diff for duplicates of <51CACB80.5020706@imgtec.com> diff --git a/a/content_digest b/N1/content_digest index 125f2ed..7fc3cf2 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -21,8 +21,8 @@ Paul E. McKenney <paulmck@linux.vnet.ibm.com> David Howells <dhowells@redhat.com> Dave Jones <davej@redhat.com> - <linux-mips@linux-mips.org> - " <stable@vger.kernel.org>\0" + linux-mips@linux-mips.org + " stable@vger.kernel.org\0" "\00:1\0" "b\0" "On 25/06/13 23:13, James Hogan wrote:\n" @@ -51,4 +51,4 @@ "\n" How does this look for a nasty/stable fix? -9ed7e9c783fa114844efa22ff7b77d2e719ea1c4aa381079c32d626dc96bc3b7 +41c4acc4497090cf7a597155da0fe17eb14a3adee4800f23ec043c09a35d85ee
diff --git a/a/1.txt b/N2/1.txt index 1c1ecfa..3859314 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -23,3 +23,63 @@ On 25/06/13 23:13, James Hogan wrote: > for stable. How does this look for a nasty/stable fix? + +>From 94d734526d61f5c74fd2df1c3ecb677495fc7a23 Mon Sep 17 00:00:00 2001 +From: James Hogan <james.hogan@imgtec.com> +Date: Wed, 26 Jun 2013 11:48:11 +0100 +Subject: [PATCH 1/1] kernel/signal.c: fix BUG_ON with SIG128 (MIPS) + +MIPS has 128 signals, the highest of which has the number 128 (they +start from 1). The following command causes get_signal_to_deliver() to +pass this signal number straight through to do_group_exit() as the exit +code: + + strace sleep 10 & sleep 1 && kill -128 `pidof sleep` + +However do_group_exit() checks for the core dump bit (0x80) in the exit +code which matches in this particular case and the kernel panics: + + BUG_ON(exit_code & 0x80); /* core dumps don't get here */ + +As a quick fix, mask out higher bits in the signal number. This +effectively matches the exit code from other code paths but avoids the +BUG_ON. + +Signed-off-by: James Hogan <james.hogan@imgtec.com> +Cc: Ralf Baechle <ralf@linux-mips.org> +Cc: Al Viro <viro@zeniv.linux.org.uk> +Cc: Andrew Morton <akpm@linux-foundation.org> +Cc: Oleg Nesterov <oleg@redhat.com> +Cc: Kees Cook <keescook@chromium.org> +Cc: David Daney <david.daney@cavium.com> +Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com> +Cc: David Howells <dhowells@redhat.com> +Cc: Dave Jones <davej@redhat.com> +Cc: linux-mips@linux-mips.org +Cc: stable@vger.kernel.org +--- + kernel/signal.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/kernel/signal.c b/kernel/signal.c +index 113411b..9ea8f4f 100644 +--- a/kernel/signal.c ++++ b/kernel/signal.c +@@ -2366,8 +2366,14 @@ relock: + + /* + * Death signals, no core dump. ++ * ++ * Some architectures (MIPS) have 128 signals which doesn't play ++ * nicely with the exit code since there are only 7 bits to ++ * store the terminating signal number. Mask out higher bits to ++ * avoid overflowing into the core dump bit and triggering ++ * BUG_ON in do_group_exit. + */ +- do_group_exit(info->si_signo); ++ do_group_exit(info->si_signo & 0x7f); + /* NOTREACHED */ + } + spin_unlock_irq(&sighand->siglock); +-- +1.8.1.2 diff --git a/a/content_digest b/N2/content_digest index 125f2ed..e60ace9 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -49,6 +49,66 @@ "> IMO changing the ABI by reducing _NSIG to 127 or 126 isn't appropriate\n" "> for stable.\n" "\n" - How does this look for a nasty/stable fix? + "How does this look for a nasty/stable fix?\n" + "\n" + ">From 94d734526d61f5c74fd2df1c3ecb677495fc7a23 Mon Sep 17 00:00:00 2001\n" + "From: James Hogan <james.hogan@imgtec.com>\n" + "Date: Wed, 26 Jun 2013 11:48:11 +0100\n" + "Subject: [PATCH 1/1] kernel/signal.c: fix BUG_ON with SIG128 (MIPS)\n" + "\n" + "MIPS has 128 signals, the highest of which has the number 128 (they\n" + "start from 1). The following command causes get_signal_to_deliver() to\n" + "pass this signal number straight through to do_group_exit() as the exit\n" + "code:\n" + "\n" + " strace sleep 10 & sleep 1 && kill -128 `pidof sleep`\n" + "\n" + "However do_group_exit() checks for the core dump bit (0x80) in the exit\n" + "code which matches in this particular case and the kernel panics:\n" + "\n" + " BUG_ON(exit_code & 0x80); /* core dumps don't get here */\n" + "\n" + "As a quick fix, mask out higher bits in the signal number. This\n" + "effectively matches the exit code from other code paths but avoids the\n" + "BUG_ON.\n" + "\n" + "Signed-off-by: James Hogan <james.hogan@imgtec.com>\n" + "Cc: Ralf Baechle <ralf@linux-mips.org>\n" + "Cc: Al Viro <viro@zeniv.linux.org.uk>\n" + "Cc: Andrew Morton <akpm@linux-foundation.org>\n" + "Cc: Oleg Nesterov <oleg@redhat.com>\n" + "Cc: Kees Cook <keescook@chromium.org>\n" + "Cc: David Daney <david.daney@cavium.com>\n" + "Cc: \"Paul E. McKenney\" <paulmck@linux.vnet.ibm.com>\n" + "Cc: David Howells <dhowells@redhat.com>\n" + "Cc: Dave Jones <davej@redhat.com>\n" + "Cc: linux-mips@linux-mips.org\n" + "Cc: stable@vger.kernel.org\n" + "---\n" + " kernel/signal.c | 8 +++++++-\n" + " 1 file changed, 7 insertions(+), 1 deletion(-)\n" + "\n" + "diff --git a/kernel/signal.c b/kernel/signal.c\n" + "index 113411b..9ea8f4f 100644\n" + "--- a/kernel/signal.c\n" + "+++ b/kernel/signal.c\n" + "@@ -2366,8 +2366,14 @@ relock:\n" + " \n" + " \t\t/*\n" + " \t\t * Death signals, no core dump.\n" + "+\t\t *\n" + "+\t\t * Some architectures (MIPS) have 128 signals which doesn't play\n" + "+\t\t * nicely with the exit code since there are only 7 bits to\n" + "+\t\t * store the terminating signal number. Mask out higher bits to\n" + "+\t\t * avoid overflowing into the core dump bit and triggering\n" + "+\t\t * BUG_ON in do_group_exit.\n" + " \t\t */\n" + "-\t\tdo_group_exit(info->si_signo);\n" + "+\t\tdo_group_exit(info->si_signo & 0x7f);\n" + " \t\t/* NOTREACHED */\n" + " \t}\n" + " \tspin_unlock_irq(&sighand->siglock);\n" + "-- \n" + 1.8.1.2 -9ed7e9c783fa114844efa22ff7b77d2e719ea1c4aa381079c32d626dc96bc3b7 +6b23443af88a9d39927cdd2960091597c28211775fa8b255ac7f4051d1313dd4
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.