[PATCH v9 3/6] signal: clear non-uapi flag bits when passing/returning sa_flags
Peter Collingbourne
pcc at google.com
Mon Aug 17 23:33:48 EDT 2020
This allows userspace to detect missing support for flag bits and
allows the kernel to use non-uapi bits internally, as we are already
doing in arch/x86 for two flag bits. Now that this change is in
place, we no longer need the code in arch/x86 that was hiding these
bits from userspace, so remove it.
Signed-off-by: Peter Collingbourne <pcc at google.com>
---
View this change in Gerrit: https://linux-review.googlesource.com/q/I35aab6f5be932505d90f3b3450c083b4db1eca86
arch/arm/include/asm/signal.h | 4 ++++
arch/parisc/include/asm/signal.h | 4 ++++
arch/x86/kernel/signal_compat.c | 7 -------
include/linux/signal_types.h | 12 ++++++++++++
kernel/signal.c | 10 ++++++++++
5 files changed, 30 insertions(+), 7 deletions(-)
diff --git a/arch/arm/include/asm/signal.h b/arch/arm/include/asm/signal.h
index 65530a042009..d1070a783993 100644
--- a/arch/arm/include/asm/signal.h
+++ b/arch/arm/include/asm/signal.h
@@ -17,6 +17,10 @@ typedef struct {
unsigned long sig[_NSIG_WORDS];
} sigset_t;
+#define SA_UAPI_FLAGS \
+ (SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_THIRTYTWO | \
+ SA_RESTORER | SA_ONSTACK | SA_RESTART | SA_NODEFER | SA_RESETHAND)
+
#define __ARCH_HAS_SA_RESTORER
#include <asm/sigcontext.h>
diff --git a/arch/parisc/include/asm/signal.h b/arch/parisc/include/asm/signal.h
index 715c96ba2ec8..ad06e14f6e8a 100644
--- a/arch/parisc/include/asm/signal.h
+++ b/arch/parisc/include/asm/signal.h
@@ -21,6 +21,10 @@ typedef struct {
unsigned long sig[_NSIG_WORDS];
} sigset_t;
+#define SA_UAPI_FLAGS \
+ (SA_ONSTACK | SA_RESETHAND | SA_NOCLDSTOP | SA_SIGINFO | SA_NODEFER | \
+ SA_RESTART | SA_NOCLDWAIT | _SA_SIGGFAULT)
+
#include <asm/sigcontext.h>
#endif /* !__ASSEMBLY */
diff --git a/arch/x86/kernel/signal_compat.c b/arch/x86/kernel/signal_compat.c
index 9ccbf0576cd0..c599013ae8cb 100644
--- a/arch/x86/kernel/signal_compat.c
+++ b/arch/x86/kernel/signal_compat.c
@@ -165,16 +165,9 @@ void sigaction_compat_abi(struct k_sigaction *act, struct k_sigaction *oact)
{
signal_compat_build_tests();
- /* Don't leak in-kernel non-uapi flags to user-space */
- if (oact)
- oact->sa.sa_flags &= ~(SA_IA32_ABI | SA_X32_ABI);
-
if (!act)
return;
- /* Don't let flags to be set from userspace */
- act->sa.sa_flags &= ~(SA_IA32_ABI | SA_X32_ABI);
-
if (in_ia32_syscall())
act->sa.sa_flags |= SA_IA32_ABI;
if (in_x32_syscall())
diff --git a/include/linux/signal_types.h b/include/linux/signal_types.h
index f8a90ae9c6ec..e792f29b5846 100644
--- a/include/linux/signal_types.h
+++ b/include/linux/signal_types.h
@@ -68,4 +68,16 @@ struct ksignal {
int sig;
};
+#ifndef SA_UAPI_FLAGS
+#ifdef SA_RESTORER
+#define SA_UAPI_FLAGS \
+ (SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_ONSTACK | SA_RESTART | \
+ SA_NODEFER | SA_RESETHAND | SA_RESTORER)
+#else
+#define SA_UAPI_FLAGS \
+ (SA_NOCLDSTOP | SA_NOCLDWAIT | SA_SIGINFO | SA_ONSTACK | SA_RESTART | \
+ SA_NODEFER | SA_RESETHAND)
+#endif
+#endif
+
#endif /* _LINUX_SIGNAL_TYPES_H */
diff --git a/kernel/signal.c b/kernel/signal.c
index 42b67d2cea37..348b7981f1ff 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -3984,6 +3984,16 @@ int do_sigaction(int sig, struct k_sigaction *act, struct k_sigaction *oact)
if (oact)
*oact = *k;
+ /*
+ * Clear unknown flag bits in order to allow userspace to detect missing
+ * support for flag bits and to allow the kernel to use non-uapi bits
+ * internally.
+ */
+ if (act)
+ act->sa.sa_flags &= SA_UAPI_FLAGS;
+ if (oact)
+ oact->sa.sa_flags &= SA_UAPI_FLAGS;
+
sigaction_compat_abi(act, oact);
if (act) {
--
2.28.0.220.ged08abb693-goog
More information about the linux-arm-kernel
mailing list