* [GIT PULL] signal: Removing the task parameter from force_sig
@ 2019-07-08 17:40 Eric W. Biederman
2019-07-08 17:40 ` Eric W. Biederman
2019-07-09 5:10 ` pr-tracker-bot
0 siblings, 2 replies; 4+ messages in thread
From: Eric W. Biederman @ 2019-07-08 17:40 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-kernel, Oleg Nesterov, linux-arch
Linus,
Please pull the siginfo-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git siginfo-linus
HEAD: 318759b4737c3b3789e2fd64d539f437d52386f5 signal/x86: Move tsk inside of CONFIG_MEMORY_FAILURE in do_sigbus
A source of error over the years has been that force_sig has taken a
task parameter when it is only safe to use force_sig with the current
task. The force_sig function is built for delivering synchronous signals
such as SIGSEGV where the userspace application caused a synchronous
fault (such as a page fault) and the kernel responded with a signal.
Because the name force_sig does not make this clear, and because the
force_sig takes a task parameter the function force_sig has been
abused for sending other kinds of signals over the years. Slowly those
have been fixed when the oopses have been tracked down.
This set of changes fixes the remaining abusers of force_sig and
carefully rips out the task parameter from force_sig and friends making
this kind of error almost impossible in the future.
Eric W. Biederman (27):
signal/usb: Replace kill_pid_info_as_cred with kill_pid_usb_asyncio
signal: Correct namespace fixups of si_pid and si_uid
signal/arm64: Use force_sig not force_sig_fault for SIGKILL
signal/drbd: Use send_sig not force_sig
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
signal: Remove task parameter from force_sigsegv
signal: Remove task parameter from force_sig
signal: Remove task parameter from force_sig_mceerr
signal/x86: Remove task parameter from send_sigtrap
signal/um: Remove task parameter from send_sigtrap
signal/sh: Remove tsk parameter from force_sig_info_fault
signal/riscv: Remove tsk parameter from do_trap
signal/nds32: Remove tsk parameter from send_sigtrap
signal/arm: Remove tsk parameter from ptrace_break
signal/arm: Remove tsk parameter from __do_user_fault
signal/unicore32: Remove tsk parameter from __do_user_fault
signal: Explicitly call force_sig_fault on current
signal: Use force_sig_fault_to_task for the two calls that don't deliver to current
signal: Remove the task parameter from force_sig_fault
signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal
signal: Move the computation of force into send_signal and correct it.
signal: Generate the siginfo in force_sig
signal: Factor force_sig_info_to_task out of force_sig_info
signal: Remove the signal number and task parameters from force_sig_info
signal/x86: Move tsk inside of CONFIG_MEMORY_FAILURE in do_sigbus
arch/alpha/kernel/signal.c | 4 +-
arch/alpha/kernel/traps.c | 2 +-
arch/alpha/mm/fault.c | 4 +-
arch/arc/kernel/process.c | 4 +-
arch/arc/kernel/signal.c | 2 +-
arch/arc/kernel/traps.c | 2 +-
arch/arc/mm/fault.c | 4 +-
arch/arm/include/asm/traps.h | 2 +-
arch/arm/kernel/ptrace.c | 6 +-
arch/arm/kernel/signal.c | 4 +-
arch/arm/kernel/traps.c | 4 +-
arch/arm/mm/alignment.c | 2 +-
arch/arm/mm/fault.c | 13 +-
arch/arm64/kernel/traps.c | 7 +-
arch/c6x/kernel/signal.c | 2 +-
arch/c6x/kernel/traps.c | 2 +-
arch/csky/abiv1/alignment.c | 2 +-
arch/csky/abiv2/fpu.c | 2 +-
arch/csky/kernel/signal.c | 4 +-
arch/csky/kernel/traps.c | 2 +-
arch/csky/mm/fault.c | 4 +-
arch/h8300/kernel/ptrace_h.c | 4 +-
arch/h8300/kernel/ptrace_s.c | 2 +-
arch/h8300/kernel/signal.c | 2 +-
arch/hexagon/kernel/signal.c | 2 +-
arch/hexagon/kernel/traps.c | 12 +-
arch/hexagon/mm/vm_fault.c | 4 +-
arch/ia64/kernel/brl_emu.c | 6 +-
arch/ia64/kernel/signal.c | 8 +-
arch/ia64/kernel/traps.c | 24 +--
arch/ia64/kernel/unaligned.c | 2 +-
arch/ia64/mm/fault.c | 2 +-
arch/m68k/kernel/signal.c | 4 +-
arch/m68k/kernel/traps.c | 20 +--
arch/m68k/mm/fault.c | 4 +-
arch/microblaze/kernel/exceptions.c | 2 +-
arch/microblaze/kernel/signal.c | 2 +-
arch/microblaze/mm/fault.c | 2 +-
arch/mips/kernel/branch.c | 18 +--
arch/mips/kernel/kprobes.c | 2 +-
arch/mips/kernel/signal.c | 8 +-
arch/mips/kernel/signal_n32.c | 4 +-
arch/mips/kernel/signal_o32.c | 8 +-
arch/mips/kernel/traps.c | 50 +++---
arch/mips/kernel/unaligned.c | 20 +--
arch/mips/mm/fault.c | 4 +-
arch/mips/sgi-ip22/ip22-berr.c | 2 +-
arch/mips/sgi-ip22/ip28-berr.c | 2 +-
arch/mips/sgi-ip27/ip27-berr.c | 2 +-
arch/mips/sgi-ip32/ip32-berr.c | 2 +-
arch/nds32/kernel/fpu.c | 2 +-
arch/nds32/kernel/signal.c | 2 +-
arch/nds32/kernel/traps.c | 17 +-
arch/nds32/mm/fault.c | 4 +-
arch/nios2/kernel/signal.c | 4 +-
arch/nios2/kernel/traps.c | 2 +-
arch/openrisc/kernel/signal.c | 2 +-
arch/openrisc/kernel/traps.c | 12 +-
arch/openrisc/mm/fault.c | 4 +-
arch/parisc/kernel/ptrace.c | 6 +-
arch/parisc/kernel/signal.c | 2 +-
arch/parisc/kernel/traps.c | 14 +-
arch/parisc/kernel/unaligned.c | 4 +-
arch/parisc/math-emu/driver.c | 2 +-
arch/parisc/mm/fault.c | 4 +-
arch/powerpc/kernel/process.c | 2 +-
arch/powerpc/kernel/signal_32.c | 6 +-
arch/powerpc/kernel/signal_64.c | 2 +-
arch/powerpc/kernel/traps.c | 4 +-
arch/powerpc/mm/fault.c | 5 +-
arch/powerpc/platforms/cell/spufs/fault.c | 9 +-
arch/powerpc/platforms/cell/spufs/run.c | 2 +-
arch/riscv/include/asm/bug.h | 2 +-
arch/riscv/kernel/signal.c | 2 +-
arch/riscv/kernel/traps.c | 11 +-
arch/riscv/mm/fault.c | 6 +-
arch/s390/kernel/compat_signal.c | 4 +-
arch/s390/kernel/signal.c | 4 +-
arch/s390/kernel/traps.c | 6 +-
arch/s390/mm/fault.c | 6 +-
arch/sh/kernel/cpu/sh2a/fpu.c | 2 +-
arch/sh/kernel/cpu/sh4/fpu.c | 2 +-
arch/sh/kernel/cpu/sh5/fpu.c | 4 +-
arch/sh/kernel/hw_breakpoint.c | 2 +-
arch/sh/kernel/ptrace_64.c | 4 +-
arch/sh/kernel/signal_32.c | 4 +-
arch/sh/kernel/signal_64.c | 4 +-
arch/sh/kernel/traps.c | 4 +-
arch/sh/kernel/traps_32.c | 12 +-
arch/sh/kernel/traps_64.c | 2 +-
arch/sh/math-emu/math.c | 2 +-
arch/sh/mm/fault.c | 11 +-
arch/sparc/kernel/process_64.c | 4 +-
arch/sparc/kernel/signal32.c | 8 +-
arch/sparc/kernel/signal_32.c | 4 +-
arch/sparc/kernel/signal_64.c | 8 +-
arch/sparc/kernel/sys_sparc_32.c | 2 +-
arch/sparc/kernel/sys_sparc_64.c | 2 +-
arch/sparc/kernel/traps_32.c | 4 +-
arch/sparc/kernel/traps_64.c | 41 +++--
arch/sparc/mm/fault_32.c | 4 +-
arch/sparc/mm/fault_64.c | 2 +-
arch/um/kernel/exec.c | 2 +-
arch/um/kernel/ptrace.c | 7 +-
arch/um/kernel/skas/mmu.c | 2 +-
arch/um/kernel/tlb.c | 4 +-
arch/um/kernel/trap.c | 16 +-
arch/unicore32/kernel/signal.c | 4 +-
arch/unicore32/kernel/traps.c | 2 +-
arch/unicore32/mm/fault.c | 13 +-
arch/x86/entry/vsyscall/vsyscall_64.c | 4 +-
arch/x86/include/asm/ptrace.h | 3 +-
arch/x86/kernel/cpu/mce/core.c | 2 +-
arch/x86/kernel/ptrace.c | 9 +-
arch/x86/kernel/signal.c | 2 +-
arch/x86/kernel/traps.c | 10 +-
arch/x86/kernel/umip.c | 2 +-
arch/x86/kernel/uprobes.c | 2 +-
arch/x86/kernel/vm86_32.c | 2 +-
arch/x86/mm/fault.c | 12 +-
arch/x86/mm/mpx.c | 2 +-
arch/x86/um/signal.c | 4 +-
arch/xtensa/kernel/signal.c | 2 +-
arch/xtensa/kernel/traps.c | 8 +-
arch/xtensa/mm/fault.c | 4 +-
drivers/block/drbd/drbd_int.h | 2 +-
drivers/block/drbd/drbd_main.c | 2 +-
drivers/block/drbd/drbd_nl.c | 2 +-
drivers/misc/lkdtm/bugs.c | 2 +-
drivers/usb/core/devio.c | 48 +++---
fs/cifs/connect.c | 2 +-
fs/exec.c | 2 +-
include/linux/ptrace.h | 2 +-
include/linux/sched/signal.h | 15 +-
include/linux/syscalls.h | 2 +-
kernel/events/uprobes.c | 4 +-
kernel/pid_namespace.c | 2 +-
kernel/rseq.c | 4 +-
kernel/seccomp.c | 2 +-
kernel/signal.c | 249 +++++++++++++++++++++---------
mm/memory-failure.c | 2 +-
net/bpfilter/bpfilter_kern.c | 2 +-
security/safesetid/lsm.c | 4 +-
143 files changed, 569 insertions(+), 483 deletions(-)
Eric
^ permalink raw reply [flat|nested] 4+ messages in thread* [GIT PULL] signal: Removing the task parameter from force_sig
2019-07-08 17:40 [GIT PULL] signal: Removing the task parameter from force_sig Eric W. Biederman
@ 2019-07-08 17:40 ` Eric W. Biederman
2019-07-09 5:10 ` pr-tracker-bot
1 sibling, 0 replies; 4+ messages in thread
From: Eric W. Biederman @ 2019-07-08 17:40 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-kernel, Oleg Nesterov, linux-arch
Linus,
Please pull the siginfo-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git siginfo-linus
HEAD: 318759b4737c3b3789e2fd64d539f437d52386f5 signal/x86: Move tsk inside of CONFIG_MEMORY_FAILURE in do_sigbus
A source of error over the years has been that force_sig has taken a
task parameter when it is only safe to use force_sig with the current
task. The force_sig function is built for delivering synchronous signals
such as SIGSEGV where the userspace application caused a synchronous
fault (such as a page fault) and the kernel responded with a signal.
Because the name force_sig does not make this clear, and because the
force_sig takes a task parameter the function force_sig has been
abused for sending other kinds of signals over the years. Slowly those
have been fixed when the oopses have been tracked down.
This set of changes fixes the remaining abusers of force_sig and
carefully rips out the task parameter from force_sig and friends making
this kind of error almost impossible in the future.
Eric W. Biederman (27):
signal/usb: Replace kill_pid_info_as_cred with kill_pid_usb_asyncio
signal: Correct namespace fixups of si_pid and si_uid
signal/arm64: Use force_sig not force_sig_fault for SIGKILL
signal/drbd: Use send_sig not force_sig
signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
signal: Remove task parameter from force_sigsegv
signal: Remove task parameter from force_sig
signal: Remove task parameter from force_sig_mceerr
signal/x86: Remove task parameter from send_sigtrap
signal/um: Remove task parameter from send_sigtrap
signal/sh: Remove tsk parameter from force_sig_info_fault
signal/riscv: Remove tsk parameter from do_trap
signal/nds32: Remove tsk parameter from send_sigtrap
signal/arm: Remove tsk parameter from ptrace_break
signal/arm: Remove tsk parameter from __do_user_fault
signal/unicore32: Remove tsk parameter from __do_user_fault
signal: Explicitly call force_sig_fault on current
signal: Use force_sig_fault_to_task for the two calls that don't deliver to current
signal: Remove the task parameter from force_sig_fault
signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal
signal: Move the computation of force into send_signal and correct it.
