From: Greg Kroah-Hartman <gregkh@linuxfoundation•org>
To: linux-kernel@vger•kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation•org>,
stable@vger•kernel.org, Paul Mackerras <paulus@samba•org>,
Thomas Backlund <tmb@iki•fi>,
linuxppc-dev@lists•ozlabs.org,
"Eric W. Biederman" <ebiederm@xmission•com>
Subject: [PATCH 5.15 258/279] signal/powerpc: On swapcontext failure force SIGSEGV
Date: Wed, 24 Nov 2021 12:59:05 +0100 [thread overview]
Message-ID: <20211124115727.632627138@linuxfoundation.org> (raw)
In-Reply-To: <20211124115718.776172708@linuxfoundation.org>
From: Eric W. Biederman <ebiederm@xmission•com>
commit 83a1f27ad773b1d8f0460d3a676114c7651918cc upstream.
If the register state may be partial and corrupted instead of calling
do_exit, call force_sigsegv(SIGSEGV). Which properly kills the
process with SIGSEGV and does not let any more userspace code execute,
instead of just killing one thread of the process and potentially
confusing everything.
Cc: Michael Ellerman <mpe@ellerman•id.au>
Cc: Benjamin Herrenschmidt <benh@kernel•crashing.org>
Cc: Paul Mackerras <paulus@samba•org>
Cc: linuxppc-dev@lists•ozlabs.org
History-tree: git://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git
Fixes: 756f1ae8a44e ("PPC32: Rework signal code and add a swapcontext system call.")
Fixes: 04879b04bf50 ("[PATCH] ppc64: VMX (Altivec) support & signal32 rework, from Ben Herrenschmidt")
Link: https://lkml.kernel.org/r/20211020174406.17889-7-ebiederm@xmission.com
Signed-off-by: Eric W. Biederman <ebiederm@xmission•com>
Cc: Thomas Backlund <tmb@iki•fi>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation•org>
---
arch/powerpc/kernel/signal_32.c | 6 ++++--
arch/powerpc/kernel/signal_64.c | 9 ++++++---
2 files changed, 10 insertions(+), 5 deletions(-)
--- a/arch/powerpc/kernel/signal_32.c
+++ b/arch/powerpc/kernel/signal_32.c
@@ -1062,8 +1062,10 @@ SYSCALL_DEFINE3(swapcontext, struct ucon
* or if another thread unmaps the region containing the context.
* We kill the task with a SIGSEGV in this situation.
*/
- if (do_setcontext(new_ctx, regs, 0))
- do_exit(SIGSEGV);
+ if (do_setcontext(new_ctx, regs, 0)) {
+ force_sigsegv(SIGSEGV);
+ return -EFAULT;
+ }
set_thread_flag(TIF_RESTOREALL);
return 0;
--- a/arch/powerpc/kernel/signal_64.c
+++ b/arch/powerpc/kernel/signal_64.c
@@ -703,15 +703,18 @@ SYSCALL_DEFINE3(swapcontext, struct ucon
* We kill the task with a SIGSEGV in this situation.
*/
- if (__get_user_sigset(&set, &new_ctx->uc_sigmask))
- do_exit(SIGSEGV);
+ if (__get_user_sigset(&set, &new_ctx->uc_sigmask)) {
+ force_sigsegv(SIGSEGV);
+ return -EFAULT;
+ }
set_current_blocked(&set);
if (!user_read_access_begin(new_ctx, ctx_size))
return -EFAULT;
if (__unsafe_restore_sigcontext(current, NULL, 0, &new_ctx->uc_mcontext)) {
user_read_access_end();
- do_exit(SIGSEGV);
+ force_sigsegv(SIGSEGV);
+ return -EFAULT;
}
user_read_access_end();
parent reply other threads:[~2021-11-24 13:12 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <20211124115718.776172708@linuxfoundation.org>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211124115727.632627138@linuxfoundation.org \
--to=gregkh@linuxfoundation$(echo .)org \
--cc=ebiederm@xmission$(echo .)com \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
--cc=paulus@samba$(echo .)org \
--cc=stable@vger$(echo .)kernel.org \
--cc=tmb@iki$(echo .)fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox