[PATCH 4/4] x86: SROP mitigation: implement signal counting

[Erik Bosman <erik@minemu.org>]

This patch implements signal counting for x86-64, x86-32 and x32.

Signed-off-by: Erik Bosman <erik@minemu.org>

---
 arch/x86/Kconfig            |  1 +
 arch/x86/ia32/ia32_signal.c | 10 ++++++++++
 arch/x86/kernel/signal.c    | 19 +++++++++++++++++++
 3 files changed, 30 insertions(+)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 83eea28..82d779f 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -129,6 +129,7 @@ config X86
 	select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
 	select HAVE_CC_STACKPROTECTOR
 	select HAVE_SIGNAL_CANARY
+	select HAVE_SIGNAL_BOOKKEEPING
 	select GENERIC_CPU_AUTOPROBE
 	select HAVE_ARCH_AUDITSYSCALL
 
diff --git a/arch/x86/ia32/ia32_signal.c b/arch/x86/ia32/ia32_signal.c
index 1a9285a..5b95c26 100644
--- a/arch/x86/ia32/ia32_signal.c
+++ b/arch/x86/ia32/ia32_signal.c
@@ -219,6 +219,11 @@ asmlinkage long sys32_sigreturn(void)
 	if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
 		goto badframe;
 
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+    if (signals_in_progress_dec(current))
+        goto badframe;
+#endif
+
 #ifdef CONFIG_SIGNAL_CANARY
 	if (__get_user(canary, &frame->canary) || (canary != current->signal_canary))
 		goto badframe;
@@ -257,6 +262,11 @@ asmlinkage long sys32_rt_sigreturn(void)
 	if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
 		goto badframe;
 
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+    if (signals_in_progress_dec(current))
+        goto badframe;
+#endif
+
 #ifdef CONFIG_SIGNAL_CANARY
 	if (__get_user(canary, &frame->canary) || (canary != current->signal_canary))
 		goto badframe;
diff --git a/arch/x86/kernel/signal.c b/arch/x86/kernel/signal.c
index 0cc4556..5f51e8c 100644
--- a/arch/x86/kernel/signal.c
+++ b/arch/x86/kernel/signal.c
@@ -558,6 +558,11 @@ asmlinkage unsigned long sys_sigreturn(void)
 	u32 canary;
 #endif
 
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+	if (signals_in_progress_dec(current))
+		goto badframe;
+#endif
+
 	frame = (struct sigframe __user *)(regs->sp - 8);
 
 	if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
@@ -600,6 +605,11 @@ asmlinkage long sys_rt_sigreturn(void)
 	if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
 		goto badframe;
 
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+	if (signals_in_progress_dec(current))
+		goto badframe;
+#endif
+
 #ifdef CONFIG_SIGNAL_CANARY
 	if (__get_user(canary, &frame->canary) || (canary != current->signal_canary))
 		goto badframe;
@@ -708,6 +718,10 @@ handle_signal(struct ksignal *ksig, struct pt_regs *regs)
 		regs->flags &= ~(X86_EFLAGS_DF|X86_EFLAGS_RF|X86_EFLAGS_TF);
 	}
 	signal_setup_done(failed, ksig, test_thread_flag(TIF_SINGLESTEP));
+
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+	signals_in_progress_inc(current);
+#endif
 }
 
 #ifdef CONFIG_X86_32
@@ -824,6 +838,11 @@ asmlinkage long sys32_x32_rt_sigreturn(void)
 	if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set)))
 		goto badframe;
 
+#ifdef CONFIG_SIGNAL_BOOKKEEPING
+	if (signals_in_progress_dec(current))
+		goto badframe;
+#endif
+
 #ifdef CONFIG_SIGNAL_CANARY
 	if (__get_user(canary, &frame->canary) || (canary != current->signal_canary))
 		goto badframe;
-- 
1.9.1