signal: Generate the siginfo in force_sig
signal: Factor force_sig_info_to_task out of force_sig_info
signal: Remove the signal number and task parameters from force_sig_info
signal/x86: Move tsk inside of CONFIG_MEMORY_FAILURE in do_sigbus
arch/alpha/kernel/signal.c | 4 +-
arch/alpha/kernel/traps.c | 2 +-
arch/alpha/mm/fault.c | 4 +-
arch/arc/kernel/process.c | 4 +-
arch/arc/kernel/signal.c | 2 +-
arch/arc/kernel/traps.c | 2 +-
arch/arc/mm/fault.c | 4 +-
arch/arm/include/asm/traps.h | 2 +-
arch/arm/kernel/ptrace.c | 6 +-
arch/arm/kernel/signal.c | 4 +-
arch/arm/kernel/traps.c | 4 +-
arch/arm/mm/alignment.c | 2 +-
arch/arm/mm/fault.c | 13 +-
arch/arm64/kernel/traps.c | 7 +-
arch/c6x/kernel/signal.c | 2 +-
arch/c6x/kernel/traps.c | 2 +-
arch/csky/abiv1/alignment.c | 2 +-
arch/csky/abiv2/fpu.c | 2 +-
arch/csky/kernel/signal.c | 4 +-
arch/csky/kernel/traps.c | 2 +-
arch/csky/mm/fault.c | 4 +-
arch/h8300/kernel/ptrace_h.c | 4 +-
arch/h8300/kernel/ptrace_s.c | 2 +-
arch/h8300/kernel/signal.c | 2 +-
arch/hexagon/kernel/signal.c | 2 +-
arch/hexagon/kernel/traps.c | 12 +-
arch/hexagon/mm/vm_fault.c | 4 +-
arch/ia64/kernel/brl_emu.c | 6 +-
arch/ia64/kernel/signal.c | 8 +-
arch/ia64/kernel/traps.c | 24 +--
arch/ia64/kernel/unaligned.c | 2 +-
arch/ia64/mm/fault.c | 2 +-
arch/m68k/kernel/signal.c | 4 +-
arch/m68k/kernel/traps.c | 20 +--
arch/m68k/mm/fault.c | 4 +-
arch/microblaze/kernel/exceptions.c | 2 +-
arch/microblaze/kernel/signal.c | 2 +-
arch/microblaze/mm/fault.c | 2 +-
arch/mips/kernel/branch.c | 18 +--
arch/mips/kernel/kprobes.c | 2 +-
arch/mips/kernel/signal.c | 8 +-
arch/mips/kernel/signal_n32.c | 4 +-
arch/mips/kernel/signal_o32.c | 8 +-
arch/mips/kernel/traps.c | 50 +++---
arch/mips/kernel/unaligned.c | 20 +--
arch/mips/mm/fault.c | 4 +-
arch/mips/sgi-ip22/ip22-berr.c | 2 +-
arch/mips/sgi-ip22/ip28-berr.c | 2 +-
arch/mips/sgi-ip27/ip27-berr.c | 2 +-
arch/mips/sgi-ip32/ip32-berr.c | 2 +-
arch/nds32/kernel/fpu.c | 2 +-
arch/nds32/kernel/signal.c | 2 +-
arch/nds32/kernel/traps.c | 17 +-
arch/nds32/mm/fault.c | 4 +-
arch/nios2/kernel/signal.c | 4 +-
arch/nios2/kernel/traps.c | 2 +-
arch/openrisc/kernel/signal.c | 2 +-
arch/openrisc/kernel/traps.c | 12 +-
arch/openrisc/mm/fault.c | 4 +-
arch/parisc/kernel/ptrace.c | 6 +-
arch/parisc/kernel/signal.c | 2 +-
arch/parisc/kernel/traps.c | 14 +-
arch/parisc/kernel/unaligned.c | 4 +-
arch/parisc/math-emu/driver.c | 2 +-
arch/parisc/mm/fault.c | 4 +-
arch/powerpc/kernel/process.c | 2 +-
arch/powerpc/kernel/signal_32.c | 6 +-
arch/powerpc/kernel/signal_64.c | 2 +-
arch/powerpc/kernel/traps.c | 4 +-
arch/powerpc/mm/fault.c | 5 +-
arch/powerpc/platforms/cell/spufs/fault.c | 9 +-
arch/powerpc/platforms/cell/spufs/run.c | 2 +-
arch/riscv/include/asm/bug.h | 2 +-
arch/riscv/kernel/signal.c | 2 +-
arch/riscv/kernel/traps.c | 11 +-
arch/riscv/mm/fault.c | 6 +-
arch/s390/kernel/compat_signal.c | 4 +-
arch/s390/kernel/signal.c | 4 +-
arch/s390/kernel/traps.c | 6 +-
arch/s390/mm/fault.c | 6 +-
arch/sh/kernel/cpu/sh2a/fpu.c | 2 +-
arch/sh/kernel/cpu/sh4/fpu.c | 2 +-
arch/sh/kernel/cpu/sh5/fpu.c | 4 +-
arch/sh/kernel/hw_breakpoint.c | 2 +-
