1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * linux/kernel/signal.c 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 * 7 * 1997-11-02 Modified for POSIX.1b signals by Richard Henderson 8 * 9 * 2003-06-02 Jim Houston - Concurrent Computer Corp. 10 * Changes to use preallocated sigqueue structures 11 * to allow signals to be sent reliably. 12 */ 13 14 #include <linux/slab.h> 15 #include <linux/export.h> 16 #include <linux/init.h> 17 #include <linux/sched/mm.h> 18 #include <linux/sched/user.h> 19 #include <linux/sched/debug.h> 20 #include <linux/sched/task.h> 21 #include <linux/sched/task_stack.h> 22 #include <linux/sched/cputime.h> 23 #include <linux/file.h> 24 #include <linux/fs.h> 25 #include <linux/mm.h> 26 #include <linux/proc_fs.h> 27 #include <linux/tty.h> 28 #include <linux/binfmts.h> 29 #include <linux/coredump.h> 30 #include <linux/security.h> 31 #include <linux/syscalls.h> 32 #include <linux/ptrace.h> 33 #include <linux/signal.h> 34 #include <linux/signalfd.h> 35 #include <linux/ratelimit.h> 36 #include <linux/task_work.h> 37 #include <linux/capability.h> 38 #include <linux/freezer.h> 39 #include <linux/pid_namespace.h> 40 #include <linux/nsproxy.h> 41 #include <linux/user_namespace.h> 42 #include <linux/uprobes.h> 43 #include <linux/compat.h> 44 #include <linux/cn_proc.h> 45 #include <linux/compiler.h> 46 #include <linux/posix-timers.h> 47 #include <linux/cgroup.h> 48 #include <linux/audit.h> 49 #include <linux/sysctl.h> 50 #include <uapi/linux/pidfd.h> 51 52 #define CREATE_TRACE_POINTS 53 #include <trace/events/signal.h> 54 55 #include <asm/param.h> 56 #include <linux/uaccess.h> 57 #include <asm/unistd.h> 58 #include <asm/siginfo.h> 59 #include <asm/cacheflush.h> 60 #include <asm/syscall.h> /* for syscall_get_* */ 61 62 /* 63 * SLAB caches for signal bits. 64 */ 65 66 static struct kmem_cache *sigqueue_cachep; 67 68 int print_fatal_signals __read_mostly; 69 70 static void __user *sig_handler(struct task_struct *t, int sig) 71 { 72 return t->sighand->action[sig - 1].sa.sa_handler; 73 } 74 75 static inline bool sig_handler_ignored(void __user *handler, int sig) 76 { 77 /* Is it explicitly or implicitly ignored? */ 78 return handler == SIG_IGN || 79 (handler == SIG_DFL && sig_kernel_ignore(sig)); 80 } 81 82 static bool sig_task_ignored(struct task_struct *t, int sig, bool force) 83 { 84 void __user *handler; 85 86 handler = sig_handler(t, sig); 87 88 /* SIGKILL and SIGSTOP may not be sent to the global init */ 89 if (unlikely(is_global_init(t) && sig_kernel_only(sig))) 90 return true; 91 92 if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) && 93 handler == SIG_DFL && !(force && sig_kernel_only(sig))) 94 return true; 95 96 /* Only allow kernel generated signals to this kthread */ 97 if (unlikely((t->flags & PF_KTHREAD) && 98 (handler == SIG_KTHREAD_KERNEL) && !force)) 99 return true; 100 101 return sig_handler_ignored(handler, sig); 102 } 103 104 static bool sig_ignored(struct task_struct *t, int sig, bool force) 105 { 106 /* 107 * Blocked signals are never ignored, since the 108 * signal handler may change by the time it is 109 * unblocked. 110 */ 111 if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig)) 112 return false; 113 114 /* 115 * Tracers may want to know about even ignored signal unless it 116 * is SIGKILL which can't be reported anyway but can be ignored 117 * by SIGNAL_UNKILLABLE task. 118 */ 119 if (t->ptrace && sig != SIGKILL) 120 return false; 121 122 return sig_task_ignored(t, sig, force); 123 } 124 125 /* 126 * Re-calculate pending state from the set of locally pending 127 * signals, globally pending signals, and blocked signals. 128 */ 129 static inline bool has_pending_signals(sigset_t *signal, sigset_t *blocked) 130 { 131 unsigned long ready; 132 long i; 133 134 switch (_NSIG_WORDS) { 135 default: 136 for (i = _NSIG_WORDS, ready = 0; --i >= 0 ;) 137 ready |= signal->sig[i] &~ blocked->sig[i]; 138 break; 139 140 case 4: ready = signal->sig[3] &~ blocked->sig[3]; 141 ready |= signal->sig[2] &~ blocked->sig[2]; 142 ready |= signal->sig[1] &~ blocked->sig[1]; 143 ready |= signal->sig[0] &~ blocked->sig[0]; 144 break; 145 146 case 2: ready = signal->sig[1] &~ blocked->sig[1]; 147 ready |= signal->sig[0] &~ blocked->sig[0]; 148 break; 149 150 case 1: ready = signal->sig[0] &~ blocked->sig[0]; 151 } 152 return ready != 0; 153 } 154 155 #define PENDING(p,b) has_pending_signals(&(p)->signal, (b)) 156 157 static bool recalc_sigpending_tsk(struct task_struct *t) 158 { 159 if ((t->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) || 160 PENDING(&t->pending, &t->blocked) || 161 PENDING(&t->signal->shared_pending, &t->blocked) || 162 cgroup_task_frozen(t)) { 163 set_tsk_thread_flag(t, TIF_SIGPENDING); 164 return true; 165 } 166 167 /* 168 * We must never clear the flag in another thread, or in current 169 * when it's possible the current syscall is returning -ERESTART*. 170 * So we don't clear it here, and only callers who know they should do. 171 */ 172 return false; 173 } 174 175 void recalc_sigpending(void) 176 { 177 if (!recalc_sigpending_tsk(current) && !freezing(current)) 178 clear_thread_flag(TIF_SIGPENDING); 179 180 } 181 EXPORT_SYMBOL(recalc_sigpending); 182 183 void calculate_sigpending(void) 184 { 185 /* Have any signals or users of TIF_SIGPENDING been delayed 186 * until after fork? 187 */ 188 spin_lock_irq(¤t->sighand->siglock); 189 set_tsk_thread_flag(current, TIF_SIGPENDING); 190 recalc_sigpending(); 191 spin_unlock_irq(¤t->sighand->siglock); 192 } 193 194 /* Given the mask, find the first available signal that should be serviced. */ 195 196 #define SYNCHRONOUS_MASK \ 197 (sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \ 198 sigmask(SIGTRAP) | sigmask(SIGFPE) | sigmask(SIGSYS)) 199 200 int next_signal(struct sigpending *pending, sigset_t *mask) 201 { 202 unsigned long i, *s, *m, x; 203 int sig = 0; 204 205 s = pending->signal.sig; 206 m = mask->sig; 207 208 /* 209 * Handle the first word specially: it contains the 210 * synchronous signals that need to be dequeued first. 211 */ 212 x = *s &~ *m; 213 if (x) { 214 if (x & SYNCHRONOUS_MASK) 215 x &= SYNCHRONOUS_MASK; 216 sig = ffz(~x) + 1; 217 return sig; 218 } 219 220 switch (_NSIG_WORDS) { 221 default: 222 for (i = 1; i < _NSIG_WORDS; ++i) { 223 x = *++s &~ *++m; 224 if (!x) 225 continue; 226 sig = ffz(~x) + i*_NSIG_BPW + 1; 227 break; 228 } 229 break; 230 231 case 2: 232 x = s[1] &~ m[1]; 233 if (!x) 234 break; 235 sig = ffz(~x) + _NSIG_BPW + 1; 236 break; 237 238 case 1: 239 /* Nothing to do */ 240 break; 241 } 242 243 return sig; 244 } 245 246 static inline void print_dropped_signal(int sig) 247 { 248 static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10); 249 250 if (!print_fatal_signals) 251 return; 252 253 if (!__ratelimit(&ratelimit_state)) 254 return; 255 256 pr_info("%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n", 257 current->comm, current->pid, sig); 258 } 259 260 /** 261 * task_set_jobctl_pending - set jobctl pending bits 262 * @task: target task 263 * @mask: pending bits to set 264 * 265 * Clear @mask from @task->jobctl. @mask must be subset of 266 * %JOBCTL_PENDING_MASK | %JOBCTL_STOP_CONSUME | %JOBCTL_STOP_SIGMASK | 267 * %JOBCTL_TRAPPING. If stop signo is being set, the existing signo is 268 * cleared. If @task is already being killed or exiting, this function 269 * becomes noop. 270 * 271 * CONTEXT: 272 * Must be called with @task->sighand->siglock held. 273 * 274 * RETURNS: 275 * %true if @mask is set, %false if made noop because @task was dying. 276 */ 277 bool task_set_jobctl_pending(struct task_struct *task, unsigned long mask) 278 { 279 BUG_ON(mask & ~(JOBCTL_PENDING_MASK | JOBCTL_STOP_CONSUME | 280 JOBCTL_STOP_SIGMASK | JOBCTL_TRAPPING)); 281 BUG_ON((mask & JOBCTL_TRAPPING) && !(mask & JOBCTL_PENDING_MASK)); 282 283 if (unlikely(fatal_signal_pending(task) || (task->flags & PF_EXITING))) 284 return false; 285 286 if (mask & JOBCTL_STOP_SIGMASK) 287 task->jobctl &= ~JOBCTL_STOP_SIGMASK; 288 289 task->jobctl |= mask; 290 return true; 291 } 292 293 /** 294 * task_clear_jobctl_trapping - clear jobctl trapping bit 295 * @task: target task 296 * 297 * If JOBCTL_TRAPPING is set, a ptracer is waiting for us to enter TRACED. 298 * Clear it and wake up the ptracer. Note that we don't need any further 299 * locking. @task->siglock guarantees that @task->parent points to the 300 * ptracer. 301 * 302 * CONTEXT: 303 * Must be called with @task->sighand->siglock held. 304 */ 305 void task_clear_jobctl_trapping(struct task_struct *task) 306 { 307 if (unlikely(task->jobctl & JOBCTL_TRAPPING)) { 308 task->jobctl &= ~JOBCTL_TRAPPING; 309 smp_mb(); /* advised by wake_up_bit() */ 310 wake_up_bit(&task->jobctl, JOBCTL_TRAPPING_BIT); 311 } 312 } 313 314 /** 315 * task_clear_jobctl_pending - clear jobctl pending bits 316 * @task: target task 317 * @mask: pending bits to clear 318 * 319 * Clear @mask from @task->jobctl. @mask must be subset of 320 * %JOBCTL_PENDING_MASK. If %JOBCTL_STOP_PENDING is being cleared, other 321 * STOP bits are cleared together. 322 * 323 * If clearing of @mask leaves no stop or trap pending, this function calls 324 * task_clear_jobctl_trapping(). 325 * 326 * CONTEXT: 327 * Must be called with @task->sighand->siglock held. 328 */ 329 void task_clear_jobctl_pending(struct task_struct *task, unsigned long mask) 330 { 331 BUG_ON(mask & ~JOBCTL_PENDING_MASK); 332 333 if (mask & JOBCTL_STOP_PENDING) 334 mask |= JOBCTL_STOP_CONSUME | JOBCTL_STOP_DEQUEUED; 335 336 task->jobctl &= ~mask; 337 338 if (!(task->jobctl & JOBCTL_PENDING_MASK)) 339 task_clear_jobctl_trapping(task); 340 } 341 342 /** 343 * task_participate_group_stop - participate in a group stop 344 * @task: task participating in a group stop 345 * 346 * @task has %JOBCTL_STOP_PENDING set and is participating in a group stop. 347 * Group stop states are cleared and the group stop count is consumed if 348 * %JOBCTL_STOP_CONSUME was set. If the consumption completes the group 349 * stop, the appropriate `SIGNAL_*` flags are set. 350 * 351 * CONTEXT: 352 * Must be called with @task->sighand->siglock held. 353 * 354 * RETURNS: 355 * %true if group stop completion should be notified to the parent, %false 356 * otherwise. 357 */ 358 static bool task_participate_group_stop(struct task_struct *task) 359 { 360 struct signal_struct *sig = task->signal; 361 bool consume = task->jobctl & JOBCTL_STOP_CONSUME; 362 363 WARN_ON_ONCE(!(task->jobctl & JOBCTL_STOP_PENDING)); 364 365 task_clear_jobctl_pending(task, JOBCTL_STOP_PENDING); 366 367 if (!consume) 368 return false; 369 370 if (!WARN_ON_ONCE(sig->group_stop_count == 0)) 371 sig->group_stop_count--; 372 373 /* 374 * Tell the caller to notify completion iff we are entering into a 375 * fresh group stop. Read comment in do_signal_stop() for details. 376 */ 377 if (!sig->group_stop_count && !(sig->flags & SIGNAL_STOP_STOPPED)) { 378 signal_set_stop_flags(sig, SIGNAL_STOP_STOPPED); 379 return true; 380 } 381 return false; 382 } 383 384 void task_join_group_stop(struct task_struct *task) 385 { 386 unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK; 387 struct signal_struct *sig = current->signal; 388 389 if (sig->group_stop_count) { 390 sig->group_stop_count++; 391 mask |= JOBCTL_STOP_CONSUME; 392 } else if (!(sig->flags & SIGNAL_STOP_STOPPED)) 393 return; 394 395 /* Have the new thread join an on-going signal group stop */ 396 task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING); 397 } 398 399 /* 400 * allocate a new signal queue record 401 * - this may be called without locks if and only if t == current, otherwise an 402 * appropriate lock must be held to stop the target task from exiting 403 */ 404 static struct sigqueue * 405 __sigqueue_alloc(int sig, struct task_struct *t, gfp_t gfp_flags, 406 int override_rlimit, const unsigned int sigqueue_flags) 407 { 408 struct sigqueue *q = NULL; 409 struct ucounts *ucounts; 410 long sigpending; 411 412 /* 413 * Protect access to @t credentials. This can go away when all 414 * callers hold rcu read lock. 415 * 416 * NOTE! A pending signal will hold on to the user refcount, 417 * and we get/put the refcount only when the sigpending count 418 * changes from/to zero. 419 */ 420 rcu_read_lock(); 421 ucounts = task_ucounts(t); 422 sigpending = inc_rlimit_get_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING); 423 rcu_read_unlock(); 424 if (!sigpending) 425 return NULL; 426 427 if (override_rlimit || likely(sigpending <= task_rlimit(t, RLIMIT_SIGPENDING))) { 428 q = kmem_cache_alloc(sigqueue_cachep, gfp_flags); 429 } else { 430 print_dropped_signal(sig); 431 } 432 433 if (unlikely(q == NULL)) { 434 dec_rlimit_put_ucounts(ucounts, UCOUNT_RLIMIT_SIGPENDING); 435 } else { 436 INIT_LIST_HEAD(&q->list); 437 q->flags = sigqueue_flags; 438 q->ucounts = ucounts; 439 } 440 return q; 441 } 442 443 static void __sigqueue_free(struct sigqueue *q) 444 { 445 if (q->flags & SIGQUEUE_PREALLOC) 446 return; 447 if (q->ucounts) { 448 dec_rlimit_put_ucounts(q->ucounts, UCOUNT_RLIMIT_SIGPENDING); 449 q->ucounts = NULL; 450 } 451 kmem_cache_free(sigqueue_cachep, q); 452 } 453 454 void flush_sigqueue(struct sigpending *queue) 455 { 456 struct sigqueue *q; 457 458 sigemptyset(&queue->signal); 459 while (!list_empty(&queue->list)) { 460 q = list_entry(queue->list.next, struct sigqueue , list); 461 list_del_init(&q->list); 462 __sigqueue_free(q); 463 } 464 } 465 466 /* 467 * Flush all pending signals for this kthread. 468 */ 469 void flush_signals(struct task_struct *t) 470 { 471 unsigned long flags; 472 473 spin_lock_irqsave(&t->sighand->siglock, flags); 474 clear_tsk_thread_flag(t, TIF_SIGPENDING); 475 flush_sigqueue(&t->pending); 476 flush_sigqueue(&t->signal->shared_pending); 477 spin_unlock_irqrestore(&t->sighand->siglock, flags); 478 } 479 EXPORT_SYMBOL(flush_signals); 480 481 void ignore_signals(struct task_struct *t) 482 { 483 int i; 484 485 for (i = 0; i < _NSIG; ++i) 486 t->sighand->action[i].sa.sa_handler = SIG_IGN; 487 488 flush_signals(t); 489 } 490 491 /* 492 * Flush all handlers for a task. 493 */ 494 495 void 496 flush_signal_handlers(struct task_struct *t, int force_default) 497 { 498 int i; 499 struct k_sigaction *ka = &t->sighand->action[0]; 500 for (i = _NSIG ; i != 0 ; i--) { 501 if (force_default || ka->sa.sa_handler != SIG_IGN) 502 ka->sa.sa_handler = SIG_DFL; 503 ka->sa.sa_flags = 0; 504 #ifdef __ARCH_HAS_SA_RESTORER 505 ka->sa.sa_restorer = NULL; 506 #endif 507 sigemptyset(&ka->sa.sa_mask); 508 ka++; 509 } 510 } 511 512 bool unhandled_signal(struct task_struct *tsk, int sig) 513 { 514 void __user *handler = tsk->sighand->action[sig-1].sa.sa_handler; 515 if (is_global_init(tsk)) 516 return true; 517 518 if (handler != SIG_IGN && handler != SIG_DFL) 519 return false; 520 521 /* If dying, we handle all new signals by ignoring them */ 522 if (fatal_signal_pending(tsk)) 523 return false; 524 525 /* if ptraced, let the tracer determine */ 526 return !tsk->ptrace; 527 } 528 529 static void collect_signal(int sig, struct sigpending *list, kernel_siginfo_t *info, 530 bool *resched_timer) 531 { 532 struct sigqueue *q, *first = NULL; 533 534 /* 535 * Collect the siginfo appropriate to this signal. Check if 536 * there is another siginfo for the same signal. 537 */ 538 list_for_each_entry(q, &list->list, list) { 539 if (q->info.si_signo == sig) { 540 if (first) 541 goto still_pending; 542 first = q; 543 } 544 } 545 546 sigdelset(&list->signal, sig); 547 548 if (first) { 549 still_pending: 550 list_del_init(&first->list); 551 copy_siginfo(info, &first->info); 552 553 *resched_timer = 554 (first->flags & SIGQUEUE_PREALLOC) && 555 (info->si_code == SI_TIMER) && 556 (info->si_sys_private); 557 558 __sigqueue_free(first); 559 } else { 560 /* 561 * Ok, it wasn't in the queue. This must be 562 * a fast-pathed signal or we must have been 563 * out of queue space. So zero out the info. 564 */ 565 clear_siginfo(info); 566 info->si_signo = sig; 567 info->si_errno = 0; 568 info->si_code = SI_USER; 569 info->si_pid = 0; 570 info->si_uid = 0; 571 } 572 } 573 574 static int __dequeue_signal(struct sigpending *pending, sigset_t *mask, 575 kernel_siginfo_t *info, bool *resched_timer) 576 { 577 int sig = next_signal(pending, mask); 578 579 if (sig) 580 collect_signal(sig, pending, info, resched_timer); 581 return sig; 582 } 583 584 /* 585 * Try to dequeue a signal. If a deliverable signal is found fill in the 586 * caller provided siginfo and return the signal number. Otherwise return 587 * 0. 588 */ 589 int dequeue_signal(sigset_t *mask, kernel_siginfo_t *info, enum pid_type *type) 590 { 591 struct task_struct *tsk = current; 592 bool resched_timer = false; 593 int signr; 594 595 lockdep_assert_held(&tsk->sighand->siglock); 596 597 again: 598 *type = PIDTYPE_PID; 599 signr = __dequeue_signal(&tsk->pending, mask, info, &resched_timer); 600 if (!signr) { 601 *type = PIDTYPE_TGID; 602 signr = __dequeue_signal(&tsk->signal->shared_pending, 603 mask, info, &resched_timer); 604 605 if (unlikely(signr == SIGALRM)) 606 posixtimer_rearm_itimer(tsk); 607 } 608 609 recalc_sigpending(); 610 if (!signr) 611 return 0; 612 613 if (unlikely(sig_kernel_stop(signr))) { 614 /* 615 * Set a marker that we have dequeued a stop signal. Our 616 * caller might release the siglock and then the pending 617 * stop signal it is about to process is no longer in the 618 * pending bitmasks, but must still be cleared by a SIGCONT 619 * (and overruled by a SIGKILL). So those cases clear this 620 * shared flag after we've set it. Note that this flag may 621 * remain set after the signal we return is ignored or 622 * handled. That doesn't matter because its only purpose 623 * is to alert stop-signal processing code when another 624 * processor has come along and cleared the flag. 625 */ 626 current->jobctl |= JOBCTL_STOP_DEQUEUED; 627 } 628 629 if (IS_ENABLED(CONFIG_POSIX_TIMERS) && unlikely(resched_timer)) { 630 if (!posixtimer_deliver_signal(info)) 631 goto again; 632 } 633 634 return signr; 635 } 636 EXPORT_SYMBOL_GPL(dequeue_signal); 637 638 static int dequeue_synchronous_signal(kernel_siginfo_t *info) 639 { 640 struct task_struct *tsk = current; 641 struct sigpending *pending = &tsk->pending; 642 struct sigqueue *q, *sync = NULL; 643 644 /* 645 * Might a synchronous signal be in the queue? 646 */ 647 if (!((pending->signal.sig[0] & ~tsk->blocked.sig[0]) & SYNCHRONOUS_MASK)) 648 return 0; 649 650 /* 651 * Return the first synchronous signal in the queue. 652 */ 653 list_for_each_entry(q, &pending->list, list) { 654 /* Synchronous signals have a positive si_code */ 655 if ((q->info.si_code > SI_USER) && 656 (sigmask(q->info.si_signo) & SYNCHRONOUS_MASK)) { 657 sync = q; 658 goto next; 659 } 660 } 661 return 0; 662 next: 663 /* 664 * Check if there is another siginfo for the same signal. 665 */ 666 list_for_each_entry_continue(q, &pending->list, list) { 667 if (q->info.si_signo == sync->info.si_signo) 668 goto still_pending; 669 } 670 671 sigdelset(&pending->signal, sync->info.si_signo); 672 recalc_sigpending(); 673 still_pending: 674 list_del_init(&sync->list); 675 copy_siginfo(info, &sync->info); 676 __sigqueue_free(sync); 677 return info->si_signo; 678 } 679 680 /* 681 * Tell a process that it has a new active signal.. 682 * 683 * NOTE! we rely on the previous spin_lock to 684 * lock interrupts for us! We can only be called with 685 * "siglock" held, and the local interrupt must 686 * have been disabled when that got acquired! 687 * 688 * No need to set need_resched since signal event passing 689 * goes through ->blocked 690 */ 691 void signal_wake_up_state(struct task_struct *t, unsigned int state) 692 { 693 lockdep_assert_held(&t->sighand->siglock); 694 695 set_tsk_thread_flag(t, TIF_SIGPENDING); 696 697 /* 698 * TASK_WAKEKILL also means wake it up in the stopped/traced/killable 699 * case. We don't check t->state here because there is a race with it 700 * executing another processor and just now entering stopped state. 701 * By using wake_up_state, we ensure the process will wake up and 702 * handle its death signal. 703 */ 704 if (!wake_up_state(t, state | TASK_INTERRUPTIBLE)) 705 kick_process(t); 706 } 707 708 /* Remove signals in mask from the pending set and queue. */ 709 static void flush_sigqueue_mask(struct task_struct *p, sigset_t *mask, struct sigpending *s) 710 { 711 struct sigqueue *q, *n; 712 sigset_t m; 713 714 lockdep_assert_held(&p->sighand->siglock); 715 716 sigandsets(&m, mask, &s->signal); 717 if (sigisemptyset(&m)) 718 return; 719 720 sigandnsets(&s->signal, &s->signal, mask); 721 list_for_each_entry_safe(q, n, &s->list, list) { 722 if (sigismember(mask, q->info.si_signo)) { 723 list_del_init(&q->list); 724 __sigqueue_free(q); 725 } 726 } 727 } 728 729 static inline int is_si_special(const struct kernel_siginfo *info) 730 { 731 return info <= SEND_SIG_PRIV; 732 } 733 734 static inline bool si_fromuser(const struct kernel_siginfo *info) 735 { 736 return info == SEND_SIG_NOINFO || 737 (!is_si_special(info) && SI_FROMUSER(info)); 738 } 739 740 /* 741 * called with RCU read lock from check_kill_permission() 742 */ 743 static bool kill_ok_by_cred(struct task_struct *t) 744 { 745 const struct cred *cred = current_cred(); 746 const struct cred *tcred = __task_cred(t); 747 748 return uid_eq(cred->euid, tcred->suid) || 749 uid_eq(cred->euid, tcred->uid) || 750 uid_eq(cred->uid, tcred->suid) || 751 uid_eq(cred->uid, tcred->uid) || 752 ns_capable(tcred->user_ns, CAP_KILL); 753 } 754 755 /* 756 * Bad permissions for sending the signal 757 * - the caller must hold the RCU read lock 758 */ 759 static int check_kill_permission(int sig, struct kernel_siginfo *info, 760 struct task_struct *t) 761 { 762 struct pid *sid; 763 int error; 764 765 if (!valid_signal(sig)) 766 return -EINVAL; 767 768 if (!si_fromuser(info)) 769 return 0; 770 771 error = audit_signal_info(sig, t); /* Let audit system see the signal */ 772 if (error) 773 return error; 774 775 if (!same_thread_group(current, t) && 776 !kill_ok_by_cred(t)) { 777 switch (sig) { 778 case SIGCONT: 779 sid = task_session(t); 780 /* 781 * We don't return the error if sid == NULL. The 782 * task was unhashed, the caller must notice this. 783 */ 784 if (!sid || sid == task_session(current)) 785 break; 786 fallthrough; 787 default: 788 return -EPERM; 789 } 790 } 791 792 return security_task_kill(t, info, sig, NULL); 793 } 794 795 /** 796 * ptrace_trap_notify - schedule trap to notify ptracer 797 * @t: tracee wanting to notify tracer 798 * 799 * This function schedules sticky ptrace trap which is cleared on the next 800 * TRAP_STOP to notify ptracer of an event. @t must have been seized by 801 * ptracer. 802 * 803 * If @t is running, STOP trap will be taken. If trapped for STOP and 804 * ptracer is listening for events, tracee is woken up so that it can 805 * re-trap for the new event. If trapped otherwise, STOP trap will be 806 * eventually taken without returning to userland after the existing traps 807 * are finished by PTRACE_CONT. 808 * 809 * CONTEXT: 810 * Must be called with @task->sighand->siglock held. 811 */ 812 static void ptrace_trap_notify(struct task_struct *t) 813 { 814 WARN_ON_ONCE(!(t->ptrace & PT_SEIZED)); 815 lockdep_assert_held(&t->sighand->siglock); 816 817 task_set_jobctl_pending(t, JOBCTL_TRAP_NOTIFY); 818 ptrace_signal_wake_up(t, t->jobctl & JOBCTL_LISTENING); 819 } 820 821 /* 822 * Handle magic process-wide effects of stop/continue signals. Unlike 823 * the signal actions, these happen immediately at signal-generation 824 * time regardless of blocking, ignoring, or handling. This does the 825 * actual continuing for SIGCONT, but not the actual stopping for stop 826 * signals. The process stop is done as a signal action for SIG_DFL. 827 * 828 * Returns true if the signal should be actually delivered, otherwise 829 * it should be dropped. 830 */ 831 static bool prepare_signal(int sig, struct task_struct *p, bool force) 832 { 833 struct signal_struct *signal = p->signal; 834 struct task_struct *t; 835 sigset_t flush; 836 837 if (signal->flags & SIGNAL_GROUP_EXIT) { 838 if (signal->core_state) 839 return sig == SIGKILL; 840 /* 841 * The process is in the middle of dying, drop the signal. 842 */ 843 return false; 844 } else if (sig_kernel_stop(sig)) { 845 /* 846 * This is a stop signal. Remove SIGCONT from all queues. 847 */ 848 siginitset(&flush, sigmask(SIGCONT)); 849 flush_sigqueue_mask(p, &flush, &signal->shared_pending); 850 for_each_thread(p, t) 851 flush_sigqueue_mask(p, &flush, &t->pending); 852 } else if (sig == SIGCONT) { 853 unsigned int why; 854 /* 855 * Remove all stop signals from all queues, wake all threads. 856 */ 857 siginitset(&flush, SIG_KERNEL_STOP_MASK); 858 flush_sigqueue_mask(p, &flush, &signal->shared_pending); 859 for_each_thread(p, t) { 860 flush_sigqueue_mask(p, &flush, &t->pending); 861 task_clear_jobctl_pending(t, JOBCTL_STOP_PENDING); 862 if (likely(!(t->ptrace & PT_SEIZED))) { 863 t->jobctl &= ~JOBCTL_STOPPED; 864 wake_up_state(t, __TASK_STOPPED); 865 } else 866 ptrace_trap_notify(t); 867 } 868 869 /* 870 * Notify the parent with CLD_CONTINUED if we were stopped. 871 * 872 * If we were in the middle of a group stop, we pretend it 873 * was already finished, and then continued. Since SIGCHLD 874 * doesn't queue we report only CLD_STOPPED, as if the next 875 * CLD_CONTINUED was dropped. 876 */ 877 why = 0; 878 if (signal->flags & SIGNAL_STOP_STOPPED) 879 why |= SIGNAL_CLD_CONTINUED; 880 else if (signal->group_stop_count) 881 why |= SIGNAL_CLD_STOPPED; 882 883 if (why) { 884 /* 885 * The first thread which returns from do_signal_stop() 886 * will take ->siglock, notice SIGNAL_CLD_MASK, and 887 * notify its parent. See get_signal(). 888 */ 889 signal_set_stop_flags(signal, why | SIGNAL_STOP_CONTINUED); 890 signal->group_stop_count = 0; 891 signal->group_exit_code = 0; 892 } 893 } 894 895 return !sig_ignored(p, sig, force); 896 } 897 898 /* 899 * Test if P wants to take SIG. After we've checked all threads with this, 900 * it's equivalent to finding no threads not blocking SIG. Any threads not 901 * blocking SIG were ruled out because they are not running and already 902 * have pending signals. Such threads will dequeue from the shared queue 903 * as soon as they're available, so putting the signal on the shared queue 904 * will be equivalent to sending it to one such thread. 905 */ 906 static inline bool wants_signal(int sig, struct task_struct *p) 907 { 908 if (sigismember(&p->blocked, sig)) 909 return false; 910 911 if (p->flags & PF_EXITING) 912 return false; 913 914 if (sig == SIGKILL) 915 return true; 916 917 if (task_is_stopped_or_traced(p)) 918 return false; 919 920 return task_curr(p) || !task_sigpending(p); 921 } 922 923 static void complete_signal(int sig, struct task_struct *p, enum pid_type type) 924 { 925 struct signal_struct *signal = p->signal; 926 struct task_struct *t; 927 928 /* 929 * Now find a thread we can wake up to take the signal off the queue. 930 * 931 * Try the suggested task first (may or may not be the main thread). 932 */ 933 if (wants_signal(sig, p)) 934 t = p; 935 else if ((type == PIDTYPE_PID) || thread_group_empty(p)) 936 /* 937 * There is just one thread and it does not need to be woken. 938 * It will dequeue unblocked signals before it runs again. 939 */ 940 return; 941 else { 942 /* 943 * Otherwise try to find a suitable thread. 944 */ 945 t = signal->curr_target; 946 while (!wants_signal(sig, t)) { 947 t = next_thread(t); 948 if (t == signal->curr_target) 949 /* 950 * No thread needs to be woken. 951 * Any eligible threads will see 952 * the signal in the queue soon. 953 */ 954 return; 955 } 956 signal->curr_target = t; 957 } 958 959 /* 960 * Found a killable thread. If the signal will be fatal, 961 * then start taking the whole group down immediately. 962 */ 963 if (sig_fatal(p, sig) && 964 (signal->core_state || !(signal->flags & SIGNAL_GROUP_EXIT)) && 965 !sigismember(&t->real_blocked, sig) && 966 (sig == SIGKILL || !p->ptrace)) { 967 /* 968 * This signal will be fatal to the whole group. 969 */ 970 if (!sig_kernel_coredump(sig)) { 971 /* 972 * Start a group exit and wake everybody up. 973 * This way we don't have other threads 974 * running and doing things after a slower 975 * thread has the fatal signal pending. 976 */ 977 signal->flags = SIGNAL_GROUP_EXIT; 978 signal->group_exit_code = sig; 979 signal->group_stop_count = 0; 980 __for_each_thread(signal, t) { 981 task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK); 982 sigaddset(&t->pending.signal, SIGKILL); 983 signal_wake_up(t, 1); 984 } 985 return; 986 } 987 } 988 989 /* 990 * The signal is already in the shared-pending queue. 991 * Tell the chosen thread to wake up and dequeue it. 992 */ 993 signal_wake_up(t, sig == SIGKILL); 994 return; 995 } 996 997 static inline bool legacy_queue(struct sigpending *signals, int sig) 998 { 999 return (sig < SIGRTMIN) && sigismember(&signals->signal, sig); 1000 } 1001 1002 static int __send_signal_locked(int sig, struct kernel_siginfo *info, 1003 struct task_struct *t, enum pid_type type, bool force) 1004 { 1005 struct sigpending *pending; 1006 struct sigqueue *q; 1007 int override_rlimit; 1008 int ret = 0, result; 1009 1010 lockdep_assert_held(&t->sighand->siglock); 1011 1012 result = TRACE_SIGNAL_IGNORED; 1013 if (!prepare_signal(sig, t, force)) 1014 goto ret; 1015 1016 pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending; 1017 /* 1018 * Short-circuit ignored signals and support queuing 1019 * exactly one non-rt signal, so that we can get more 1020 * detailed information about the cause of the signal. 1021 */ 1022 result = TRACE_SIGNAL_ALREADY_PENDING; 1023 if (legacy_queue(pending, sig)) 1024 goto ret; 1025 1026 result = TRACE_SIGNAL_DELIVERED; 1027 /* 1028 * Skip useless siginfo allocation for SIGKILL and kernel threads. 1029 */ 1030 if ((sig == SIGKILL) || (t->flags & PF_KTHREAD)) 1031 goto out_set; 1032 1033 /* 1034 * Real-time signals must be queued if sent by sigqueue, or 1035 * some other real-time mechanism. It is implementation 1036 * defined whether kill() does so. We attempt to do so, on 1037 * the principle of least surprise, but since kill is not 1038 * allowed to fail with EAGAIN when low on memory we just 1039 * make sure at least one signal gets delivered and don't 1040 * pass on the info struct. 1041 */ 1042 if (sig < SIGRTMIN) 1043 override_rlimit = (is_si_special(info) || info->si_code >= 0); 1044 else 1045 override_rlimit = 0; 1046 1047 q = __sigqueue_alloc(sig, t, GFP_ATOMIC, override_rlimit, 0); 1048 1049 if (q) { 1050 list_add_tail(&q->list, &pending->list); 1051 switch ((unsigned long) info) { 1052 case (unsigned long) SEND_SIG_NOINFO: 1053 clear_siginfo(&q->info); 1054 q->info.si_signo = sig; 1055 q->info.si_errno = 0; 1056 q->info.si_code = SI_USER; 1057 q->info.si_pid = task_tgid_nr_ns(current, 1058 task_active_pid_ns(t)); 1059 rcu_read_lock(); 1060 q->info.si_uid = 1061 from_kuid_munged(task_cred_xxx(t, user_ns), 1062 current_uid()); 1063 rcu_read_unlock(); 1064 break; 1065 case (unsigned long) SEND_SIG_PRIV: 1066 clear_siginfo(&q->info); 1067 q->info.si_signo = sig; 1068 q->info.si_errno = 0; 1069 q->info.si_code = SI_KERNEL; 1070 q->info.si_pid = 0; 1071 q->info.si_uid = 0; 1072 break; 1073 default: 1074 copy_siginfo(&q->info, info); 1075 break; 1076 } 1077 } else if (!is_si_special(info) && 1078 sig >= SIGRTMIN && info->si_code != SI_USER) { 1079 /* 1080 * Queue overflow, abort. We may abort if the 1081 * signal was rt and sent by user using something 1082 * other than kill(). 1083 */ 1084 result = TRACE_SIGNAL_OVERFLOW_FAIL; 1085 ret = -EAGAIN; 1086 goto ret; 1087 } else { 1088 /* 1089 * This is a silent loss of information. We still 1090 * send the signal, but the *info bits are lost. 1091 */ 1092 result = TRACE_SIGNAL_LOSE_INFO; 1093 } 1094 1095 out_set: 1096 signalfd_notify(t, sig); 1097 sigaddset(&pending->signal, sig); 1098 1099 /* Let multiprocess signals appear after on-going forks */ 1100 if (type > PIDTYPE_TGID) { 1101 struct multiprocess_signals *delayed; 1102 hlist_for_each_entry(delayed, &t->signal->multiprocess, node) { 1103 sigset_t *signal = &delayed->signal; 1104 /* Can't queue both a stop and a continue signal */ 1105 if (sig == SIGCONT) 1106 sigdelsetmask(signal, SIG_KERNEL_STOP_MASK); 1107 else if (sig_kernel_stop(sig)) 1108 sigdelset(signal, SIGCONT); 1109 sigaddset(signal, sig); 1110 } 1111 } 1112 1113 complete_signal(sig, t, type); 1114 ret: 1115 trace_signal_generate(sig, info, t, type != PIDTYPE_PID, result); 1116 return ret; 1117 } 1118 1119 static inline bool has_si_pid_and_uid(struct kernel_siginfo *info) 1120 { 1121 bool ret = false; 1122 switch (siginfo_layout(info->si_signo, info->si_code)) { 1123 case SIL_KILL: 1124 case SIL_CHLD: 1125 case SIL_RT: 1126 ret = true; 1127 break; 1128 case SIL_TIMER: 1129 case SIL_POLL: 1130 case SIL_FAULT: 1131 case SIL_FAULT_TRAPNO: 1132 case SIL_FAULT_MCEERR: 1133 case SIL_FAULT_BNDERR: 1134 case SIL_FAULT_PKUERR: 1135 case SIL_FAULT_PERF_EVENT: 1136 case SIL_SYS: 1137 ret = false; 1138 break; 1139 } 1140 return ret; 1141 } 1142 1143 int send_signal_locked(int sig, struct kernel_siginfo *info, 1144 struct task_struct *t, enum pid_type type) 1145 { 1146 /* Should SIGKILL or SIGSTOP be received by a pid namespace init? */ 1147 bool force = false; 1148 1149 if (info == SEND_SIG_NOINFO) { 1150 /* Force if sent from an ancestor pid namespace */ 1151 force = !task_pid_nr_ns(current, task_active_pid_ns(t)); 1152 } else if (info == SEND_SIG_PRIV) { 1153 /* Don't ignore kernel generated signals */ 1154 force = true; 1155 } else if (has_si_pid_and_uid(info)) { 1156 /* SIGKILL and SIGSTOP is special or has ids */ 1157 struct user_namespace *t_user_ns; 1158 1159 rcu_read_lock(); 1160 t_user_ns = task_cred_xxx(t, user_ns); 1161 if (current_user_ns() != t_user_ns) { 1162 kuid_t uid = make_kuid(current_user_ns(), info->si_uid); 1163 info->si_uid = from_kuid_munged(t_user_ns, uid); 1164 } 1165 rcu_read_unlock(); 1166 1167 /* A kernel generated signal? */ 1168 force = (info->si_code == SI_KERNEL); 1169 1170 /* From an ancestor pid namespace? */ 1171 if (!task_pid_nr_ns(current, task_active_pid_ns(t))) { 1172 info->si_pid = 0; 1173 force = true; 1174 } 1175 } 1176 return __send_signal_locked(sig, info, t, type, force); 1177 } 1178 1179 static void print_fatal_signal(int signr) 1180 { 1181 struct pt_regs *regs = task_pt_regs(current); 1182 struct file *exe_file; 1183 1184 exe_file = get_task_exe_file(current); 1185 if (exe_file) { 1186 pr_info("%pD: %s: potentially unexpected fatal signal %d.\n", 1187 exe_file, current->comm, signr); 1188 fput(exe_file); 1189 } else { 1190 pr_info("%s: potentially unexpected fatal signal %d.\n", 1191 current->comm, signr); 1192 } 1193 1194 #if defined(__i386__) && !defined(__arch_um__) 1195 pr_info("code at %08lx: ", regs->ip); 1196 { 1197 int i; 1198 for (i = 0; i < 16; i++) { 1199 unsigned char insn; 1200 1201 if (get_user(insn, (unsigned char *)(regs->ip + i))) 1202 break; 1203 pr_cont("%02x ", insn); 1204 } 1205 } 1206 pr_cont("\n"); 1207 #endif 1208 preempt_disable(); 1209 show_regs(regs); 1210 preempt_enable(); 1211 } 1212 1213 static int __init setup_print_fatal_signals(char *str) 1214 { 1215 get_option (&str, &print_fatal_signals); 1216 1217 return 1; 1218 } 1219 1220 __setup("print-fatal-signals=", setup_print_fatal_signals); 1221 1222 int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p, 1223 enum pid_type type) 1224 { 1225 unsigned long flags; 1226 int ret = -ESRCH; 1227 1228 if (lock_task_sighand(p, &flags)) { 1229 ret = send_signal_locked(sig, info, p, type); 1230 unlock_task_sighand(p, &flags); 1231 } 1232 1233 return ret; 1234 } 1235 1236 enum sig_handler { 1237 HANDLER_CURRENT, /* If reachable use the current handler */ 1238 HANDLER_SIG_DFL, /* Always use SIG_DFL handler semantics */ 1239 HANDLER_EXIT, /* Only visible as the process exit code */ 1240 }; 1241 1242 /* 1243 * Force a signal that the process can't ignore: if necessary 1244 * we unblock the signal and change any SIG_IGN to SIG_DFL. 1245 * 1246 * Note: If we unblock the signal, we always reset it to SIG_DFL, 1247 * since we do not want to have a signal handler that was blocked 1248 * be invoked when user space had explicitly blocked it. 1249 * 1250 * We don't want to have recursive SIGSEGV's etc, for example, 1251 * that is why we also clear SIGNAL_UNKILLABLE. 1252 */ 1253 static int 1254 force_sig_info_to_task(struct kernel_siginfo *info, struct task_struct *t, 1255 enum sig_handler handler) 1256 { 1257 unsigned long int flags; 1258 int ret, blocked, ignored; 1259 struct k_sigaction *action; 1260 int sig = info->si_signo; 1261 1262 spin_lock_irqsave(&t->sighand->siglock, flags); 1263 action = &t->sighand->action[sig-1]; 1264 ignored = action->sa.sa_handler == SIG_IGN; 1265 blocked = sigismember(&t->blocked, sig); 1266 if (blocked || ignored || (handler != HANDLER_CURRENT)) { 1267 action->sa.sa_handler = SIG_DFL; 1268 if (handler == HANDLER_EXIT) 1269 action->sa.sa_flags |= SA_IMMUTABLE; 1270 if (blocked) 1271 sigdelset(&t->blocked, sig); 1272 } 1273 /* 1274 * Don't clear SIGNAL_UNKILLABLE for traced tasks, users won't expect 1275 * debugging to leave init killable. But HANDLER_EXIT is always fatal. 1276 */ 1277 if (action->sa.sa_handler == SIG_DFL && 1278 (!t->ptrace || (handler == HANDLER_EXIT))) 1279 t->signal->flags &= ~SIGNAL_UNKILLABLE; 1280 ret = send_signal_locked(sig, info, t, PIDTYPE_PID); 1281 /* This can happen if the signal was already pending and blocked */ 1282 if (!task_sigpending(t)) 1283 signal_wake_up(t, 0); 1284 spin_unlock_irqrestore(&t->sighand->siglock, flags); 1285 1286 return ret; 1287 } 1288 1289 int force_sig_info(struct kernel_siginfo *info) 1290 { 1291 return force_sig_info_to_task(info, current, HANDLER_CURRENT); 1292 } 1293 1294 /* 1295 * Nuke all other threads in the group. 1296 */ 1297 int zap_other_threads(struct task_struct *p) 1298 { 1299 struct task_struct *t; 1300 int count = 0; 1301 1302 p->signal->group_stop_count = 0; 1303 1304 for_other_threads(p, t) { 1305 task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK); 1306 count++; 1307 1308 /* Don't bother with already dead threads */ 1309 if (t->exit_state) 1310 continue; 1311 sigaddset(&t->pending.signal, SIGKILL); 1312 signal_wake_up(t, 1); 1313 } 1314 1315 return count; 1316 } 1317 1318 struct sighand_struct *__lock_task_sighand(struct task_struct *tsk, 1319 unsigned long *flags) 1320 { 1321 struct sighand_struct *sighand; 1322 1323 rcu_read_lock(); 1324 for (;;) { 1325 sighand = rcu_dereference(tsk->sighand); 1326 if (unlikely(sighand == NULL)) 1327 break; 1328 1329 /* 1330 * This sighand can be already freed and even reused, but 1331 * we rely on SLAB_TYPESAFE_BY_RCU and sighand_ctor() which 1332 * initializes ->siglock: this slab can't go away, it has 1333 * the same object type, ->siglock can't be reinitialized. 1334 * 1335 * We need to ensure that tsk->sighand is still the same 1336 * after we take the lock, we can race with de_thread() or 1337 * __exit_signal(). In the latter case the next iteration 1338 * must see ->sighand == NULL. 1339 */ 1340 spin_lock_irqsave(&sighand->siglock, *flags); 1341 if (likely(sighand == rcu_access_pointer(tsk->sighand))) 1342 break; 1343 spin_unlock_irqrestore(&sighand->siglock, *flags); 1344 } 1345 rcu_read_unlock(); 1346 1347 return sighand; 1348 } 1349 1350 #ifdef CONFIG_LOCKDEP 1351 void lockdep_assert_task_sighand_held(struct task_struct *task) 1352 { 1353 struct sighand_struct *sighand; 1354 1355 rcu_read_lock(); 1356 sighand = rcu_dereference(task->sighand); 1357 if (sighand) 1358 lockdep_assert_held(&sighand->siglock); 1359 else 1360 WARN_ON_ONCE(1); 1361 rcu_read_unlock(); 1362 } 1363 #endif 1364 1365 /* 1366 * send signal info to all the members of a thread group or to the 1367 * individual thread if type == PIDTYPE_PID. 1368 */ 1369 int group_send_sig_info(int sig, struct kernel_siginfo *info, 1370 struct task_struct *p, enum pid_type type) 1371 { 1372 int ret; 1373 1374 rcu_read_lock(); 1375 ret = check_kill_permission(sig, info, p); 1376 rcu_read_unlock(); 1377 1378 if (!ret && sig) 1379 ret = do_send_sig_info(sig, info, p, type); 1380 1381 return ret; 1382 } 1383 1384 /* 1385 * __kill_pgrp_info() sends a signal to a process group: this is what the tty 1386 * control characters do (^C, ^Z etc) 1387 * - the caller must hold at least a readlock on tasklist_lock 1388 */ 1389 int __kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp) 1390 { 1391 struct task_struct *p = NULL; 1392 int ret = -ESRCH; 1393 1394 do_each_pid_task(pgrp, PIDTYPE_PGID, p) { 1395 int err = group_send_sig_info(sig, info, p, PIDTYPE_PGID); 1396 /* 1397 * If group_send_sig_info() succeeds at least once ret 1398 * becomes 0 and after that the code below has no effect. 1399 * Otherwise we return the last err or -ESRCH if this 1400 * process group is empty. 1401 */ 1402 if (ret) 1403 ret = err; 1404 } while_each_pid_task(pgrp, PIDTYPE_PGID, p); 1405 1406 return ret; 1407 } 1408 1409 static int kill_pid_info_type(int sig, struct kernel_siginfo *info, 1410 struct pid *pid, enum pid_type type) 1411 { 1412 int error = -ESRCH; 1413 struct task_struct *p; 1414 1415 for (;;) { 1416 rcu_read_lock(); 1417 p = pid_task(pid, PIDTYPE_PID); 1418 if (p) 1419 error = group_send_sig_info(sig, info, p, type); 1420 rcu_read_unlock(); 1421 if (likely(!p || error != -ESRCH)) 1422 return error; 1423 /* 1424 * The task was unhashed in between, try again. If it 1425 * is dead, pid_task() will return NULL, if we race with 1426 * de_thread() it will find the new leader. 1427 */ 1428 } 1429 } 1430 1431 int kill_pid_info(int sig, struct kernel_siginfo *info, struct pid *pid) 1432 { 1433 return kill_pid_info_type(sig, info, pid, PIDTYPE_TGID); 1434 } 1435 1436 static int kill_proc_info(int sig, struct kernel_siginfo *info, pid_t pid) 1437 { 1438 int error; 1439 rcu_read_lock(); 1440 error = kill_pid_info(sig, info, find_vpid(pid)); 1441 rcu_read_unlock(); 1442 return error; 1443 } 1444 1445 static inline bool kill_as_cred_perm(const struct cred *cred, 1446 struct task_struct *target) 1447 { 1448 const struct cred *pcred = __task_cred(target); 1449 1450 return uid_eq(cred->euid, pcred->suid) || 1451 uid_eq(cred->euid, pcred->uid) || 1452 uid_eq(cred->uid, pcred->suid) || 1453 uid_eq(cred->uid, pcred->uid); 1454 } 1455 1456 /* 1457 * The usb asyncio usage of siginfo is wrong. The glibc support 1458 * for asyncio which uses SI_ASYNCIO assumes the layout is SIL_RT. 1459 * AKA after the generic fields: 1460 * kernel_pid_t si_pid; 1461 * kernel_uid32_t si_uid; 1462 * sigval_t si_value; 1463 * 1464 * Unfortunately when usb generates SI_ASYNCIO it assumes the layout 1465 * after the generic fields is: 1466 * void __user *si_addr; 1467 * 1468 * This is a practical problem when there is a 64bit big endian kernel 1469 * and a 32bit userspace. As the 32bit address will encoded in the low 1470 * 32bits of the pointer. Those low 32bits will be stored at higher 1471 * address than appear in a 32 bit pointer. So userspace will not 1472 * see the address it was expecting for it's completions. 1473 * 1474 * There is nothing in the encoding that can allow 1475 * copy_siginfo_to_user32 to detect this confusion of formats, so 1476 * handle this by requiring the caller of kill_pid_usb_asyncio to 1477 * notice when this situration takes place and to store the 32bit 1478 * pointer in sival_int, instead of sival_addr of the sigval_t addr 1479 * parameter. 1480 */ 1481 int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr, 1482 struct pid *pid, const struct cred *cred) 1483 { 1484 struct kernel_siginfo info; 1485 struct task_struct *p; 1486 unsigned long flags; 1487 int ret = -EINVAL; 1488 1489 if (!valid_signal(sig)) 1490 return ret; 1491 1492 clear_siginfo(&info); 1493 info.si_signo = sig; 1494 info.si_errno = errno; 1495 info.si_code = SI_ASYNCIO; 1496 *((sigval_t *)&info.si_pid) = addr; 1497 1498 rcu_read_lock(); 1499 p = pid_task(pid, PIDTYPE_PID); 1500 if (!p) { 1501 ret = -ESRCH; 1502 goto out_unlock; 1503 } 1504 if (!kill_as_cred_perm(cred, p)) { 1505 ret = -EPERM; 1506 goto out_unlock; 1507 } 1508 ret = security_task_kill(p, &info, sig, cred); 1509 if (ret) 1510 goto out_unlock; 1511 1512 if (sig) { 1513 if (lock_task_sighand(p, &flags)) { 1514 ret = __send_signal_locked(sig, &info, p, PIDTYPE_TGID, false); 1515 unlock_task_sighand(p, &flags); 1516 } else 1517 ret = -ESRCH; 1518 } 1519 out_unlock: 1520 rcu_read_unlock(); 1521 return ret; 1522 } 1523 EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio); 1524 1525 /* 1526 * kill_something_info() interprets pid in interesting ways just like kill(2). 1527 * 1528 * POSIX specifies that kill(-1,sig) is unspecified, but what we have 1529 * is probably wrong. Should make it like BSD or SYSV. 1530 */ 1531 1532 static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid) 1533 { 1534 int ret; 1535 1536 if (pid > 0) 1537 return kill_proc_info(sig, info, pid); 1538 1539 /* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */ 1540 if (pid == INT_MIN) 1541 return -ESRCH; 1542 1543 read_lock(&tasklist_lock); 1544 if (pid != -1) { 1545 ret = __kill_pgrp_info(sig, info, 1546 pid ? find_vpid(-pid) : task_pgrp(current)); 1547 } else { 1548 int retval = 0, count = 0; 1549 struct task_struct * p; 1550 1551 for_each_process(p) { 1552 if (task_pid_vnr(p) > 1 && 1553 !same_thread_group(p, current)) { 1554 int err = group_send_sig_info(sig, info, p, 1555 PIDTYPE_MAX); 1556 ++count; 1557 if (err != -EPERM) 1558 retval = err; 1559 } 1560 } 1561 ret = count ? retval : -ESRCH; 1562 } 1563 read_unlock(&tasklist_lock); 1564 1565 return ret; 1566 } 1567 1568 /* 1569 * These are for backward compatibility with the rest of the kernel source. 1570 */ 1571 1572 int send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p) 1573 { 1574 /* 1575 * Make sure legacy kernel users don't send in bad values 1576 * (normal paths check this in check_kill_permission). 1577 */ 1578 if (!valid_signal(sig)) 1579 return -EINVAL; 1580 1581 return do_send_sig_info(sig, info, p, PIDTYPE_PID); 1582 } 1583 EXPORT_SYMBOL(send_sig_info); 1584 1585 #define __si_special(priv) \ 1586 ((priv) ? SEND_SIG_PRIV : SEND_SIG_NOINFO) 1587 1588 int 1589 send_sig(int sig, struct task_struct *p, int priv) 1590 { 1591 return send_sig_info(sig, __si_special(priv), p); 1592 } 1593 EXPORT_SYMBOL(send_sig); 1594 1595 void force_sig(int sig) 1596 { 1597 struct kernel_siginfo info; 1598 1599 clear_siginfo(&info); 1600 info.si_signo = sig; 1601 info.si_errno = 0; 1602 info.si_code = SI_KERNEL; 1603 info.si_pid = 0; 1604 info.si_uid = 0; 1605 force_sig_info(&info); 1606 } 1607 EXPORT_SYMBOL(force_sig); 1608 1609 void force_fatal_sig(int sig) 1610 { 1611 struct kernel_siginfo info; 1612 1613 clear_siginfo(&info); 1614 info.si_signo = sig; 1615 info.si_errno = 0; 1616 info.si_code = SI_KERNEL; 1617 info.si_pid = 0; 1618 info.si_uid = 0; 1619 force_sig_info_to_task(&info, current, HANDLER_SIG_DFL); 1620 } 1621 1622 void force_exit_sig(int sig) 1623 { 1624 struct kernel_siginfo info; 1625 1626 clear_siginfo(&info); 1627 info.si_signo = sig; 1628 info.si_errno = 0; 1629 info.si_code = SI_KERNEL; 1630 info.si_pid = 0; 1631 info.si_uid = 0; 1632 force_sig_info_to_task(&info, current, HANDLER_EXIT); 1633 } 1634 1635 /* 1636 * When things go south during signal handling, we 1637 * will force a SIGSEGV. And if the signal that caused 1638 * the problem was already a SIGSEGV, we'll want to 1639 * make sure we don't even try to deliver the signal.. 1640 */ 1641 void force_sigsegv(int sig) 1642 { 1643 if (sig == SIGSEGV) 1644 force_fatal_sig(SIGSEGV); 1645 else 1646 force_sig(SIGSEGV); 1647 } 1648 1649 int force_sig_fault_to_task(int sig, int code, void __user *addr, 1650 struct task_struct *t) 1651 { 1652 struct kernel_siginfo info; 1653 1654 clear_siginfo(&info); 1655 info.si_signo = sig; 1656 info.si_errno = 0; 1657 info.si_code = code; 1658 info.si_addr = addr; 1659 return force_sig_info_to_task(&info, t, HANDLER_CURRENT); 1660 } 1661 1662 int force_sig_fault(int sig, int code, void __user *addr) 1663 { 1664 return force_sig_fault_to_task(sig, code, addr, current); 1665 } 1666 1667 int send_sig_fault(int sig, int code, void __user *addr, struct task_struct *t) 1668 { 1669 struct kernel_siginfo info; 1670 1671 clear_siginfo(&info); 1672 info.si_signo = sig; 1673 info.si_errno = 0; 1674 info.si_code = code; 1675 info.si_addr = addr; 1676 return send_sig_info(info.si_signo, &info, t); 1677 } 1678 1679 int force_sig_mceerr(int code, void __user *addr, short lsb) 1680 { 1681 struct kernel_siginfo info; 1682 1683 WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR)); 1684 clear_siginfo(&info); 1685 info.si_signo = SIGBUS; 1686 info.si_errno = 0; 1687 info.si_code = code; 1688 info.si_addr = addr; 1689 info.si_addr_lsb = lsb; 1690 return force_sig_info(&info); 1691 } 1692 1693 int send_sig_mceerr(int code, void __user *addr, short lsb, struct task_struct *t) 1694 { 1695 struct kernel_siginfo info; 1696 1697 WARN_ON((code != BUS_MCEERR_AO) && (code != BUS_MCEERR_AR)); 1698 clear_siginfo(&info); 1699 info.si_signo = SIGBUS; 1700 info.si_errno = 0; 1701 info.si_code = code; 1702 info.si_addr = addr; 1703 info.si_addr_lsb = lsb; 1704 return send_sig_info(info.si_signo, &info, t); 1705 } 1706 EXPORT_SYMBOL(send_sig_mceerr); 1707 1708 int force_sig_bnderr(void __user *addr, void __user *lower, void __user *upper) 1709 { 1710 struct kernel_siginfo info; 1711 1712 clear_siginfo(&info); 1713 info.si_signo = SIGSEGV; 1714 info.si_errno = 0; 1715 info.si_code = SEGV_BNDERR; 1716 info.si_addr = addr; 1717 info.si_lower = lower; 1718 info.si_upper = upper; 1719 return force_sig_info(&info); 1720 } 1721 1722 #ifdef SEGV_PKUERR 1723 int force_sig_pkuerr(void __user *addr, u32 pkey) 1724 { 1725 struct kernel_siginfo info; 1726 1727 clear_siginfo(&info); 1728 info.si_signo = SIGSEGV; 1729 info.si_errno = 0; 1730 info.si_code = SEGV_PKUERR; 1731 info.si_addr = addr; 1732 info.si_pkey = pkey; 1733 return force_sig_info(&info); 1734 } 1735 #endif 1736 1737 int send_sig_perf(void __user *addr, u32 type, u64 sig_data) 1738 { 1739 struct kernel_siginfo info; 1740 1741 clear_siginfo(&info); 1742 info.si_signo = SIGTRAP; 1743 info.si_errno = 0; 1744 info.si_code = TRAP_PERF; 1745 info.si_addr = addr; 1746 info.si_perf_data = sig_data; 1747 info.si_perf_type = type; 1748 1749 /* 1750 * Signals generated by perf events should not terminate the whole 1751 * process if SIGTRAP is blocked, however, delivering the signal 1752 * asynchronously is better than not delivering at all. But tell user 1753 * space if the signal was asynchronous, so it can clearly be 1754 * distinguished from normal synchronous ones. 1755 */ 1756 info.si_perf_flags = sigismember(¤t->blocked, info.si_signo) ? 1757 TRAP_PERF_FLAG_ASYNC : 1758 0; 1759 1760 return send_sig_info(info.si_signo, &info, current); 1761 } 1762 1763 /** 1764 * force_sig_seccomp - signals the task to allow in-process syscall emulation 1765 * @syscall: syscall number to send to userland 1766 * @reason: filter-supplied reason code to send to userland (via si_errno) 1767 * @force_coredump: true to trigger a coredump 1768 * 1769 * Forces a SIGSYS with a code of SYS_SECCOMP and related sigsys info. 1770 */ 1771 int force_sig_seccomp(int syscall, int reason, bool force_coredump) 1772 { 1773 struct kernel_siginfo info; 1774 1775 clear_siginfo(&info); 1776 info.si_signo = SIGSYS; 1777 info.si_code = SYS_SECCOMP; 1778 info.si_call_addr = (void __user *)KSTK_EIP(current); 1779 info.si_errno = reason; 1780 info.si_arch = syscall_get_arch(current); 1781 info.si_syscall = syscall; 1782 return force_sig_info_to_task(&info, current, 1783 force_coredump ? HANDLER_EXIT : HANDLER_CURRENT); 1784 } 1785 1786 /* For the crazy architectures that include trap information in 1787 * the errno field, instead of an actual errno value. 1788 */ 1789 int force_sig_ptrace_errno_trap(int errno, void __user *addr) 1790 { 1791 struct kernel_siginfo info; 1792 1793 clear_siginfo(&info); 1794 info.si_signo = SIGTRAP; 1795 info.si_errno = errno; 1796 info.si_code = TRAP_HWBKPT; 1797 info.si_addr = addr; 1798 return force_sig_info(&info); 1799 } 1800 1801 /* For the rare architectures that include trap information using 1802 * si_trapno. 1803 */ 1804 int force_sig_fault_trapno(int sig, int code, void __user *addr, int trapno) 1805 { 1806 struct kernel_siginfo info; 1807 1808 clear_siginfo(&info); 1809 info.si_signo = sig; 1810 info.si_errno = 0; 1811 info.si_code = code; 1812 info.si_addr = addr; 1813 info.si_trapno = trapno; 1814 return force_sig_info(&info); 1815 } 1816 1817 /* For the rare architectures that include trap information using 1818 * si_trapno. 1819 */ 1820 int send_sig_fault_trapno(int sig, int code, void __user *addr, int trapno, 1821 struct task_struct *t) 1822 { 1823 struct kernel_siginfo info; 1824 1825 clear_siginfo(&info); 1826 info.si_signo = sig; 1827 info.si_errno = 0; 1828 info.si_code = code; 1829 info.si_addr = addr; 1830 info.si_trapno = trapno; 1831 return send_sig_info(info.si_signo, &info, t); 1832 } 1833 1834 static int kill_pgrp_info(int sig, struct kernel_siginfo *info, struct pid *pgrp) 1835 { 1836 int ret; 1837 read_lock(&tasklist_lock); 1838 ret = __kill_pgrp_info(sig, info, pgrp); 1839 read_unlock(&tasklist_lock); 1840 return ret; 1841 } 1842 1843 int kill_pgrp(struct pid *pid, int sig, int priv) 1844 { 1845 return kill_pgrp_info(sig, __si_special(priv), pid); 1846 } 1847 EXPORT_SYMBOL(kill_pgrp); 1848 1849 int kill_pid(struct pid *pid, int sig, int priv) 1850 { 1851 return kill_pid_info(sig, __si_special(priv), pid); 1852 } 1853 EXPORT_SYMBOL(kill_pid); 1854 1855 #ifdef CONFIG_POSIX_TIMERS 1856 /* 1857 * These functions handle POSIX timer signals. POSIX timers use 1858 * preallocated sigqueue structs for sending signals. 1859 */ 1860 static void __flush_itimer_signals(struct sigpending *pending) 1861 { 1862 sigset_t signal, retain; 1863 struct sigqueue *q, *n; 1864 1865 signal = pending->signal; 1866 sigemptyset(&retain); 1867 1868 list_for_each_entry_safe(q, n, &pending->list, list) { 1869 int sig = q->info.si_signo; 1870 1871 if (likely(q->info.si_code != SI_TIMER)) { 1872 sigaddset(&retain, sig); 1873 } else { 1874 sigdelset(&signal, sig); 1875 list_del_init(&q->list); 1876 __sigqueue_free(q); 1877 } 1878 } 1879 1880 sigorsets(&pending->signal, &signal, &retain); 1881 } 1882 1883 void flush_itimer_signals(void) 1884 { 1885 struct task_struct *tsk = current; 1886 1887 guard(spinlock_irqsave)(&tsk->sighand->siglock); 1888 __flush_itimer_signals(&tsk->pending); 1889 __flush_itimer_signals(&tsk->signal->shared_pending); 1890 } 1891 1892 struct sigqueue *sigqueue_alloc(void) 1893 { 1894 return __sigqueue_alloc(-1, current, GFP_KERNEL, 0, SIGQUEUE_PREALLOC); 1895 } 1896 1897 void sigqueue_free(struct sigqueue *q) 1898 { 1899 spinlock_t *lock = ¤t->sighand->siglock; 1900 unsigned long flags; 1901 1902 if (WARN_ON_ONCE(!(q->flags & SIGQUEUE_PREALLOC))) 1903 return; 1904 /* 1905 * We must hold ->siglock while testing q->list 1906 * to serialize with collect_signal() or with 1907 * __exit_signal()->flush_sigqueue(). 1908 */ 1909 spin_lock_irqsave(lock, flags); 1910 q->flags &= ~SIGQUEUE_PREALLOC; 1911 /* 1912 * If it is queued it will be freed when dequeued, 1913 * like the "regular" sigqueue. 1914 */ 1915 if (!list_empty(&q->list)) 1916 q = NULL; 1917 spin_unlock_irqrestore(lock, flags); 1918 1919 if (q) 1920 __sigqueue_free(q); 1921 } 1922 1923 int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type, int si_private) 1924 { 1925 int sig = q->info.si_signo; 1926 struct sigpending *pending; 1927 struct task_struct *t; 1928 unsigned long flags; 1929 int ret, result; 1930 1931 if (WARN_ON_ONCE(!(q->flags & SIGQUEUE_PREALLOC))) 1932 return 0; 1933 if (WARN_ON_ONCE(q->info.si_code != SI_TIMER)) 1934 return 0; 1935 1936 ret = -1; 1937 rcu_read_lock(); 1938 1939 /* 1940 * This function is used by POSIX timers to deliver a timer signal. 1941 * Where type is PIDTYPE_PID (such as for timers with SIGEV_THREAD_ID 1942 * set), the signal must be delivered to the specific thread (queues 1943 * into t->pending). 1944 * 1945 * Where type is not PIDTYPE_PID, signals must be delivered to the 1946 * process. In this case, prefer to deliver to current if it is in 1947 * the same thread group as the target process, which avoids 1948 * unnecessarily waking up a potentially idle task. 1949 */ 1950 t = pid_task(pid, type); 1951 if (!t) 1952 goto ret; 1953 if (type != PIDTYPE_PID && same_thread_group(t, current)) 1954 t = current; 1955 if (!likely(lock_task_sighand(t, &flags))) 1956 goto ret; 1957 1958 /* 1959 * Update @q::info::si_sys_private for posix timer signals with 1960 * sighand locked to prevent a race against dequeue_signal() which 1961 * decides based on si_sys_private whether to invoke 1962 * posixtimer_rearm() or not. 1963 */ 1964 q->info.si_sys_private = si_private; 1965 1966 ret = 1; /* the signal is ignored */ 1967 result = TRACE_SIGNAL_IGNORED; 1968 if (!prepare_signal(sig, t, false)) 1969 goto out; 1970 1971 ret = 0; 1972 if (unlikely(!list_empty(&q->list))) { 1973 /* 1974 * If an SI_TIMER entry is already queue just increment 1975 * the overrun count. 1976 */ 1977 q->info.si_overrun++; 1978 result = TRACE_SIGNAL_ALREADY_PENDING; 1979 goto out; 1980 } 1981 q->info.si_overrun = 0; 1982 1983 signalfd_notify(t, sig); 1984 pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending; 1985 list_add_tail(&q->list, &pending->list); 1986 sigaddset(&pending->signal, sig); 1987 complete_signal(sig, t, type); 1988 result = TRACE_SIGNAL_DELIVERED; 1989 out: 1990 trace_signal_generate(sig, &q->info, t, type != PIDTYPE_PID, result); 1991 unlock_task_sighand(t, &flags); 1992 ret: 1993 rcu_read_unlock(); 1994 return ret; 1995 } 1996 #endif /* CONFIG_POSIX_TIMERS */ 1997 1998 void do_notify_pidfd(struct task_struct *task) 1999 { 2000 struct pid *pid = task_pid(task); 2001 2002 WARN_ON(task->exit_state == 0); 2003 2004 __wake_up(&pid->wait_pidfd, TASK_NORMAL, 0, 2005 poll_to_key(EPOLLIN | EPOLLRDNORM)); 2006 } 2007 2008 /* 2009 * Let a parent know about the death of a child. 2010 * For a stopped/continued status change, use do_notify_parent_cldstop instead. 2011 * 2012 * Returns true if our parent ignored us and so we've switched to 2013 * self-reaping. 2014 */ 2015 bool do_notify_parent(struct task_struct *tsk, int sig) 2016 { 2017 struct kernel_siginfo info; 2018 unsigned long flags; 2019 struct sighand_struct *psig; 2020 bool autoreap = false; 2021 u64 utime, stime; 2022 2023 WARN_ON_ONCE(sig == -1); 2024 2025 /* do_notify_parent_cldstop should have been called instead. */ 2026 WARN_ON_ONCE(task_is_stopped_or_traced(tsk)); 2027 2028 WARN_ON_ONCE(!tsk->ptrace && 2029 (tsk->group_leader != tsk || !thread_group_empty(tsk))); 2030 /* 2031 * tsk is a group leader and has no threads, wake up the 2032 * non-PIDFD_THREAD waiters. 2033 */ 2034 if (thread_group_empty(tsk)) 2035 do_notify_pidfd(tsk); 2036 2037 if (sig != SIGCHLD) { 2038 /* 2039 * This is only possible if parent == real_parent. 2040 * Check if it has changed security domain. 2041 */ 2042 if (tsk->parent_exec_id != READ_ONCE(tsk->parent->self_exec_id)) 2043 sig = SIGCHLD; 2044 } 2045 2046 clear_siginfo(&info); 2047 info.si_signo = sig; 2048 info.si_errno = 0; 2049 /* 2050 * We are under tasklist_lock here so our parent is tied to 2051 * us and cannot change. 2052 * 2053 * task_active_pid_ns will always return the same pid namespace 2054 * until a task passes through release_task. 2055 * 2056 * write_lock() currently calls preempt_disable() which is the 2057 * same as rcu_read_lock(), but according to Oleg, this is not 2058 * correct to rely on this 2059 */ 2060 rcu_read_lock(); 2061 info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(tsk->parent)); 2062 info.si_uid = from_kuid_munged(task_cred_xxx(tsk->parent, user_ns), 2063 task_uid(tsk)); 2064 rcu_read_unlock(); 2065 2066 task_cputime(tsk, &utime, &stime); 2067 info.si_utime = nsec_to_clock_t(utime + tsk->signal->utime); 2068 info.si_stime = nsec_to_clock_t(stime + tsk->signal->stime); 2069 2070 info.si_status = tsk->exit_code & 0x7f; 2071 if (tsk->exit_code & 0x80) 2072 info.si_code = CLD_DUMPED; 2073 else if (tsk->exit_code & 0x7f) 2074 info.si_code = CLD_KILLED; 2075 else { 2076 info.si_code = CLD_EXITED; 2077 info.si_status = tsk->exit_code >> 8; 2078 } 2079 2080 psig = tsk->parent->sighand; 2081 spin_lock_irqsave(&psig->siglock, flags); 2082 if (!tsk->ptrace && sig == SIGCHLD && 2083 (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN || 2084 (psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) { 2085 /* 2086 * We are exiting and our parent doesn't care. POSIX.1 2087 * defines special semantics for setting SIGCHLD to SIG_IGN 2088 * or setting the SA_NOCLDWAIT flag: we should be reaped 2089 * automatically and not left for our parent's wait4 call. 2090 * Rather than having the parent do it as a magic kind of 2091 * signal handler, we just set this to tell do_exit that we 2092 * can be cleaned up without becoming a zombie. Note that 2093 * we still call __wake_up_parent in this case, because a 2094 * blocked sys_wait4 might now return -ECHILD. 2095 * 2096 * Whether we send SIGCHLD or not for SA_NOCLDWAIT 2097 * is implementation-defined: we do (if you don't want 2098 * it, just use SIG_IGN instead). 2099 */ 2100 autoreap = true; 2101 if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN) 2102 sig = 0; 2103 } 2104 /* 2105 * Send with __send_signal as si_pid and si_uid are in the 2106 * parent's namespaces. 2107 */ 2108 if (valid_signal(sig) && sig) 2109 __send_signal_locked(sig, &info, tsk->parent, PIDTYPE_TGID, false); 2110 __wake_up_parent(tsk, tsk->parent); 2111 spin_unlock_irqrestore(&psig->siglock, flags); 2112 2113 return autoreap; 2114 } 2115 2116 /** 2117 * do_notify_parent_cldstop - notify parent of stopped/continued state change 2118 * @tsk: task reporting the state change 2119 * @for_ptracer: the notification is for ptracer 2120 * @why: CLD_{CONTINUED|STOPPED|TRAPPED} to report 2121 * 2122 * Notify @tsk's parent that the stopped/continued state has changed. If 2123 * @for_ptracer is %false, @tsk's group leader notifies to its real parent. 2124 * If %true, @tsk reports to @tsk->parent which should be the ptracer. 2125 * 2126 * CONTEXT: 2127 * Must be called with tasklist_lock at least read locked. 2128 */ 2129 static void do_notify_parent_cldstop(struct task_struct *tsk, 2130 bool for_ptracer, int why) 2131 { 2132 struct kernel_siginfo info; 2133 unsigned long flags; 2134 struct task_struct *parent; 2135 struct sighand_struct *sighand; 2136 u64 utime, stime; 2137 2138 if (for_ptracer) { 2139 parent = tsk->parent; 2140 } else { 2141 tsk = tsk->group_leader; 2142 parent = tsk->real_parent; 2143 } 2144 2145 clear_siginfo(&info); 2146 info.si_signo = SIGCHLD; 2147 info.si_errno = 0; 2148 /* 2149 * see comment in do_notify_parent() about the following 4 lines 2150 */ 2151 rcu_read_lock(); 2152 info.si_pid = task_pid_nr_ns(tsk, task_active_pid_ns(parent)); 2153 info.si_uid = from_kuid_munged(task_cred_xxx(parent, user_ns), task_uid(tsk)); 2154 rcu_read_unlock(); 2155 2156 task_cputime(tsk, &utime, &stime); 2157 info.si_utime = nsec_to_clock_t(utime); 2158 info.si_stime = nsec_to_clock_t(stime); 2159 2160 info.si_code = why; 2161 switch (why) { 2162 case CLD_CONTINUED: 2163 info.si_status = SIGCONT; 2164 break; 2165 case CLD_STOPPED: 2166 info.si_status = tsk->signal->group_exit_code & 0x7f; 2167 break; 2168 case CLD_TRAPPED: 2169 info.si_status = tsk->exit_code & 0x7f; 2170 break; 2171 default: 2172 BUG(); 2173 } 2174 2175 sighand = parent->sighand; 2176 spin_lock_irqsave(&sighand->siglock, flags); 2177 if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN && 2178 !(sighand->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDSTOP)) 2179 send_signal_locked(SIGCHLD, &info, parent, PIDTYPE_TGID); 2180 /* 2181 * Even if SIGCHLD is not generated, we must wake up wait4 calls. 2182 */ 2183 __wake_up_parent(tsk, parent); 2184 spin_unlock_irqrestore(&sighand->siglock, flags); 2185 } 2186 2187 /* 2188 * This must be called with current->sighand->siglock held. 2189 * 2190 * This should be the path for all ptrace stops. 2191 * We always set current->last_siginfo while stopped here. 2192 * That makes it a way to test a stopped process for 2193 * being ptrace-stopped vs being job-control-stopped. 2194 * 2195 * Returns the signal the ptracer requested the code resume 2196 * with. If the code did not stop because the tracer is gone, 2197 * the stop signal remains unchanged unless clear_code. 2198 */ 2199 static int ptrace_stop(int exit_code, int why, unsigned long message, 2200 kernel_siginfo_t *info) 2201 __releases(¤t->sighand->siglock) 2202 __acquires(¤t->sighand->siglock) 2203 { 2204 bool gstop_done = false; 2205 2206 if (arch_ptrace_stop_needed()) { 2207 /* 2208 * The arch code has something special to do before a 2209 * ptrace stop. This is allowed to block, e.g. for faults 2210 * on user stack pages. We can't keep the siglock while 2211 * calling arch_ptrace_stop, so we must release it now. 2212 * To preserve proper semantics, we must do this before 2213 * any signal bookkeeping like checking group_stop_count. 2214 */ 2215 spin_unlock_irq(¤t->sighand->siglock); 2216 arch_ptrace_stop(); 2217 spin_lock_irq(¤t->sighand->siglock); 2218 } 2219 2220 /* 2221 * After this point ptrace_signal_wake_up or signal_wake_up 2222 * will clear TASK_TRACED if ptrace_unlink happens or a fatal 2223 * signal comes in. Handle previous ptrace_unlinks and fatal 2224 * signals here to prevent ptrace_stop sleeping in schedule. 2225 */ 2226 if (!current->ptrace || __fatal_signal_pending(current)) 2227 return exit_code; 2228 2229 set_special_state(TASK_TRACED); 2230 current->jobctl |= JOBCTL_TRACED; 2231 2232 /* 2233 * We're committing to trapping. TRACED should be visible before 2234 * TRAPPING is cleared; otherwise, the tracer might fail do_wait(). 2235 * Also, transition to TRACED and updates to ->jobctl should be 2236 * atomic with respect to siglock and should be done after the arch 2237 * hook as siglock is released and regrabbed across it. 2238 * 2239 * TRACER TRACEE 2240 * 2241 * ptrace_attach() 2242 * [L] wait_on_bit(JOBCTL_TRAPPING) [S] set_special_state(TRACED) 2243 * do_wait() 2244 * set_current_state() smp_wmb(); 2245 * ptrace_do_wait() 2246 * wait_task_stopped() 2247 * task_stopped_code() 2248 * [L] task_is_traced() [S] task_clear_jobctl_trapping(); 2249 */ 2250 smp_wmb(); 2251 2252 current->ptrace_message = message; 2253 current->last_siginfo = info; 2254 current->exit_code = exit_code; 2255 2256 /* 2257 * If @why is CLD_STOPPED, we're trapping to participate in a group 2258 * stop. Do the bookkeeping. Note that if SIGCONT was delievered 2259 * across siglock relocks since INTERRUPT was scheduled, PENDING 2260 * could be clear now. We act as if SIGCONT is received after 2261 * TASK_TRACED is entered - ignore it. 2262 */ 2263 if (why == CLD_STOPPED && (current->jobctl & JOBCTL_STOP_PENDING)) 2264 gstop_done = task_participate_group_stop(current); 2265 2266 /* any trap clears pending STOP trap, STOP trap clears NOTIFY */ 2267 task_clear_jobctl_pending(current, JOBCTL_TRAP_STOP); 2268 if (info && info->si_code >> 8 == PTRACE_EVENT_STOP) 2269 task_clear_jobctl_pending(current, JOBCTL_TRAP_NOTIFY); 2270 2271 /* entering a trap, clear TRAPPING */ 2272 task_clear_jobctl_trapping(current); 2273 2274 spin_unlock_irq(¤t->sighand->siglock); 2275 read_lock(&tasklist_lock); 2276 /* 2277 * Notify parents of the stop. 2278 * 2279 * While ptraced, there are two parents - the ptracer and 2280 * the real_parent of the group_leader. The ptracer should 2281 * know about every stop while the real parent is only 2282 * interested in the completion of group stop. The states 2283 * for the two don't interact with each other. Notify 2284 * separately unless they're gonna be duplicates. 2285 */ 2286 if (current->ptrace) 2287 do_notify_parent_cldstop(current, true, why); 2288 if (gstop_done && (!current->ptrace || ptrace_reparented(current))) 2289 do_notify_parent_cldstop(current, false, why); 2290 2291 /* 2292 * The previous do_notify_parent_cldstop() invocation woke ptracer. 2293 * One a PREEMPTION kernel this can result in preemption requirement 2294 * which will be fulfilled after read_unlock() and the ptracer will be 2295 * put on the CPU. 2296 * The ptracer is in wait_task_inactive(, __TASK_TRACED) waiting for 2297 * this task wait in schedule(). If this task gets preempted then it 2298 * remains enqueued on the runqueue. The ptracer will observe this and 2299 * then sleep for a delay of one HZ tick. In the meantime this task 2300 * gets scheduled, enters schedule() and will wait for the ptracer. 2301 * 2302 * This preemption point is not bad from a correctness point of 2303 * view but extends the runtime by one HZ tick time due to the 2304 * ptracer's sleep. The preempt-disable section ensures that there 2305 * will be no preemption between unlock and schedule() and so 2306 * improving the performance since the ptracer will observe that 2307 * the tracee is scheduled out once it gets on the CPU. 2308 * 2309 * On PREEMPT_RT locking tasklist_lock does not disable preemption. 2310 * Therefore the task can be preempted after do_notify_parent_cldstop() 2311 * before unlocking tasklist_lock so there is no benefit in doing this. 2312 * 2313 * In fact disabling preemption is harmful on PREEMPT_RT because 2314 * the spinlock_t in cgroup_enter_frozen() must not be acquired 2315 * with preemption disabled due to the 'sleeping' spinlock 2316 * substitution of RT. 2317 */ 2318 if (!IS_ENABLED(CONFIG_PREEMPT_RT)) 2319 preempt_disable(); 2320 read_unlock(&tasklist_lock); 2321 cgroup_enter_frozen(); 2322 if (!IS_ENABLED(CONFIG_PREEMPT_RT)) 2323 preempt_enable_no_resched(); 2324 schedule(); 2325 cgroup_leave_frozen(true); 2326 2327 /* 2328 * We are back. Now reacquire the siglock before touching 2329 * last_siginfo, so that we are sure to have synchronized with 2330 * any signal-sending on another CPU that wants to examine it. 2331 */ 2332 spin_lock_irq(¤t->sighand->siglock); 2333 exit_code = current->exit_code; 2334 current->last_siginfo = NULL; 2335 current->ptrace_message = 0; 2336 current->exit_code = 0; 2337 2338 /* LISTENING can be set only during STOP traps, clear it */ 2339 current->jobctl &= ~(JOBCTL_LISTENING | JOBCTL_PTRACE_FROZEN); 2340 2341 /* 2342 * Queued signals ignored us while we were stopped for tracing. 2343 * So check for any that we should take before resuming user mode. 2344 * This sets TIF_SIGPENDING, but never clears it. 2345 */ 2346 recalc_sigpending_tsk(current); 2347 return exit_code; 2348 } 2349 2350 static int ptrace_do_notify(int signr, int exit_code, int why, unsigned long message) 2351 { 2352 kernel_siginfo_t info; 2353 2354 clear_siginfo(&info); 2355 info.si_signo = signr; 2356 info.si_code = exit_code; 2357 info.si_pid = task_pid_vnr(current); 2358 info.si_uid = from_kuid_munged(current_user_ns(), current_uid()); 2359 2360 /* Let the debugger run. */ 2361 return ptrace_stop(exit_code, why, message, &info); 2362 } 2363 2364 int ptrace_notify(int exit_code, unsigned long message) 2365 { 2366 int signr; 2367 2368 BUG_ON((exit_code & (0x7f | ~0xffff)) != SIGTRAP); 2369 if (unlikely(task_work_pending(current))) 2370 task_work_run(); 2371 2372 spin_lock_irq(¤t->sighand->siglock); 2373 signr = ptrace_do_notify(SIGTRAP, exit_code, CLD_TRAPPED, message); 2374 spin_unlock_irq(¤t->sighand->siglock); 2375 return signr; 2376 } 2377 2378 /** 2379 * do_signal_stop - handle group stop for SIGSTOP and other stop signals 2380 * @signr: signr causing group stop if initiating 2381 * 2382 * If %JOBCTL_STOP_PENDING is not set yet, initiate group stop with @signr 2383 * and participate in it. If already set, participate in the existing 2384 * group stop. If participated in a group stop (and thus slept), %true is 2385 * returned with siglock released. 2386 * 2387 * If ptraced, this function doesn't handle stop itself. Instead, 2388 * %JOBCTL_TRAP_STOP is scheduled and %false is returned with siglock 2389 * untouched. The caller must ensure that INTERRUPT trap handling takes 2390 * places afterwards. 2391 * 2392 * CONTEXT: 2393 * Must be called with @current->sighand->siglock held, which is released 2394 * on %true return. 2395 * 2396 * RETURNS: 2397 * %false if group stop is already cancelled or ptrace trap is scheduled. 2398 * %true if participated in group stop. 2399 */ 2400 static bool do_signal_stop(int signr) 2401 __releases(¤t->sighand->siglock) 2402 { 2403 struct signal_struct *sig = current->signal; 2404 2405 if (!(current->jobctl & JOBCTL_STOP_PENDING)) { 2406 unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME; 2407 struct task_struct *t; 2408 2409 /* signr will be recorded in task->jobctl for retries */ 2410 WARN_ON_ONCE(signr & ~JOBCTL_STOP_SIGMASK); 2411 2412 if (!likely(current->jobctl & JOBCTL_STOP_DEQUEUED) || 2413 unlikely(sig->flags & SIGNAL_GROUP_EXIT) || 2414 unlikely(sig->group_exec_task)) 2415 return false; 2416 /* 2417 * There is no group stop already in progress. We must 2418 * initiate one now. 2419 * 2420 * While ptraced, a task may be resumed while group stop is 2421 * still in effect and then receive a stop signal and 2422 * initiate another group stop. This deviates from the 2423 * usual behavior as two consecutive stop signals can't 2424 * cause two group stops when !ptraced. That is why we 2425 * also check !task_is_stopped(t) below. 2426 * 2427 * The condition can be distinguished by testing whether 2428 * SIGNAL_STOP_STOPPED is already set. Don't generate 2429 * group_exit_code in such case. 2430 * 2431 * This is not necessary for SIGNAL_STOP_CONTINUED because 2432 * an intervening stop signal is required to cause two 2433 * continued events regardless of ptrace. 2434 */ 2435 if (!(sig->flags & SIGNAL_STOP_STOPPED)) 2436 sig->group_exit_code = signr; 2437 2438 sig->group_stop_count = 0; 2439 if (task_set_jobctl_pending(current, signr | gstop)) 2440 sig->group_stop_count++; 2441 2442 for_other_threads(current, t) { 2443 /* 2444 * Setting state to TASK_STOPPED for a group 2445 * stop is always done with the siglock held, 2446 * so this check has no races. 2447 */ 2448 if (!task_is_stopped(t) && 2449 task_set_jobctl_pending(t, signr | gstop)) { 2450 sig->group_stop_count++; 2451 if (likely(!(t->ptrace & PT_SEIZED))) 2452 signal_wake_up(t, 0); 2453 else 2454 ptrace_trap_notify(t); 2455 } 2456 } 2457 } 2458 2459 if (likely(!current->ptrace)) { 2460 int notify = 0; 2461 2462 /* 2463 * If there are no other threads in the group, or if there 2464 * is a group stop in progress and we are the last to stop, 2465 * report to the parent. 2466 */ 2467 if (task_participate_group_stop(current)) 2468 notify = CLD_STOPPED; 2469 2470 current->jobctl |= JOBCTL_STOPPED; 2471 set_special_state(TASK_STOPPED); 2472 spin_unlock_irq(¤t->sighand->siglock); 2473 2474 /* 2475 * Notify the parent of the group stop completion. Because 2476 * we're not holding either the siglock or tasklist_lock 2477 * here, ptracer may attach inbetween; however, this is for 2478 * group stop and should always be delivered to the real 2479 * parent of the group leader. The new ptracer will get 2480 * its notification when this task transitions into 2481 * TASK_TRACED. 2482 */ 2483 if (notify) { 2484 read_lock(&tasklist_lock); 2485 do_notify_parent_cldstop(current, false, notify); 2486 read_unlock(&tasklist_lock); 2487 } 2488 2489 /* Now we don't run again until woken by SIGCONT or SIGKILL */ 2490 cgroup_enter_frozen(); 2491 schedule(); 2492 return true; 2493 } else { 2494 /* 2495 * While ptraced, group stop is handled by STOP trap. 2496 * Schedule it and let the caller deal with it. 2497 */ 2498 task_set_jobctl_pending(current, JOBCTL_TRAP_STOP); 2499 return false; 2500 } 2501 } 2502 2503 /** 2504 * do_jobctl_trap - take care of ptrace jobctl traps 2505 * 2506 * When PT_SEIZED, it's used for both group stop and explicit 2507 * SEIZE/INTERRUPT traps. Both generate PTRACE_EVENT_STOP trap with 2508 * accompanying siginfo. If stopped, lower eight bits of exit_code contain 2509 * the stop signal; otherwise, %SIGTRAP. 2510 * 2511 * When !PT_SEIZED, it's used only for group stop trap with stop signal 2512 * number as exit_code and no siginfo. 2513 * 2514 * CONTEXT: 2515 * Must be called with @current->sighand->siglock held, which may be 2516 * released and re-acquired before returning with intervening sleep. 2517 */ 2518 static void do_jobctl_trap(void) 2519 { 2520 struct signal_struct *signal = current->signal; 2521 int signr = current->jobctl & JOBCTL_STOP_SIGMASK; 2522 2523 if (current->ptrace & PT_SEIZED) { 2524 if (!signal->group_stop_count && 2525 !(signal->flags & SIGNAL_STOP_STOPPED)) 2526 signr = SIGTRAP; 2527 WARN_ON_ONCE(!signr); 2528 ptrace_do_notify(signr, signr | (PTRACE_EVENT_STOP << 8), 2529 CLD_STOPPED, 0); 2530 } else { 2531 WARN_ON_ONCE(!signr); 2532 ptrace_stop(signr, CLD_STOPPED, 0, NULL); 2533 } 2534 } 2535 2536 /** 2537 * do_freezer_trap - handle the freezer jobctl trap 2538 * 2539 * Puts the task into frozen state, if only the task is not about to quit. 2540 * In this case it drops JOBCTL_TRAP_FREEZE. 2541 * 2542 * CONTEXT: 2543 * Must be called with @current->sighand->siglock held, 2544 * which is always released before returning. 2545 */ 2546 static void do_freezer_trap(void) 2547 __releases(¤t->sighand->siglock) 2548 { 2549 /* 2550 * If there are other trap bits pending except JOBCTL_TRAP_FREEZE, 2551 * let's make another loop to give it a chance to be handled. 2552 * In any case, we'll return back. 2553 */ 2554 if ((current->jobctl & (JOBCTL_PENDING_MASK | JOBCTL_TRAP_FREEZE)) != 2555 JOBCTL_TRAP_FREEZE) { 2556 spin_unlock_irq(¤t->sighand->siglock); 2557 return; 2558 } 2559 2560 /* 2561 * Now we're sure that there is no pending fatal signal and no 2562 * pending traps. Clear TIF_SIGPENDING to not get out of schedule() 2563 * immediately (if there is a non-fatal signal pending), and 2564 * put the task into sleep. 2565 */ 2566 __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE); 2567 clear_thread_flag(TIF_SIGPENDING); 2568 spin_unlock_irq(¤t->sighand->siglock); 2569 cgroup_enter_frozen(); 2570 schedule(); 2571 2572 /* 2573 * We could've been woken by task_work, run it to clear 2574 * TIF_NOTIFY_SIGNAL. The caller will retry if necessary. 2575 */ 2576 clear_notify_signal(); 2577 if (unlikely(task_work_pending(current))) 2578 task_work_run(); 2579 } 2580 2581 static int ptrace_signal(int signr, kernel_siginfo_t *info, enum pid_type type) 2582 { 2583 /* 2584 * We do not check sig_kernel_stop(signr) but set this marker 2585 * unconditionally because we do not know whether debugger will 2586 * change signr. This flag has no meaning unless we are going 2587 * to stop after return from ptrace_stop(). In this case it will 2588 * be checked in do_signal_stop(), we should only stop if it was 2589 * not cleared by SIGCONT while we were sleeping. See also the 2590 * comment in dequeue_signal(). 2591 */ 2592 current->jobctl |= JOBCTL_STOP_DEQUEUED; 2593 signr = ptrace_stop(signr, CLD_TRAPPED, 0, info); 2594 2595 /* We're back. Did the debugger cancel the sig? */ 2596 if (signr == 0) 2597 return signr; 2598 2599 /* 2600 * Update the siginfo structure if the signal has 2601 * changed. If the debugger wanted something 2602 * specific in the siginfo structure then it should 2603 * have updated *info via PTRACE_SETSIGINFO. 2604 */ 2605 if (signr != info->si_signo) { 2606 clear_siginfo(info); 2607 info->si_signo = signr; 2608 info->si_errno = 0; 2609 info->si_code = SI_USER; 2610 rcu_read_lock(); 2611 info->si_pid = task_pid_vnr(current->parent); 2612 info->si_uid = from_kuid_munged(current_user_ns(), 2613 task_uid(current->parent)); 2614 rcu_read_unlock(); 2615 } 2616 2617 /* If the (new) signal is now blocked, requeue it. */ 2618 if (sigismember(¤t->blocked, signr) || 2619 fatal_signal_pending(current)) { 2620 send_signal_locked(signr, info, current, type); 2621 signr = 0; 2622 } 2623 2624 return signr; 2625 } 2626 2627 static void hide_si_addr_tag_bits(struct ksignal *ksig) 2628 { 2629 switch (siginfo_layout(ksig->sig, ksig->info.si_code)) { 2630 case SIL_FAULT: 2631 case SIL_FAULT_TRAPNO: 2632 case SIL_FAULT_MCEERR: 2633 case SIL_FAULT_BNDERR: 2634 case SIL_FAULT_PKUERR: 2635 case SIL_FAULT_PERF_EVENT: 2636 ksig->info.si_addr = arch_untagged_si_addr( 2637 ksig->info.si_addr, ksig->sig, ksig->info.si_code); 2638 break; 2639 case SIL_KILL: 2640 case SIL_TIMER: 2641 case SIL_POLL: 2642 case SIL_CHLD: 2643 case SIL_RT: 2644 case SIL_SYS: 2645 break; 2646 } 2647 } 2648 2649 bool get_signal(struct ksignal *ksig) 2650 { 2651 struct sighand_struct *sighand = current->sighand; 2652 struct signal_struct *signal = current->signal; 2653 int signr; 2654 2655 clear_notify_signal(); 2656 if (unlikely(task_work_pending(current))) 2657 task_work_run(); 2658 2659 if (!task_sigpending(current)) 2660 return false; 2661 2662 if (unlikely(uprobe_deny_signal())) 2663 return false; 2664 2665 /* 2666 * Do this once, we can't return to user-mode if freezing() == T. 2667 * do_signal_stop() and ptrace_stop() do freezable_schedule() and 2668 * thus do not need another check after return. 2669 */ 2670 try_to_freeze(); 2671 2672 relock: 2673 spin_lock_irq(&sighand->siglock); 2674 2675 /* 2676 * Every stopped thread goes here after wakeup. Check to see if 2677 * we should notify the parent, prepare_signal(SIGCONT) encodes 2678 * the CLD_ si_code into SIGNAL_CLD_MASK bits. 2679 */ 2680 if (unlikely(signal->flags & SIGNAL_CLD_MASK)) { 2681 int why; 2682 2683 if (signal->flags & SIGNAL_CLD_CONTINUED) 2684 why = CLD_CONTINUED; 2685 else 2686 why = CLD_STOPPED; 2687 2688 signal->flags &= ~SIGNAL_CLD_MASK; 2689 2690 spin_unlock_irq(&sighand->siglock); 2691 2692 /* 2693 * Notify the parent that we're continuing. This event is 2694 * always per-process and doesn't make whole lot of sense 2695 * for ptracers, who shouldn't consume the state via 2696 * wait(2) either, but, for backward compatibility, notify 2697 * the ptracer of the group leader too unless it's gonna be 2698 * a duplicate. 2699 */ 2700 read_lock(&tasklist_lock); 2701 do_notify_parent_cldstop(current, false, why); 2702 2703 if (ptrace_reparented(current->group_leader)) 2704 do_notify_parent_cldstop(current->group_leader, 2705 true, why); 2706 read_unlock(&tasklist_lock); 2707 2708 goto relock; 2709 } 2710 2711 for (;;) { 2712 struct k_sigaction *ka; 2713 enum pid_type type; 2714 2715 /* Has this task already been marked for death? */ 2716 if ((signal->flags & SIGNAL_GROUP_EXIT) || 2717 signal->group_exec_task) { 2718 signr = SIGKILL; 2719 sigdelset(¤t->pending.signal, SIGKILL); 2720 trace_signal_deliver(SIGKILL, SEND_SIG_NOINFO, 2721 &sighand->action[SIGKILL-1]); 2722 recalc_sigpending(); 2723 /* 2724 * implies do_group_exit() or return to PF_USER_WORKER, 2725 * no need to initialize ksig->info/etc. 2726 */ 2727 goto fatal; 2728 } 2729 2730 if (unlikely(current->jobctl & JOBCTL_STOP_PENDING) && 2731 do_signal_stop(0)) 2732 goto relock; 2733 2734 if (unlikely(current->jobctl & 2735 (JOBCTL_TRAP_MASK | JOBCTL_TRAP_FREEZE))) { 2736 if (current->jobctl & JOBCTL_TRAP_MASK) { 2737 do_jobctl_trap(); 2738 spin_unlock_irq(&sighand->siglock); 2739 } else if (current->jobctl & JOBCTL_TRAP_FREEZE) 2740 do_freezer_trap(); 2741 2742 goto relock; 2743 } 2744 2745 /* 2746 * If the task is leaving the frozen state, let's update 2747 * cgroup counters and reset the frozen bit. 2748 */ 2749 if (unlikely(cgroup_task_frozen(current))) { 2750 spin_unlock_irq(&sighand->siglock); 2751 cgroup_leave_frozen(false); 2752 goto relock; 2753 } 2754 2755 /* 2756 * Signals generated by the execution of an instruction 2757 * need to be delivered before any other pending signals 2758 * so that the instruction pointer in the signal stack 2759 * frame points to the faulting instruction. 2760 */ 2761 type = PIDTYPE_PID; 2762 signr = dequeue_synchronous_signal(&ksig->info); 2763 if (!signr) 2764 signr = dequeue_signal(¤t->blocked, &ksig->info, &type); 2765 2766 if (!signr) 2767 break; /* will return 0 */ 2768 2769 if (unlikely(current->ptrace) && (signr != SIGKILL) && 2770 !(sighand->action[signr -1].sa.sa_flags & SA_IMMUTABLE)) { 2771 signr = ptrace_signal(signr, &ksig->info, type); 2772 if (!signr) 2773 continue; 2774 } 2775 2776 ka = &sighand->action[signr-1]; 2777 2778 /* Trace actually delivered signals. */ 2779 trace_signal_deliver(signr, &ksig->info, ka); 2780 2781 if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */ 2782 continue; 2783 if (ka->sa.sa_handler != SIG_DFL) { 2784 /* Run the handler. */ 2785 ksig->ka = *ka; 2786 2787 if (ka->sa.sa_flags & SA_ONESHOT) 2788 ka->sa.sa_handler = SIG_DFL; 2789 2790 break; /* will return non-zero "signr" value */ 2791 } 2792 2793 /* 2794 * Now we are doing the default action for this signal. 2795 */ 2796 if (sig_kernel_ignore(signr)) /* Default is nothing. */ 2797 continue; 2798 2799 /* 2800 * Global init gets no signals it doesn't want. 2801 * Container-init gets no signals it doesn't want from same 2802 * container. 2803 * 2804 * Note that if global/container-init sees a sig_kernel_only() 2805 * signal here, the signal must have been generated internally 2806 * or must have come from an ancestor namespace. In either 2807 * case, the signal cannot be dropped. 2808 */ 2809 if (unlikely(signal->flags & SIGNAL_UNKILLABLE) && 2810 !sig_kernel_only(signr)) 2811 continue; 2812 2813 if (sig_kernel_stop(signr)) { 2814 /* 2815 * The default action is to stop all threads in 2816 * the thread group. The job control signals 2817 * do nothing in an orphaned pgrp, but SIGSTOP 2818 * always works. Note that siglock needs to be 2819 * dropped during the call to is_orphaned_pgrp() 2820 * because of lock ordering with tasklist_lock. 2821 * This allows an intervening SIGCONT to be posted. 2822 * We need to check for that and bail out if necessary. 2823 */ 2824 if (signr != SIGSTOP) { 2825 spin_unlock_irq(&sighand->siglock); 2826 2827 /* signals can be posted during this window */ 2828 2829 if (is_current_pgrp_orphaned()) 2830 goto relock; 2831 2832 spin_lock_irq(&sighand->siglock); 2833 } 2834 2835 if (likely(do_signal_stop(signr))) { 2836 /* It released the siglock. */ 2837 goto relock; 2838 } 2839 2840 /* 2841 * We didn't actually stop, due to a race 2842 * with SIGCONT or something like that. 2843 */ 2844 continue; 2845 } 2846 2847 fatal: 2848 spin_unlock_irq(&sighand->siglock); 2849 if (unlikely(cgroup_task_frozen(current))) 2850 cgroup_leave_frozen(true); 2851 2852 /* 2853 * Anything else is fatal, maybe with a core dump. 2854 */ 2855 current->flags |= PF_SIGNALED; 2856 2857 if (sig_kernel_coredump(signr)) { 2858 if (print_fatal_signals) 2859 print_fatal_signal(signr); 2860 proc_coredump_connector(current); 2861 /* 2862 * If it was able to dump core, this kills all 2863 * other threads in the group and synchronizes with 2864 * their demise. If we lost the race with another 2865 * thread getting here, it set group_exit_code 2866 * first and our do_group_exit call below will use 2867 * that value and ignore the one we pass it. 2868 */ 2869 do_coredump(&ksig->info); 2870 } 2871 2872 /* 2873 * PF_USER_WORKER threads will catch and exit on fatal signals 2874 * themselves. They have cleanup that must be performed, so we 2875 * cannot call do_exit() on their behalf. Note that ksig won't 2876 * be properly initialized, PF_USER_WORKER's shouldn't use it. 2877 */ 2878 if (current->flags & PF_USER_WORKER) 2879 goto out; 2880 2881 /* 2882 * Death signals, no core dump. 2883 */ 2884 do_group_exit(signr); 2885 /* NOTREACHED */ 2886 } 2887 spin_unlock_irq(&sighand->siglock); 2888 2889 ksig->sig = signr; 2890 2891 if (signr && !(ksig->ka.sa.sa_flags & SA_EXPOSE_TAGBITS)) 2892 hide_si_addr_tag_bits(ksig); 2893 out: 2894 return signr > 0; 2895 } 2896 2897 /** 2898 * signal_delivered - called after signal delivery to update blocked signals 2899 * @ksig: kernel signal struct 2900 * @stepping: nonzero if debugger single-step or block-step in use 2901 * 2902 * This function should be called when a signal has successfully been 2903 * delivered. It updates the blocked signals accordingly (@ksig->ka.sa.sa_mask 2904 * is always blocked), and the signal itself is blocked unless %SA_NODEFER 2905 * is set in @ksig->ka.sa.sa_flags. Tracing is notified. 2906 */ 2907 static void signal_delivered(struct ksignal *ksig, int stepping) 2908 { 2909 sigset_t blocked; 2910 2911 /* A signal was successfully delivered, and the 2912 saved sigmask was stored on the signal frame, 2913 and will be restored by sigreturn. So we can 2914 simply clear the restore sigmask flag. */ 2915 clear_restore_sigmask(); 2916 2917 sigorsets(&blocked, ¤t->blocked, &ksig->ka.sa.sa_mask); 2918 if (!(ksig->ka.sa.sa_flags & SA_NODEFER)) 2919 sigaddset(&blocked, ksig->sig); 2920 set_current_blocked(&blocked); 2921 if (current->sas_ss_flags & SS_AUTODISARM) 2922 sas_ss_reset(current); 2923 if (stepping) 2924 ptrace_notify(SIGTRAP, 0); 2925 } 2926 2927 void signal_setup_done(int failed, struct ksignal *ksig, int stepping) 2928 { 2929 if (failed) 2930 force_sigsegv(ksig->sig); 2931 else 2932 signal_delivered(ksig, stepping); 2933 } 2934 2935 /* 2936 * It could be that complete_signal() picked us to notify about the 2937 * group-wide signal. Other threads should be notified now to take 2938 * the shared signals in @which since we will not. 2939 */ 2940 static void retarget_shared_pending(struct task_struct *tsk, sigset_t *which) 2941 { 2942 sigset_t retarget; 2943 struct task_struct *t; 2944 2945 sigandsets(&retarget, &tsk->signal->shared_pending.signal, which); 2946 if (sigisemptyset(&retarget)) 2947 return; 2948 2949 for_other_threads(tsk, t) { 2950 if (t->flags & PF_EXITING) 2951 continue; 2952 2953 if (!has_pending_signals(&retarget, &t->blocked)) 2954 continue; 2955 /* Remove the signals this thread can handle. */ 2956 sigandsets(&retarget, &retarget, &t->blocked); 2957 2958 if (!task_sigpending(t)) 2959 signal_wake_up(t, 0); 2960 2961 if (sigisemptyset(&retarget)) 2962 break; 2963 } 2964 } 2965 2966 void exit_signals(struct task_struct *tsk) 2967 { 2968 int group_stop = 0; 2969 sigset_t unblocked; 2970 2971 /* 2972 * @tsk is about to have PF_EXITING set - lock out users which 2973 * expect stable threadgroup. 2974 */ 2975 cgroup_threadgroup_change_begin(tsk); 2976 2977 if (thread_group_empty(tsk) || (tsk->signal->flags & SIGNAL_GROUP_EXIT)) { 2978 sched_mm_cid_exit_signals(tsk); 2979 tsk->flags |= PF_EXITING; 2980 cgroup_threadgroup_change_end(tsk); 2981 return; 2982 } 2983 2984 spin_lock_irq(&tsk->sighand->siglock); 2985 /* 2986 * From now this task is not visible for group-wide signals, 2987 * see wants_signal(), do_signal_stop(). 2988 */ 2989 sched_mm_cid_exit_signals(tsk); 2990 tsk->flags |= PF_EXITING; 2991 2992 cgroup_threadgroup_change_end(tsk); 2993 2994 if (!task_sigpending(tsk)) 2995 goto out; 2996 2997 unblocked = tsk->blocked; 2998 signotset(&unblocked); 2999 retarget_shared_pending(tsk, &unblocked); 3000 3001 if (unlikely(tsk->jobctl & JOBCTL_STOP_PENDING) && 3002 task_participate_group_stop(tsk)) 3003 group_stop = CLD_STOPPED; 3004 out: 3005 spin_unlock_irq(&tsk->sighand->siglock); 3006 3007 /* 3008 * If group stop has completed, deliver the notification. This 3009 * should always go to the real parent of the group leader. 3010 */ 3011 if (unlikely(group_stop)) { 3012 read_lock(&tasklist_lock); 3013 do_notify_parent_cldstop(tsk, false, group_stop); 3014 read_unlock(&tasklist_lock); 3015 } 3016 } 3017 3018 /* 3019 * System call entry points. 3020 */ 3021 3022 /** 3023 * sys_restart_syscall - restart a system call 3024 */ 3025 SYSCALL_DEFINE0(restart_syscall) 3026 { 3027 struct restart_block *restart = ¤t->restart_block; 3028 return restart->fn(restart); 3029 } 3030 3031 long do_no_restart_syscall(struct restart_block *param) 3032 { 3033 return -EINTR; 3034 } 3035 3036 static void __set_task_blocked(struct task_struct *tsk, const sigset_t *newset) 3037 { 3038 if (task_sigpending(tsk) && !thread_group_empty(tsk)) { 3039 sigset_t newblocked; 3040 /* A set of now blocked but previously unblocked signals. */ 3041 sigandnsets(&newblocked, newset, ¤t->blocked); 3042 retarget_shared_pending(tsk, &newblocked); 3043 } 3044 tsk->blocked = *newset; 3045 recalc_sigpending(); 3046 } 3047 3048 /** 3049 * set_current_blocked - change current->blocked mask 3050 * @newset: new mask 3051 * 3052 * It is wrong to change ->blocked directly, this helper should be used 3053 * to ensure the process can't miss a shared signal we are going to block. 3054 */ 3055 void set_current_blocked(sigset_t *newset) 3056 { 3057 sigdelsetmask(newset, sigmask(SIGKILL) | sigmask(SIGSTOP)); 3058 __set_current_blocked(newset); 3059 } 3060 3061 void __set_current_blocked(const sigset_t *newset) 3062 { 3063 struct task_struct *tsk = current; 3064 3065 /* 3066 * In case the signal mask hasn't changed, there is nothing we need 3067 * to do. The current->blocked shouldn't be modified by other task. 3068 */ 3069 if (sigequalsets(&tsk->blocked, newset)) 3070 return; 3071 3072 spin_lock_irq(&tsk->sighand->siglock); 3073 __set_task_blocked(tsk, newset); 3074 spin_unlock_irq(&tsk->sighand->siglock); 3075 } 3076 3077 /* 3078 * This is also useful for kernel threads that want to temporarily 3079 * (or permanently) block certain signals. 3080 * 3081 * NOTE! Unlike the user-mode sys_sigprocmask(), the kernel 3082 * interface happily blocks "unblockable" signals like SIGKILL 3083 * and friends. 3084 */ 3085 int sigprocmask(int how, sigset_t *set, sigset_t *oldset) 3086 { 3087 struct task_struct *tsk = current; 3088 sigset_t newset; 3089 3090 /* Lockless, only current can change ->blocked, never from irq */ 3091 if (oldset) 3092 *oldset = tsk->blocked; 3093 3094 switch (how) { 3095 case SIG_BLOCK: 3096 sigorsets(&newset, &tsk->blocked, set); 3097 break; 3098 case SIG_UNBLOCK: 3099 sigandnsets(&newset, &tsk->blocked, set); 3100 break; 3101 case SIG_SETMASK: 3102 newset = *set; 3103 break; 3104 default: 3105 return -EINVAL; 3106 } 3107 3108 __set_current_blocked(&newset); 3109 return 0; 3110 } 3111 EXPORT_SYMBOL(sigprocmask); 3112 3113 /* 3114 * The api helps set app-provided sigmasks. 3115 * 3116 * This is useful for syscalls such as ppoll, pselect, io_pgetevents and 3117 * epoll_pwait where a new sigmask is passed from userland for the syscalls. 3118 * 3119 * Note that it does set_restore_sigmask() in advance, so it must be always 3120 * paired with restore_saved_sigmask_unless() before return from syscall. 3121 */ 3122 int set_user_sigmask(const sigset_t __user *umask, size_t sigsetsize) 3123 { 3124 sigset_t kmask; 3125 3126 if (!umask) 3127 return 0; 3128 if (sigsetsize != sizeof(sigset_t)) 3129 return -EINVAL; 3130 if (copy_from_user(&kmask, umask, sizeof(sigset_t))) 3131 return -EFAULT; 3132 3133 set_restore_sigmask(); 3134 current->saved_sigmask = current->blocked; 3135 set_current_blocked(&kmask); 3136 3137 return 0; 3138 } 3139 3140 #ifdef CONFIG_COMPAT 3141 int set_compat_user_sigmask(const compat_sigset_t __user *umask, 3142 size_t sigsetsize) 3143 { 3144 sigset_t kmask; 3145 3146 if (!umask) 3147 return 0; 3148 if (sigsetsize != sizeof(compat_sigset_t)) 3149 return -EINVAL; 3150 if (get_compat_sigset(&kmask, umask)) 3151 return -EFAULT; 3152 3153 set_restore_sigmask(); 3154 current->saved_sigmask = current->blocked; 3155 set_current_blocked(&kmask); 3156 3157 return 0; 3158 } 3159 #endif 3160 3161 /** 3162 * sys_rt_sigprocmask - change the list of currently blocked signals 3163 * @how: whether to add, remove, or set signals 3164 * @nset: stores pending signals 3165 * @oset: previous value of signal mask if non-null 3166 * @sigsetsize: size of sigset_t type 3167 */ 3168 SYSCALL_DEFINE4(rt_sigprocmask, int, how, sigset_t __user *, nset, 3169 sigset_t __user *, oset, size_t, sigsetsize) 3170 { 3171 sigset_t old_set, new_set; 3172 int error; 3173 3174 /* XXX: Don't preclude handling different sized sigset_t's. */ 3175 if (sigsetsize != sizeof(sigset_t)) 3176 return -EINVAL; 3177 3178 old_set = current->blocked; 3179 3180 if (nset) { 3181 if (copy_from_user(&new_set, nset, sizeof(sigset_t))) 3182 return -EFAULT; 3183 sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP)); 3184 3185 error = sigprocmask(how, &new_set, NULL); 3186 if (error) 3187 return error; 3188 } 3189 3190 if (oset) { 3191 if (copy_to_user(oset, &old_set, sizeof(sigset_t))) 3192 return -EFAULT; 3193 } 3194 3195 return 0; 3196 } 3197 3198 #ifdef CONFIG_COMPAT 3199 COMPAT_SYSCALL_DEFINE4(rt_sigprocmask, int, how, compat_sigset_t __user *, nset, 3200 compat_sigset_t __user *, oset, compat_size_t, sigsetsize) 3201 { 3202 sigset_t old_set = current->blocked; 3203 3204 /* XXX: Don't preclude handling different sized sigset_t's. */ 3205 if (sigsetsize != sizeof(sigset_t)) 3206 return -EINVAL; 3207 3208 if (nset) { 3209 sigset_t new_set; 3210 int error; 3211 if (get_compat_sigset(&new_set, nset)) 3212 return -EFAULT; 3213 sigdelsetmask(&new_set, sigmask(SIGKILL)|sigmask(SIGSTOP)); 3214 3215 error = sigprocmask(how, &new_set, NULL); 3216 if (error) 3217 return error; 3218 } 3219 return oset ? put_compat_sigset(oset, &old_set, sizeof(*oset)) : 0; 3220 } 3221 #endif 3222 3223 static void do_sigpending(sigset_t *set) 3224 { 3225 spin_lock_irq(¤t->sighand->siglock); 3226 sigorsets(set, ¤t->pending.signal, 3227 ¤t->signal->shared_pending.signal); 3228 spin_unlock_irq(¤t->sighand->siglock); 3229 3230 /* Outside the lock because only this thread touches it. */ 3231 sigandsets(set, ¤t->blocked, set); 3232 } 3233 3234 /** 3235 * sys_rt_sigpending - examine a pending signal that has been raised 3236 * while blocked 3237 * @uset: stores pending signals 3238 * @sigsetsize: size of sigset_t type or larger 3239 */ 3240 SYSCALL_DEFINE2(rt_sigpending, sigset_t __user *, uset, size_t, sigsetsize) 3241 { 3242 sigset_t set; 3243 3244 if (sigsetsize > sizeof(*uset)) 3245 return -EINVAL; 3246 3247 do_sigpending(&set); 3248 3249 if (copy_to_user(uset, &set, sigsetsize)) 3250 return -EFAULT; 3251 3252 return 0; 3253 } 3254 3255 #ifdef CONFIG_COMPAT 3256 COMPAT_SYSCALL_DEFINE2(rt_sigpending, compat_sigset_t __user *, uset, 3257 compat_size_t, sigsetsize) 3258 { 3259 sigset_t set; 3260 3261 if (sigsetsize > sizeof(*uset)) 3262 return -EINVAL; 3263 3264 do_sigpending(&set); 3265 3266 return put_compat_sigset(uset, &set, sigsetsize); 3267 } 3268 #endif 3269 3270 static const struct { 3271 unsigned char limit, layout; 3272 } sig_sicodes[] = { 3273 [SIGILL] = { NSIGILL, SIL_FAULT }, 3274 [SIGFPE] = { NSIGFPE, SIL_FAULT }, 3275 [SIGSEGV] = { NSIGSEGV, SIL_FAULT }, 3276 [SIGBUS] = { NSIGBUS, SIL_FAULT }, 3277 [SIGTRAP] = { NSIGTRAP, SIL_FAULT }, 3278 #if defined(SIGEMT) 3279 [SIGEMT] = { NSIGEMT, SIL_FAULT }, 3280 #endif 3281 [SIGCHLD] = { NSIGCHLD, SIL_CHLD }, 3282 [SIGPOLL] = { NSIGPOLL, SIL_POLL }, 3283 [SIGSYS] = { NSIGSYS, SIL_SYS }, 3284 }; 3285 3286 static bool known_siginfo_layout(unsigned sig, int si_code) 3287 { 3288 if (si_code == SI_KERNEL) 3289 return true; 3290 else if ((si_code > SI_USER)) { 3291 if (sig_specific_sicodes(sig)) { 3292 if (si_code <= sig_sicodes[sig].limit) 3293 return true; 3294 } 3295 else if (si_code <= NSIGPOLL) 3296 return true; 3297 } 3298 else if (si_code >= SI_DETHREAD) 3299 return true; 3300 else if (si_code == SI_ASYNCNL) 3301 return true; 3302 return false; 3303 } 3304 3305 enum siginfo_layout siginfo_layout(unsigned sig, int si_code) 3306 { 3307 enum siginfo_layout layout = SIL_KILL; 3308 if ((si_code > SI_USER) && (si_code < SI_KERNEL)) { 3309 if ((sig < ARRAY_SIZE(sig_sicodes)) && 3310 (si_code <= sig_sicodes[sig].limit)) { 3311 layout = sig_sicodes[sig].layout; 3312 /* Handle the exceptions */ 3313 if ((sig == SIGBUS) && 3314 (si_code >= BUS_MCEERR_AR) && (si_code <= BUS_MCEERR_AO)) 3315 layout = SIL_FAULT_MCEERR; 3316 else if ((sig == SIGSEGV) && (si_code == SEGV_BNDERR)) 3317 layout = SIL_FAULT_BNDERR; 3318 #ifdef SEGV_PKUERR 3319 else if ((sig == SIGSEGV) && (si_code == SEGV_PKUERR)) 3320 layout = SIL_FAULT_PKUERR; 3321 #endif 3322 else if ((sig == SIGTRAP) && (si_code == TRAP_PERF)) 3323 layout = SIL_FAULT_PERF_EVENT; 3324 else if (IS_ENABLED(CONFIG_SPARC) && 3325 (sig == SIGILL) && (si_code == ILL_ILLTRP)) 3326 layout = SIL_FAULT_TRAPNO; 3327 else if (IS_ENABLED(CONFIG_ALPHA) && 3328 ((sig == SIGFPE) || 3329 ((sig == SIGTRAP) && (si_code == TRAP_UNK)))) 3330 layout = SIL_FAULT_TRAPNO; 3331 } 3332 else if (si_code <= NSIGPOLL) 3333 layout = SIL_POLL; 3334 } else { 3335 if (si_code == SI_TIMER) 3336 layout = SIL_TIMER; 3337 else if (si_code == SI_SIGIO) 3338 layout = SIL_POLL; 3339 else if (si_code < 0) 3340 layout = SIL_RT; 3341 } 3342 return layout; 3343 } 3344 3345 static inline char __user *si_expansion(const siginfo_t __user *info) 3346 { 3347 return ((char __user *)info) + sizeof(struct kernel_siginfo); 3348 } 3349 3350 int copy_siginfo_to_user(siginfo_t __user *to, const kernel_siginfo_t *from) 3351 { 3352 char __user *expansion = si_expansion(to); 3353 if (copy_to_user(to, from , sizeof(struct kernel_siginfo))) 3354 return -EFAULT; 3355 if (clear_user(expansion, SI_EXPANSION_SIZE)) 3356 return -EFAULT; 3357 return 0; 3358 } 3359 3360 static int post_copy_siginfo_from_user(kernel_siginfo_t *info, 3361 const siginfo_t __user *from) 3362 { 3363 if (unlikely(!known_siginfo_layout(info->si_signo, info->si_code))) { 3364 char __user *expansion = si_expansion(from); 3365 char buf[SI_EXPANSION_SIZE]; 3366 int i; 3367 /* 3368 * An unknown si_code might need more than 3369 * sizeof(struct kernel_siginfo) bytes. Verify all of the 3370 * extra bytes are 0. This guarantees copy_siginfo_to_user 3371 * will return this data to userspace exactly. 3372 */ 3373 if (copy_from_user(&buf, expansion, SI_EXPANSION_SIZE)) 3374 return -EFAULT; 3375 for (i = 0; i < SI_EXPANSION_SIZE; i++) { 3376 if (buf[i] != 0) 3377 return -E2BIG; 3378 } 3379 } 3380 return 0; 3381 } 3382 3383 static int __copy_siginfo_from_user(int signo, kernel_siginfo_t *to, 3384 const siginfo_t __user *from) 3385 { 3386 if (copy_from_user(to, from, sizeof(struct kernel_siginfo))) 3387 return -EFAULT; 3388 to->si_signo = signo; 3389 return post_copy_siginfo_from_user(to, from); 3390 } 3391 3392 int copy_siginfo_from_user(kernel_siginfo_t *to, const siginfo_t __user *from) 3393 { 3394 if (copy_from_user(to, from, sizeof(struct kernel_siginfo))) 3395 return -EFAULT; 3396 return post_copy_siginfo_from_user(to, from); 3397 } 3398 3399 #ifdef CONFIG_COMPAT 3400 /** 3401 * copy_siginfo_to_external32 - copy a kernel siginfo into a compat user siginfo 3402 * @to: compat siginfo destination 3403 * @from: kernel siginfo source 3404 * 3405 * Note: This function does not work properly for the SIGCHLD on x32, but 3406 * fortunately it doesn't have to. The only valid callers for this function are 3407 * copy_siginfo_to_user32, which is overriden for x32 and the coredump code. 3408 * The latter does not care because SIGCHLD will never cause a coredump. 3409 */ 3410 void copy_siginfo_to_external32(struct compat_siginfo *to, 3411 const struct kernel_siginfo *from) 3412 { 3413 memset(to, 0, sizeof(*to)); 3414 3415 to->si_signo = from->si_signo; 3416 to->si_errno = from->si_errno; 3417 to->si_code = from->si_code; 3418 switch(siginfo_layout(from->si_signo, from->si_code)) { 3419 case SIL_KILL: 3420 to->si_pid = from->si_pid; 3421 to->si_uid = from->si_uid; 3422 break; 3423 case SIL_TIMER: 3424 to->si_tid = from->si_tid; 3425 to->si_overrun = from->si_overrun; 3426 to->si_int = from->si_int; 3427 break; 3428 case SIL_POLL: 3429 to->si_band = from->si_band; 3430 to->si_fd = from->si_fd; 3431 break; 3432 case SIL_FAULT: 3433 to->si_addr = ptr_to_compat(from->si_addr); 3434 break; 3435 case SIL_FAULT_TRAPNO: 3436 to->si_addr = ptr_to_compat(from->si_addr); 3437 to->si_trapno = from->si_trapno; 3438 break; 3439 case SIL_FAULT_MCEERR: 3440 to->si_addr = ptr_to_compat(from->si_addr); 3441 to->si_addr_lsb = from->si_addr_lsb; 3442 break; 3443 case SIL_FAULT_BNDERR: 3444 to->si_addr = ptr_to_compat(from->si_addr); 3445 to->si_lower = ptr_to_compat(from->si_lower); 3446 to->si_upper = ptr_to_compat(from->si_upper); 3447 break; 3448 case SIL_FAULT_PKUERR: 3449 to->si_addr = ptr_to_compat(from->si_addr); 3450 to->si_pkey = from->si_pkey; 3451 break; 3452 case SIL_FAULT_PERF_EVENT: 3453 to->si_addr = ptr_to_compat(from->si_addr); 3454 to->si_perf_data = from->si_perf_data; 3455 to->si_perf_type = from->si_perf_type; 3456 to->si_perf_flags = from->si_perf_flags; 3457 break; 3458 case SIL_CHLD: 3459 to->si_pid = from->si_pid; 3460 to->si_uid = from->si_uid; 3461 to->si_status = from->si_status; 3462 to->si_utime = from->si_utime; 3463 to->si_stime = from->si_stime; 3464 break; 3465 case SIL_RT: 3466 to->si_pid = from->si_pid; 3467 to->si_uid = from->si_uid; 3468 to->si_int = from->si_int; 3469 break; 3470 case SIL_SYS: 3471 to->si_call_addr = ptr_to_compat(from->si_call_addr); 3472 to->si_syscall = from->si_syscall; 3473 to->si_arch = from->si_arch; 3474 break; 3475 } 3476 } 3477 3478 int __copy_siginfo_to_user32(struct compat_siginfo __user *to, 3479 const struct kernel_siginfo *from) 3480 { 3481 struct compat_siginfo new; 3482 3483 copy_siginfo_to_external32(&new, from); 3484 if (copy_to_user(to, &new, sizeof(struct compat_siginfo))) 3485 return -EFAULT; 3486 return 0; 3487 } 3488 3489 static int post_copy_siginfo_from_user32(kernel_siginfo_t *to, 3490 const struct compat_siginfo *from) 3491 { 3492 clear_siginfo(to); 3493 to->si_signo = from->si_signo; 3494 to->si_errno = from->si_errno; 3495 to->si_code = from->si_code; 3496 switch(siginfo_layout(from->si_signo, from->si_code)) { 3497 case SIL_KILL: 3498 to->si_pid = from->si_pid; 3499 to->si_uid = from->si_uid; 3500 break; 3501 case SIL_TIMER: 3502 to->si_tid = from->si_tid; 3503 to->si_overrun = from->si_overrun; 3504 to->si_int = from->si_int; 3505 break; 3506 case SIL_POLL: 3507 to->si_band = from->si_band; 3508 to->si_fd = from->si_fd; 3509 break; 3510 case SIL_FAULT: 3511 to->si_addr = compat_ptr(from->si_addr); 3512 break; 3513 case SIL_FAULT_TRAPNO: 3514 to->si_addr = compat_ptr(from->si_addr); 3515 to->si_trapno = from->si_trapno; 3516 break; 3517 case SIL_FAULT_MCEERR: 3518 to->si_addr = compat_ptr(from->si_addr); 3519 to->si_addr_lsb = from->si_addr_lsb; 3520 break; 3521 case SIL_FAULT_BNDERR: 3522 to->si_addr = compat_ptr(from->si_addr); 3523 to->si_lower = compat_ptr(from->si_lower); 3524 to->si_upper = compat_ptr(from->si_upper); 3525 break; 3526 case SIL_FAULT_PKUERR: 3527 to->si_addr = compat_ptr(from->si_addr); 3528 to->si_pkey = from->si_pkey; 3529 break; 3530 case SIL_FAULT_PERF_EVENT: 3531 to->si_addr = compat_ptr(from->si_addr); 3532 to->si_perf_data = from->si_perf_data; 3533 to->si_perf_type = from->si_perf_type; 3534 to->si_perf_flags = from->si_perf_flags; 3535 break; 3536 case SIL_CHLD: 3537 to->si_pid = from->si_pid; 3538 to->si_uid = from->si_uid; 3539 to->si_status = from->si_status; 3540 #ifdef CONFIG_X86_X32_ABI 3541 if (in_x32_syscall()) { 3542 to->si_utime = from->_sifields._sigchld_x32._utime; 3543 to->si_stime = from->_sifields._sigchld_x32._stime; 3544 } else 3545 #endif 3546 { 3547 to->si_utime = from->si_utime; 3548 to->si_stime = from->si_stime; 3549 } 3550 break; 3551 case SIL_RT: 3552 to->si_pid = from->si_pid; 3553 to->si_uid = from->si_uid; 3554 to->si_int = from->si_int; 3555 break; 3556 case SIL_SYS: 3557 to->si_call_addr = compat_ptr(from->si_call_addr); 3558 to->si_syscall = from->si_syscall; 3559 to->si_arch = from->si_arch; 3560 break; 3561 } 3562 return 0; 3563 } 3564 3565 static int __copy_siginfo_from_user32(int signo, struct kernel_siginfo *to, 3566 const struct compat_siginfo __user *ufrom) 3567 { 3568 struct compat_siginfo from; 3569 3570 if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo))) 3571 return -EFAULT; 3572 3573 from.si_signo = signo; 3574 return post_copy_siginfo_from_user32(to, &from); 3575 } 3576 3577 int copy_siginfo_from_user32(struct kernel_siginfo *to, 3578 const struct compat_siginfo __user *ufrom) 3579 { 3580 struct compat_siginfo from; 3581 3582 if (copy_from_user(&from, ufrom, sizeof(struct compat_siginfo))) 3583 return -EFAULT; 3584 3585 return post_copy_siginfo_from_user32(to, &from); 3586 } 3587 #endif /* CONFIG_COMPAT */ 3588 3589 /** 3590 * do_sigtimedwait - wait for queued signals specified in @which 3591 * @which: queued signals to wait for 3592 * @info: if non-null, the signal's siginfo is returned here 3593 * @ts: upper bound on process time suspension 3594 */ 3595 static int do_sigtimedwait(const sigset_t *which, kernel_siginfo_t *info, 3596 const struct timespec64 *ts) 3597 { 3598 ktime_t *to = NULL, timeout = KTIME_MAX; 3599 struct task_struct *tsk = current; 3600 sigset_t mask = *which; 3601 enum pid_type type; 3602 int sig, ret = 0; 3603 3604 if (ts) { 3605 if (!timespec64_valid(ts)) 3606 return -EINVAL; 3607 timeout = timespec64_to_ktime(*ts); 3608 to = &timeout; 3609 } 3610 3611 /* 3612 * Invert the set of allowed signals to get those we want to block. 3613 */ 3614 sigdelsetmask(&mask, sigmask(SIGKILL) | sigmask(SIGSTOP)); 3615 signotset(&mask); 3616 3617 spin_lock_irq(&tsk->sighand->siglock); 3618 sig = dequeue_signal(&mask, info, &type); 3619 if (!sig && timeout) { 3620 /* 3621 * None ready, temporarily unblock those we're interested 3622 * while we are sleeping in so that we'll be awakened when 3623 * they arrive. Unblocking is always fine, we can avoid 3624 * set_current_blocked(). 3625 */ 3626 tsk->real_blocked = tsk->blocked; 3627 sigandsets(&tsk->blocked, &tsk->blocked, &mask); 3628 recalc_sigpending(); 3629 spin_unlock_irq(&tsk->sighand->siglock); 3630 3631 __set_current_state(TASK_INTERRUPTIBLE|TASK_FREEZABLE); 3632 ret = schedule_hrtimeout_range(to, tsk->timer_slack_ns, 3633 HRTIMER_MODE_REL); 3634 spin_lock_irq(&tsk->sighand->siglock); 3635 __set_task_blocked(tsk, &tsk->real_blocked); 3636 sigemptyset(&tsk->real_blocked); 3637 sig = dequeue_signal(&mask, info, &type); 3638 } 3639 spin_unlock_irq(&tsk->sighand->siglock); 3640 3641 if (sig) 3642 return sig; 3643 return ret ? -EINTR : -EAGAIN; 3644 } 3645 3646 /** 3647 * sys_rt_sigtimedwait - synchronously wait for queued signals specified 3648 * in @uthese 3649 * @uthese: queued signals to wait for 3650 * @uinfo: if non-null, the signal's siginfo is returned here 3651 * @uts: upper bound on process time suspension 3652 * @sigsetsize: size of sigset_t type 3653 */ 3654 SYSCALL_DEFINE4(rt_sigtimedwait, const sigset_t __user *, uthese, 3655 siginfo_t __user *, uinfo, 3656 const struct __kernel_timespec __user *, uts, 3657 size_t, sigsetsize) 3658 { 3659 sigset_t these; 3660 struct timespec64 ts; 3661 kernel_siginfo_t info; 3662 int ret; 3663 3664 /* XXX: Don't preclude handling different sized sigset_t's. */ 3665 if (sigsetsize != sizeof(sigset_t)) 3666 return -EINVAL; 3667 3668 if (copy_from_user(&these, uthese, sizeof(these))) 3669 return -EFAULT; 3670 3671 if (uts) { 3672 if (get_timespec64(&ts, uts)) 3673 return -EFAULT; 3674 } 3675 3676 ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL); 3677 3678 if (ret > 0 && uinfo) { 3679 if (copy_siginfo_to_user(uinfo, &info)) 3680 ret = -EFAULT; 3681 } 3682 3683 return ret; 3684 } 3685 3686 #ifdef CONFIG_COMPAT_32BIT_TIME 3687 SYSCALL_DEFINE4(rt_sigtimedwait_time32, const sigset_t __user *, uthese, 3688 siginfo_t __user *, uinfo, 3689 const struct old_timespec32 __user *, uts, 3690 size_t, sigsetsize) 3691 { 3692 sigset_t these; 3693 struct timespec64 ts; 3694 kernel_siginfo_t info; 3695 int ret; 3696 3697 if (sigsetsize != sizeof(sigset_t)) 3698 return -EINVAL; 3699 3700 if (copy_from_user(&these, uthese, sizeof(these))) 3701 return -EFAULT; 3702 3703 if (uts) { 3704 if (get_old_timespec32(&ts, uts)) 3705 return -EFAULT; 3706 } 3707 3708 ret = do_sigtimedwait(&these, &info, uts ? &ts : NULL); 3709 3710 if (ret > 0 && uinfo) { 3711 if (copy_siginfo_to_user(uinfo, &info)) 3712 ret = -EFAULT; 3713 } 3714 3715 return ret; 3716 } 3717 #endif 3718 3719 #ifdef CONFIG_COMPAT 3720 COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time64, compat_sigset_t __user *, uthese, 3721 struct compat_siginfo __user *, uinfo, 3722 struct __kernel_timespec __user *, uts, compat_size_t, sigsetsize) 3723 { 3724 sigset_t s; 3725 struct timespec64 t; 3726 kernel_siginfo_t info; 3727 long ret; 3728 3729 if (sigsetsize != sizeof(sigset_t)) 3730 return -EINVAL; 3731 3732 if (get_compat_sigset(&s, uthese)) 3733 return -EFAULT; 3734 3735 if (uts) { 3736 if (get_timespec64(&t, uts)) 3737 return -EFAULT; 3738 } 3739 3740 ret = do_sigtimedwait(&s, &info, uts ? &t : NULL); 3741 3742 if (ret > 0 && uinfo) { 3743 if (copy_siginfo_to_user32(uinfo, &info)) 3744 ret = -EFAULT; 3745 } 3746 3747 return ret; 3748 } 3749 3750 #ifdef CONFIG_COMPAT_32BIT_TIME 3751 COMPAT_SYSCALL_DEFINE4(rt_sigtimedwait_time32, compat_sigset_t __user *, uthese, 3752 struct compat_siginfo __user *, uinfo, 3753 struct old_timespec32 __user *, uts, compat_size_t, sigsetsize) 3754 { 3755 sigset_t s; 3756 struct timespec64 t; 3757 kernel_siginfo_t info; 3758 long ret; 3759 3760 if (sigsetsize != sizeof(sigset_t)) 3761 return -EINVAL; 3762 3763 if (get_compat_sigset(&s, uthese)) 3764 return -EFAULT; 3765 3766 if (uts) { 3767 if (get_old_timespec32(&t, uts)) 3768 return -EFAULT; 3769 } 3770 3771 ret = do_sigtimedwait(&s, &info, uts ? &t : NULL); 3772 3773 if (ret > 0 && uinfo) { 3774 if (copy_siginfo_to_user32(uinfo, &info)) 3775 ret = -EFAULT; 3776 } 3777 3778 return ret; 3779 } 3780 #endif 3781 #endif 3782 3783 static void prepare_kill_siginfo(int sig, struct kernel_siginfo *info, 3784 enum pid_type type) 3785 { 3786 clear_siginfo(info); 3787 info->si_signo = sig; 3788 info->si_errno = 0; 3789 info->si_code = (type == PIDTYPE_PID) ? SI_TKILL : SI_USER; 3790 info->si_pid = task_tgid_vnr(current); 3791 info->si_uid = from_kuid_munged(current_user_ns(), current_uid()); 3792 } 3793 3794 /** 3795 * sys_kill - send a signal to a process 3796 * @pid: the PID of the process 3797 * @sig: signal to be sent 3798 */ 3799 SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) 3800 { 3801 struct kernel_siginfo info; 3802 3803 prepare_kill_siginfo(sig, &info, PIDTYPE_TGID); 3804 3805 return kill_something_info(sig, &info, pid); 3806 } 3807 3808 /* 3809 * Verify that the signaler and signalee either are in the same pid namespace 3810 * or that the signaler's pid namespace is an ancestor of the signalee's pid 3811 * namespace. 3812 */ 3813 static bool access_pidfd_pidns(struct pid *pid) 3814 { 3815 struct pid_namespace *active = task_active_pid_ns(current); 3816 struct pid_namespace *p = ns_of_pid(pid); 3817 3818 for (;;) { 3819 if (!p) 3820 return false; 3821 if (p == active) 3822 break; 3823 p = p->parent; 3824 } 3825 3826 return true; 3827 } 3828 3829 static int copy_siginfo_from_user_any(kernel_siginfo_t *kinfo, 3830 siginfo_t __user *info) 3831 { 3832 #ifdef CONFIG_COMPAT 3833 /* 3834 * Avoid hooking up compat syscalls and instead handle necessary 3835 * conversions here. Note, this is a stop-gap measure and should not be 3836 * considered a generic solution. 3837 */ 3838 if (in_compat_syscall()) 3839 return copy_siginfo_from_user32( 3840 kinfo, (struct compat_siginfo __user *)info); 3841 #endif 3842 return copy_siginfo_from_user(kinfo, info); 3843 } 3844 3845 static struct pid *pidfd_to_pid(const struct file *file) 3846 { 3847 struct pid *pid; 3848 3849 pid = pidfd_pid(file); 3850 if (!IS_ERR(pid)) 3851 return pid; 3852 3853 return tgid_pidfd_to_pid(file); 3854 } 3855 3856 #define PIDFD_SEND_SIGNAL_FLAGS \ 3857 (PIDFD_SIGNAL_THREAD | PIDFD_SIGNAL_THREAD_GROUP | \ 3858 PIDFD_SIGNAL_PROCESS_GROUP) 3859 3860 /** 3861 * sys_pidfd_send_signal - Signal a process through a pidfd 3862 * @pidfd: file descriptor of the process 3863 * @sig: signal to send 3864 * @info: signal info 3865 * @flags: future flags 3866 * 3867 * Send the signal to the thread group or to the individual thread depending 3868 * on PIDFD_THREAD. 3869 * In the future extension to @flags may be used to override the default scope 3870 * of @pidfd. 3871 * 3872 * Return: 0 on success, negative errno on failure 3873 */ 3874 SYSCALL_DEFINE4(pidfd_send_signal, int, pidfd, int, sig, 3875 siginfo_t __user *, info, unsigned int, flags) 3876 { 3877 int ret; 3878 struct fd f; 3879 struct pid *pid; 3880 kernel_siginfo_t kinfo; 3881 enum pid_type type; 3882 3883 /* Enforce flags be set to 0 until we add an extension. */ 3884 if (flags & ~PIDFD_SEND_SIGNAL_FLAGS) 3885 return -EINVAL; 3886 3887 /* Ensure that only a single signal scope determining flag is set. */ 3888 if (hweight32(flags & PIDFD_SEND_SIGNAL_FLAGS) > 1) 3889 return -EINVAL; 3890 3891 f = fdget(pidfd); 3892 if (!fd_file(f)) 3893 return -EBADF; 3894 3895 /* Is this a pidfd? */ 3896 pid = pidfd_to_pid(fd_file(f)); 3897 if (IS_ERR(pid)) { 3898 ret = PTR_ERR(pid); 3899 goto err; 3900 } 3901 3902 ret = -EINVAL; 3903 if (!access_pidfd_pidns(pid)) 3904 goto err; 3905 3906 switch (flags) { 3907 case 0: 3908 /* Infer scope from the type of pidfd. */ 3909 if (fd_file(f)->f_flags & PIDFD_THREAD) 3910 type = PIDTYPE_PID; 3911 else 3912 type = PIDTYPE_TGID; 3913 break; 3914 case PIDFD_SIGNAL_THREAD: 3915 type = PIDTYPE_PID; 3916 break; 3917 case PIDFD_SIGNAL_THREAD_GROUP: 3918 type = PIDTYPE_TGID; 3919 break; 3920 case PIDFD_SIGNAL_PROCESS_GROUP: 3921 type = PIDTYPE_PGID; 3922 break; 3923 } 3924 3925 if (info) { 3926 ret = copy_siginfo_from_user_any(&kinfo, info); 3927 if (unlikely(ret)) 3928 goto err; 3929 3930 ret = -EINVAL; 3931 if (unlikely(sig != kinfo.si_signo)) 3932 goto err; 3933 3934 /* Only allow sending arbitrary signals to yourself. */ 3935 ret = -EPERM; 3936 if ((task_pid(current) != pid || type > PIDTYPE_TGID) && 3937 (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL)) 3938 goto err; 3939 } else { 3940 prepare_kill_siginfo(sig, &kinfo, type); 3941 } 3942 3943 if (type == PIDTYPE_PGID) 3944 ret = kill_pgrp_info(sig, &kinfo, pid); 3945 else 3946 ret = kill_pid_info_type(sig, &kinfo, pid, type); 3947 err: 3948 fdput(f); 3949 return ret; 3950 } 3951 3952 static int 3953 do_send_specific(pid_t tgid, pid_t pid, int sig, struct kernel_siginfo *info) 3954 { 3955 struct task_struct *p; 3956 int error = -ESRCH; 3957 3958 rcu_read_lock(); 3959 p = find_task_by_vpid(pid); 3960 if (p && (tgid <= 0 || task_tgid_vnr(p) == tgid)) { 3961 error = check_kill_permission(sig, info, p); 3962 /* 3963 * The null signal is a permissions and process existence 3964 * probe. No signal is actually delivered. 3965 */ 3966 if (!error && sig) { 3967 error = do_send_sig_info(sig, info, p, PIDTYPE_PID); 3968 /* 3969 * If lock_task_sighand() failed we pretend the task 3970 * dies after receiving the signal. The window is tiny, 3971 * and the signal is private anyway. 3972 */ 3973 if (unlikely(error == -ESRCH)) 3974 error = 0; 3975 } 3976 } 3977 rcu_read_unlock(); 3978 3979 return error; 3980 } 3981 3982 static int do_tkill(pid_t tgid, pid_t pid, int sig) 3983 { 3984 struct kernel_siginfo info; 3985 3986 prepare_kill_siginfo(sig, &info, PIDTYPE_PID); 3987 3988 return do_send_specific(tgid, pid, sig, &info); 3989 } 3990 3991 /** 3992 * sys_tgkill - send signal to one specific thread 3993 * @tgid: the thread group ID of the thread 3994 * @pid: the PID of the thread 3995 * @sig: signal to be sent 3996 * 3997 * This syscall also checks the @tgid and returns -ESRCH even if the PID 3998 * exists but it's not belonging to the target process anymore. This 3999 * method solves the problem of threads exiting and PIDs getting reused. 4000 */ 4001 SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid_t, pid, int, sig) 4002 { 4003 /* This is only valid for single tasks */ 4004 if (pid <= 0 || tgid <= 0) 4005 return -EINVAL; 4006 4007 return do_tkill(tgid, pid, sig); 4008 } 4009 4010 /** 4011 * sys_tkill - send signal to one specific task 4012 * @pid: the PID of the task 4013 * @sig: signal to be sent 4014 * 4015 * Send a signal to only one task, even if it's a CLONE_THREAD task. 4016 */ 4017 SYSCALL_DEFINE2(tkill, pid_t, pid, int, sig) 4018 { 4019 /* This is only valid for single tasks */ 4020 if (pid <= 0) 4021 return -EINVAL; 4022 4023 return do_tkill(0, pid, sig); 4024 } 4025 4026 static int do_rt_sigqueueinfo(pid_t pid, int sig, kernel_siginfo_t *info) 4027 { 4028 /* Not even root can pretend to send signals from the kernel. 4029 * Nor can they impersonate a kill()/tgkill(), which adds source info. 4030 */ 4031 if ((info->si_code >= 0 || info->si_code == SI_TKILL) && 4032 (task_pid_vnr(current) != pid)) 4033 return -EPERM; 4034 4035 /* POSIX.1b doesn't mention process groups. */ 4036 return kill_proc_info(sig, info, pid); 4037 } 4038 4039 /** 4040 * sys_rt_sigqueueinfo - send signal information to a signal 4041 * @pid: the PID of the thread 4042 * @sig: signal to be sent 4043 * @uinfo: signal info to be sent 4044 */ 4045 SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t, pid, int, sig, 4046 siginfo_t __user *, uinfo) 4047 { 4048 kernel_siginfo_t info; 4049 int ret = __copy_siginfo_from_user(sig, &info, uinfo); 4050 if (unlikely(ret)) 4051 return ret; 4052 return do_rt_sigqueueinfo(pid, sig, &info); 4053 } 4054 4055 #ifdef CONFIG_COMPAT 4056 COMPAT_SYSCALL_DEFINE3(rt_sigqueueinfo, 4057 compat_pid_t, pid, 4058 int, sig, 4059 struct compat_siginfo __user *, uinfo) 4060 { 4061 kernel_siginfo_t info; 4062 int ret = __copy_siginfo_from_user32(sig, &info, uinfo); 4063 if (unlikely(ret)) 4064 return ret; 4065 return do_rt_sigqueueinfo(pid, sig, &info); 4066 } 4067 #endif 4068 4069 static int do_rt_tgsigqueueinfo(pid_t tgid, pid_t pid, int sig, kernel_siginfo_t *info) 4070 { 4071 /* This is only valid for single tasks */ 4072 if (pid <= 0 || tgid <= 0) 4073 return -EINVAL; 4074 4075 /* Not even root can pretend to send signals from the kernel. 4076 * Nor can they impersonate a kill()/tgkill(), which adds source info. 4077 */ 4078 if ((info->si_code >= 0 || info->si_code == SI_TKILL) && 4079 (task_pid_vnr(current) != pid)) 4080 return -EPERM; 4081 4082 return do_send_specific(tgid, pid, sig, info); 4083 } 4084 4085 SYSCALL_DEFINE4(rt_tgsigqueueinfo, pid_t, tgid, pid_t, pid, int, sig, 4086 siginfo_t __user *, uinfo) 4087 { 4088 kernel_siginfo_t info; 4089 int ret = __copy_siginfo_from_user(sig, &info, uinfo); 4090 if (unlikely(ret)) 4091 return ret; 4092 return do_rt_tgsigqueueinfo(tgid, pid, sig, &info); 4093 } 4094 4095 #ifdef CONFIG_COMPAT 4096 COMPAT_SYSCALL_DEFINE4(rt_tgsigqueueinfo, 4097 compat_pid_t, tgid, 4098 compat_pid_t, pid, 4099 int, sig, 4100 struct compat_siginfo __user *, uinfo) 4101 { 4102 kernel_siginfo_t info; 4103 int ret = __copy_siginfo_from_user32(sig, &info, uinfo); 4104 if (unlikely(ret)) 4105 return ret; 4106 return do_rt_tgsigqueueinfo(tgid, pid, sig, &info); 4107 } 4108 #endif 4109 4110 /* 4111 * For kthreads only, must not be used if cloned with CLONE_SIGHAND 4112 */ 4113 void kernel_sigaction(int sig, __sighandler_t action) 4114 { 4115 spin_lock_irq(¤t->sighand->siglock); 4116 current->sighand->action[sig - 1].sa.sa_handler = action; 4117 if (action == SIG_IGN) { 4118 sigset_t mask; 4119 4120 sigemptyset(&mask); 4121 sigaddset(&mask, sig); 4122 4123 flush_sigqueue_mask(current, &mask, ¤t->signal->shared_pending); 4124 flush_sigqueue_mask(current, &mask, ¤t->pending); 4125 recalc_sigpending(); 4126 } 4127 spin_unlock_irq(¤t->sighand->siglock); 4128 } 4129 EXPORT_SYMBOL(kernel_sigaction); 4130 4131 void __weak sigaction_compat_abi(struct k_sigaction *act, 4132 struct k_sigaction *oact) 4133 { 4134 } 4135 4136 int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact) 4137 { 4138 struct task_struct *p = current, *t; 4139 struct k_sigaction *k; 4140 sigset_t mask; 4141 4142 if (!valid_signal(sig) || sig < 1 || (act && sig_kernel_only(sig))) 4143 return -EINVAL; 4144 4145 k = &p->sighand->action[sig-1]; 4146 4147 spin_lock_irq(&p->sighand->siglock); 4148 if (k->sa.sa_flags & SA_IMMUTABLE) { 4149 spin_unlock_irq(&p->sighand->siglock); 4150 return -EINVAL; 4151 } 4152 if (oact) 4153 *oact = *k; 4154 4155 /* 4156 * Make sure that we never accidentally claim to support SA_UNSUPPORTED, 4157 * e.g. by having an architecture use the bit in their uapi. 4158 */ 4159 BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED); 4160 4161 /* 4162 * Clear unknown flag bits in order to allow userspace to detect missing 4163 * support for flag bits and to allow the kernel to use non-uapi bits 4164 * internally. 4165 */ 4166 if (act) 4167 act->sa.sa_flags &= UAPI_SA_FLAGS; 4168 if (oact) 4169 oact->sa.sa_flags &= UAPI_SA_FLAGS; 4170 4171 sigaction_compat_abi(act, oact); 4172 4173 if (act) { 4174 sigdelsetmask(&act->sa.sa_mask, 4175 sigmask(SIGKILL) | sigmask(SIGSTOP)); 4176 *k = *act; 4177 /* 4178 * POSIX 3.3.1.3: 4179 * "Setting a signal action to SIG_IGN for a signal that is 4180 * pending shall cause the pending signal to be discarded, 4181 * whether or not it is blocked." 4182 * 4183 * "Setting a signal action to SIG_DFL for a signal that is 4184 * pending and whose default action is to ignore the signal 4185 * (for example, SIGCHLD), shall cause the pending signal to 4186 * be discarded, whether or not it is blocked" 4187 */ 4188 if (sig_handler_ignored(sig_handler(p, sig), sig)) { 4189 sigemptyset(&mask); 4190 sigaddset(&mask, sig); 4191 flush_sigqueue_mask(p, &mask, &p->signal->shared_pending); 4192 for_each_thread(p, t) 4193 flush_sigqueue_mask(p, &mask, &t->pending); 4194 } 4195 } 4196 4197 spin_unlock_irq(&p->sighand->siglock); 4198 return 0; 4199 } 4200 4201 #ifdef CONFIG_DYNAMIC_SIGFRAME 4202 static inline void sigaltstack_lock(void) 4203 __acquires(¤t->sighand->siglock) 4204 { 4205 spin_lock_irq(¤t->sighand->siglock); 4206 } 4207 4208 static inline void sigaltstack_unlock(void) 4209 __releases(¤t->sighand->siglock) 4210 { 4211 spin_unlock_irq(¤t->sighand->siglock); 4212 } 4213 #else 4214 static inline void sigaltstack_lock(void) { } 4215 static inline void sigaltstack_unlock(void) { } 4216 #endif 4217 4218 static int 4219 do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp, 4220 size_t min_ss_size) 4221 { 4222 struct task_struct *t = current; 4223 int ret = 0; 4224 4225 if (oss) { 4226 memset(oss, 0, sizeof(stack_t)); 4227 oss->ss_sp = (void __user *) t->sas_ss_sp; 4228 oss->ss_size = t->sas_ss_size; 4229 oss->ss_flags = sas_ss_flags(sp) | 4230 (current->sas_ss_flags & SS_FLAG_BITS); 4231 } 4232 4233 if (ss) { 4234 void __user *ss_sp = ss->ss_sp; 4235 size_t ss_size = ss->ss_size; 4236 unsigned ss_flags = ss->ss_flags; 4237 int ss_mode; 4238 4239 if (unlikely(on_sig_stack(sp))) 4240 return -EPERM; 4241 4242 ss_mode = ss_flags & ~SS_FLAG_BITS; 4243 if (unlikely(ss_mode != SS_DISABLE && ss_mode != SS_ONSTACK && 4244 ss_mode != 0)) 4245 return -EINVAL; 4246 4247 /* 4248 * Return before taking any locks if no actual 4249 * sigaltstack changes were requested. 4250 */ 4251 if (t->sas_ss_sp == (unsigned long)ss_sp && 4252 t->sas_ss_size == ss_size && 4253 t->sas_ss_flags == ss_flags) 4254 return 0; 4255 4256 sigaltstack_lock(); 4257 if (ss_mode == SS_DISABLE) { 4258 ss_size = 0; 4259 ss_sp = NULL; 4260 } else { 4261 if (unlikely(ss_size < min_ss_size)) 4262 ret = -ENOMEM; 4263 if (!sigaltstack_size_valid(ss_size)) 4264 ret = -ENOMEM; 4265 } 4266 if (!ret) { 4267 t->sas_ss_sp = (unsigned long) ss_sp; 4268 t->sas_ss_size = ss_size; 4269 t->sas_ss_flags = ss_flags; 4270 } 4271 sigaltstack_unlock(); 4272 } 4273 return ret; 4274 } 4275 4276 SYSCALL_DEFINE2(sigaltstack,const stack_t __user *,uss, stack_t __user *,uoss) 4277 { 4278 stack_t new, old; 4279 int err; 4280 if (uss && copy_from_user(&new, uss, sizeof(stack_t))) 4281 return -EFAULT; 4282 err = do_sigaltstack(uss ? &new : NULL, uoss ? &old : NULL, 4283 current_user_stack_pointer(), 4284 MINSIGSTKSZ); 4285 if (!err && uoss && copy_to_user(uoss, &old, sizeof(stack_t))) 4286 err = -EFAULT; 4287 return err; 4288 } 4289 4290 int restore_altstack(const stack_t __user *uss) 4291 { 4292 stack_t new; 4293 if (copy_from_user(&new, uss, sizeof(stack_t))) 4294 return -EFAULT; 4295 (void)do_sigaltstack(&new, NULL, current_user_stack_pointer(), 4296 MINSIGSTKSZ); 4297 /* squash all but EFAULT for now */ 4298 return 0; 4299 } 4300 4301 int __save_altstack(stack_t __user *uss, unsigned long sp) 4302 { 4303 struct task_struct *t = current; 4304 int err = __put_user((void __user *)t->sas_ss_sp, &uss->ss_sp) | 4305 __put_user(t->sas_ss_flags, &uss->ss_flags) | 4306 __put_user(t->sas_ss_size, &uss->ss_size); 4307 return err; 4308 } 4309 4310 #ifdef CONFIG_COMPAT 4311 static int do_compat_sigaltstack(const compat_stack_t __user *uss_ptr, 4312 compat_stack_t __user *uoss_ptr) 4313 { 4314 stack_t uss, uoss; 4315 int ret; 4316 4317 if (uss_ptr) { 4318 compat_stack_t uss32; 4319 if (copy_from_user(&uss32, uss_ptr, sizeof(compat_stack_t))) 4320 return -EFAULT; 4321 uss.ss_sp = compat_ptr(uss32.ss_sp); 4322 uss.ss_flags = uss32.ss_flags; 4323 uss.ss_size = uss32.ss_size; 4324 } 4325 ret = do_sigaltstack(uss_ptr ? &uss : NULL, &uoss, 4326 compat_user_stack_pointer(), 4327 COMPAT_MINSIGSTKSZ); 4328 if (ret >= 0 && uoss_ptr) { 4329 compat_stack_t old; 4330 memset(&old, 0, sizeof(old)); 4331 old.ss_sp = ptr_to_compat(uoss.ss_sp); 4332 old.ss_flags = uoss.ss_flags; 4333 old.ss_size = uoss.ss_size; 4334 if (copy_to_user(uoss_ptr, &old, sizeof(compat_stack_t))) 4335 ret = -EFAULT; 4336 } 4337 return ret; 4338 } 4339 4340 COMPAT_SYSCALL_DEFINE2(sigaltstack, 4341 const compat_stack_t __user *, uss_ptr, 4342 compat_stack_t __user *, uoss_ptr) 4343 { 4344 return do_compat_sigaltstack(uss_ptr, uoss_ptr); 4345 } 4346 4347 int compat_restore_altstack(const compat_stack_t __user *uss) 4348 { 4349 int err = do_compat_sigaltstack(uss, NULL); 4350 /* squash all but -EFAULT for now */ 4351 return err == -EFAULT ? err : 0; 4352 } 4353 4354 int __compat_save_altstack(compat_stack_t __user *uss, unsigned long sp) 4355 { 4356 int err; 4357 struct task_struct *t = current; 4358 err = __put_user(ptr_to_compat((void __user *)t->sas_ss_sp), 4359 &uss->ss_sp) | 4360 __put_user(t->sas_ss_flags, &uss->ss_flags) | 4361 __put_user(t->sas_ss_size, &uss->ss_size); 4362 return err; 4363 } 4364 #endif 4365 4366 #ifdef __ARCH_WANT_SYS_SIGPENDING 4367 4368 /** 4369 * sys_sigpending - examine pending signals 4370 * @uset: where mask of pending signal is returned 4371 */ 4372 SYSCALL_DEFINE1(sigpending, old_sigset_t __user *, uset) 4373 { 4374 sigset_t set; 4375 4376 if (sizeof(old_sigset_t) > sizeof(*uset)) 4377 return -EINVAL; 4378 4379 do_sigpending(&set); 4380 4381 if (copy_to_user(uset, &set, sizeof(old_sigset_t))) 4382 return -EFAULT; 4383 4384 return 0; 4385 } 4386 4387 #ifdef CONFIG_COMPAT 4388 COMPAT_SYSCALL_DEFINE1(sigpending, compat_old_sigset_t __user *, set32) 4389 { 4390 sigset_t set; 4391 4392 do_sigpending(&set); 4393 4394 return put_user(set.sig[0], set32); 4395 } 4396 #endif 4397 4398 #endif 4399 4400 #ifdef __ARCH_WANT_SYS_SIGPROCMASK 4401 /** 4402 * sys_sigprocmask - examine and change blocked signals 4403 * @how: whether to add, remove, or set signals 4404 * @nset: signals to add or remove (if non-null) 4405 * @oset: previous value of signal mask if non-null 4406 * 4407 * Some platforms have their own version with special arguments; 4408 * others support only sys_rt_sigprocmask. 4409 */ 4410 4411 SYSCALL_DEFINE3(sigprocmask, int, how, old_sigset_t __user *, nset, 4412 old_sigset_t __user *, oset) 4413 { 4414 old_sigset_t old_set, new_set; 4415 sigset_t new_blocked; 4416 4417 old_set = current->blocked.sig[0]; 4418 4419 if (nset) { 4420 if (copy_from_user(&new_set, nset, sizeof(*nset))) 4421 return -EFAULT; 4422 4423 new_blocked = current->blocked; 4424 4425 switch (how) { 4426 case SIG_BLOCK: 4427 sigaddsetmask(&new_blocked, new_set); 4428 break; 4429 case SIG_UNBLOCK: 4430 sigdelsetmask(&new_blocked, new_set); 4431 break; 4432 case SIG_SETMASK: 4433 new_blocked.sig[0] = new_set; 4434 break; 4435 default: 4436 return -EINVAL; 4437 } 4438 4439 set_current_blocked(&new_blocked); 4440 } 4441 4442 if (oset) { 4443 if (copy_to_user(oset, &old_set, sizeof(*oset))) 4444 return -EFAULT; 4445 } 4446 4447 return 0; 4448 } 4449 #endif /* __ARCH_WANT_SYS_SIGPROCMASK */ 4450 4451 #ifndef CONFIG_ODD_RT_SIGACTION 4452 /** 4453 * sys_rt_sigaction - alter an action taken by a process 4454 * @sig: signal to be sent 4455 * @act: new sigaction 4456 * @oact: used to save the previous sigaction 4457 * @sigsetsize: size of sigset_t type 4458 */ 4459 SYSCALL_DEFINE4(rt_sigaction, int, sig, 4460 const struct sigaction __user *, act, 4461 struct sigaction __user *, oact, 4462 size_t, sigsetsize) 4463 { 4464 struct k_sigaction new_sa, old_sa; 4465 int ret; 4466 4467 /* XXX: Don't preclude handling different sized sigset_t's. */ 4468 if (sigsetsize != sizeof(sigset_t)) 4469 return -EINVAL; 4470 4471 if (act && copy_from_user(&new_sa.sa, act, sizeof(new_sa.sa))) 4472 return -EFAULT; 4473 4474 ret = do_sigaction(sig, act ? &new_sa : NULL, oact ? &old_sa : NULL); 4475 if (ret) 4476 return ret; 4477 4478 if (oact && copy_to_user(oact, &old_sa.sa, sizeof(old_sa.sa))) 4479 return -EFAULT; 4480 4481 return 0; 4482 } 4483 #ifdef CONFIG_COMPAT 4484 COMPAT_SYSCALL_DEFINE4(rt_sigaction, int, sig, 4485 const struct compat_sigaction __user *, act, 4486 struct compat_sigaction __user *, oact, 4487 compat_size_t, sigsetsize) 4488 { 4489 struct k_sigaction new_ka, old_ka; 4490 #ifdef __ARCH_HAS_SA_RESTORER 4491 compat_uptr_t restorer; 4492 #endif 4493 int ret; 4494 4495 /* XXX: Don't preclude handling different sized sigset_t's. */ 4496 if (sigsetsize != sizeof(compat_sigset_t)) 4497 return -EINVAL; 4498 4499 if (act) { 4500 compat_uptr_t handler; 4501 ret = get_user(handler, &act->sa_handler); 4502 new_ka.sa.sa_handler = compat_ptr(handler); 4503 #ifdef __ARCH_HAS_SA_RESTORER 4504 ret |= get_user(restorer, &act->sa_restorer); 4505 new_ka.sa.sa_restorer = compat_ptr(restorer); 4506 #endif 4507 ret |= get_compat_sigset(&new_ka.sa.sa_mask, &act->sa_mask); 4508 ret |= get_user(new_ka.sa.sa_flags, &act->sa_flags); 4509 if (ret) 4510 return -EFAULT; 4511 } 4512 4513 ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL); 4514 if (!ret && oact) { 4515 ret = put_user(ptr_to_compat(old_ka.sa.sa_handler), 4516 &oact->sa_handler); 4517 ret |= put_compat_sigset(&oact->sa_mask, &old_ka.sa.sa_mask, 4518 sizeof(oact->sa_mask)); 4519 ret |= put_user(old_ka.sa.sa_flags, &oact->sa_flags); 4520 #ifdef __ARCH_HAS_SA_RESTORER 4521 ret |= put_user(ptr_to_compat(old_ka.sa.sa_restorer), 4522 &oact->sa_restorer); 4523 #endif 4524 } 4525 return ret; 4526 } 4527 #endif 4528 #endif /* !CONFIG_ODD_RT_SIGACTION */ 4529 4530 #ifdef CONFIG_OLD_SIGACTION 4531 SYSCALL_DEFINE3(sigaction, int, sig, 4532 const struct old_sigaction __user *, act, 4533 struct old_sigaction __user *, oact) 4534 { 4535 struct k_sigaction new_ka, old_ka; 4536 int ret; 4537 4538 if (act) { 4539 old_sigset_t mask; 4540 if (!access_ok(act, sizeof(*act)) || 4541 __get_user(new_ka.sa.sa_handler, &act->sa_handler) || 4542 __get_user(new_ka.sa.sa_restorer, &act->sa_restorer) || 4543 __get_user(new_ka.sa.sa_flags, &act->sa_flags) || 4544 __get_user(mask, &act->sa_mask)) 4545 return -EFAULT; 4546 #ifdef __ARCH_HAS_KA_RESTORER 4547 new_ka.ka_restorer = NULL; 4548 #endif 4549 siginitset(&new_ka.sa.sa_mask, mask); 4550 } 4551 4552 ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL); 4553 4554 if (!ret && oact) { 4555 if (!access_ok(oact, sizeof(*oact)) || 4556 __put_user(old_ka.sa.sa_handler, &oact->sa_handler) || 4557 __put_user(old_ka.sa.sa_restorer, &oact->sa_restorer) || 4558 __put_user(old_ka.sa.sa_flags, &oact->sa_flags) || 4559 __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask)) 4560 return -EFAULT; 4561 } 4562 4563 return ret; 4564 } 4565 #endif 4566 #ifdef CONFIG_COMPAT_OLD_SIGACTION 4567 COMPAT_SYSCALL_DEFINE3(sigaction, int, sig, 4568 const struct compat_old_sigaction __user *, act, 4569 struct compat_old_sigaction __user *, oact) 4570 { 4571 struct k_sigaction new_ka, old_ka; 4572 int ret; 4573 compat_old_sigset_t mask; 4574 compat_uptr_t handler, restorer; 4575 4576 if (act) { 4577 if (!access_ok(act, sizeof(*act)) || 4578 __get_user(handler, &act->sa_handler) || 4579 __get_user(restorer, &act->sa_restorer) || 4580 __get_user(new_ka.sa.sa_flags, &act->sa_flags) || 4581 __get_user(mask, &act->sa_mask)) 4582 return -EFAULT; 4583 4584 #ifdef __ARCH_HAS_KA_RESTORER 4585 new_ka.ka_restorer = NULL; 4586 #endif 4587 new_ka.sa.sa_handler = compat_ptr(handler); 4588 new_ka.sa.sa_restorer = compat_ptr(restorer); 4589 siginitset(&new_ka.sa.sa_mask, mask); 4590 } 4591 4592 ret = do_sigaction(sig, act ? &new_ka : NULL, oact ? &old_ka : NULL); 4593 4594 if (!ret && oact) { 4595 if (!access_ok(oact, sizeof(*oact)) || 4596 __put_user(ptr_to_compat(old_ka.sa.sa_handler), 4597 &oact->sa_handler) || 4598 __put_user(ptr_to_compat(old_ka.sa.sa_restorer), 4599 &oact->sa_restorer) || 4600 __put_user(old_ka.sa.sa_flags, &oact->sa_flags) || 4601 __put_user(old_ka.sa.sa_mask.sig[0], &oact->sa_mask)) 4602 return -EFAULT; 4603 } 4604 return ret; 4605 } 4606 #endif 4607 4608 #ifdef CONFIG_SGETMASK_SYSCALL 4609 4610 /* 4611 * For backwards compatibility. Functionality superseded by sigprocmask. 4612 */ 4613 SYSCALL_DEFINE0(sgetmask) 4614 { 4615 /* SMP safe */ 4616 return current->blocked.sig[0]; 4617 } 4618 4619 SYSCALL_DEFINE1(ssetmask, int, newmask) 4620 { 4621 int old = current->blocked.sig[0]; 4622 sigset_t newset; 4623 4624 siginitset(&newset, newmask); 4625 set_current_blocked(&newset); 4626 4627 return old; 4628 } 4629 #endif /* CONFIG_SGETMASK_SYSCALL */ 4630 4631 #ifdef __ARCH_WANT_SYS_SIGNAL 4632 /* 4633 * For backwards compatibility. Functionality superseded by sigaction. 4634 */ 4635 SYSCALL_DEFINE2(signal, int, sig, __sighandler_t, handler) 4636 { 4637 struct k_sigaction new_sa, old_sa; 4638 int ret; 4639 4640 new_sa.sa.sa_handler = handler; 4641 new_sa.sa.sa_flags = SA_ONESHOT | SA_NOMASK; 4642 sigemptyset(&new_sa.sa.sa_mask); 4643 4644 ret = do_sigaction(sig, &new_sa, &old_sa); 4645 4646 return ret ? ret : (unsigned long)old_sa.sa.sa_handler; 4647 } 4648 #endif /* __ARCH_WANT_SYS_SIGNAL */ 4649 4650 #ifdef __ARCH_WANT_SYS_PAUSE 4651 4652 SYSCALL_DEFINE0(pause) 4653 { 4654 while (!signal_pending(current)) { 4655 __set_current_state(TASK_INTERRUPTIBLE); 4656 schedule(); 4657 } 4658 return -ERESTARTNOHAND; 4659 } 4660 4661 #endif 4662 4663 static int sigsuspend(sigset_t *set) 4664 { 4665 current->saved_sigmask = current->blocked; 4666 set_current_blocked(set); 4667 4668 while (!signal_pending(current)) { 4669 __set_current_state(TASK_INTERRUPTIBLE); 4670 schedule(); 4671 } 4672 set_restore_sigmask(); 4673 return -ERESTARTNOHAND; 4674 } 4675 4676 /** 4677 * sys_rt_sigsuspend - replace the signal mask for a value with the 4678 * @unewset value until a signal is received 4679 * @unewset: new signal mask value 4680 * @sigsetsize: size of sigset_t type 4681 */ 4682 SYSCALL_DEFINE2(rt_sigsuspend, sigset_t __user *, unewset, size_t, sigsetsize) 4683 { 4684 sigset_t newset; 4685 4686 /* XXX: Don't preclude handling different sized sigset_t's. */ 4687 if (sigsetsize != sizeof(sigset_t)) 4688 return -EINVAL; 4689 4690 if (copy_from_user(&newset, unewset, sizeof(newset))) 4691 return -EFAULT; 4692 return sigsuspend(&newset); 4693 } 4694 4695 #ifdef CONFIG_COMPAT 4696 COMPAT_SYSCALL_DEFINE2(rt_sigsuspend, compat_sigset_t __user *, unewset, compat_size_t, sigsetsize) 4697 { 4698 sigset_t newset; 4699 4700 /* XXX: Don't preclude handling different sized sigset_t's. */ 4701 if (sigsetsize != sizeof(sigset_t)) 4702 return -EINVAL; 4703 4704 if (get_compat_sigset(&newset, unewset)) 4705 return -EFAULT; 4706 return sigsuspend(&newset); 4707 } 4708 #endif 4709 4710 #ifdef CONFIG_OLD_SIGSUSPEND 4711 SYSCALL_DEFINE1(sigsuspend, old_sigset_t, mask) 4712 { 4713 sigset_t blocked; 4714 siginitset(&blocked, mask); 4715 return sigsuspend(&blocked); 4716 } 4717 #endif 4718 #ifdef CONFIG_OLD_SIGSUSPEND3 4719 SYSCALL_DEFINE3(sigsuspend, int, unused1, int, unused2, old_sigset_t, mask) 4720 { 4721 sigset_t blocked; 4722 siginitset(&blocked, mask); 4723 return sigsuspend(&blocked); 4724 } 4725 #endif 4726 4727 __weak const char *arch_vma_name(struct vm_area_struct *vma) 4728 { 4729 return NULL; 4730 } 4731 4732 static inline void siginfo_buildtime_checks(void) 4733 { 4734 BUILD_BUG_ON(sizeof(struct siginfo) != SI_MAX_SIZE); 4735 4736 /* Verify the offsets in the two siginfos match */ 4737 #define CHECK_OFFSET(field) \ 4738 BUILD_BUG_ON(offsetof(siginfo_t, field) != offsetof(kernel_siginfo_t, field)) 4739 4740 /* kill */ 4741 CHECK_OFFSET(si_pid); 4742 CHECK_OFFSET(si_uid); 4743 4744 /* timer */ 4745 CHECK_OFFSET(si_tid); 4746 CHECK_OFFSET(si_overrun); 4747 CHECK_OFFSET(si_value); 4748 4749 /* rt */ 4750 CHECK_OFFSET(si_pid); 4751 CHECK_OFFSET(si_uid); 4752 CHECK_OFFSET(si_value); 4753 4754 /* sigchld */ 4755 CHECK_OFFSET(si_pid); 4756 CHECK_OFFSET(si_uid); 4757 CHECK_OFFSET(si_status); 4758 CHECK_OFFSET(si_utime); 4759 CHECK_OFFSET(si_stime); 4760 4761 /* sigfault */ 4762 CHECK_OFFSET(si_addr); 4763 CHECK_OFFSET(si_trapno); 4764 CHECK_OFFSET(si_addr_lsb); 4765 CHECK_OFFSET(si_lower); 4766 CHECK_OFFSET(si_upper); 4767 CHECK_OFFSET(si_pkey); 4768 CHECK_OFFSET(si_perf_data); 4769 CHECK_OFFSET(si_perf_type); 4770 CHECK_OFFSET(si_perf_flags); 4771 4772 /* sigpoll */ 4773 CHECK_OFFSET(si_band); 4774 CHECK_OFFSET(si_fd); 4775 4776 /* sigsys */ 4777 CHECK_OFFSET(si_call_addr); 4778 CHECK_OFFSET(si_syscall); 4779 CHECK_OFFSET(si_arch); 4780 #undef CHECK_OFFSET 4781 4782 /* usb asyncio */ 4783 BUILD_BUG_ON(offsetof(struct siginfo, si_pid) != 4784 offsetof(struct siginfo, si_addr)); 4785 if (sizeof(int) == sizeof(void __user *)) { 4786 BUILD_BUG_ON(sizeof_field(struct siginfo, si_pid) != 4787 sizeof(void __user *)); 4788 } else { 4789 BUILD_BUG_ON((sizeof_field(struct siginfo, si_pid) + 4790 sizeof_field(struct siginfo, si_uid)) != 4791 sizeof(void __user *)); 4792 BUILD_BUG_ON(offsetofend(struct siginfo, si_pid) != 4793 offsetof(struct siginfo, si_uid)); 4794 } 4795 #ifdef CONFIG_COMPAT 4796 BUILD_BUG_ON(offsetof(struct compat_siginfo, si_pid) != 4797 offsetof(struct compat_siginfo, si_addr)); 4798 BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) != 4799 sizeof(compat_uptr_t)); 4800 BUILD_BUG_ON(sizeof_field(struct compat_siginfo, si_pid) != 4801 sizeof_field(struct siginfo, si_pid)); 4802 #endif 4803 } 4804 4805 #if defined(CONFIG_SYSCTL) 4806 static struct ctl_table signal_debug_table[] = { 4807 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE 4808 { 4809 .procname = "exception-trace", 4810 .data = &show_unhandled_signals, 4811 .maxlen = sizeof(int), 4812 .mode = 0644, 4813 .proc_handler = proc_dointvec 4814 }, 4815 #endif 4816 }; 4817 4818 static int __init init_signal_sysctls(void) 4819 { 4820 register_sysctl_init("debug", signal_debug_table); 4821 return 0; 4822 } 4823 early_initcall(init_signal_sysctls); 4824 #endif /* CONFIG_SYSCTL */ 4825 4826 void __init signals_init(void) 4827 { 4828 siginfo_buildtime_checks(); 4829 4830 sigqueue_cachep = KMEM_CACHE(sigqueue, SLAB_PANIC | SLAB_ACCOUNT); 4831 } 4832 4833 #ifdef CONFIG_KGDB_KDB 4834 #include <linux/kdb.h> 4835 /* 4836 * kdb_send_sig - Allows kdb to send signals without exposing 4837 * signal internals. This function checks if the required locks are 4838 * available before calling the main signal code, to avoid kdb 4839 * deadlocks. 4840 */ 4841 void kdb_send_sig(struct task_struct *t, int sig) 4842 { 4843 static struct task_struct *kdb_prev_t; 4844 int new_t, ret; 4845 if (!spin_trylock(&t->sighand->siglock)) { 4846 kdb_printf("Can't do kill command now.\n" 4847 "The sigmask lock is held somewhere else in " 4848 "kernel, try again later\n"); 4849 return; 4850 } 4851 new_t = kdb_prev_t != t; 4852 kdb_prev_t = t; 4853 if (!task_is_running(t) && new_t) { 4854 spin_unlock(&t->sighand->siglock); 4855 kdb_printf("Process is not RUNNING, sending a signal from " 4856 "kdb risks deadlock\n" 4857 "on the run queue locks. " 4858 "The signal has _not_ been sent.\n" 4859 "Reissue the kill command if you want to risk " 4860 "the deadlock.\n"); 4861 return; 4862 } 4863 ret = send_signal_locked(sig, SEND_SIG_PRIV, t, PIDTYPE_PID); 4864 spin_unlock(&t->sighand->siglock); 4865 if (ret) 4866 kdb_printf("Fail to deliver Signal %d to process %d.\n", 4867 sig, t->pid); 4868 else 4869 kdb_printf("Signal %d is sent to process %d.\n", sig, t->pid); 4870 } 4871 #endif /* CONFIG_KGDB_KDB */ 4872