From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
alan@lxorguk.ukuu.org.uk, Will Deacon <will.deacon@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>
Subject: [ 010/123] arm64: signal: push the unwinding prologue on the signal stack
Date: Wed, 9 Jan 2013 12:34:09 -0800 [thread overview]
Message-ID: <20130109201459.824389320@linuxfoundation.org> (raw)
In-Reply-To: <20130109201458.392601412@linuxfoundation.org>
3.7-stable review patch. If anyone has any objections, please let me know.
------------------
From: Will Deacon <will.deacon@arm.com>
commit 304ef4e8367244b547734143c792a2ab764831e8 upstream.
To allow debuggers to unwind through signal frames, we create a fake
stack unwinding prologue containing the link register and frame pointer
of the interrupted context. The signal frame is then offset by 16 bytes
to make room for the two saved registers which are pushed onto the frame
of the *interrupted* context, rather than placed directly above the
signal stack.
This doesn't work when an alternative signal stack is set up for a SEGV
handler, which is raised in response to RLIMIT_STACK being reached. In
this case, we try to push the unwinding prologue onto the full stack and
subsequently take a fault which we fail to resolve, causing setup_return
to return -EFAULT and handle_signal to force_sigsegv on the current task.
This patch fixes the problem by including the unwinding prologue as part
of the rt_sigframe definition, which is populated during setup_sigframe,
ensuring that it always ends up on the signal stack.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/arm64/kernel/signal.c | 37 ++++++++++++++++---------------------
1 file changed, 16 insertions(+), 21 deletions(-)
--- a/arch/arm64/kernel/signal.c
+++ b/arch/arm64/kernel/signal.c
@@ -41,6 +41,8 @@
struct rt_sigframe {
struct siginfo info;
struct ucontext uc;
+ u64 fp;
+ u64 lr;
};
static int preserve_fpsimd_context(struct fpsimd_context __user *ctx)
@@ -175,6 +177,10 @@ static int setup_sigframe(struct rt_sigf
struct aux_context __user *aux =
(struct aux_context __user *)sf->uc.uc_mcontext.__reserved;
+ /* set up the stack frame for unwinding */
+ __put_user_error(regs->regs[29], &sf->fp, err);
+ __put_user_error(regs->regs[30], &sf->lr, err);
+
for (i = 0; i < 31; i++)
__put_user_error(regs->regs[i], &sf->uc.uc_mcontext.regs[i],
err);
@@ -210,9 +216,6 @@ static void __user *get_sigframe(struct
if ((ka->sa.sa_flags & SA_ONSTACK) && !sas_ss_flags(sp))
sp = sp_top = current->sas_ss_sp + current->sas_ss_size;
- /* room for stack frame (FP, LR) */
- sp -= 16;
-
sp = (sp - framesize) & ~15;
frame = (void __user *)sp;
@@ -225,20 +228,14 @@ static void __user *get_sigframe(struct
return frame;
}
-static int setup_return(struct pt_regs *regs, struct k_sigaction *ka,
- void __user *frame, int usig)
+static void setup_return(struct pt_regs *regs, struct k_sigaction *ka,
+ void __user *frame, int usig)
{
- int err = 0;
__sigrestore_t sigtramp;
- unsigned long __user *sp = (unsigned long __user *)regs->sp;
-
- /* set up the stack frame */
- __put_user_error(regs->regs[29], sp - 2, err);
- __put_user_error(regs->regs[30], sp - 1, err);
regs->regs[0] = usig;
- regs->regs[29] = regs->sp - 16;
regs->sp = (unsigned long)frame;
+ regs->regs[29] = regs->sp + offsetof(struct rt_sigframe, fp);
regs->pc = (unsigned long)ka->sa.sa_handler;
if (ka->sa.sa_flags & SA_RESTORER)
@@ -247,8 +244,6 @@ static int setup_return(struct pt_regs *
sigtramp = VDSO_SYMBOL(current->mm->context.vdso, sigtramp);
regs->regs[30] = (unsigned long)sigtramp;
-
- return err;
}
static int setup_rt_frame(int usig, struct k_sigaction *ka, siginfo_t *info,
@@ -272,13 +267,13 @@ static int setup_rt_frame(int usig, stru
err |= __copy_to_user(&frame->uc.uc_stack, &stack, sizeof(stack));
err |= setup_sigframe(frame, regs, set);
- if (err == 0)
- err = setup_return(regs, ka, frame, usig);
-
- if (err == 0 && ka->sa.sa_flags & SA_SIGINFO) {
- err |= copy_siginfo_to_user(&frame->info, info);
- regs->regs[1] = (unsigned long)&frame->info;
- regs->regs[2] = (unsigned long)&frame->uc;
+ if (err == 0) {
+ setup_return(regs, ka, frame, usig);
+ if (ka->sa.sa_flags & SA_SIGINFO) {
+ err |= copy_siginfo_to_user(&frame->info, info);
+ regs->regs[1] = (unsigned long)&frame->info;
+ regs->regs[2] = (unsigned long)&frame->uc;
+ }
}
return err;
next prev parent reply other threads:[~2013-01-09 20:34 UTC|newest]
Thread overview: 131+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-09 20:33 [ 000/123] 3.7.2-stable review Greg Kroah-Hartman
2013-01-09 20:34 ` [ 001/123] net: fix a race in gro_cell_poll() Greg Kroah-Hartman
2013-01-09 20:34 ` [ 002/123] firmware loader: Fix the race FW_STATUS_DONE is followed by class_timeout Greg Kroah-Hartman
2013-01-09 20:34 ` [ 003/123] firmware loader: Fix the concurrent request_firmware() race for kref_get/put Greg Kroah-Hartman
2013-01-09 20:34 ` [ 004/123] b43legacy: Fix firmware loading when driver is built into the kernel Greg Kroah-Hartman
2013-01-11 3:47 ` Ben Hutchings
2013-01-11 13:38 ` Greg Kroah-Hartman
2013-01-09 20:34 ` [ 005/123] b43: fix tx path skb leaks Greg Kroah-Hartman
2013-01-09 20:34 ` [ 006/123] pnpacpi: fix incorrect TEST_ALPHA() test Greg Kroah-Hartman
2013-01-09 20:34 ` [ 007/123] SGI-XP: handle non-fatal traps Greg Kroah-Hartman
2013-01-09 20:34 ` [ 008/123] exec: do not leave bprm->interp on stack Greg Kroah-Hartman
2013-01-09 20:34 ` [ 009/123] arm64: Make !dirty ptes read-only Greg Kroah-Hartman
2013-01-09 20:34 ` Greg Kroah-Hartman [this message]
2013-01-09 20:34 ` [ 011/123] x86, 8042: Enable A20 using KBC to fix S3 resume on some MSI laptops Greg Kroah-Hartman
2013-01-09 20:34 ` [ 012/123] mm: highmem: export kmap_to_page for modules Greg Kroah-Hartman
2013-01-09 20:34 ` [ 013/123] virtio: 9p: correctly pass physical address to userspace for high pages Greg Kroah-Hartman
2013-01-09 20:34 ` [ 014/123] virtio: force vring descriptors to be allocated from lowmem Greg Kroah-Hartman
2013-01-09 20:34 ` [ 015/123] mm: fix calculation of dirtyable memory Greg Kroah-Hartman
2013-01-09 20:34 ` [ 016/123] mm: Fix PageHead when !CONFIG_PAGEFLAGS_EXTENDED Greg Kroah-Hartman
2013-01-09 20:34 ` [ 017/123] tmpfs mempolicy: fix /proc/mounts corrupting memory Greg Kroah-Hartman
2013-01-09 20:34 ` [ 018/123] ALSA: usb-audio: Avoid autopm calls after disconnection Greg Kroah-Hartman
2013-01-09 20:34 ` [ 019/123] ALSA: usb-audio: Fix missing autopm for MIDI input Greg Kroah-Hartman
2013-01-09 20:34 ` [ 020/123] ALSA: hda - Move runtime PM check to runtime_idle callback Greg Kroah-Hartman
2013-01-09 20:34 ` [ 021/123] ALSA: hda - Add stereo-dmic fixup for Acer Aspire One 522 Greg Kroah-Hartman
2013-01-09 20:34 ` [ 022/123] ALSA: hda - Always turn on pins for HDMI/DP Greg Kroah-Hartman
2013-01-09 20:34 ` [ 023/123] ALSA: hda - Fix the wrong pincaps set in ALC861VD dallas/hp fixup Greg Kroah-Hartman
2013-01-09 20:34 ` [ 024/123] ALSA: hda - Fix pin configuration of HP Pavilion dv7 Greg Kroah-Hartman
2013-01-09 20:34 ` [ 025/123] ALSA: hda - add mute LED for HP Pavilion 17 (Realtek codec) Greg Kroah-Hartman
2013-01-09 20:34 ` [ 026/123] qmi_wwan/cdc_ether: add Dell Wireless 5800 (Novatel E362) USB IDs Greg Kroah-Hartman
2013-01-09 20:34 ` [ 027/123] rtlwifi: fix incorrect use of usb_alloc_coherent with usb_control_msg Greg Kroah-Hartman
2013-01-09 20:34 ` [ 028/123] p54usb: add USB ID for T-Com Sinus 154 data II Greg Kroah-Hartman
2013-01-09 20:34 ` [ 029/123] p54usb: add USBIDs for two more p54usb devices Greg Kroah-Hartman
2013-01-09 20:34 ` [ 030/123] USB: chipidea: fix use after free bug Greg Kroah-Hartman
2013-01-09 20:34 ` [ 031/123] usb: gadget: midi: free hs descriptors Greg Kroah-Hartman
2013-01-09 20:34 ` [ 032/123] usb: gadget: phonet: free requests in pn_bind()s error path Greg Kroah-Hartman
2013-01-09 20:34 ` [ 033/123] usb: gadget: tcm_usb_gadget: NULL terminate the FS descriptor list Greg Kroah-Hartman
2013-01-09 20:34 ` [ 034/123] usb: gadget: uvc: fix error path in uvc_function_bind() Greg Kroah-Hartman
2013-01-09 20:34 ` [ 035/123] usb: gadget: network: fix bind() error path Greg Kroah-Hartman
2013-01-09 20:34 ` [ 036/123] ACPI: do acpisleep dmi check when CONFIG_ACPI_SLEEP is set Greg Kroah-Hartman
2013-01-09 20:34 ` [ 037/123] libata: restore acpi disable functionality Greg Kroah-Hartman
2013-01-09 20:34 ` [ 038/123] ACPI / scan: Do not use dummy HID for system bus ACPI nodes Greg Kroah-Hartman
2013-01-09 20:34 ` [ 039/123] NFS: Add sequence_priviliged_ops for nfs4_proc_sequence() Greg Kroah-Hartman
2013-01-09 20:34 ` [ 040/123] nfs: dont extend writes to cover entire page if pagecache is invalid Greg Kroah-Hartman
2013-01-09 20:34 ` [ 041/123] NFSv4: Check for buffer length in __nfs4_get_acl_uncached Greg Kroah-Hartman
2013-01-09 20:34 ` [ 042/123] nfs: dont zero out the rest of the page if we hit the EOF on a DIO READ Greg Kroah-Hartman
2013-01-09 20:34 ` [ 043/123] NFS: avoid NULL dereference in nfs_destroy_server Greg Kroah-Hartman
2013-01-09 20:34 ` [ 044/123] NFS: Fix calls to drop_nlink() Greg Kroah-Hartman
2013-01-09 20:34 ` [ 045/123] NFS: Dont use SetPageError in the NFS writeback code Greg Kroah-Hartman
2013-01-09 20:34 ` [ 046/123] nfs: fix wrong object type in lockowner_slab Greg Kroah-Hartman
2013-01-09 20:34 ` [ 047/123] nfsd: fix v4 reply caching Greg Kroah-Hartman
2013-01-09 20:34 ` [ 048/123] nfsd4: fix oops on unusual readlike compound Greg Kroah-Hartman
2013-01-09 20:34 ` [ 049/123] nfsd: avoid permission checks on EXCLUSIVE_CREATE replay Greg Kroah-Hartman
2013-01-09 20:34 ` [ 050/123] NFS: Fix access to suid/sgid executables Greg Kroah-Hartman
2013-01-09 20:34 ` [ 051/123] pnfs: Increase the refcount when LAYOUTGET fails the first time Greg Kroah-Hartman
2013-01-09 20:34 ` [ 052/123] nfs: fix null checking in nfs_get_option_str() Greg Kroah-Hartman
2013-01-09 20:34 ` [ 053/123] NFS: Ensure that we free the rpc_task after read and write cleanups are done Greg Kroah-Hartman
2013-01-09 20:34 ` [ 054/123] nfs: avoid dereferencing null pointer in initiate_bulk_draining Greg Kroah-Hartman
2013-01-09 20:34 ` [ 055/123] vfs: d_obtain_alias() needs to use "/" as default name Greg Kroah-Hartman
2013-01-09 20:34 ` [ 056/123] Input: walkera0701 - fix crash on startup Greg Kroah-Hartman
2013-01-09 20:34 ` [ 057/123] Input: wacom - fix touch support for Bamboo Fun CTH-461 Greg Kroah-Hartman
2013-01-09 20:34 ` [ 058/123] Input: sentelic - only report position of first finger as ST coordinates Greg Kroah-Hartman
2013-01-09 20:34 ` [ 059/123] Input: gpio_keys_polled - defer probing if GPIO probing is deferred Greg Kroah-Hartman
2013-01-09 20:34 ` [ 060/123] Input: gpio_keys " Greg Kroah-Hartman
2013-01-09 20:35 ` [ 061/123] genirq: Always force thread affinity Greg Kroah-Hartman
2013-01-09 20:35 ` [ 062/123] usb: musb: cppi_dma: export cppi_interrupt() Greg Kroah-Hartman
2013-01-09 20:35 ` [ 063/123] Revert "usb: musb: dsps: remove explicit NOP device creation" Greg Kroah-Hartman
2013-01-09 20:35 ` [ 064/123] xhci: Fix conditional check in bandwidth calculation Greg Kroah-Hartman
2013-01-09 20:35 ` [ 065/123] xHCI: Fix TD Size calculation on 1.0 hosts Greg Kroah-Hartman
2013-01-09 20:35 ` [ 066/123] xhci: fix null-pointer dereference when destroying half-built segment rings Greg Kroah-Hartman
2013-01-09 20:35 ` [ 067/123] USB: fix endpoint-disabling for failed config changes Greg Kroah-Hartman
2013-01-09 20:35 ` [ 068/123] usb: host: xhci: Stricter conditional for Z1 system models for Compliance Mode Patch Greg Kroah-Hartman
2013-01-09 20:35 ` [ 069/123] xhci: Add Lynx Point LP to list of Intel switchable hosts Greg Kroah-Hartman
2013-01-09 20:35 ` [ 070/123] cgroup: cgroup_subsys->fork() should be called after the task is added to css_set Greg Kroah-Hartman
2013-01-09 20:35 ` [ 071/123] cgroup: remove incorrect dget/dput() pair in cgroup_create_dir() Greg Kroah-Hartman
2013-01-09 20:35 ` [ 072/123] cgroup_rm_file: dont delete the uncreated files Greg Kroah-Hartman
2013-01-09 20:35 ` [ 073/123] mm/hugetlb: create hugetlb cgroup file in hugetlb_init Greg Kroah-Hartman
2013-01-09 20:35 ` [ 074/123] staging: drm/omap: Fix include error during make Greg Kroah-Hartman
2013-01-09 20:35 ` [ 075/123] SMB3 mounts fail with access denied to some servers Greg Kroah-Hartman
2013-01-09 20:35 ` [ 076/123] freezer: add missing mbs to freezer_count() and freezer_should_skip() Greg Kroah-Hartman
2013-01-09 20:35 ` [ 077/123] sparc: huge_ptep_set_* functions need to call set_huge_pte_at() Greg Kroah-Hartman
2013-01-09 20:35 ` [ 078/123] sparc64: Fix unrolled AES 256-bit key loops Greg Kroah-Hartman
2013-01-09 20:35 ` [ 079/123] sparc64: Fix AES ctr mode block size Greg Kroah-Hartman
2013-01-09 20:35 ` [ 080/123] sparc64: Set CRYPTO_TFM_REQ_MAY_SLEEP consistently in AES code Greg Kroah-Hartman
2013-01-09 20:35 ` [ 081/123] sparc64: Fix ECB looping constructs " Greg Kroah-Hartman
2013-01-09 20:35 ` [ 082/123] sparc64: Set CRYPTO_TFM_REQ_MAY_SLEEP consistently in DES code Greg Kroah-Hartman
2013-01-09 20:35 ` [ 083/123] sparc64: Set CRYPTO_TFM_REQ_MAY_SLEEP consistently in CAMELLIA code Greg Kroah-Hartman
2013-01-09 20:35 ` [ 084/123] batman-adv: fix random jitter calculation Greg Kroah-Hartman
2013-01-09 20:35 ` [ 085/123] inet: Fix kmemleak in tcp_v4/6_syn_recv_sock and dccp_v4/6_request_recv_sock Greg Kroah-Hartman
2013-01-09 20:35 ` [ 086/123] ipv6: Change skb->data before using icmpv6_notify() to propagate redirect Greg Kroah-Hartman
2013-01-09 20:35 ` [ 087/123] mac802154: fix NOHZ local_softirq_pending 08 warning Greg Kroah-Hartman
2013-01-09 20:35 ` [ 088/123] net: sched: integer overflow fix Greg Kroah-Hartman
2013-01-09 20:35 ` [ 089/123] sctp: jsctp_sf_eat_sack: fix jprobes function signature mismatch Greg Kroah-Hartman
2013-01-09 20:35 ` [ 090/123] tcp: fix MSG_SENDPAGE_NOTLAST logic Greg Kroah-Hartman
2013-01-09 20:35 ` [ 091/123] printk: fix incorrect length from print_time() when seconds > 99999 Greg Kroah-Hartman
2013-01-09 20:35 ` [ 092/123] signals: sys_ssetmask() uses uninitialized newmask Greg Kroah-Hartman
2013-01-09 20:35 ` [ 093/123] xfs: fix direct IO nested transaction deadlock Greg Kroah-Hartman
2013-01-09 20:35 ` [ 094/123] xfs: fix stray dquot unlock when reclaiming dquots Greg Kroah-Hartman
2013-01-09 20:35 ` [ 095/123] arm64: compat for clock_adjtime(2) is miswired Greg Kroah-Hartman
2013-01-09 20:35 ` [ 096/123] ARM: mm: use pteval_t to represent page protection values Greg Kroah-Hartman
2013-01-09 20:35 ` [ 097/123] ARM: missing ->mmap_sem around find_vma() in swp_emulate.c Greg Kroah-Hartman
2013-01-09 20:35 ` [ 098/123] ARM: 7607/1: realview: fix private peripheral memory base for EB rev. B boards Greg Kroah-Hartman
2013-01-09 20:35 ` [ 099/123] ARM: 7606/1: cache: flush to LoUU instead of LoUIS on uniprocessor CPUs Greg Kroah-Hartman
2013-01-09 20:35 ` [ 100/123] fs: Fix imbalance in freeze protection in mark_files_ro() Greg Kroah-Hartman
2013-01-09 20:35 ` [ 101/123] cifs: move check for NULL socket into smb_send_rqst Greg Kroah-Hartman
2013-01-09 20:35 ` [ 102/123] cifs: adjust sequence number downward after signing NT_CANCEL request Greg Kroah-Hartman
2013-01-09 20:35 ` [ 103/123] solos-pci: fix double-free of TX skb in DMA mode Greg Kroah-Hartman
2013-01-09 20:35 ` [ 104/123] PCI/PM: Keep runtime PM enabled for unbound PCI devices Greg Kroah-Hartman
2013-01-09 20:35 ` [ 105/123] PCI: Reduce Ricoh 0xe822 SD card reader base clock frequency to 50MHz Greg Kroah-Hartman
2013-01-09 20:35 ` [ 106/123] PCI/PM: Do not suspend port if any subordinate device needs PME polling Greg Kroah-Hartman
2013-01-09 20:35 ` [ 107/123] PCI: Work around Stratus ftServer broken PCIe hierarchy (fix DMI check) Greg Kroah-Hartman
2013-01-09 20:35 ` [ 108/123] Bluetooth: Add support for BCM20702A0 [0b05, 17b5] Greg Kroah-Hartman
2013-01-09 20:35 ` [ 109/123] Bluetooth: Add missing lock nesting notation Greg Kroah-Hartman
2013-01-09 20:35 ` [ 110/123] Bluetooth: cancel power_on work when unregistering the device Greg Kroah-Hartman
2013-01-09 20:35 ` [ 111/123] Revert "Bluetooth: Fix possible deadlock in SCO code" Greg Kroah-Hartman
2013-01-09 20:35 ` [ 112/123] lib: atomic64: Initialize locks statically to fix early users Greg Kroah-Hartman
2013-01-09 20:35 ` [ 113/123] proc: pid/status: show all supplementary groups Greg Kroah-Hartman
2013-01-09 20:35 ` [ 114/123] CRIS: fix I/O macros Greg Kroah-Hartman
2013-01-09 20:35 ` [ 115/123] revert "rtc: recycle id when unloading a rtc driver" Greg Kroah-Hartman
2013-01-09 20:35 ` [ 116/123] drivers/rtc/rtc-vt8500.c: correct handling of CR_24H bitfield Greg Kroah-Hartman
2013-01-09 20:35 ` [ 117/123] drivers/rtc/rtc-vt8500.c: fix handling of data passed in struct rtc_time Greg Kroah-Hartman
2013-01-09 20:35 ` [ 118/123] mm: limit mmu_gather batching to fix soft lockups on !CONFIG_PREEMPT Greg Kroah-Hartman
2013-01-09 20:35 ` [ 119/123] linux/kernel.h: fix DIV_ROUND_CLOSEST with unsigned divisors Greg Kroah-Hartman
2013-01-09 20:35 ` [ 120/123] HID: Add Apple wireless keyboard 2011 ANSI to special driver list Greg Kroah-Hartman
2013-01-09 20:36 ` [ 121/123] can: Do not call dev_put if restart timer is running upon close Greg Kroah-Hartman
2013-01-09 20:36 ` [ 122/123] cifs: rename cifs_readdir_lookup to cifs_prime_dcache and make it void return Greg Kroah-Hartman
2013-01-09 20:36 ` [ 123/123] cifs: dont compare uniqueids in cifs_prime_dcache unless server inode numbers are in use Greg Kroah-Hartman
2013-01-10 15:32 ` [ 000/123] 3.7.2-stable review Paul Bolle
2013-01-10 15:56 ` Paul Bolle
2013-01-10 18:04 ` Shuah Khan
2013-01-10 19:45 ` Jonathan Nieder
2013-01-11 14:43 ` Satoru Takeuchi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130109201459.824389320@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=catalin.marinas@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).