arch/sh/kernel/ptrace_64.c | 4 +-
arch/sh/kernel/signal_32.c | 4 +-
arch/sh/kernel/signal_64.c | 4 +-
arch/sh/kernel/traps.c | 4 +-
arch/sh/kernel/traps_32.c | 12 +-
arch/sh/kernel/traps_64.c | 2 +-
arch/sh/math-emu/math.c | 2 +-
arch/sh/mm/fault.c | 11 +-
arch/sparc/kernel/process_64.c | 4 +-
arch/sparc/kernel/signal32.c | 8 +-
arch/sparc/kernel/signal_32.c | 4 +-
arch/sparc/kernel/signal_64.c | 8 +-
arch/sparc/kernel/sys_sparc_32.c | 2 +-
arch/sparc/kernel/sys_sparc_64.c | 2 +-
arch/sparc/kernel/traps_32.c | 4 +-
arch/sparc/kernel/traps_64.c | 41 +++--
arch/sparc/mm/fault_32.c | 4 +-
arch/sparc/mm/fault_64.c | 2 +-
arch/um/kernel/exec.c | 2 +-
arch/um/kernel/ptrace.c | 7 +-
arch/um/kernel/skas/mmu.c | 2 +-
arch/um/kernel/tlb.c | 4 +-
arch/um/kernel/trap.c | 16 +-
arch/unicore32/kernel/signal.c | 4 +-
arch/unicore32/kernel/traps.c | 2 +-
arch/unicore32/mm/fault.c | 13 +-
arch/x86/entry/vsyscall/vsyscall_64.c | 4 +-
arch/x86/include/asm/ptrace.h | 3 +-
arch/x86/kernel/cpu/mce/core.c | 2 +-
arch/x86/kernel/ptrace.c | 9 +-
arch/x86/kernel/signal.c | 2 +-
arch/x86/kernel/traps.c | 10 +-
arch/x86/kernel/umip.c | 2 +-
arch/x86/kernel/uprobes.c | 2 +-
arch/x86/kernel/vm86_32.c | 2 +-
arch/x86/mm/fault.c | 12 +-
arch/x86/mm/mpx.c | 2 +-
arch/x86/um/signal.c | 4 +-
arch/xtensa/kernel/signal.c | 2 +-
arch/xtensa/kernel/traps.c | 8 +-
arch/xtensa/mm/fault.c | 4 +-
drivers/block/drbd/drbd_int.h | 2 +-
drivers/block/drbd/drbd_main.c | 2 +-
drivers/block/drbd/drbd_nl.c | 2 +-
drivers/misc/lkdtm/bugs.c | 2 +-
drivers/usb/core/devio.c | 48 +++---
fs/cifs/connect.c | 2 +-
fs/exec.c | 2 +-
include/linux/ptrace.h | 2 +-
include/linux/sched/signal.h | 15 +-
include/linux/syscalls.h | 2 +-
kernel/events/uprobes.c | 4 +-
kernel/pid_namespace.c | 2 +-
kernel/rseq.c | 4 +-
kernel/seccomp.c | 2 +-
kernel/signal.c | 249 +++++++++++++++++++++---------
mm/memory-failure.c | 2 +-
net/bpfilter/bpfilter_kern.c | 2 +-
security/safesetid/lsm.c | 4 +-
143 files changed, 569 insertions(+), 483 deletions(-)
Eric
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [GIT PULL] signal: Removing the task parameter from force_sig
2019-07-08 17:40 [GIT PULL] signal: Removing the task parameter from force_sig Eric W. Biederman
2019-07-08 17:40 ` Eric W. Biederman
@ 2019-07-09 5:10 ` pr-tracker-bot
2019-07-09 5:10 ` pr-tracker-bot
1 sibling, 1 reply; 4+ messages in thread
From: pr-tracker-bot @ 2019-07-09 5:10 UTC (permalink / raw)
To: Eric W. Biederman; +Cc: Linus Torvalds, linux-kernel, Oleg Nesterov, linux-arch
The pull request you sent on Mon, 08 Jul 2019 12:40:05 -0500:
> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git siginfo-linus
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/5ad18b2e60b75c7297a998dea702451d33a052ed
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-07-09 5:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-08 17:40 [GIT PULL] signal: Removing the task parameter from force_sig Eric W. Biederman
2019-07-08 17:40 ` Eric W. Biederman
2019-07-09 5:10 ` pr-tracker-bot
2019-07-09 5:10 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox