - Concurrent Computer Corp.
* Changes to use preallocated sigqueue structures
* to allow signals to be sent reliably.
*/
#include <linux/slab.h>
#include <linux/export.h>
#include <linux/init.h>
#include <linux/sched/mm.h>
#include <linux/sched/user.h>
#include <linux/sched/debug.h>
#include <linux/sched/task.h>
#include <linux/sched/task_stack.h>
#include <linux/sched/cputime.h>
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/proc_fs.h>
#include <linux/tty.h>
#include <linux/binfmts.h>
#include <linux/coredump.h>
#include <linux/security.h>
#include <linux/syscalls.h>
#include <linux/ptrace.h>
#include <linux/signal.h>
#include <linux/signalfd.h>
#include <linux/ratelimit.h>
#include <linux/tracehook.h>
#include <linux/capability.h>
#include <linux/freezer.h>
#include <linux/pid_namespace.h>
#include <linux/nsproxy.h>
#include <linux/user_namespace.h>
#include <linux/uprobes.h>
#include <linux/compat.h>
#include <linux/cn_proc.h>
#include <linux/compiler.h>
#include <linux/posix-timers.h>
#include <linux/livepatch.h>
#include <linux/cgroup.h>
#include <linux/audit.h>
#include <linux/oom.h>
#define CREATE_TRACE_POINTS
#include <trace/events/signal.h>
#include <asm/param.h>
#include <linux/uaccess.h>
#include <asm/unistd.h>
#include <asm/siginfo.h>
#include <asm/cacheflush.h>
#undef CREATE_TRACE_POINTS
#include <trace/hooks/signal.h>
/*
* SLAB caches for signal bits.
*/
static struct kmem_cache *sigqueue_cachep;
int print_fatal_signals __read_mostly;
static void __user *sig_handler(struct task_struct *t, int sig)
{
return t->sighand->action[sig - 1].sa.sa_handler;
}
static inline bool sig_handler_ignored(void __user *handler, int sig)
{
/* Is it explicitly or implicitly ignored? */
return handler == SIG_IGN ||
(handler == SIG_DFL && sig_kernel_ignore(sig));
}
static bool sig_task_ignored(struct task_struct *t, int sig, bool force)
{
void __user *handler;
handler = sig_handler(t, sig);
/* SIGKILL and SIGSTOP may not be sent to the global init */
if (unlikely(is_global_init(t) && sig_kernel_only(sig)))
return true;
if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) &&
handler == SIG_DFL && !(force && sig_kernel_only(sig)))
return true;
/* Only allow kernel generated signals to this kthread */
if (unlikely((t->flags & PF_KTHREAD) &&
(handler == SIG_KTHREAD_KERNEL) && !force))
return true;
return sig_handler_ignored(handler, sig);
}
static bool sig_ignored(struct task_struct *t, int sig, bool force)
{
/*
* Blocked signals are never ignored, since the
* signal handler may change by the time it is
* unblocked.
*/
if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig))
return false;
/*
* Tracers may want to know about even ignored signal unless it
* is SIGKILL which can't be reported anyway but can be ignored
* by SIGNAL_UNKILLABLE task.
*/
if (t->ptrace && sig != SIGKILL)
return false;
return sig_task_ignored(t, sig, force);
}
/*
* Re-calculate pending state from the set of locally pending
* signals, globally pending signals, and blocked signals.
*/
static inline bool has_pending_signals(sigset_t *signal, sigset_t *blocked)
{
unsigned long ready;
long i;
switch (_NSIG_WORDS) {
default:
for (i = _NSIG_WORDS, ready = 0; --i >= 0 ;)
ready |= signal->sig[i] &~ blocked->sig[i];
break;
case 4: ready = signal->sig[3] &~ blocked->sig[3];
ready |= signal->sig[2] &~ blocked->sig[2];
ready |= signal->sig[1] &~ blocked->sig[1];
ready |= signal->sig[0] &~ blocked->sig[0];
break;
case 2: ready = signal->sig[1] &~ blocked->sig[1];
ready |= signal->sig[0] &~ blocked->sig[0];
break;
case 1: ready = signal->sig[0] &~ blocked->sig[0];
}
return ready != 0;
}
#define PENDING(p,b) has_pending_signals(&(p)->signal, (b))
static bool recalc_sigpending_tsk(struct task_struct *t)
{
if ((t->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) ||
PENDING(&t->pending, &t->blocked) ||
PENDING(&t->signal->shared_pending, &t->blocked) ||
cgroup_task_frozen(t)) {
set_tsk_thread_flag(t, TIF_SIGPENDING);
return true;
}
/*
* We must never clear the flag in another thread, or in current
* when it's possible the current syscall is returning -ERESTART*.
* So we don't clear it here, and only callers who know they should do.
*/
return false;
}
/*
* After recalculating TIF_SIGPENDING, we need to make sure the task wakes up.
* This is superfluous when called on current, the wakeup is a harmless no-op.
*/
void recalc_sigpending_and_wake(struct task_struct *t)
{
if (recalc_sigpending_tsk(t))
signal_wake_up(t, 0);
}
void recalc_sigpending(void)
{
if (!recalc_sigpending_tsk(current) && !freezing(current) &&
!klp_patch_pending(current))
clear_thread_flag(TIF_SIGPENDING);
}
EXPORT_SYMBOL(recalc_sigpending);
void calculate_sigpending(void)
{
/* Have any signals or users of TIF_SIGPENDING been delayed
* until after fork?
*/
spin_lock_irq(&current->sighand->siglock);
set_tsk_thread_flag(current, TIF_SIGPENDING);
recalc_sigpending();
spin_unlock_irq(&current->sighand->siglock);
}
/* Given the mask, find the first available signal that should be serviced. */
#define SYNCHRONOUS_MASK \
(sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \
sigmask(SIGTRAP) | sigmask(SIGFPE) | sigmask(SIGSYS))
int next_signal(struct sigpending *pending, sigset_t *mask)
{
unsigned long i, *s, *m, x;
int sig = 0;
s = pending->signal.sig;
m = mask->sig;
/*
* Handle the first word specially: it contains the
* synchronous signals that need to be dequeued first.
*/
x = *s &~ *m;
if (x) {
if (x & SYNCHRONOUS_MASK)
x &= SYNCHRONOUS_MASK;
sig = ffz(~x) + 1;
return sig;
}
switch (_NSIG_WORDS) {
default:
for (i = 1; i < _NSIG_WORDS; ++i) {
x = *++s &~ *++m;
if (!x)
continue;
sig = ffz(~x) + i*_NSIG_BPW + 1;
break;
}
break;
case 2:
x = s[1] &~ m[1];
if (!x)
break;
sig = ffz(~x) + _NSIG_BPW + 1;
break;
case 1:
/* Nothing to do */
break;
}
return sig;
}
static inline void print_dropped_signal(int sig)
{
static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
if (!print_fatal_signals)
return;
if (!__ratelimit(&ratelimit_state))
return;
pr_info("%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
current->comm, current->pid, sig);
}
/**
* task_set_jobctl_pending - set jobctl pending bits
* @task: target task
* @mask: pending bits to set
*
* Clear @mask from @task->jobctl. @mask must be subset of
* %JOBCTL_PENDING_MASK | %JOBCTL_STOP_CONSUME | %JOBCTL_STOP_SIGMASK |
* %JOBCTL_TRAPPING. If stop signo is being set, the existing signo is
* cleared. If @task is already being killed or exiting, this function
* becomes noop.
*
* CONTEXT:
* Must be called with @task->sighand->siglock held.
*
* RETURNS:
* %true if @mask is set, %false if made noop because @task was dying.
*/
bool task_set_jobctl_pending(struct task_struct *task, unsigned long mask)
{
BUG_ON(mask & ~(JOBCTL_PENDING_MASK | JOBCTL_STOP_CONSUME |
JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING));
BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK));
if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING)))
return false;
if (mask & JOBCTL_STOP_SIGMASK)
task->jobctl &= ~JOBCTL_STOP_SIGMASK;
task->jobctl |= mask;
return true;
}
/**
* task_clear_jobctl_trapping - clear jobctl trapping bit
* @task: target task
*
* If JOBCTL_TRAPPING is set, a ptracer is waiting for us to enter TRACED.
* Clear it and wake up the ptracer. Note that we don't need any further
* locking. @task->siglock guarantees that @task->parent points to the
* ptracer.
*
* CONTEXT:
* Must be called with @task->sighand->siglock held.
*/
void task_clear_jobctl_trapping(struct task_struct *task)
{
if (unlikely(task->jobctl & JOBCTL_TRAPPING)) {
task->jobctl &= ~JOBCTL_TRAPPING;
smp_mb(); /* advised by wake_up_bit() */
wake_up_bit(&task->jobctl, JOBCTL_TRAPPING_BIT);
}
}
/**
* task_clear_jobctl_pending - clear jobctl pending bits
* @task: target task
* @mask: pending bits to clear
*
* Clear @mask from @task->jobctl. @mask must be subset of
* %JOBCTL_PENDING_MASK. If %JOBCTL_STOP_PENDING is being cleared, other
* STOP bits are cleared together.
*
* If clearing of @mask leaves no stop or trap pending, this function calls
* task_clear_jobctl_trapping().
*
* CONTEXT:
* Must be called with @task->sighand->siglock held.
*/
void task_clear_jobctl_pending(struct task_struct *task, unsigned long mask)
{
BUG_ON(mask & ~JOBCTL_PENDING_MASK);
if (mask & JOBCTL_STOP_PENDING)
mask |= JOBCTL_STOP_CONSUME | JOBCTL_STOP_DEQUEUED;
task->jobctl &= ~mask;
if (!(task->jobctl & JOBCTL_PENDING_MASK))
task_clear_jobctl_trapping(task);
}
/**
* task_participate_group_stop - participate in a group stop
* @task: task participating in a group stop
*
* @task has %JOBCTL_STOP_PENDING set and is participating in a group stop.
* Group stop states are cleared and the group stop count is consumed if
* %JOBCTL_STOP_CONSUME was set. If the consumption completes the group
* stop, the appropriate `SIGNAL_*` flags are set.
*
* CONTEXT:
* Must be called with @task->sighand->siglock held.
*
* RETURNS:
* %true if group stop completion should be notified to the parent, %false
* otherwise.
*/
static bool task_participate_group_stop(struct task_struct *task)
{
struct signal_struct *sig = task->signal;
bool consume = task->jobctl & JOBCTL_STOP_CONSUME;
WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING));
task_clear_jobctl_pending(task, JOBCTL_STOP_PENDING);
if (!consume)
return false;
if (!WARN_ON_ONCE(sig->group_stop_count == 0))
sig->group_stop_count--;
/*
* Tell the caller to notify completion iff we are entering into a
* fresh group stop. Read comment in do_signal_stop() for details.
*/
if (!sig->group_stop_count && !(sig->flags & SIGNAL_STOP_STOPPED)) {
signal_set_stop_flags(sig, SIGNAL_STOP_STOPPED);
return true;
}
return false;
}
void task_join_group_stop(struct task_struct *task)
{
unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK;
struct signal_struct *sig = current->signal;
if (sig->group_stop_count) {
sig->group_stop_count++;
mask |= JOBCTL_STOP_CONSUME;
} else if (!(sig->flags & SIGNAL_STOP_STOPPED))
return;
/* Have the new thread join an on-going signal group stop */
task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING);
}
/*
* allocate a new signal queue record
* - this may be called without locks if and only if t == current, otherwise an
* appropriate lock must be held to stop the target task from exiting
*/
static struct sigqueue *
__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
{
struct sigqueue *q = NULL;
struct user_struct *user;
int sigpending;
/*
* Protect access to @t credentials. This can go away when all
* callers hold rcu read lock.
*
* NOTE! A pending signal will hold on to the user refcount,
* and we get/put the refcount only when the sigpending count
* changes from/to zero.
*/
rcu_read_lock();
user = __task_cred(t)->user;
sigpending = atomic_inc_return(&user->sigpending);
if (sigpending == 1)
get_uid(user);
rcu_read_unlock();
if (override_rlimit || likely(sigpending <= task_rlimit(t, RLIMIT_SIGPENDING))) {
q = kmem_cache_alloc(sigqueue_cachep, flags);
} else {
print_dropped_signal(sig);
}
if (unlikely(q == NULL)) {
if (atomic_dec_and_test(&user->sigpending))
free_uid(user);
} else {
INIT_LIST_HEAD(&q->list);
q->flags = 0;
q->user = user;
}
return q;
}
static void __sigqueue_free(struct sigqueue *q)
{
if (q->flags & SIGQUEUE_PREALLOC)
return;
if (atomic_dec_and_test(&q->user->sigpending))
free_uid(q->user);
kmem_cache_free(sigqueue_cachep, q);
}
void flush_sigqueue(struct sigpending *queue)
{
struct sigqueue *q;
sigemptyset(&queue->signal);
while (!list_empty(&queue->list)) {
q = list_entry(queue->list.next, struct sigqueue , list);
list_del_init(&q->list);
__sigqueue_free(q);
}
}
/*
* Flush all pending signals for this kthread.
*/
void flush_signals(struct task_struct *t)
{
unsigned long flags;
spin_lock_irqsave(&t->sighand->siglock, flags);
clear_tsk_thread_flag(t, TIF_SIGPENDING);
flush_sigqueue(&t->pending);
flush_sigqueue(&t->signal->shared_pending);
spin_unlock_irqrestore(&t->sighand->siglock, flags);
}
EXPORT_SYMBOL(flush_signals);
#ifdef CONFIG_POSIX_TIMERS
static void __flush_itimer_signals(struct sigpending *pending)
{
sigset_t signal, retain;
struct sigqueue *q, *n;
signal = pending->signal;
sigemptyset(&retain);
list_for_each_entry_safe(q, n, &pending->list, list) {
int sig = q->info.si_signo;
if (likely(q->info.si_code != SI_TIMER)) {
sigaddset(&retain, sig);
} else {
sigdelset(&signal, sig);
list_del_init(&q->list);
__sigqueue_free(q);
}
}
sigorsets(&pending->signal, &signal, &retain);
}
void flush_itimer_signals(void)
{
struct task_struct *tsk = current;
unsigned long flags;
spin_lock_irqsave(&tsk->sighand->siglock, flags);
__flush_itimer_signals(&tsk->pending);
__flush_itimer_signals(&tsk->signal->shared_pending);
spin_unlock_irqrestore(&tsk->sighand->siglock, flags);
}
#endif
void ignore_signals(struct task_struct *t)
{
int i;
for (i = 0; i < _NSIG; ++i)
t->sighand->action[i].sa.sa_handler = SIG_IGN;
flush_signals(t);
}
/*
* Flush all handlers for a task.
*/
void
flush_signal_handlers(struct task_struct *t, int force_default)
{
int i;
struct k_sigaction *ka = &t->sighand->action[0];
for (i = _NSIG ; i != 0 ; i--) {
if (force_default || ka->sa.sa_handler != SIG_IGN)
ka->sa.sa_handler = SIG_DFL;
ka->sa.sa_flags = 0;
#ifdef __ARCH_HAS_SA_RESTORER
ka->sa.sa_restorer = NULL;
#endif
sigemptyset(&ka->sa.sa_mask);
ka++;
}
}
bool unhandled_signal(struct task_struct *tsk, int sig)
{
void __user *handler = tsk->sighand->action[sig-1].sa.sa_handler;
if (is_global_init(tsk))
return true;
if (handler != SIG_IGN && handler != SIG_DFL)
return false;
/* if ptraced, let the tracer determine */
return !tsk->ptrace;
}
static void collect_signal(int sig, struct sigpending *list, kernel_siginfo_t *info,
bool *resched_timer)
{
struct sigqueue *q, *first = NULL;
/*
* Collect the siginfo appropriate to this signal. Check if
* there is another siginfo for the same signal.
*/
list_for_each_entry(q, &list->list, list) {
if (q->info.si_signo == sig) {
if (first)
goto still_pending;
first = q;
}
}
sigdelset(&list->signal, sig);
if (first) {
still_pending:
list_del_init(&first->list);
copy_siginfo(info, &first->info);
*resched_timer =
(first->flags & SIGQUEUE_PREALLOC) &&
(info->si_code == SI_TIMER) &&
(info->si_sys_private);
__sigqueue_free(first);
} else {
/*
* Ok, it wasn't in the queue. This must be
* a fast-pathed signal or we must have been
* out of queue space. So zero out the info.
*/
clear_siginfo(info);
info->si_signo = sig;
info->si_errno = 0;
info->si_code = SI_USER;
info->si_pid = 0;
info->si_uid = 0;
}
}
static int __dequeue_signal(struct sigpending *pending, sigset_t *mask,
kernel_siginfo_t *info, bool *resched_timer)
{
int sig = next_signal(pending, mask);
if (sig)
collect_signal(sig, pending, info, resched_timer);
return sig;
}
/*
* Dequeue a signal and return the element to the caller, which is
* expected to free it.
*
* All callers have to hold the siglock.
*/
int dequeue_signal(struct task_struct *tsk, sigset_t *mask, kernel_siginfo_t *info)
{
bool resched_timer = false;
int signr;
/* We only dequeue private signals from ourselves, we don't let
* signalfd steal them
*/
signr = __dequeue_signal(&tsk->pending, mask, info, &resched_timer);
if (!signr) {
signr = __dequeue_signal(&tsk->signal->shared_pending,
mask, info, &resched_timer);
#ifdef CONFIG_POSIX_TIMERS
/*
* itimer signal ?
*
* itimers are process shared and we restart periodic
* itimers in the signal delivery path to prevent DoS
* attacks in the high resolution timer case. This is
* compliant with the old way of self-restarting
* itimers, as the SIGALRM is a legacy signal and only
* queued once. Changing the restart behaviour to
* restart the timer in the signal dequeue path is
* reducing the timer noise on heavy loaded !highres
* systems too.
*/
if (unlikely(signr == SIGALRM)) {
struct hrtimer *tmr = &tsk->signal->real_timer;
if (!hrtimer_is_queued(tmr) &&
tsk->signal->it_real_incr != 0) {
hrtimer_forward(tmr, tmr->base->get_time(),
tsk->signal->it_real_incr);
hrtimer_restart(tmr);
}
}
#endif
}
recalc_sigpending();
if (!signr)
return 0;
if (unlikely(sig_kernel_stop(signr))) {
/*
* Set a marker that we have dequeued a stop signal. Our
* caller might release the siglock and then the pending
* stop signal it is about to process is no longer in the
* pending bitmasks, but must still be cleared by a SIGCONT
* (and overruled by a SIGKILL). So those cases clear this
* shared flag after we've set it. Note that this flag may
* remain set after the signal we return is ignored or
* handled. That doesn't matter because its only purpose
* is to alert stop-signal processing code when another
* processor has come along and cleared the flag.
*/
current->jobctl |= JOBCTL_STOP_DEQUEUED;
}
#ifdef CONFIG_POSIX_TIMERS
if (resched_timer) {
/*
* Release the siglock to ensure proper locking order
* of timer locks outside of siglocks. Note, we leave
* irqs disabled here, since the posix-timers code is
* about to disable them again anyway.
*/
spin_unlock(&tsk->sighand->siglock);
posixtimer_rearm(info);
spin_lock(&tsk->sighand->siglock);
/* Don't expose the si_sys_private value to userspace */
info->si_sys_private = 0;
}
#endif
return signr;
}
EXPORT_SYMBOL_GPL(dequeue_signal);
static int dequeue_synchronous_signal(kernel_siginfo_t *info)
{
struct task_struct *tsk = current;
struct sigpending *pending = &tsk->pending;
struct sigqueue *q, *sync = NULL;
/*
* Might a synchronous signal be in the queue?
*/
if (!((pending->signal.sig[0] & ~tsk->blocked.sig[0]) & SYNCHRONOUS_MASK))
return 0;
/*
* Return the first synchronous signal in the queue.
*/
list_for_each_entry(q, &pending->list, list) {
/* Synchronous signals have a positive si_code */
if ((q->info.si_code > SI_USER) &&
(sigmask(q->info.si_signo) & SYNCHRONOUS_MASK)) {
sync = q;
goto next;
}
}
return 0;
next:
/*
* Check if there is another siginfo for the same signal.
*/
list_for_each_entry_continue(q, &pending->list, list) {
if (q->info.si_signo == sync->info.si_signo)
goto still_pending;
}
sigdelset(&pending->signal, sync->info.si_signo);
recalc_sigpending();
still_pending:
list_del_init(&sync->list);
copy_siginfo(info, &sync->info);
__sigqueue_free(sync);
return info->si_signo;
}
/*
* Tell a process that it has a new active signal..
*
* NOTE! we rely on the previous spin_lock to
* lock interrupts for us! We can only be called with
* "siglock" held, and the local interrupt must
* have been disabled when that got acquired!
*
* No need to set need_resched since signal event passing
* goes through ->blocked
*/
void signal_wake_up_state(struct task_struct *t, unsigned int state)
{
set_tsk_thread_flag(t, TIF_SIGPENDING);
/*
* TASK_WAKEKILL also means wake it up in the stopped/traced/killable
* case. We don't check t->state here because there is a race with it
* executing another processor and just now entering stopped state.
* By using wake_up_state, we ensure the process will wake up and
* handle its death signal.
*/
if (!wake_up_state(t, state | TASK_INTERRUPTIBLE))
kick_process(t);
}
/*
* Remove signals in mask from the pending set and queue.
* Returns 1 if any signals were found.
*
* All callers must be holding the siglock.
*/
static void flush_sigqueue_mask(sigset_t *mask, struct sigpending *s)
{
struct sigqueue *q, *n;
sigset_t m;
sigandsets(&m, mask, &s->signal);
if (sigisemptyset(&m))
return;
sigandnsets(&s->signal, &s->signal, mask);
list_for_each_entry_safe(q, n, &s->list, list) {
if (sigismember(mask, q->info.si_signo)) {
list_del_init(&q->list);
__sigqueue_free(q);
}
}
}
static inline int is_si_special(const struct kernel_siginfo *info)
{
return info <= SEND_SIG_PRIV;
}
static inline bool si_fromuser(const struct kernel_siginfo *info)
{
return info == SEND_SIG_NOINFO ||
(!is_si_special(info) && SI_FROMUSER(info));
}
/*
* called with RCU read lock from check_kill_permission()
*/
static bool kill_ok_by_cred(struct task_struct *t)
{
const struct cred *cred = current_cred();
const struct cred *tcred = __task_cred(t);
return uid_eq(cred->euid, tcred->suid) ||
uid_eq(cred->euid, tcred->uid) ||
uid_eq(cred->uid, tcred->suid) ||
uid_eq(cred->uid, tcred->uid) ||
ns_capable(tcred->user_ns, CAP_KILL);
}
/*
* Bad permissions for sending the signal
* - the caller must hold the RCU read lock
*/
static int check_kill_permission(int sig, struct kernel_siginfo *info,
struct task_struct *t)
{
struct pid *sid;
int error;
if (!valid_signal(sig))
return -EINVAL;
if (!si_fromuser(info))
return 0;
error = audit_signal_info(sig, t); /* Let audit system see the signal */
if (error)
return error;
if (!same_thread_group(current, t) &&
!kill_ok_by_cred(t)) {
switch (sig) {
case SIGCONT:
sid = task_session(t);
/*
* We don't return the error if sid == NULL. The
* task was unhashed, the caller must notice this.
*/
if (!sid || sid == task_session(current))
break;
fallthrough;
default:
return -EPERM;
}
}
return security_task_kill(t, info, sig, NULL);
}
/**
* ptrace_trap_notify - schedule trap to notify ptracer
* @t: tracee wanting to notify tracer
*
* This function schedules sticky ptrace trap which is cleared on the next
* TRAP_STOP to notify ptracer of an event. @t must have been seized by
* ptracer.
*
* If @t is running, STOP trap will be taken. If trapped for STOP and
* ptracer is listening for events, tracee is woken up so that it can
* re-trap for the new event. If trapped otherwise, STOP trap will be
* eventually taken without returning to userland after the existing traps
* are finished by PTRACE_CONT.
*
* CONTEXT:
* Must be called with @task->sighand->siglock held.
*/
static void ptrace_trap_notify(struct task_struct *t)
{
WARN_ON_ONCE(!(t->ptrace & PT_SEIZED));
assert_spin_locked(&t->sighand->siglock);
task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY);
ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING);
}
/*
* Handle magic process-wide effects of stop/continue signals. Unlike
* the signal actions, these happen immediately at signal-generation
* time regardless of blocking, ignoring, or handling. This does the
* actual continuing for SIGCONT, but not the actual stopping for stop
* signals. The process stop is done as a signal action for SIG_DFL.
*
* Returns true if the signal should be actually delivered, otherwise
* it should be dropped.
*/
static bool prepare_signal(int sig, struct task_struct *p, bool force)
{
struct signal_struct *signal = p->signal;
struct task_struct *t;
sigset_t flush;
if (signal->flags & (SIGNAL_GROUP_EXIT | SIGNAL_GROUP_COREDUMP)) {
if (!(signal->flags & SIGNAL_GROUP_EXIT))
return sig == SIGKILL;
/*
* The process is in the middle of dying, nothing to do.
*/
} else if (sig_kernel_stop(sig)) {
/*
* This is a stop signal. Remove SIGCONT from all queues.
*/
siginitset(&flush, sigmask(SIGCONT));
flush_sigqueue_mask(&flush, &signal->shared_pending);
for_each_thread(p, t)
flush_sigqueue_mask(&flush, &t->pending);
} else if (sig == SIGCONT) {
unsigned int why;
/*
* Remove all stop signals from all queues, wake all threads.
*/
siginitset(&flush, SIG_KERNEL_STOP_MASK);
flush_sigqueue_mask(&flush, &signal->shared_pending);
for_each_thread(p, t) {
flush_sigqueue_mask(&flush, &t->pending);
task_clear_jobctl_pending(t, JOBCTL_STOP_PENDING);
if (likely(!(t->ptrace & PT_SEIZED)))
wake_up_state(t, __TASK_STOPPED);
else
ptrace_trap_notify(t);
}
/*
* Notify the parent with CLD_CONTINUED if we were stopped.
*
* If we were in the middle of a group stop, we pretend it
* was already finished, and then continued. Since SIGCHLD
* doesn't queue we report only CLD_STOPPED, as if the next
* CLD_CONTINUED was dropped.
*/
why = 0;
if (signal->flags & SIGNAL_STOP_STOPPED)
why |= SIGNAL_CLD_CONTINUED;
else if (signal->group_stop_count)
why |= SIGNAL_CLD_STOPPED;
if (why) {
/*
* The first thread which returns from do_signal_stop()
* will take ->siglock, notice SIGNAL_CLD_MASK, and
* notify its parent. See get_signal().
*/
signal_set_stop_flags(signal, why | SIGNAL_STOP_CONTINUED);
signal->group_stop_count = 0;
signal->group_exit_code = 0;
}
}
return !sig_ignored(p, sig, force);
}
/*
* Test if P wants to take SIG. After we've checked all threads with this,
* it's equivalent to finding no threads not blocking SIG. Any threads not
* blocking SIG were ruled out because they are not running and already
* have pending signals. Such threads will dequeue from the shared queue
* as soon as they're available, so putting the signal on the shared queue
* will be equivalent to sending it to one such thread.
*/
static inline bool wants_signal(int sig, struct task_struct *p)
{
if (sigismember(&p->blocked, sig))
return false;
if (p->flags & PF_EXITING)
return false;
if (sig == SIGKILL)
return true;
if (task_is_stopped_or_traced(p))
return false;
return task_curr(p) || !signal_pending(p);
}
static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
{
struct signal_struct *signal = p->signal;
struct task_struct *t;
/*
* Now find a thread we can wake up to take the signal off the queue.
*
* If the main thread wants the signal, it gets first crack.
* Probably the least surprising to the average bear.
*/
if (wants_signal(sig, p))
t = p;
else if ((type == PIDTYPE_PID) || thread_group_empty(p))
/*
* There is just one thread and it does not need to be woken.
* It will dequeue unblocked signals before it runs again.
*/
return;
else {
/*
* Otherwise try to find a suitable thread.
*/
t = signal->curr_target;
while (!wants_signal(sig, t)) {
t = next_thread(t);
if (t == signal->curr_target)
/*
* No thread needs to be woken.
* Any eligible threads will see
* the signal in the queue soon.
*/
return;
}
signal->curr_target = t;
}
/*
* Found a killable thread. If the signal will be fatal,
* then start taking the whole group down immediately.
*/
if (sig_fatal(p, sig) &&
!(signal->flags & SIGNAL_GROUP_EXIT) &&
!sigismember(&t->real_blocked, sig) &&
(sig == SIGKILL || !p->ptrace)) {
/*
* This signal will be fatal to the whole group.
*/
if (!sig_kernel_coredump(sig)) {
/*
* Start a group exit and wake everybody up.
* This way we don't have other threads
* running and doing things after a slower
* thread has the fatal signal pending.
*/
signal->flags = SIGNAL_GROUP_EXIT;
signal->group_exit_code = sig;
signal->group_stop_count = 0;
t = p;
do {
task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
sigaddset(&t->pending.signal, SIGKILL);
signal_wake_up(t, 1);
} while_each_thread(p, t);
return;
}
}
/*
* The signal is already in the shared-pending queue.
* Tell the chosen thread to wake up and dequeue it.
*/
signal_wake_up(t, sig == SIGKILL);
return;
}
static inline bool legacy_queue(struct sigpending *signals, int sig)
{
return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
}
static int __send_signal(int sig, struct kernel_siginfo *info, struct task_struct *t,
enum pid_type type, bool force)
{
struct sigpending *pending;
struct sigqueue *q;
int override_rlimit;
int ret = 0, result;
assert_spin_locked(&t->sighand->siglock);
result = TRACE_SIGNAL_IGNORED;
if (!prepare_signal(sig, t, force))
goto ret;
pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
/*
* Short-circuit ignored signals and support queuing
* exactly one non-rt signal, so that we can get more
* detailed information about the cause of the signal.
*/
result = TRACE_SIGNAL_ALREADY_PENDING;
if (legacy_queue(pending, sig))
goto ret;
result = TRACE_SIGNAL_DELIVERED;
/*
* Skip useless siginfo allocation for SIGKILL and kernel threads.
*/
if ((sig == SIGKILL) || (t->flags & PF_KTHREAD))
goto out_set;
/*
* Real-time signals must be queued if sent by sigqueue, or
* some other real-time mechanism. It is implementation
* defined whether kill() does so. We attempt to do so, on
* the principle of least surprise, but since kill is not
* allowed to fail with EAGAIN when low on memory we just
* make sure at least one signal gets delivered and don't
* pass on the info struct.
*/
if (sig < SIGRTMIN)
override_rlimit = (is_si_special(info) || info->si_code >= 0);
else
override_rlimit = 0;
q = __sigqueue_alloc(sig, t, GFP_ATOMIC, override_rlimit);
if (q) {
list_add_tail(&q->list, &pending->list);
switch ((unsigned long) info) {
case (unsigned long) SEND_SIG_NOINFO:
clear_siginfo(&q->info);
q->info.si_signo = sig;
q->info.si_errno = 0;
q->info.si_code = SI_USER;
q->info.si_pid = task_tgid_nr_ns(current,
task_active_pid_ns(t));
rcu_read_lock();
q->info.si_uid =
from_kuid_munged(task_cred_xxx(t, user_ns),
current_uid());
rcu_read_unlock();
break;
case (unsigned long) SEND_SIG_PRIV:
clear_siginfo(&q->info);
q->info.si_signo = sig;
q->info.si_errno = 0;
q->info.si_code = SI_KERNEL;
q->info.si_pid = 0;
q->info.si_uid = 0;
break;
default:
copy_siginfo(&q->info, info);
break;
}
} else if (!is_si_special(info) &&
sig >= SIGRTMIN && info->si_code != SI_USER) {
/*
* Queue overflow, abort. We may abort if the
* signal was rt and sent by user using something
* other than kill().
*/
result = TRACE_SIGNAL_OVERFLOW_FAIL;
ret = -EAGAIN;
goto ret;
} else {
/*
* This is a silent loss of information. We still
* send the signal, but the *info bits are lost.
*/
result = TRACE_SIGNAL_LOSE_INFO;
}
out_set:
signalfd_notify(t, sig);
sigaddset(&pending->signal, sig);
/* Let multiprocess signals appear after on-going forks */
if (type > PIDTYPE_TGID) {
struct multiprocess_signals *delayed;
hlist_for_each_entry(delayed, &t->signal->multiprocess, node) {
sigset_t *signal = &delayed->signal;
/* Can't queue both a stop and a continue signal */
if (sig == SIGCONT)
sigdelsetmask(signal, SIG_KERNEL_STOP_MASK);
else if (sig_kernel_stop(sig))
sigdelset(signal, SIGCONT);
sigaddset(signal, sig);
}
}
complete_signal(sig, t, type);
ret:
trace_signal_generate(sig, info, t, type != PIDTYPE_PID, result);
return ret;
}
static inline bool has_si_pid_and_uid(struct kernel_siginfo *info)
{
bool ret = false;
switch (siginfo_layout(info->si_signo, info->si_code)) {
case SIL_KILL:
case SIL_CHLD:
case SIL_RT:
ret = true;
break;
case SIL_TIMER:
case SIL_POLL:
case SIL_FAULT:
case SIL_FAULT_MCEERR:
case SIL_FAULT_BNDERR:
case SIL_FAULT_PKUERR:
case SIL_SYS:
ret = false;
break;
}
return ret;
}
static int send_signal(int sig, struct kernel_siginfo *info, struct task_struct *t,
enum pid_type type)
{
/* Should SIGKILL or SIGSTOP be received by a pid namespace init? */
bool force = false;
if (info == SEND_SIG_NOINFO) {
/* Force if sent from an ancestor pid namespace */
force = !task_pid_nr_ns(current, task_active_pid_ns(t));
} else if (info == SEND_SIG_PRIV) {
/* Don't ignore kernel generated signals */
force = true;
} else if (has_si_pid_and_uid(info)) {
/* SIGKILL and SIGSTOP is special or has ids */
struct user_namespace *t_user_ns;
rcu_read_lock();
t_user_ns = task_cred_xxx(t, user_ns);
if (current_user_ns() != t_user_ns) {
kuid_t uid = make_kuid(current_user_ns(), info->si_uid);
info->si_uid = from_kuid_munged(t_user_ns, uid);
}
rcu_read_unlock();
/* A kernel generated signal? */
force = (info->si_code == SI_KERNEL);
/* From an ancestor pid namespace? */
if (!task_pid_nr_ns(current, task_active_pid_ns(t))) {
info->si_pid = 0;
force = true;
}
}
return __send_signal(sig, info, t, type, force);
}
static void print_fatal_signal(int signr)
{
struct pt_regs *regs = signal_pt_regs();
pr_info("potentially unexpected fatal signal %d.\n", signr);
#if defined(__i386__) && !defined(__arch_um__)
pr_info("code at %08lx: ", regs->ip);
{
int i;
for (i = 0; i < 16; i++) {
unsigned char insn;
if (get_user(insn, (unsigned char *)(regs->ip + i)))
break;
pr_cont("%02x ", insn);
}
}
pr_cont("\n");
#endif
preempt_disable();
show_regs(regs);
preempt_enable();
}
static int __init setup_print_fatal_signals(char *str)
{
get_option (&str, &print_fatal_signals);
return 1;
}
__setup("print-fatal-signals=", setup_print_fatal_signals);
int
__group_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
{
return send_signal(sig, info, p, PIDTYPE_TGID);
}
int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p,
enum pid_type type)
{
unsigned long flags;
int ret = -ESRCH;
trace_android_vh_do_send_sig_info(sig, current, p);
if (lock_task_sighand(p, &flags)) {
ret = send_signal(sig, info, p, type);
unlock_task_sighand(p, &flags);
}
return ret;
}
/*
* Force a signal that the process can't ignore: if necessary
* we unblock the signal and change any SIG_IGN to SIG_DFL.
*
* Note: If we unblock the signal, we always reset it to SIG_DFL,
* since we do not want to have a signal handler that was blocked
* be invoked when user space had explicitly blocked it.
*
* We don't want to have recursive SIGSEGV's etc, for example,
* that is why we also clear SIGNAL_UNKILLABLE.
*/
static int
force_sig_info_to_task(struct kernel_siginfo *info, struct task_struct *t)
{
unsigned long int flags;
int ret, blocked, ignored;
struct k_sigaction *action;
int sig = info->si_signo;
spin_lock_irqsave(&t->sighand->siglock, flags);
action = &t->sighand->action[sig-1];
ignored = action->sa.sa_handler == SIG_IGN;
blocked = sigismember(&t->blocked, sig);
if (blocked || ignored) {
action->sa.sa_handler = SIG_DFL;
if (blocked) {
sigdelset(&t->blocked, sig);
recalc_sigpending_and_wake(t);
}
}
/*
* Don't clear SIGNAL_UNKILLABLE for traced tasks, users won't expect
* debugging to leave init killable.
*/
if (action->sa.sa_handler == SIG_DFL && !t->ptrace)
t->signal->flags &= ~SIGNAL_UNKILLABLE;
ret = send_signal(sig, info, t, PIDTYPE_PID);
spin_unlock_irqrestore(&t->sighand->siglock, flags);
return ret;
}
int force_sig_info(struct kernel_siginfo *info)
{
return force_sig_info_to_task(info, current);
}
/*
* Nuke all other threads in the group.
*/
int zap_other_threads(struct task_struct *p)
{
struct task_struct *t = p;
int count = 0;
p->signal->group_stop_count = 0;
while_each_thread(p, t) {
task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
count++;
/* Don't bother with already dead threads */
if (t->exit_state)
continue;
sigaddset(&t->pending.signal, SIGKILL);
signal_wake_up(t, 1);
}
return count;
}
struct sighand_struct *__lock_task_sighand(struct task_struct *tsk,
unsigned long *flags)
{
struct sighand_struct *sighand;
rcu_read_lock();
for (;;) {
sighand = rcu_dereference(tsk->sighand);
if (unlikely(sighand == NULL))
break;
/*
* This sighand can be already freed and even reused, but
* we rely on SLAB_TYPESAFE_BY_RCU and sighand_ctor() which
* initializes ->siglock: this slab can't go away, it has
* the same object type, ->siglock can't be reinitialized.
*
* We need to ensure that tsk->sighand is still the same
* after we take the lock, we can race with de_thread() or
* __exit_signal(). In the latter case the next iteration
* must see ->sighand == NULL.
*/
spin_lock_irqsave(&sighand->siglock, *flags);
if (likely(sighand == rcu_access_pointer(tsk->sighand)))
break;
spin_unlock_irqrestore(&sighand->siglock, *flags);
}
rcu_read_unlock();
return sighand;
}
/*
* send signal info to all the members of a group
*/
int group_send_sig_info(int sig, struct kernel_siginfo *info,
struct task_struct *p, enum pid_type type)
{
int ret;
rcu_read_lock();
ret = check_kill_permission(sig, info, p);
rcu_read_unlock();
if (!ret && sig) {
ret = do_send_sig_info(sig, info, p, type);
if (!ret && sig == SIGKILL) {
bool reap = false;
trace_android_vh_process_killed(current, &reap);
trace_android_vh_killed_process(current, p, &reap);
if (reap)
add_to_oom_reaper(p);
}
}
return ret;
}
/*
* __kill_pgrp_info() sends a signal to a process group: this is what the tty
* control characters do (^C, ^Z etc)
* - the caller must hold at least a readlock on tasklist_lock
*/
int __kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp)
{
struct task_struct *p = NULL;
int retval, success;
success = 0;
retval = -ESRCH;
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
int err = group_send_sig_info(sig, info, p, PIDTYPE_PGID);
success |= !err;
retval = err;
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
return success ? 0 : retval;
}
int kill_pid_info(int sig, struct kernel_siginfo *info, struct pid *pid)
{
int error = -ESRCH;
struct task_struct *p;
for (;;) {
rcu_read_lock();
p = pid_task(pid, PIDTYPE_PID);
if (p)
error = group_send_sig_info(sig, info, p, PIDTYPE_TGID);
rcu_read_unlock();
if (likely(!p || error != -ESRCH))
return error;
/*
* The task was unhashed in between, try again. If it
* is dead, pid_task() will return NULL, if we race with
* de_thread() it will find the new leader.
*/
}
}
static int kill_proc_info(int sig, struct kernel_siginfo *info, pid_t pid)
{
int error;
rcu_read_lock();
error = kill_pid_info(sig, info, find_vpid(pid));
rcu_read_unlock();
return error;
}
static inline bool kill_as_cred_perm(const struct cred *cred,
struct task_struct *target)
{
const struct cred *pcred = __task_cred(target);
return uid_eq(cred->euid, pcred->suid) ||
uid_eq(cred->euid, pcred->uid) ||
uid_eq(cred->uid, pcred->suid) ||
uid_eq(cred->uid, pcred->uid);
}
/*
* The usb asyncio usage of siginfo is wrong. The glibc support
* for asyncio which uses SI_ASYNCIO assumes the layout is SIL_RT.
* AKA after the generic fields:
* kernel_pid_t si_pid;
* kernel_uid32_t si_uid;
* sigval_t si_value;
*
* Unfortunately when usb generates SI_ASYNCIO it assumes the layout
* after the generic fields is:
* void __user *si_addr;
*
* This is a practical problem when there is a 64bit big endian kernel
* and a 32bit userspace. As the 32bit address will encoded in the low
* 32bits of the pointer. Those low 32bits will be stored at higher
* address than appear in a 32 bit pointer. So userspace will not
* see the address it was expecting for it's completions.
*
* There is nothing in the encoding that can allow
* copy_siginfo_to_user32 to detect this confusion of formats, so
* handle this by requiring the caller of kill_pid_usb_asyncio to
* notice when this situration takes place and to store the 32bit
* pointer in sival_int, instead of sival_addr of the sigval_t addr
* parameter.
*/
int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
struct pid *pid, const struct cred *cred)
{
struct kernel_siginfo info;
struct task_struct *p;
unsigned long flags;
int ret = -EINVAL;
if (!valid_signal(sig))
return ret;
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = errno;
info.si_code = SI_ASYNCIO;
*((sigval_t *)&info.si_pid) = addr;
rcu_read_lock();
p = pid_task(pid, PIDTYPE_PID);
if (!p) {
ret = -ESRCH;
goto out_unlock;
}
if (!kill_as_cred_perm(cred, p)) {
ret = -EPERM;
goto out_unlock;
}
ret = security_task_kill(p, &info, sig, cred);
if (ret)
goto out_unlock;
if (sig) {
if (lock_task_sighand(p, &flags)) {
ret = __send_signal(sig, &info, p, PIDTYPE_TGID, false);
unlock_task_sighand(p, &flags);
} else
ret = -ESRCH;
}
out_unlock:
rcu_read_unlock();
return ret;
}
EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio);
/*
* kill_something_info() interprets pid in interesting ways just like kill(2).
*
* POSIX specifies that kill(-1,sig) is unspecified, but what we have
* is probably wrong. Should make it like BSD or SYSV.
*/
static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
{
int ret;
if (pid > 0)
return kill_proc_info(sig, info, pid);
/* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */
if (pid == INT_MIN)
return -ESRCH;
read_lock(&tasklist_lock);
if (pid != -1) {
ret = __kill_pgrp_info(sig, info,
pid ? find_vpid(-pid) : task_pgrp(current));
} else {
int retval = 0, count = 0;
struct task_struct * p;
for_each_process(p) {
if (task_pid_vnr(p) > 1 &&
!same_thread_group(p, current)) {
int err = group_send_sig_info(sig, info, p,
PIDTYPE_MAX);
++count;
if (err != -EPERM)
retval = err;
}
}
ret = count ? retval : -ESRCH;
}
read_unlock(&tasklist_lock);
return ret;
}
/*
* These are for backward compatibility with the rest of the kernel source.
*/
int send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p)
{
/*
* Make sure legacy kernel users don't send in bad values
* (normal paths check this in check_kill_permission).
*/
if (!valid_signal(sig))
return -EINVAL;
return do_send_sig_info(sig, info, p, PIDTYPE_PID);
}
EXPORT_SYMBOL(send_sig_info);
#define __si_special(priv) \
((priv) ? SEND_SIG_PRIV : SEND_SIG_NOINFO)
int
send_sig(int sig, struct task_struct *p, int priv)
{
return send_sig_info(sig, __si_special(priv), p);
}
EXPORT_SYMBOL(send_sig);
void force_sig(int sig)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = 0;
info.si_code = SI_KERNEL;
info.si_pid = 0;
info.si_uid = 0;
force_sig_info(&info);
}
EXPORT_SYMBOL(force_sig);
/*
* When things go south during signal handling, we
* will force a SIGSEGV. And if the signal that caused
* the problem was already a SIGSEGV, we'll want to
* make sure we don't even try to deliver the signal..
*/
void force_sigsegv(int sig)
{
struct task_struct *p = current;
if (sig == SIGSEGV) {
unsigned long flags;
spin_lock_irqsave(&p->sighand->siglock, flags);
p->sighand->action[sig - 1].sa.sa_handler = SIG_DFL;
spin_unlock_irqrestore(&p->sighand->siglock, flags);
}
force_sig(SIGSEGV);
}
int force_sig_fault_to_task(int sig, int code, void __user *addr
___ARCH_SI_TRAPNO(int trapno)
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
, struct task_struct *t)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = 0;
info.si_code = code;
info.si_addr = addr;
#ifdef __ARCH_SI_TRAPNO
info.si_trapno = trapno;
#endif
#ifdef __ia64__
info.si_imm = imm;
info.si_flags = flags;
info.si_isr = isr;
#endif
return force_sig_info_to_task(&info, t);
}
int force_sig_fault(int sig, int code, void __user *addr
___ARCH_SI_TRAPNO(int trapno)
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr))
{
return force_sig_fault_to_task(sig, code, addr
___ARCH_SI_TRAPNO(trapno)
___ARCH_SI_IA64(imm, flags, isr), current);
}
int send_sig_fault(int sig, int code, void __user *addr
___ARCH_SI_TRAPNO(int trapno)
___ARCH_SI_IA64(int imm, unsigned int flags, unsigned long isr)
, struct task_struct *t)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = 0;
info.si_code = code;
info.si_addr = addr;
#ifdef __ARCH_SI_TRAPNO
info.si_trapno = trapno;
#endif
#ifdef __ia64__
info.si_imm = imm;
info.si_flags = flags;
info.si_isr = isr;
#endif
return send_sig_info(info.si_signo, &info, t);
}
int force_sig_mceerr(int code, void __user *addr, short lsb)
{
struct kernel_siginfo info;
WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
clear_siginfo(&info);
info.si_signo = SIGBUS;
info.si_errno = 0;
info.si_code = code;
info.si_addr = addr;
info.si_addr_lsb = lsb;
return force_sig_info(&info);
}
int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *t)
{
struct kernel_siginfo info;
WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR));
clear_siginfo(&info);
info.si_signo = SIGBUS;
info.si_errno = 0;
info.si_code = code;
info.si_addr = addr;
info.si_addr_lsb = lsb;
return send_sig_info(info.si_signo, &info, t);
}
EXPORT_SYMBOL(send_sig_mceerr);
int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = SIGSEGV;
info.si_errno = 0;
info.si_code = SEGV_BNDERR;
info.si_addr = addr;
info.si_lower = lower;
info.si_upper = upper;
return force_sig_info(&info);
}
#ifdef SEGV_PKUERR
int force_sig_pkuerr(void __user *addr, u32 pkey)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = SIGSEGV;
info.si_errno = 0;
info.si_code = SEGV_PKUERR;
info.si_addr = addr;
info.si_pkey = pkey;
return force_sig_info(&info);
}
#endif
/* For the crazy architectures that include trap information in
* the errno field, instead of an actual errno value.
*/
int force_sig_ptrace_errno_trap(int errno, void __user *addr)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = SIGTRAP;
info.si_errno = errno;
info.si_code = TRAP_HWBKPT;
info.si_addr = addr;
return force_sig_info(&info);
}
int kill_pgrp(struct pid *pid, int sig, int priv)
{
int ret;
read_lock(&tasklist_lock);
ret = __kill_pgrp_info(sig, __si_special(priv), pid);
read_unlock(&tasklist_lock);
return ret;
}
EXPORT_SYMBOL(kill_pgrp);
int kill_pid(struct pid *pid, int sig, int priv)
{
return kill_pid_info(sig, __si_special(priv), pid);
}
EXPORT_SYMBOL(kill_pid);
/*
* These functions support sending signals using preallocated sigqueue
* structures. This is needed "because realtime applications cannot
* afford to lose notifications of asynchronous events, like timer
* expirations or I/O completions". In the case of POSIX Timers
* we allocate the sigqueue structure from the timer_create. If this
* allocation fails we are able to report the failure to the application
* with an EAGAIN error.
*/
struct sigqueue *sigqueue_alloc(void)
{
struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
if (q)
q->flags |= SIGQUEUE_PREALLOC;
return q;
}
void sigqueue_free(struct sigqueue *q)
{
unsigned long flags;
spinlock_t *lock = &current->sighand->siglock;
BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
/*
* We must hold ->siglock while testing q->list
* to serialize with collect_signal() or with
* __exit_signal()->flush_sigqueue().
*/
spin_lock_irqsave(lock, flags);
q->flags &= ~SIGQUEUE_PREALLOC;
/*
* If it is queued it will be freed when dequeued,
* like the "regular" sigqueue.
*/
if (!list_empty(&q->list))
q = NULL;
spin_unlock_irqrestore(lock, flags);
if (q)
__sigqueue_free(q);
}
int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type)
{
int sig = q->info.si_signo;
struct sigpending *pending;
struct task_struct *t;
unsigned long flags;
int ret, result;
BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
ret = -1;
rcu_read_lock();
t = pid_task(pid, type);
if (!t || !likely(lock_task_sighand(t, &flags)))
goto ret;
ret = 1; /* the signal is ignored */
result = TRACE_SIGNAL_IGNORED;
if (!prepare_signal(sig, t, false))
goto out;
ret = 0;
if (unlikely(!list_empty(&q->list))) {
/*
* If an SI_TIMER entry is already queue just increment
* the overrun count.
*/
BUG_ON(q->info.si_code != SI_TIMER);
q->info.si_overrun++;
result = TRACE_SIGNAL_ALREADY_PENDING;
goto out;
}
q->info.si_overrun = 0;
signalfd_notify(t, sig);
pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
list_add_tail(&q->list, &pending->list);
sigaddset(&pending->signal, sig);
complete_signal(sig, t, type);
result = TRACE_SIGNAL_DELIVERED;
out:
trace_signal_generate(sig, &q->info, t, type != PIDTYPE_PID, result);
unlock_task_sighand(t, &flags);
ret:
rcu_read_unlock();
return ret;
}
static void do_notify_pidfd(struct task_struct *task)
{
struct pid *pid;
WARN_ON(task->exit_state == 0);
pid = task_pid(task);
wake_up_all(&pid->wait_pidfd);
}
/*
* Let a parent know about the death of a child.
* For a stopped/continued status change, use do_notify_parent_cldstop instead.
*
* Returns true if our parent ignored us and so we've switched to
* self-reaping.
*/
bool do_notify_parent(struct task_struct *tsk, int sig)
{
struct kernel_siginfo info;
unsigned long flags;
struct sighand_struct *psig;
bool autoreap = false;
u64 utime, stime;
WARN_ON_ONCE(sig == -1);
/* do_notify_parent_cldstop should have been called instead. */
WARN_ON_ONCE(task_is_stopped_or_traced(tsk));
WARN_ON_ONCE(!tsk->ptrace &&
(tsk->group_leader != tsk || !thread_group_empty(tsk)));
/* Wake up all pidfd waiters */
do_notify_pidfd(tsk);
if (sig != SIGCHLD) {
/*
* This is only possible if parent == real_parent.
* Check if it has changed security domain.
*/
if (tsk->parent_exec_id != READ_ONCE(tsk->parent->self_exec_id))
sig = SIGCHLD;
}
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = 0;
/*
* We are under tasklist_lock here so our parent is tied to
* us and cannot change.
*
* task_active_pid_ns will always return the same pid namespace
* until a task passes through release_task.
*
* write_lock() currently calls preempt_disable() which is the
* same as rcu_read_lock(), but according to Oleg, this is not
* correct to rely on this
*/
rcu_read_lock();
info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(tsk->parent));
info.si_uid = from_kuid_munged(task_cred_xxx(tsk->parent, user_ns),
task_uid(tsk));
rcu_read_unlock();
task_cputime(tsk, &utime, &stime);
info.si_utime = nsec_to_clock_t(utime + tsk->signal->utime);
info.si_stime = nsec_to_clock_t(stime + tsk->signal->stime);
info.si_status = tsk->exit_code & 0x7f;
if (tsk->exit_code & 0x80)
info.si_code = CLD_DUMPED;
else if (tsk->exit_code & 0x7f)
info.si_code = CLD_KILLED;
else {
info.si_code = CLD_EXITED;
info.si_status = tsk->exit_code >> 8;
}
psig = tsk->parent->sighand;
spin_lock_irqsave(&psig->siglock, flags);
if (!tsk->ptrace && sig == SIGCHLD &&
(psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
(psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
/*
* We are exiting and our parent doesn't care. POSIX.1
* defines special semantics for setting SIGCHLD to SIG_IGN
* or setting the SA_NOCLDWAIT flag: we should be reaped
* automatically and not left for our parent's wait4 call.
* Rather than having the parent do it as a magic kind of
* signal handler, we just set this to tell do_exit that we
* can be cleaned up without becoming a zombie. Note that
* we still call __wake_up_parent in this case, because a
* blocked sys_wait4 might now return -ECHILD.
*
* Whether we send SIGCHLD or not for SA_NOCLDWAIT
* is implementation-defined: we do (if you don't want
* it, just use SIG_IGN instead).
*/
autoreap = true;
if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN)
sig = 0;
}
/*
* Send with __send_signal as si_pid and si_uid are in the
* parent's namespaces.
*/
if (valid_signal(sig) && sig)
__send_signal(sig, &info, tsk->parent, PIDTYPE_TGID, false);
__wake_up_parent(tsk, tsk->parent);
spin_unlock_irqrestore(&psig->siglock, flags);
return autoreap;
}
/**
* do_notify_parent_cldstop - notify parent of stopped/continued state change
* @tsk: task reporting the state change
* @for_ptracer: the notification is for ptracer
* @why: CLD_{CONTINUED|STOPPED|TRAPPED} to report
*
* Notify @tsk's parent that the stopped/continued state has changed. If
* @for_ptracer is %false, @tsk's group leader notifies to its real parent.
* If %true, @tsk reports to @tsk->parent which should be the ptracer.
*
* CONTEXT:
* Must be called with tasklist_lock at least read locked.
*/
static void do_notify_parent_cldstop(struct task_struct *tsk,
bool for_ptracer, int why)
{
struct kernel_siginfo info;
unsigned long flags;
struct task_struct *parent;
struct sighand_struct *sighand;
u64 utime, stime;
if (for_ptracer) {
parent = tsk->parent;
} else {
tsk = tsk->group_leader;
parent = tsk->real_parent;
}
clear_siginfo(&info);
info.si_signo = SIGCHLD;
info.si_errno = 0;
/*
* see comment in do_notify_parent() about the following 4 lines
*/
rcu_read_lock();
info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(parent));
info.si_uid = from_kuid_munged(task_cred_xxx(parent, user_ns), task_uid(tsk));
rcu_read_unlock();
task_cputime(tsk, &utime, &stime);
info.si_utime = nsec_to_clock_t(utime);
info.si_stime = nsec_to_clock_t(stime);
info.si_code = why;
switch (why) {
case CLD_CONTINUED:
info.si_status = SIGCONT;
break;
case CLD_STOPPED:
info.si_status = tsk->signal->group_exit_code & 0x7f;
break;
case CLD_TRAPPED:
info.si_status = tsk->exit_code & 0x7f;
break;
default:
BUG();
}
sighand = parent->sighand;
spin_lock_irqsave(&sighand->siglock, flags);
if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN &&
!(sighand->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDSTOP))
__group_send_sig_info(SIGCHLD, &info, parent);
/*
* Even if SIGCHLD is not generated, we must wake up wait4 calls.
*/
__wake_up_parent(tsk, parent);
spin_unlock_irqrestore(&sighand->siglock, flags);
}
static inline bool may_ptrace_stop(void)
{
if (!likely(current->ptrace))
return false;
/*
* Are we in the middle of do_coredump?
* If so and our tracer is also part of the coredump stopping
* is a deadlock situation, and pointless because our tracer
* is dead so don't allow us to stop.
* If SIGKILL was already sent before the caller unlocked
* ->siglock we must see ->core_state != NULL. Otherwise it
* is safe to enter schedule().
*
* This is almost outdated, a task with the pending SIGKILL can't
* block in TASK_TRACED. But PTRACE_EVENT_EXIT can be reported
* after SIGKILL was already dequeued.
*/
if (unlikely(current->mm->core_state) &&
unlikely(current->mm == current->parent->mm))
return false;
return true;
}
/*
* This must be called with current->sighand->siglock held.
*
* This should be the path for all ptrace stops.
* We always set current->last_siginfo while stopped here.
* That makes it a way to test a stopped process for
* being ptrace-stopped vs being job-control-stopped.
*
* If we actually decide not to stop at all because the tracer
* is gone, we keep current->exit_code unless clear_code.
*/
static void ptrace_stop(int exit_code, int why, int clear_code, kernel_siginfo_t *info)
__releases(&current->sighand->siglock)
__acquires(&current->sighand->siglock)
{
bool gstop_done = false;
if (arch_ptrace_stop_needed(exit_code, info)) {
/*
* The arch code has something special to do before a
* ptrace stop. This is allowed to block, e.g. for faults
* on user stack pages. We can't keep the siglock while
* calling arch_ptrace_stop, so we must release it now.
* To preserve proper semantics, we must do this before
* any signal bookkeeping like checking group_stop_count.
*/
spin_unlock_irq(&current->sighand->siglock);
arch_ptrace_stop(exit_code, info);
spin_lock_irq(&current->sighand->siglock);
}
/*
* schedule() will not sleep if there is a pending signal that
* can awaken the task.
*/
set_special_state(TASK_TRACED);
/*
* We're committing to trapping. TRACED should be visible before
* TRAPPING is cleared; otherwise, the tracer might fail do_wait().
* Also, transition to TRACED and updates to ->jobctl should be
* atomic with respect to siglock and should be done after the arch
* hook as siglock is released and regrabbed across it.
*
* TRACER TRACEE
*
* ptrace_attach()
* [L] wait_on_bit(JOBCTL_TRAPPING) [S] set_special_state(TRACED)
* do_wait()
* set_current_state() smp_wmb();
* ptrace_do_wait()
* wait_task_stopped()
* task_stopped_code()
* [L] task_is_traced() [S] task_clear_jobctl_trapping();
*/
smp_wmb();
current->last_siginfo = info;
current->exit_code = exit_code;
/*
* If @why is CLD_STOPPED, we're trapping to participate in a group
* stop. Do the bookkeeping. Note that if SIGCONT was delievered
* across siglock relocks since INTERRUPT was scheduled, PENDING
* could be clear now. We act as if SIGCONT is received after
* TASK_TRACED is entered - ignore it.
*/
if (why == CLD_STOPPED && (current->jobctl & JOBCTL_STOP_PENDING))
gstop_done = task_participate_group_stop(current);
/* any trap clears pending STOP trap, STOP trap clears NOTIFY */
task_clear_jobctl_pending(current, JOBCTL_TRAP_STOP);
if (info && info->si_code >> 8 == PTRACE_EVENT_STOP)
task_clear_jobctl_pending(current, JOBCTL_TRAP_NOTIFY);
/* entering a trap, clear TRAPPING */
task_clear_jobctl_trapping(current);
spin_unlock_irq(&current->sighand->siglock);
read_lock(&tasklist_lock);
if (may_ptrace_stop()) {
/*
* Notify parents of the stop.
*
* While ptraced, there are two parents - the ptracer and
* the real_parent of the group_leader. The ptracer should
* know about every stop while the real parent is only
* interested in the completion of group stop. The states
* for the two don't interact with each other. Notify
* separately unless they're gonna be duplicates.
*/
do_notify_parent_cldstop(current, true, why);
if (gstop_done && ptrace_reparented(current))
do_notify_parent_cldstop(current, false, why);
/*
* Don't want to allow preemption here, because
* sys_ptrace() needs this task to be inactive.
*
* XXX: implement read_unlock_no_resched().
*/
preempt_disable();
read_unlock(&tasklist_lock);
cgroup_enter_frozen();
preempt_enable_no_resched();
freezable_schedule();
cgroup_leave_frozen(true);
} else {
/*
* By the time we got the lock, our tracer went away.
* Don't drop the lock yet, another tracer may come.
*
* If @gstop_done, the ptracer went away between group stop
* completion and here. During detach, it would have set
* JOBCTL_STOP_PENDING on us and we'll re-enter
* TASK_STOPPED in do_signal_stop() on return, so notifying
* the real parent of the group stop completion is enough.
*/
if (gstop_done)
do_notify_parent_cldstop(current, false, why);
/* tasklist protects us from ptrace_freeze_traced() */
__set_current_state(TASK_RUNNING);
if (clear_code)
current->exit_code = 0;
read_unlock(&tasklist_lock);
}
/*
* We are back. Now reacquire the siglock before touching
* last_siginfo, so that we are sure to have synchronized with
* any signal-sending on another CPU that wants to examine it.
*/
spin_lock_irq(&current->sighand->siglock);
current->last_siginfo = NULL;
/* LISTENING can be set only during STOP traps, clear it */
current->jobctl &= ~JOBCTL_LISTENING;
/*
* Queued signals ignored us while we were stopped for tracing.
* So check for any that we should take before resuming user mode.
* This sets TIF_SIGPENDING, but never clears it.
*/
recalc_sigpending_tsk(current);
}
static void ptrace_do_notify(int signr, int exit_code, int why)
{
kernel_siginfo_t info;
clear_siginfo(&info);
info.si_signo = signr;
info.si_code = exit_code;
info.si_pid = task_pid_vnr(current);
info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
/* Let the debugger run. */
ptrace_stop(exit_code, why, 1, &info);
}
void ptrace_notify(int exit_code)
{
BUG_ON((exit_code & (0x7f | ~0xffff)) != SIGTRAP);
if (unlikely(current->task_works))
task_work_run();
spin_lock_irq(&current->sighand->siglock);
ptrace_do_notify(SIGTRAP, exit_code, CLD_TRAPPED);
spin_unlock_irq(&current->sighand->siglock);
}
/**
* do_signal_stop - handle group stop for SIGSTOP and other stop signals
* @signr: signr causing group stop if initiating
*
* If %JOBCTL_STOP_PENDING is not set yet, initiate group stop with @signr
* and participate in it. If already set, participate in the existing
* group stop. If participated in a group stop (and thus slept), %true is
* returned with siglock released.
*
* If ptraced, this function doesn't handle stop itself. Instead,
* %JOBCTL_TRAP_STOP is scheduled and %false is returned with siglock
* untouched. The caller must ensure that INTERRUPT trap handling takes
* places afterwards.
*
* CONTEXT:
* Must be called with @current->sighand->siglock held, which is released
* on %true return.
*
* RETURNS:
* %false if group stop is already cancelled or ptrace trap is scheduled.
* %true if participated in group stop.
*/
static bool do_signal_stop(int signr)
__releases(&current->sighand->siglock)
{
struct signal_struct *sig = current->signal;
if (!(current->jobctl & JOBCTL_STOP_PENDING)) {
unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME;
struct task_struct *t;
/* signr will be recorded in task->jobctl for retries */
WARN_ON_ONCE(signr & ~JOBCTL_STOP_SIGMASK);
if (!likely(current->jobctl & JOBCTL_STOP_DEQUEUED) ||
unlikely(signal_group_exit(sig)))
return false;
/*
* There is no group stop already in progress. We must
* initiate one now.
*
* While ptraced, a task may be resumed while group stop is
* still in effect and then receive a stop signal and
* initiate another group stop. This deviates from the
* usual behavior as two consecutive stop signals can't
* cause two group stops when !ptraced. That is why we
* also check !task_is_stopped(t) below.
*
* The condition can be distinguished by testing whether
* SIGNAL_STOP_STOPPED is already set. Don't generate
* group_exit_code in such case.
*
* This is not necessary for SIGNAL_STOP_CONTINUED because
* an intervening stop signal is required to cause two
* continued events regardless of ptrace.
*/
if (!(sig->flags & SIGNAL_STOP_STOPPED))
sig->group_exit_code = signr;
sig->group_stop_count = 0;
if (task_set_jobctl_pending(current, signr | gstop))
sig->group_stop_count++;
t = current;
while_each_thread(current, t) {
/*
* Setting state to TASK_STOPPED for a group
* stop is always done with the siglock held,
* so this check has no races.
*/
if (!task_is_stopped(t) &&
task_set_jobctl_pending(t, signr | gstop)) {
sig->group_stop_count++;
if (likely(!(t->ptrace & PT_SEIZED)))
signal_wake_up(t, 0);
else
ptrace_trap_notify(t);
}
}
}
if (likely(!current->ptrace)) {
int notify = 0;
/*
* If there are no other threads in the group, or if there
* is a group stop in progress and we are the last to stop,
* report to the parent.
*/
if (task_participate_group_stop(current))
notify = CLD_STOPPED;
set_special_state(TASK_STOPPED);
spin_unlock_irq(&current->sighand->siglock);
/*
* Notify the parent of the group stop completion. Because
* we're not holding either the siglock or tasklist_lock
* here, ptracer may attach inbetween; however, this is for
* group stop and should always be delivered to the real
* parent of the group leader. The new ptracer will get
* its notification when this task transitions into
* TASK_TRACED.
*/
if (notify) {
read_lock(&tasklist_lock);
do_notify_parent_cldstop(current, false, notify);
read_unlock(&tasklist_lock);
}
/* Now we don't run again until woken by SIGCONT or SIGKILL */
cgroup_enter_frozen();
freezable_schedule();
return true;
} else {
/*
* While ptraced, group stop is handled by STOP trap.
* Schedule it and let the caller deal with it.
*/
task_set_jobctl_pending(current, JOBCTL_TRAP_STOP);
return false;
}
}
/**
* do_jobctl_trap - take care of ptrace jobctl traps
*
* When PT_SEIZED, it's used for both group stop and explicit
* SEIZE/INTERRUPT traps. Both generate PTRACE_EVENT_STOP trap with
* accompanying siginfo. If stopped, lower eight bits of exit_code contain
* the stop signal; otherwise, %SIGTRAP.
*
* When !PT_SEIZED, it's used only for group stop trap with stop signal
* number as exit_code and no siginfo.
*
* CONTEXT:
* Must be called with @current->sighand->siglock held, which may be
* released and re-acquired before returning with intervening sleep.
*/
static void do_jobctl_trap(void)
{
struct signal_struct *signal = current->signal;
int signr = current->jobctl & JOBCTL_STOP_SIGMASK;
if (current->ptrace & PT_SEIZED) {
if (!signal->group_stop_count &&
!(signal->flags & SIGNAL_STOP_STOPPED))
signr = SIGTRAP;
WARN_ON_ONCE(!signr);
ptrace_do_notify(signr, signr | (PTRACE_EVENT_STOP << 8),
CLD_STOPPED);
} else {
WARN_ON_ONCE(!signr);
ptrace_stop(signr, CLD_STOPPED, 0, NULL);
current->exit_code = 0;
}
}
/**
* do_freezer_trap - handle the freezer jobctl trap
*
* Puts the task into frozen state, if only the task is not about to quit.
* In this case it drops JOBCTL_TRAP_FREEZE.
*
* CONTEXT:
* Must be called with @current->sighand->siglock held,
* which is always released before returning.
*/
static void do_freezer_trap(void)
__releases(&current->sighand->siglock)
{
/*
* If there are other trap bits pending except JOBCTL_TRAP_FREEZE,
* let's make another loop to give it a chance to be handled.
* In any case, we'll return back.
*/
if ((current->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) !=
JOBCTL_TRAP_FREEZE) {
spin_unlock_irq(&current->sighand->siglock);
return;
}
/*
* Now we're sure that there is no pending fatal signal and no
* pending traps. Clear TIF_SIGPENDING to not get out of schedule()
* immediately (if there is a non-fatal signal pending), and
* put the task into sleep.
*/
__set_current_state(TASK_INTERRUPTIBLE);
clear_thread_flag(TIF_SIGPENDING);
spin_unlock_irq(&current->sighand->siglock);
cgroup_enter_frozen();
freezable_schedule();
}
static int ptrace_signal(int signr, kernel_siginfo_t *info)
{
/*
* We do not check sig_kernel_stop(signr) but set this marker
* unconditionally because we do not know whether debugger will
* change signr. This flag has no meaning unless we are going
* to stop after return from ptrace_stop(). In this case it will
* be checked in do_signal_stop(), we should only stop if it was
* not cleared by SIGCONT while we were sleeping. See also the
* comment in dequeue_signal().
*/
current->jobctl |= JOBCTL_STOP_DEQUEUED;
ptrace_stop(signr, CLD_TRAPPED, 0, info);
/* We're back. Did the debugger cancel the sig? */
signr = current->exit_code;
if (signr == 0)
return signr;
current->exit_code = 0;
/*
* Update the siginfo structure if the signal has
* changed. If the debugger wanted something
* specific in the siginfo structure then it should
* have updated *info via PTRACE_SETSIGINFO.
*/
if (signr != info->si_signo) {
clear_siginfo(info);
info->si_signo = signr;
info->si_errno = 0;
info->si_code = SI_USER;
rcu_read_lock();
info->si_pid = task_pid_vnr(current->parent);
info->si_uid = from_kuid_munged(current_user_ns(),
task_uid(current->parent));
rcu_read_unlock();
}
/* If the (new) signal is now blocked, requeue it. */
if (sigismember(&current->blocked, signr)) {
send_signal(signr, info, current, PIDTYPE_PID);
signr = 0;
}
return signr;
}
static void hide_si_addr_tag_bits(struct ksignal *ksig)
{
switch (siginfo_layout(ksig->sig, ksig->info.si_code)) {
case SIL_FAULT:
case SIL_FAULT_MCEERR:
case SIL_FAULT_BNDERR:
case SIL_FAULT_PKUERR:
ksig->info.si_addr = arch_untagged_si_addr(
ksig->info.si_addr, ksig->sig, ksig->info.si_code);
break;
case SIL_KILL:
case SIL_TIMER:
case SIL_POLL:
case SIL_CHLD:
case SIL_RT:
case SIL_SYS:
break;
}
}
bool get_signal(struct ksignal *ksig)
{
struct sighand_struct *sighand = current->sighand;
struct signal_struct *signal = current->signal;
int signr;
if (unlikely(uprobe_deny_signal()))
return false;
/*
* Do this once, we can't return to user-mode if freezing() == T.
* do_signal_stop() and ptrace_stop() do freezable_schedule() and
* thus do not need another check after return.
*/
try_to_freeze();
relock:
spin_lock_irq(&sighand->siglock);
/*
* Make sure we can safely read ->jobctl() in task_work add. As Oleg
* states:
*
* It pairs with mb (implied by cmpxchg) before READ_ONCE. So we
* roughly have
*
* task_work_add: get_signal:
* STORE(task->task_works, new_work); STORE(task->jobctl);
* mb(); mb();
* LOAD(task->jobctl); LOAD(task->task_works);
*
* and we can rely on STORE-MB-LOAD [ in task_work_add].
*/
smp_store_mb(current->jobctl, current->jobctl & ~JOBCTL_TASK_WORK);
if (unlikely(current->task_works)) {
spin_unlock_irq(&sighand->siglock);
task_work_run();
goto relock;
}
/*
* Every stopped thread goes here after wakeup. Check to see if
* we should notify the parent, prepare_signal(SIGCONT) encodes
* the CLD_ si_code into SIGNAL_CLD_MASK bits.
*/
if (unlikely(signal->flags & SIGNAL_CLD_MASK)) {
int why;
if (signal->flags & SIGNAL_CLD_CONTINUED)
why = CLD_CONTINUED;
else
why = CLD_STOPPED;
signal->flags &= ~SIGNAL_CLD_MASK;
spin_unlock_irq(&sighand->siglock);
/*
* Notify the parent that we're continuing. This event is
* always per-process and doesn't make whole lot of sense
* for ptracers, who shouldn't consume the state via
* wait(2) either, but, for backward compatibility, notify
* the ptracer of the group leader too unless it's gonna be
* a duplicate.
*/
read_lock(&tasklist_lock);
do_notify_parent_cldstop(current, false, why);
if (ptrace_reparented(current->group_leader))
do_notify_parent_cldstop(current->group_leader,
true, why);
read_unlock(&tasklist_lock);
goto relock;
}
/* Has this task already been marked for death? */
if (signal_group_exit(signal)) {
ksig->info.si_signo = signr = SIGKILL;
sigdelset(&current->pending.signal, SIGKILL);
trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO,
&sighand->action[SIGKILL - 1]);
recalc_sigpending();
goto fatal;
}
for (;;) {
struct k_sigaction *ka;
if (unlikely(current->jobctl & JOBCTL_STOP_PENDING) &&
do_signal_stop(0))
goto relock;
if (unlikely(current->jobctl &
(JOBCTL_TRAP_MASK | JOBCTL_TRAP_FREEZE))) {
if (current->jobctl & JOBCTL_TRAP_MASK) {
do_jobctl_trap();
spin_unlock_irq(&sighand->siglock);
} else if (current->jobctl & JOBCTL_TRAP_FREEZE)
do_freezer_trap();
goto relock;
}
/*
* If the task is leaving the frozen state, let's update
* cgroup counters and reset the frozen bit.
*/
if (unlikely(cgroup_task_frozen(current))) {
spin_unlock_irq(&sighand->siglock);
cgroup_leave_frozen(false);
goto relock;
}
/*
* Signals generated by the execution of an instruction
* need to be delivered before any other pending signals
* so that the instruction pointer in the signal stack
* frame points to the faulting instruction.
*/
signr = dequeue_synchronous_signal(&ksig->info);
if (!signr)
signr = dequeue_signal(current, &current->blocked, &ksig->info);
if (!signr)
break; /* will return 0 */
if (unlikely(current->ptrace) && signr != SIGKILL) {
signr = ptrace_signal(signr, &ksig->info);
if (!signr)
continue;
}
ka = &sighand->action[signr-1];
/* Trace actually delivered signals. */
trace_signal_deliver(signr, &ksig->info, ka);
if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */
continue;
if (ka->sa.sa_handler != SIG_DFL) {
/* Run the handler. */
ksig->ka = *ka;
if (ka->sa.sa_flags & SA_ONESHOT)
ka->sa.sa_handler = SIG_DFL;
break; /* will return non-zero "signr" value */
}
/*
* Now we are doing the default action for this signal.
*/
if (sig_kernel_ignore(signr)) /* Default is nothing. */
continue;
/*
* Global init gets no signals it doesn't want.
* Container-init gets no signals it doesn't want from same
* container.
*
* Note that if global/container-init sees a sig_kernel_only()
* signal here, the signal must have been generated internally
* or must have come from an ancestor namespace. In either
* case, the signal cannot be dropped.
*/
if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
!sig_kernel_only(signr))
continue;
if (sig_kernel_stop(signr)) {
/*
* The default action is to stop all threads in
* the thread group. The job control signals
* do nothing in an orphaned pgrp, but SIGSTOP
* always works. Note that siglock needs to be
* dropped during the call to is_orphaned_pgrp()
* because of lock ordering with tasklist_lock.
* This allows an intervening SIGCONT to be posted.
* We need to check for that and bail out if necessary.
*/
if (signr != SIGSTOP) {
spin_unlock_irq(&sighand->siglock);
/* signals can be posted during this window */
if (is_current_pgrp_orphaned())
goto relock;
spin_lock_irq(&sighand->siglock);
}
if (likely(do_signal_stop(ksig->info.si_signo))) {
/* It released the siglock. */
goto relock;
}
/*
* We didn't actually stop, due to a race
* with SIGCONT or something like that.
*/
continue;
}
fatal:
spin_unlock_irq(&sighand->siglock);
if (unlikely(cgroup_task_frozen(current)))
cgroup_leave_frozen(true);
/*
* Anything else is fatal, maybe with a core dump.
*/
current->flags |= PF_SIGNALED;
if (sig_kernel_coredump(signr)) {
if (print_fatal_signals)
print_fatal_signal(ksig->info.si_signo);
proc_coredump_connector(current);
/*
* If it was able to dump core, this kills all
* other threads in the group and synchronizes with
* their demise. If we lost the race with another
* thread getting here, it set group_exit_code
* first and our do_group_exit call below will use
* that value and ignore the one we pass it.
*/
do_coredump(&ksig->info);
}
/*
* Death signals, no core dump.
*/
do_group_exit(ksig->info.si_signo);
/* NOTREACHED */
}
spin_unlock_irq(&sighand->siglock);
ksig->sig = signr;
if (!(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS))
hide_si_addr_tag_bits(ksig);
return ksig->sig > 0;
}
/**
* signal_delivered -
* @ksig: kernel signal struct
* @stepping: nonzero if debugger single-step or block-step in use
*
* This function should be called when a signal has successfully been
* delivered. It updates the blocked signals accordingly (@ksig->ka.sa.sa_mask
* is always blocked, and the signal itself is blocked unless %SA_NODEFER
* is set in @ksig->ka.sa.sa_flags. Tracing is notified.
*/
static void signal_delivered(struct ksignal *ksig, int stepping)
{
sigset_t blocked;
/* A signal was successfully delivered, and the
saved sigmask was stored on the signal frame,
and will be restored by sigreturn. So we can
simply clear the restore sigmask flag. */
clear_restore_sigmask();
sigorsets(&blocked, &current->blocked, &ksig->ka.sa.sa_mask);
if (!(ksig->ka.sa.sa_flags & SA_NODEFER))
sigaddset(&blocked, ksig->sig);
set_current_blocked(&blocked);
tracehook_signal_handler(stepping);
}
void signal_setup_done(int failed, struct ksignal *ksig, int stepping)
{
if (failed)
force_sigsegv(ksig->sig);
else
signal_delivered(ksig, stepping);
}
/*
* It could be that complete_signal() picked us to notify about the
* group-wide signal. Other threads should be notified now to take
* the shared signals in @which since we will not.
*/
static void retarget_shared_pending(struct task_struct *tsk, sigset_t *which)
{
sigset_t retarget;
struct task_struct *t;
sigandsets(&retarget, &tsk->signal->shared_pending.signal, which);
if (sigisemptyset(&retarget))
return;
t = tsk;
while_each_thread(tsk, t) {
if (t->flags & PF_EXITING)
continue;
if (!has_pending_signals(&retarget, &t->blocked))
continue;
/* Remove the signals this thread can handle. */
sigandsets(&retarget, &retarget, &t->blocked);
if (!signal_pending(t))
signal_wake_up(t, 0);
if (sigisemptyset(&retarget))
break;
}
}
void exit_signals(struct task_struct *tsk)
{
int group_stop = 0;
sigset_t unblocked;
/*
* @tsk is about to have PF_EXITING set - lock out users which
* expect stable threadgroup.
*/
cgroup_threadgroup_change_begin(tsk);
if (thread_group_empty(tsk) || signal_group_exit(tsk->signal)) {
tsk->flags |= PF_EXITING;
cgroup_threadgroup_change_end(tsk);
return;
}
spin_lock_irq(&tsk->sighand->siglock);
/*
* From now this task is not visible for group-wide signals,
* see wants_signal(), do_signal_stop().
*/
tsk->flags |= PF_EXITING;
cgroup_threadgroup_change_end(tsk);
if (!signal_pending(tsk))
goto out;
unblocked = tsk->blocked;
signotset(&unblocked);
retarget_shared_pending(tsk, &unblocked);
if (unlikely(tsk->jobctl & JOBCTL_STOP_PENDING) &&
task_participate_group_stop(tsk))
group_stop = CLD_STOPPED;
out:
spin_unlock_irq(&tsk->sighand->siglock);
/*
* If group stop has completed, deliver the notification. This
* should always go to the real parent of the group leader.
*/
if (unlikely(group_stop)) {
read_lock(&tasklist_lock);
do_notify_parent_cldstop(tsk, false, group_stop);
read_unlock(&tasklist_lock);
}
}
/*
* System call entry points.
*/
/**
* sys_restart_syscall - restart a system call
*/
SYSCALL_DEFINE0(restart_syscall)
{
struct restart_block *restart = &current->restart_block;
return restart->fn(restart);
}
long do_no_restart_syscall(struct restart_block *param)
{
return -EINTR;
}
static void __set_task_blocked(struct task_struct *tsk, const sigset_t *newset)
{
if (signal_pending(tsk) && !thread_group_empty(tsk)) {
sigset_t newblocked;
/* A set of now blocked but previously unblocked signals. */
sigandnsets(&newblocked, newset, &current->blocked);
retarget_shared_pending(tsk, &newblocked);
}
tsk->blocked = *newset;
recalc_sigpending();
}
/**
* set_current_blocked - change current->blocked mask
* @newset: new mask
*
* It is wrong to change ->blocked directly, this helper should be used
* to ensure the process can't miss a shared signal we are going to block.
*/
void set_current_blocked(sigset_t *newset)
{
sigdelsetmask(newset, sigmask(SIGKILL) | sigmask(SIGSTOP));
__set_current_blocked(newset);
}
void __set_current_blocked(const sigset_t *newset)
{
struct task_struct *tsk = current;
/*
* In case the signal mask hasn't changed, there is nothing we need
* to do. The current->blocked shouldn't be modified by other task.
*/
if (sigequalsets(&tsk->blocked, newset))
return;
spin_lock_irq(&tsk->sighand->siglock);
__set_task_blocked(tsk, newset);
spin_unlock_irq(&tsk->sighand->siglock);
}
/*
* This is also useful for kernel threads that want to temporarily
* (or permanently) block certain signals.
*
* NOTE! Unlike the user-mode sys_sigprocmask(), the kernel
* interface happily blocks "unblockable" signals like SIGKILL
* and friends.
*/
int sigprocmask(int how, sigset_t *set, sigset_t *oldset)
{
struct task_struct *tsk = current;
sigset_t newset;
/* Lockless, only current can change ->blocked, never from irq */
if (oldset)
*oldset = tsk->blocked;
switch (how) {
case SIG_BLOCK:
sigorsets(&newset, &tsk->blocked, set);
break;
case SIG_UNBLOCK:
sigandnsets(&newset, &tsk->blocked, set);
break;
case SIG_SETMASK:
newset = *set;
break;
default:
return -EINVAL;
}
__set_current_blocked(&newset);
return 0;
}
EXPORT_SYMBOL(sigprocmask);
/*
* The api helps set app-provided sigmasks.
*
* This is useful for syscalls such as ppoll, pselect, io_pgetevents and
* epoll_pwait where a new sigmask is passed from userland for the syscalls.
*
* Note that it does set_restore_sigmask() in advance, so it must be always
* paired with restore_saved_sigmask_unless() before return from syscall.
*/
int set_user_sigmask(const sigset_t __user *umask, size_t sigsetsize)
{
sigset_t kmask;
if (!umask)
return 0;
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (copy_from_user(&kmask, umask, sizeof(sigset_t)))
return -EFAULT;
set_restore_sigmask();
current->saved_sigmask = current->blocked;
set_current_blocked(&kmask);
return 0;
}
#ifdef CONFIG_COMPAT
int set_compat_user_sigmask(const compat_sigset_t __user *umask,
size_t sigsetsize)
{
sigset_t kmask;
if (!umask)
return 0;
if (sigsetsize != sizeof(compat_sigset_t))
return -EINVAL;
if (get_compat_sigset(&kmask, umask))
return -EFAULT;
set_restore_sigmask();
current->saved_sigmask = current->blocked;
set_current_blocked(&kmask);
return 0;
}
#endif
/**
* sys_rt_sigprocmask - change the list of currently blocked signals
* @how: whether to add, remove, or set signals
* @nset: stores pending signals
* @oset: previous value of signal mask if non-null
* @sigsetsize: size of sigset_t type
*/
SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, nset,
sigset_t __user *, oset, size_t, sigsetsize)
{
sigset_t old_set, new_set;
int error;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
old_set = current->blocked;
if (nset) {
if (copy_from_user(&new_set, nset, sizeof(sigset_t)))
return -EFAULT;
sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
error = sigprocmask(how, &new_set, NULL);
if (error)
return error;
}
if (oset) {
if (copy_to_user(oset, &old_set, sizeof(sigset_t)))
return -EFAULT;
}
return 0;
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(rt_sigprocmask, int, how, compat_sigset_t __user *, nset,
compat_sigset_t __user *, oset, compat_size_t, sigsetsize)
{
sigset_t old_set = current->blocked;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (nset) {
sigset_t new_set;
int error;
if (get_compat_sigset(&new_set, nset))
return -EFAULT;
sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP));
error = sigprocmask(how, &new_set, NULL);
if (error)
return error;
}
return oset ? put_compat_sigset(oset, &old_set, sizeof(*oset)) : 0;
}
#endif
static void do_sigpending(sigset_t *set)
{
spin_lock_irq(&current->sighand->siglock);
sigorsets(set, &current->pending.signal,
&current->signal->shared_pending.signal);
spin_unlock_irq(&current->sighand->siglock);
/* Outside the lock because only this thread touches it. */
sigandsets(set, &current->blocked, set);
}
/**
* sys_rt_sigpending - examine a pending signal that has been raised
* while blocked
* @uset: stores pending signals
* @sigsetsize: size of sigset_t type or larger
*/
SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, uset, size_t, sigsetsize)
{
sigset_t set;
if (sigsetsize > sizeof(*uset))
return -EINVAL;
do_sigpending(&set);
if (copy_to_user(uset, &set, sigsetsize))
return -EFAULT;
return 0;
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE2(rt_sigpending, compat_sigset_t __user *, uset,
compat_size_t, sigsetsize)
{
sigset_t set;
if (sigsetsize > sizeof(*uset))
return -EINVAL;
do_sigpending(&set);
return put_compat_sigset(uset, &set, sigsetsize);
}
#endif
static const struct {
unsigned char limit, layout;
} sig_sicodes[] = {
[SIGILL] = { NSIGILL, SIL_FAULT },
[SIGFPE] = { NSIGFPE, SIL_FAULT },
[SIGSEGV] = { NSIGSEGV, SIL_FAULT },
[SIGBUS] = { NSIGBUS, SIL_FAULT },
[SIGTRAP] = { NSIGTRAP, SIL_FAULT },
#if defined(SIGEMT)
[SIGEMT] = { NSIGEMT, SIL_FAULT },
#endif
[SIGCHLD] = { NSIGCHLD, SIL_CHLD },
[SIGPOLL] = { NSIGPOLL, SIL_POLL },
[SIGSYS] = { NSIGSYS, SIL_SYS },
};
static bool known_siginfo_layout(unsigned sig, int si_code)
{
if (si_code == SI_KERNEL)
return true;
else if ((si_code > SI_USER)) {
if (sig_specific_sicodes(sig)) {
if (si_code <= sig_sicodes[sig].limit)
return true;
}
else if (si_code <= NSIGPOLL)
return true;
}
else if (si_code >= SI_DETHREAD)
return true;
else if (si_code == SI_ASYNCNL)
return true;
return false;
}
enum siginfo_layout siginfo_layout(unsigned sig, int si_code)
{
enum siginfo_layout layout = SIL_KILL;
if ((si_code > SI_USER) && (si_code < SI_KERNEL)) {
if ((sig < ARRAY_SIZE(sig_sicodes)) &&
(si_code <= sig_sicodes[sig].limit)) {
layout = sig_sicodes[sig].layout;
/* Handle the exceptions */
if ((sig == SIGBUS) &&
(si_code >= BUS_MCEERR_AR) && (si_code <= BUS_MCEERR_AO))
layout = SIL_FAULT_MCEERR;
else if ((sig == SIGSEGV) && (si_code == SEGV_BNDERR))
layout = SIL_FAULT_BNDERR;
#ifdef SEGV_PKUERR
else if ((sig == SIGSEGV) && (si_code == SEGV_PKUERR))
layout = SIL_FAULT_PKUERR;
#endif
}
else if (si_code <= NSIGPOLL)
layout = SIL_POLL;
} else {
if (si_code == SI_TIMER)
layout = SIL_TIMER;
else if (si_code == SI_SIGIO)
layout = SIL_POLL;
else if (si_code < 0)
layout = SIL_RT;
}
return layout;
}
static inline char __user *si_expansion(const siginfo_t __user *info)
{
return ((char __user *)info) + sizeof(struct kernel_siginfo);
}
int copy_siginfo_to_user(siginfo_t __user *to, const kernel_siginfo_t *from)
{
char __user *expansion = si_expansion(to);
if (copy_to_user(to, from , sizeof(struct kernel_siginfo)))
return -EFAULT;
if (clear_user(expansion, SI_EXPANSION_SIZE))
return -EFAULT;
return 0;
}
static int post_copy_siginfo_from_user(kernel_siginfo_t *info,
const siginfo_t __user *from)
{
if (unlikely(!known_siginfo_layout(info->si_signo, info->si_code))) {
char __user *expansion = si_expansion(from);
char buf[SI_EXPANSION_SIZE];
int i;
/*
* An unknown si_code might need more than
* sizeof(struct kernel_siginfo) bytes. Verify all of the
* extra bytes are 0. This guarantees copy_siginfo_to_user
* will return this data to userspace exactly.
*/
if (copy_from_user(&buf, expansion, SI_EXPANSION_SIZE))
return -EFAULT;
for (i = 0; i < SI_EXPANSION_SIZE; i++) {
if (buf[i] != 0)
return -E2BIG;
}
}
return 0;
}
static int __copy_siginfo_from_user(int signo, kernel_siginfo_t *to,
const siginfo_t __user *from)
{
if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
return -EFAULT;
to->si_signo = signo;
return post_copy_siginfo_from_user(to, from);
}
int copy_siginfo_from_user(kernel_siginfo_t *to, const siginfo_t __user *from)
{
if (copy_from_user(to, from, sizeof(struct kernel_siginfo)))
return -EFAULT;
return post_copy_siginfo_from_user(to, from);
}
#ifdef CONFIG_COMPAT
/**
* copy_siginfo_to_external32 - copy a kernel siginfo into a compat user siginfo
* @to: compat siginfo destination
* @from: kernel siginfo source
*
* Note: This function does not work properly for the SIGCHLD on x32, but
* fortunately it doesn't have to. The only valid callers for this function are
* copy_siginfo_to_user32, which is overriden for x32 and the coredump code.
* The latter does not care because SIGCHLD will never cause a coredump.
*/
void copy_siginfo_to_external32(struct compat_siginfo *to,
const struct kernel_siginfo *from)
{
memset(to, 0, sizeof(*to));
to->si_signo = from->si_signo;
to->si_errno = from->si_errno;
to->si_code = from->si_code;
switch(siginfo_layout(from->si_signo, from->si_code)) {
case SIL_KILL:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
break;
case SIL_TIMER:
to->si_tid = from->si_tid;
to->si_overrun = from->si_overrun;
to->si_int = from->si_int;
break;
case SIL_POLL:
to->si_band = from->si_band;
to->si_fd = from->si_fd;
break;
case SIL_FAULT:
to->si_addr = ptr_to_compat(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
break;
case SIL_FAULT_MCEERR:
to->si_addr = ptr_to_compat(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_addr_lsb = from->si_addr_lsb;
break;
case SIL_FAULT_BNDERR:
to->si_addr = ptr_to_compat(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_lower = ptr_to_compat(from->si_lower);
to->si_upper = ptr_to_compat(from->si_upper);
break;
case SIL_FAULT_PKUERR:
to->si_addr = ptr_to_compat(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_pkey = from->si_pkey;
break;
case SIL_CHLD:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
to->si_status = from->si_status;
to->si_utime = from->si_utime;
to->si_stime = from->si_stime;
break;
case SIL_RT:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
to->si_int = from->si_int;
break;
case SIL_SYS:
to->si_call_addr = ptr_to_compat(from->si_call_addr);
to->si_syscall = from->si_syscall;
to->si_arch = from->si_arch;
break;
}
}
int __copy_siginfo_to_user32(struct compat_siginfo __user *to,
const struct kernel_siginfo *from)
{
struct compat_siginfo new;
copy_siginfo_to_external32(&new, from);
if (copy_to_user(to, &new, sizeof(struct compat_siginfo)))
return -EFAULT;
return 0;
}
static int post_copy_siginfo_from_user32(kernel_siginfo_t *to,
const struct compat_siginfo *from)
{
clear_siginfo(to);
to->si_signo = from->si_signo;
to->si_errno = from->si_errno;
to->si_code = from->si_code;
switch(siginfo_layout(from->si_signo, from->si_code)) {
case SIL_KILL:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
break;
case SIL_TIMER:
to->si_tid = from->si_tid;
to->si_overrun = from->si_overrun;
to->si_int = from->si_int;
break;
case SIL_POLL:
to->si_band = from->si_band;
to->si_fd = from->si_fd;
break;
case SIL_FAULT:
to->si_addr = compat_ptr(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
break;
case SIL_FAULT_MCEERR:
to->si_addr = compat_ptr(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_addr_lsb = from->si_addr_lsb;
break;
case SIL_FAULT_BNDERR:
to->si_addr = compat_ptr(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_lower = compat_ptr(from->si_lower);
to->si_upper = compat_ptr(from->si_upper);
break;
case SIL_FAULT_PKUERR:
to->si_addr = compat_ptr(from->si_addr);
#ifdef __ARCH_SI_TRAPNO
to->si_trapno = from->si_trapno;
#endif
to->si_pkey = from->si_pkey;
break;
case SIL_CHLD:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
to->si_status = from->si_status;
#ifdef CONFIG_X86_X32_ABI
if (in_x32_syscall()) {
to->si_utime = from->_sifields._sigchld_x32._utime;
to->si_stime = from->_sifields._sigchld_x32._stime;
} else
#endif
{
to->si_utime = from->si_utime;
to->si_stime = from->si_stime;
}
break;
case SIL_RT:
to->si_pid = from->si_pid;
to->si_uid = from->si_uid;
to->si_int = from->si_int;
break;
case SIL_SYS:
to->si_call_addr = compat_ptr(from->si_call_addr);
to->si_syscall = from->si_syscall;
to->si_arch = from->si_arch;
break;
}
return 0;
}
static int __copy_siginfo_from_user32(int signo, struct kernel_siginfo *to,
const struct compat_siginfo __user *ufrom)
{
struct compat_siginfo from;
if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
return -EFAULT;
from.si_signo = signo;
return post_copy_siginfo_from_user32(to, &from);
}
int copy_siginfo_from_user32(struct kernel_siginfo *to,
const struct compat_siginfo __user *ufrom)
{
struct compat_siginfo from;
if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo)))
return -EFAULT;
return post_copy_siginfo_from_user32(to, &from);
}
#endif /* CONFIG_COMPAT */
/**
* do_sigtimedwait - wait for queued signals specified in @which
* @which: queued signals to wait for
* @info: if non-null, the signal's siginfo is returned here
* @ts: upper bound on process time suspension
*/
static int do_sigtimedwait(const sigset_t *which, kernel_siginfo_t *info,
const struct timespec64 *ts)
{
ktime_t *to = NULL, timeout = KTIME_MAX;
struct task_struct *tsk = current;
sigset_t mask = *which;
int sig, ret = 0;
if (ts) {
if (!timespec64_valid(ts))
return -EINVAL;
timeout = timespec64_to_ktime(*ts);
to = &timeout;
}
/*
* Invert the set of allowed signals to get those we want to block.
*/
sigdelsetmask(&mask, sigmask(SIGKILL) | sigmask(SIGSTOP));
signotset(&mask);
spin_lock_irq(&tsk->sighand->siglock);
sig = dequeue_signal(tsk, &mask, info);
if (!sig && timeout) {
/*
* None ready, temporarily unblock those we're interested
* while we are sleeping in so that we'll be awakened when
* they arrive. Unblocking is always fine, we can avoid
* set_current_blocked().
*/
tsk->real_blocked = tsk->blocked;
sigandsets(&tsk->blocked, &tsk->blocked, &mask);
recalc_sigpending();
spin_unlock_irq(&tsk->sighand->siglock);
__set_current_state(TASK_INTERRUPTIBLE);
ret = freezable_schedule_hrtimeout_range(to, tsk->timer_slack_ns,
HRTIMER_MODE_REL);
spin_lock_irq(&tsk->sighand->siglock);
__set_task_blocked(tsk, &tsk->real_blocked);
sigemptyset(&tsk->real_blocked);
sig = dequeue_signal(tsk, &mask, info);
}
spin_unlock_irq(&tsk->sighand->siglock);
if (sig)
return sig;
return ret ? -EINTR : -EAGAIN;
}
/**
* sys_rt_sigtimedwait - synchronously wait for queued signals specified
* in @uthese
* @uthese: queued signals to wait for
* @uinfo: if non-null, the signal's siginfo is returned here
* @uts: upper bound on process time suspension
* @sigsetsize: size of sigset_t type
*/
SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese,
siginfo_t __user *, uinfo,
const struct __kernel_timespec __user *, uts,
size_t, sigsetsize)
{
sigset_t these;
struct timespec64 ts;
kernel_siginfo_t info;
int ret;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (copy_from_user(&these, uthese, sizeof(these)))
return -EFAULT;
if (uts) {
if (get_timespec64(&ts, uts))
return -EFAULT;
}
ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
if (ret > 0 && uinfo) {
if (copy_siginfo_to_user(uinfo, &info))
ret = -EFAULT;
}
return ret;
}
#ifdef CONFIG_COMPAT_32BIT_TIME
SYSCALL_DEFINE4(rt_sigtimedwait_time32, const sigset_t __user *, uthese,
siginfo_t __user *, uinfo,
const struct old_timespec32 __user *, uts,
size_t, sigsetsize)
{
sigset_t these;
struct timespec64 ts;
kernel_siginfo_t info;
int ret;
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (copy_from_user(&these, uthese, sizeof(these)))
return -EFAULT;
if (uts) {
if (get_old_timespec32(&ts, uts))
return -EFAULT;
}
ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL);
if (ret > 0 && uinfo) {
if (copy_siginfo_to_user(uinfo, &info))
ret = -EFAULT;
}
return ret;
}
#endif
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time64, compat_sigset_t __user *, uthese,
struct compat_siginfo __user *, uinfo,
struct __kernel_timespec __user *, uts, compat_size_t, sigsetsize)
{
sigset_t s;
struct timespec64 t;
kernel_siginfo_t info;
long ret;
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (get_compat_sigset(&s, uthese))
return -EFAULT;
if (uts) {
if (get_timespec64(&t, uts))
return -EFAULT;
}
ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
if (ret > 0 && uinfo) {
if (copy_siginfo_to_user32(uinfo, &info))
ret = -EFAULT;
}
return ret;
}
#ifdef CONFIG_COMPAT_32BIT_TIME
COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time32, compat_sigset_t __user *, uthese,
struct compat_siginfo __user *, uinfo,
struct old_timespec32 __user *, uts, compat_size_t, sigsetsize)
{
sigset_t s;
struct timespec64 t;
kernel_siginfo_t info;
long ret;
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (get_compat_sigset(&s, uthese))
return -EFAULT;
if (uts) {
if (get_old_timespec32(&t, uts))
return -EFAULT;
}
ret = do_sigtimedwait(&s, &info, uts ? &t : NULL);
if (ret > 0 && uinfo) {
if (copy_siginfo_to_user32(uinfo, &info))
ret = -EFAULT;
}
return ret;
}
#endif
#endif
static inline void prepare_kill_siginfo(int sig, struct kernel_siginfo *info)
{
clear_siginfo(info);
info->si_signo = sig;
info->si_errno = 0;
info->si_code = SI_USER;
info->si_pid = task_tgid_vnr(current);
info->si_uid = from_kuid_munged(current_user_ns(), current_uid());
}
/**
* sys_kill - send a signal to a process
* @pid: the PID of the process
* @sig: signal to be sent
*/
SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
{
struct kernel_siginfo info;
prepare_kill_siginfo(sig, &info);
return kill_something_info(sig, &info, pid);
}
/*
* Verify that the signaler and signalee either are in the same pid namespace
* or that the signaler's pid namespace is an ancestor of the signalee's pid
* namespace.
*/
static bool access_pidfd_pidns(struct pid *pid)
{
struct pid_namespace *active = task_active_pid_ns(current);
struct pid_namespace *p = ns_of_pid(pid);
for (;;) {
if (!p)
return false;
if (p == active)
break;
p = p->parent;
}
return true;
}
static int copy_siginfo_from_user_any(kernel_siginfo_t *kinfo, siginfo_t *info)
{
#ifdef CONFIG_COMPAT
/*
* Avoid hooking up compat syscalls and instead handle necessary
* conversions here. Note, this is a stop-gap measure and should not be
* considered a generic solution.
*/
if (in_compat_syscall())
return copy_siginfo_from_user32(
kinfo, (struct compat_siginfo __user *)info);
#endif
return copy_siginfo_from_user(kinfo, info);
}
static struct pid *pidfd_to_pid(const struct file *file)
{
struct pid *pid;
pid = pidfd_pid(file);
if (!IS_ERR(pid))
return pid;
return tgid_pidfd_to_pid(file);
}
/**
* sys_pidfd_send_signal - Signal a process through a pidfd
* @pidfd: file descriptor of the process
* @sig: signal to send
* @info: signal info
* @flags: future flags
*
* The syscall currently only signals via PIDTYPE_PID which covers
* kill(<positive-pid>, <signal>. It does not signal threads or process
* groups.
* In order to extend the syscall to threads and process groups the @flags
* argument should be used. In essence, the @flags argument will determine
* what is signaled and not the file descriptor itself. Put in other words,
* grouping is a property of the flags argument not a property of the file
* descriptor.
*
* Return: 0 on success, negative errno on failure
*/
SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig,
siginfo_t __user *, info, unsigned int, flags)
{
int ret;
struct fd f;
struct pid *pid;
kernel_siginfo_t kinfo;
/* Enforce flags be set to 0 until we add an extension. */
if (flags)
return -EINVAL;
f = fdget(pidfd);
if (!f.file)
return -EBADF;
/* Is this a pidfd? */
pid = pidfd_to_pid(f.file);
if (IS_ERR(pid)) {
ret = PTR_ERR(pid);
goto err;
}
ret = -EINVAL;
if (!access_pidfd_pidns(pid))
goto err;
if (info) {
ret = copy_siginfo_from_user_any(&kinfo, info);
if (unlikely(ret))
goto err;
ret = -EINVAL;
if (unlikely(sig != kinfo.si_signo))
goto err;
/* Only allow sending arbitrary signals to yourself. */
ret = -EPERM;
if ((task_pid(current) != pid) &&
(kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL))
goto err;
} else {
prepare_kill_siginfo(sig, &kinfo);
}
ret = kill_pid_info(sig, &kinfo, pid);
err:
fdput(f);
return ret;
}
static int
do_send_specific(pid_t tgid, pid_t pid, int sig, struct kernel_siginfo *info)
{
struct task_struct *p;
int error = -ESRCH;
rcu_read_lock();
p = find_task_by_vpid(pid);
if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) {
error = check_kill_permission(sig, info, p);
/*
* The null signal is a permissions and process existence
* probe. No signal is actually delivered.
*/
if (!error && sig) {
error = do_send_sig_info(sig, info, p, PIDTYPE_PID);
/*
* If lock_task_sighand() failed we pretend the task
* dies after receiving the signal. The window is tiny,
* and the signal is private anyway.
*/
if (unlikely(error == -ESRCH))
error = 0;
}
}
rcu_read_unlock();
return error;
}
static int do_tkill(pid_t tgid, pid_t pid, int sig)
{
struct kernel_siginfo info;
clear_siginfo(&info);
info.si_signo = sig;
info.si_errno = 0;
info.si_code = SI_TKILL;
info.si_pid = task_tgid_vnr(current);
info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
return do_send_specific(tgid, pid, sig, &info);
}
/**
* sys_tgkill - send signal to one specific thread
* @tgid: the thread group ID of the thread
* @pid: the PID of the thread
* @sig: signal to be sent
*
* This syscall also checks the @tgid and returns -ESRCH even if the PID
* exists but it's not belonging to the target process anymore. This
* method solves the problem of threads exiting and PIDs getting reused.
*/
SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig)
{
/* This is only valid for single tasks */
if (pid <= 0 || tgid <= 0)
return -EINVAL;
return do_tkill(tgid, pid, sig);
}
/**
* sys_tkill - send signal to one specific task
* @pid: the PID of the task
* @sig: signal to be sent
*
* Send a signal to only one task, even if it's a CLONE_THREAD task.
*/
SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig)
{
/* This is only valid for single tasks */
if (pid <= 0)
return -EINVAL;
return do_tkill(0, pid, sig);
}
static int do_rt_sigqueueinfo(pid_t pid, int sig, kernel_siginfo_t *info)
{
/* Not even root can pretend to send signals from the kernel.
* Nor can they impersonate a kill()/tgkill(), which adds source info.
*/
if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
(task_pid_vnr(current) != pid))
return -EPERM;
/* POSIX.1b doesn't mention process groups. */
return kill_proc_info(sig, info, pid);
}
/**
* sys_rt_sigqueueinfo - send signal information to a signal
* @pid: the PID of the thread
* @sig: signal to be sent
* @uinfo: signal info to be sent
*/
SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig,
siginfo_t __user *, uinfo)
{
kernel_siginfo_t info;
int ret = __copy_siginfo_from_user(sig, &info, uinfo);
if (unlikely(ret))
return ret;
return do_rt_sigqueueinfo(pid, sig, &info);
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE3(rt_sigqueueinfo,
compat_pid_t, pid,
int, sig,
struct compat_siginfo __user *, uinfo)
{
kernel_siginfo_t info;
int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
if (unlikely(ret))
return ret;
return do_rt_sigqueueinfo(pid, sig, &info);
}
#endif
static int do_rt_tgsigqueueinfo(pid_t tgid, pid_t pid, int sig, kernel_siginfo_t *info)
{
/* This is only valid for single tasks */
if (pid <= 0 || tgid <= 0)
return -EINVAL;
/* Not even root can pretend to send signals from the kernel.
* Nor can they impersonate a kill()/tgkill(), which adds source info.
*/
if ((info->si_code >= 0 || info->si_code == SI_TKILL) &&
(task_pid_vnr(current) != pid))
return -EPERM;
return do_send_specific(tgid, pid, sig, info);
}
SYSCALL_DEFINE4(rt_tgsigqueueinfo, pid_t, tgid, pid_t, pid, int, sig,
siginfo_t __user *, uinfo)
{
kernel_siginfo_t info;
int ret = __copy_siginfo_from_user(sig, &info, uinfo);
if (unlikely(ret))
return ret;
return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(rt_tgsigqueueinfo,
compat_pid_t, tgid,
compat_pid_t, pid,
int, sig,
struct compat_siginfo __user *, uinfo)
{
kernel_siginfo_t info;
int ret = __copy_siginfo_from_user32(sig, &info, uinfo);
if (unlikely(ret))
return ret;
return do_rt_tgsigqueueinfo(tgid, pid, sig, &info);
}
#endif
/*
* For kthreads only, must not be used if cloned with CLONE_SIGHAND
*/
void kernel_sigaction(int sig, __sighandler_t action)
{
spin_lock_irq(&current->sighand->siglock);
current->sighand->action[sig - 1].sa.sa_handler = action;
if (action == SIG_IGN) {
sigset_t mask;
sigemptyset(&mask);
sigaddset(&mask, sig);
flush_sigqueue_mask(&mask, &current->signal->shared_pending);
flush_sigqueue_mask(&mask, &current->pending);
recalc_sigpending();
}
spin_unlock_irq(&current->sighand->siglock);
}
EXPORT_SYMBOL(kernel_sigaction);
void __weak sigaction_compat_abi(struct k_sigaction *act,
struct k_sigaction *oact)
{
}
int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
{
struct task_struct *p = current, *t;
struct k_sigaction *k;
sigset_t mask;
if (!valid_signal(sig) || sig < 1 || (act && sig_kernel_only(sig)))
return -EINVAL;
k = &p->sighand->action[sig-1];
spin_lock_irq(&p->sighand->siglock);
if (oact)
*oact = *k;
/*
* Make sure that we never accidentally claim to support SA_UNSUPPORTED,
* e.g. by having an architecture use the bit in their uapi.
*/
BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED);
/*
* Clear unknown flag bits in order to allow userspace to detect missing
* support for flag bits and to allow the kernel to use non-uapi bits
* internally.
*/
if (act)
act->sa.sa_flags &= UAPI_SA_FLAGS;
if (oact)
oact->sa.sa_flags &= UAPI_SA_FLAGS;
sigaction_compat_abi(act, oact);
if (act) {
sigdelsetmask(&act->sa.sa_mask,
sigmask(SIGKILL) | sigmask(SIGSTOP));
*k = *act;
/*
* POSIX 3.3.1.3:
* "Setting a signal action to SIG_IGN for a signal that is
* pending shall cause the pending signal to be discarded,
* whether or not it is blocked."
*
* "Setting a signal action to SIG_DFL for a signal that is
* pending and whose default action is to ignore the signal
* (for example, SIGCHLD), shall cause the pending signal to
* be discarded, whether or not it is blocked"
*/
if (sig_handler_ignored(sig_handler(p, sig), sig)) {
sigemptyset(&mask);
sigaddset(&mask, sig);
flush_sigqueue_mask(&mask, &p->signal->shared_pending);
for_each_thread(p, t)
flush_sigqueue_mask(&mask, &t->pending);
}
}
spin_unlock_irq(&p->sighand->siglock);
return 0;
}
static int
do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
size_t min_ss_size)
{
struct task_struct *t = current;
if (oss) {
memset(oss, 0, sizeof(stack_t));
oss->ss_sp = (void __user *) t->sas_ss_sp;
oss->ss_size = t->sas_ss_size;
oss->ss_flags = sas_ss_flags(sp) |
(current->sas_ss_flags & SS_FLAG_BITS);
}
if (ss) {
void __user *ss_sp = ss->ss_sp;
size_t ss_size = ss->ss_size;
unsigned ss_flags = ss->ss_flags;
int ss_mode;
if (unlikely(on_sig_stack(sp)))
return -EPERM;
ss_mode = ss_flags & ~SS_FLAG_BITS;
if (unlikely(ss_mode != SS_DISABLE && ss_mode != SS_ONSTACK &&
ss_mode != 0))
return -EINVAL;
if (ss_mode == SS_DISABLE) {
ss_size = 0;
ss_sp = NULL;
} else {
if (unlikely(ss_size < min_ss_size))
return -ENOMEM;
}
t->sas_ss_sp = (unsigned long) ss_sp;
t->sas_ss_size = ss_size;
t->sas_ss_flags = ss_flags;
}
return 0;
}
SYSCALL_DEFINE2(sigaltstack,const stack_t __user *,uss, stack_t __user *,uoss)
{
stack_t new, old;
int err;
if (uss && copy_from_user(&new, uss, sizeof(stack_t)))
return -EFAULT;
err = do_sigaltstack(uss ? &new : NULL, uoss ? &old : NULL,
current_user_stack_pointer(),
MINSIGSTKSZ);
if (!err && uoss && copy_to_user(uoss, &old, sizeof(stack_t)))
err = -EFAULT;
return err;
}
int restore_altstack(const stack_t __user *uss)
{
stack_t new;
if (copy_from_user(&new, uss, sizeof(stack_t)))
return -EFAULT;
(void)do_sigaltstack(&new, NULL, current_user_stack_pointer(),
MINSIGSTKSZ);
/* squash all but EFAULT for now */
return 0;
}
int __save_altstack(stack_t __user *uss, unsigned long sp)
{
struct task_struct *t = current;
int err = __put_user((void __user *)t->sas_ss_sp, &uss->ss_sp) |
__put_user(t->sas_ss_flags, &uss->ss_flags) |
__put_user(t->sas_ss_size, &uss->ss_size);
if (err)
return err;
if (t->sas_ss_flags & SS_AUTODISARM)
sas_ss_reset(t);
return 0;
}
#ifdef CONFIG_COMPAT
static int do_compat_sigaltstack(const compat_stack_t __user *uss_ptr,
compat_stack_t __user *uoss_ptr)
{
stack_t uss, uoss;
int ret;
if (uss_ptr) {
compat_stack_t uss32;
if (copy_from_user(&uss32, uss_ptr, sizeof(compat_stack_t)))
return -EFAULT;
uss.ss_sp = compat_ptr(uss32.ss_sp);
uss.ss_flags = uss32.ss_flags;
uss.ss_size = uss32.ss_size;
}
ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss,
compat_user_stack_pointer(),
COMPAT_MINSIGSTKSZ);
if (ret >= 0 && uoss_ptr) {
compat_stack_t old;
memset(&old, 0, sizeof(old));
old.ss_sp = ptr_to_compat(uoss.ss_sp);
old.ss_flags = uoss.ss_flags;
old.ss_size = uoss.ss_size;
if (copy_to_user(uoss_ptr, &old, sizeof(compat_stack_t)))
ret = -EFAULT;
}
return ret;
}
COMPAT_SYSCALL_DEFINE2(sigaltstack,
const compat_stack_t __user *, uss_ptr,
compat_stack_t __user *, uoss_ptr)
{
return do_compat_sigaltstack(uss_ptr, uoss_ptr);
}
int compat_restore_altstack(const compat_stack_t __user *uss)
{
int err = do_compat_sigaltstack(uss, NULL);
/* squash all but -EFAULT for now */
return err == -EFAULT ? err : 0;
}
int __compat_save_altstack(compat_stack_t __user *uss, unsigned long sp)
{
int err;
struct task_struct *t = current;
err = __put_user(ptr_to_compat((void __user *)t->sas_ss_sp),
&uss->ss_sp) |
__put_user(t->sas_ss_flags, &uss->ss_flags) |
__put_user(t->sas_ss_size, &uss->ss_size);
if (err)
return err;
if (t->sas_ss_flags & SS_AUTODISARM)
sas_ss_reset(t);
return 0;
}
#endif
#ifdef __ARCH_WANT_SYS_SIGPENDING
/**
* sys_sigpending - examine pending signals
* @uset: where mask of pending signal is returned
*/
SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, uset)
{
sigset_t set;
if (sizeof(old_sigset_t) > sizeof(*uset))
return -EINVAL;
do_sigpending(&set);
if (copy_to_user(uset, &set, sizeof(old_sigset_t)))
return -EFAULT;
return 0;
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE1(sigpending, compat_old_sigset_t __user *, set32)
{
sigset_t set;
do_sigpending(&set);
return put_user(set.sig[0], set32);
}
#endif
#endif
#ifdef __ARCH_WANT_SYS_SIGPROCMASK
/**
* sys_sigprocmask - examine and change blocked signals
* @how: whether to add, remove, or set signals
* @nset: signals to add or remove (if non-null)
* @oset: previous value of signal mask if non-null
*
* Some platforms have their own version with special arguments;
* others support only sys_rt_sigprocmask.
*/
SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, nset,
old_sigset_t __user *, oset)
{
old_sigset_t old_set, new_set;
sigset_t new_blocked;
old_set = current->blocked.sig[0];
if (nset) {
if (copy_from_user(&new_set, nset, sizeof(*nset)))
return -EFAULT;
new_blocked = current->blocked;
switch (how) {
case SIG_BLOCK:
sigaddsetmask(&new_blocked, new_set);
break;
case SIG_UNBLOCK:
sigdelsetmask(&new_blocked, new_set);
break;
case SIG_SETMASK:
new_blocked.sig[0] = new_set;
break;
default:
return -EINVAL;
}
set_current_blocked(&new_blocked);
}
if (oset) {
if (copy_to_user(oset, &old_set, sizeof(*oset)))
return -EFAULT;
}
return 0;
}
#endif /* __ARCH_WANT_SYS_SIGPROCMASK */
#ifndef CONFIG_ODD_RT_SIGACTION
/**
* sys_rt_sigaction - alter an action taken by a process
* @sig: signal to be sent
* @act: new sigaction
* @oact: used to save the previous sigaction
* @sigsetsize: size of sigset_t type
*/
SYSCALL_DEFINE4(rt_sigaction, int, sig,
const struct sigaction __user *, act,
struct sigaction __user *, oact,
size_t, sigsetsize)
{
struct k_sigaction new_sa, old_sa;
int ret;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (act && copy_from_user(&new_sa.sa, act, sizeof(new_sa.sa)))
return -EFAULT;
ret = do_sigaction(sig, act ? &new_sa : NULL, oact ? &old_sa : NULL);
if (ret)
return ret;
if (oact && copy_to_user(oact, &old_sa.sa, sizeof(old_sa.sa)))
return -EFAULT;
return 0;
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(rt_sigaction, int, sig,
const struct compat_sigaction __user *, act,
struct compat_sigaction __user *, oact,
compat_size_t, sigsetsize)
{
struct k_sigaction new_ka, old_ka;
#ifdef __ARCH_HAS_SA_RESTORER
compat_uptr_t restorer;
#endif
int ret;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(compat_sigset_t))
return -EINVAL;
if (act) {
compat_uptr_t handler;
ret = get_user(handler, &act->sa_handler);
new_ka.sa.sa_handler = compat_ptr(handler);
#ifdef __ARCH_HAS_SA_RESTORER
ret |= get_user(restorer, &act->sa_restorer);
new_ka.sa.sa_restorer = compat_ptr(restorer);
#endif
ret |= get_compat_sigset(&new_ka.sa.sa_mask, &act->sa_mask);
ret |= get_user(new_ka.sa.sa_flags, &act->sa_flags);
if (ret)
return -EFAULT;
}
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
if (!ret && oact) {
ret = put_user(ptr_to_compat(old_ka.sa.sa_handler),
&oact->sa_handler);
ret |= put_compat_sigset(&oact->sa_mask, &old_ka.sa.sa_mask,
sizeof(oact->sa_mask));
ret |= put_user(old_ka.sa.sa_flags, &oact->sa_flags);
#ifdef __ARCH_HAS_SA_RESTORER
ret |= put_user(ptr_to_compat(old_ka.sa.sa_restorer),
&oact->sa_restorer);
#endif
}
return ret;
}
#endif
#endif /* !CONFIG_ODD_RT_SIGACTION */
#ifdef CONFIG_OLD_SIGACTION
SYSCALL_DEFINE3(sigaction, int, sig,
const struct old_sigaction __user *, act,
struct old_sigaction __user *, oact)
{
struct k_sigaction new_ka, old_ka;
int ret;
if (act) {
old_sigset_t mask;
if (!access_ok(act, sizeof(*act)) ||
__get_user(new_ka.sa.sa_handler, &act->sa_handler) ||
__get_user(new_ka.sa.sa_restorer, &act->sa_restorer) ||
__get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
__get_user(mask, &act->sa_mask))
return -EFAULT;
#ifdef __ARCH_HAS_KA_RESTORER
new_ka.ka_restorer = NULL;
#endif
siginitset(&new_ka.sa.sa_mask, mask);
}
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
if (!ret && oact) {
if (!access_ok(oact, sizeof(*oact)) ||
__put_user(old_ka.sa.sa_handler, &oact->sa_handler) ||
__put_user(old_ka.sa.sa_restorer, &oact->sa_restorer) ||
__put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
__put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
return -EFAULT;
}
return ret;
}
#endif
#ifdef CONFIG_COMPAT_OLD_SIGACTION
COMPAT_SYSCALL_DEFINE3(sigaction, int, sig,
const struct compat_old_sigaction __user *, act,
struct compat_old_sigaction __user *, oact)
{
struct k_sigaction new_ka, old_ka;
int ret;
compat_old_sigset_t mask;
compat_uptr_t handler, restorer;
if (act) {
if (!access_ok(act, sizeof(*act)) ||
__get_user(handler, &act->sa_handler) ||
__get_user(restorer, &act->sa_restorer) ||
__get_user(new_ka.sa.sa_flags, &act->sa_flags) ||
__get_user(mask, &act->sa_mask))
return -EFAULT;
#ifdef __ARCH_HAS_KA_RESTORER
new_ka.ka_restorer = NULL;
#endif
new_ka.sa.sa_handler = compat_ptr(handler);
new_ka.sa.sa_restorer = compat_ptr(restorer);
siginitset(&new_ka.sa.sa_mask, mask);
}
ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL);
if (!ret && oact) {
if (!access_ok(oact, sizeof(*oact)) ||
__put_user(ptr_to_compat(old_ka.sa.sa_handler),
&oact->sa_handler) ||
__put_user(ptr_to_compat(old_ka.sa.sa_restorer),
&oact->sa_restorer) ||
__put_user(old_ka.sa.sa_flags, &oact->sa_flags) ||
__put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask))
return -EFAULT;
}
return ret;
}
#endif
#ifdef CONFIG_SGETMASK_SYSCALL
/*
* For backwards compatibility. Functionality superseded by sigprocmask.
*/
SYSCALL_DEFINE0(sgetmask)
{
/* SMP safe */
return current->blocked.sig[0];
}
SYSCALL_DEFINE1(ssetmask, int, newmask)
{
int old = current->blocked.sig[0];
sigset_t newset;
siginitset(&newset, newmask);
set_current_blocked(&newset);
return old;
}
#endif /* CONFIG_SGETMASK_SYSCALL */
#ifdef __ARCH_WANT_SYS_SIGNAL
/*
* For backwards compatibility. Functionality superseded by sigaction.
*/
SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler)
{
struct k_sigaction new_sa, old_sa;
int ret;
new_sa.sa.sa_handler = handler;
new_sa.sa.sa_flags = SA_ONESHOT | SA_NOMASK;
sigemptyset(&new_sa.sa.sa_mask);
ret = do_sigaction(sig, &new_sa, &old_sa);
return ret ? ret : (unsigned long)old_sa.sa.sa_handler;
}
#endif /* __ARCH_WANT_SYS_SIGNAL */
#ifdef __ARCH_WANT_SYS_PAUSE
SYSCALL_DEFINE0(pause)
{
while (!signal_pending(current)) {
__set_current_state(TASK_INTERRUPTIBLE);
schedule();
}
return -ERESTARTNOHAND;
}
#endif
static int sigsuspend(sigset_t *set)
{
current->saved_sigmask = current->blocked;
set_current_blocked(set);
while (!signal_pending(current)) {
__set_current_state(TASK_INTERRUPTIBLE);
schedule();
}
set_restore_sigmask();
return -ERESTARTNOHAND;
}
/**
* sys_rt_sigsuspend - replace the signal mask for a value with the
* @unewset value until a signal is received
* @unewset: new signal mask value
* @sigsetsize: size of sigset_t type
*/
SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize)
{
sigset_t newset;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (copy_from_user(&newset, unewset, sizeof(newset)))
return -EFAULT;
return sigsuspend(&newset);
}
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE2(rt_sigsuspend, compat_sigset_t __user *, unewset, compat_size_t, sigsetsize)
{
sigset_t newset;
/* XXX: Don't preclude handling different sized sigset_t's. */
if (sigsetsize != sizeof(sigset_t))
return -EINVAL;
if (get_compat_sigset(&newset, unewset))
return -EFAULT;
return sigsuspend(&newset);
}
#endif
#ifdef CONFIG_OLD_SIGSUSPEND
SYSCALL_DEFINE1(sigsuspend, old_sigset_t, mask)
{
sigset_t blocked;
siginitset(&blocked, mask);
return sigsuspend(&blocked);
}
#endif
#ifdef CONFIG_OLD_SIGSUSPEND3
SYSCALL_DEFINE3(sigsuspend, int, unused1, int, unused2, old_sigset_t, mask)
{
sigset_t blocked;
siginitset(&blocked, mask);
return sigsuspend(&blocked);
}
#endif
__weak const char *arch_vma_name(struct vm_area_struct *vma)
{
return NULL;
}
static inline void siginfo_buildtime_checks(void)
{
BUILD_BUG_ON(sizeof(struct siginfo) != SI_MAX_SIZE);
/* Verify the offsets in the two siginfos match */
#define CHECK_OFFSET(field) \
BUILD_BUG_ON(offsetof(siginfo_t, field) != offsetof(kernel_siginfo_t, field))
/* kill */
CHECK_OFFSET(si_pid);
CHECK_OFFSET(si_uid);
/* timer */
CHECK_OFFSET(si_tid);
CHECK_OFFSET(si_overrun);
CHECK_OFFSET(si_value);
/* rt */
CHECK_OFFSET(si_pid);
CHECK_OFFSET(si_uid);
CHECK_OFFSET(si_value);
/* sigchld */
CHECK_OFFSET(si_pid);
CHECK_OFFSET(si_uid);
CHECK_OFFSET(si_status);
CHECK_OFFSET(si_utime);
CHECK_OFFSET(si_stime);
/* sigfault */
CHECK_OFFSET(si_addr);
CHECK_OFFSET(si_addr_lsb);
CHECK_OFFSET(si_lower);
CHECK_OFFSET(si_upper);
CHECK_OFFSET(si_pkey);
/* sigpoll */
CHECK_OFFSET(si_band);
CHECK_OFFSET(si_fd);
/* sigsys */
CHECK_OFFSET(si_call_addr);
CHECK_OFFSET(si_syscall);
CHECK_OFFSET(si_arch);
#undef CHECK_OFFSET
/* usb asyncio */
BUILD_BUG_ON(offsetof(struct siginfo, si_pid) !=
offsetof(struct siginfo, si_addr));
if (sizeof(int) == sizeof(void __user *)) {
BUILD_BUG_ON(sizeof_field(struct siginfo, si_pid) !=
sizeof(void __user *));
} else {
BUILD_BUG_ON((sizeof_field(struct siginfo, si_pid) +
sizeof_field(struct siginfo, si_uid)) !=
sizeof(void __user *));
BUILD_BUG_ON(offsetofend(struct siginfo, si_pid) !=
offsetof(struct siginfo, si_uid));
}
#ifdef CONFIG_COMPAT
BUILD_BUG_ON(offsetof(struct compat_siginfo, si_pid) !=
offsetof(struct compat_siginfo, si_addr));
BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
sizeof(compat_uptr_t));
BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) !=
sizeof_field(struct siginfo, si_pid));
#endif
}
void __init signals_init(void)
{
siginfo_buildtime_checks();
sigqueue_cachep = KMEM_CACHE(sigqueue, SLAB_PANIC);
}
#ifdef CONFIG_KGDB_KDB
#include <linux/kdb.h>
/*
* kdb_send_sig - Allows kdb to send signals without exposing
* signal internals. This function checks if the required locks are
* available before calling the main signal code, to avoid kdb
* deadlocks.
*/
void kdb_send_sig(struct task_struct *t, int sig)
{
static struct task_struct *kdb_prev_t;
int new_t, ret;
if (!spin_trylock(&t->sighand->siglock)) {
kdb_printf("Can't do kill command now.\n"
"The sigmask lock is held somewhere else in "
"kernel, try again later\n");
return;
}
new_t = kdb_prev_t != t;
kdb_prev_t = t;
if (t->state != TASK_RUNNING && new_t) {
spin_unlock(&t->sighand->siglock);
kdb_printf("Process is not RUNNING, sending a signal from "
"kdb risks deadlock\n"
"on the run queue locks. "
"The signal has _not_ been sent.\n"
"Reissue the kill command if you want to risk "
"the deadlock.\n");
return;
}
ret = send_signal(sig, SEND_SIG_PRIV, t, PIDTYPE_PID);
spin_unlock(&t->sighand->siglock);
if (ret)
kdb_printf("Fail to deliver Signal %d to process %d.\n",
sig, t->pid);
else
kdb_printf("Signal %d is sent to process %d.\n", sig, t->pid);
}
#endif /* CONFIG_KGDB_KDB */