From patchwork Wed Oct 20 17:43:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1543989 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HZJ0R4zPTz9s5P for ; Thu, 21 Oct 2021 04:44:55 +1100 (AEDT) Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ0R46qfz4xdG for ; Thu, 21 Oct 2021 04:44:55 +1100 (AEDT) Received: by gandalf.ozlabs.org (Postfix) id 4HZJ0R3yM3z4xdH; Thu, 21 Oct 2021 04:44:55 +1100 (AEDT) Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: gandalf.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=sparclinux-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ0R3v5Nz4xdG for ; Thu, 21 Oct 2021 04:44:55 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230396AbhJTRrJ (ORCPT ); Wed, 20 Oct 2021 13:47:09 -0400 Received: from out02.mta.xmission.com ([166.70.13.232]:40448 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230421AbhJTRrF (ORCPT ); Wed, 20 Oct 2021 13:47:05 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]:55038) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFdx-00GCw3-UI; Wed, 20 Oct 2021 11:44:50 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]:47894 helo=localhost.localdomain) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFdw-001NdN-DC; Wed, 20 Oct 2021 11:44:49 -0600 From: "Eric W. Biederman" To: linux-kernel@vger.kernel.org Cc: linux-arch@vger.kernel.org, Linus Torvalds , Oleg Nesterov , Al Viro , Kees Cook , "Eric W. Biederman" , David Miller , sparclinux@vger.kernel.org Date: Wed, 20 Oct 2021 12:43:50 -0500 Message-Id: <20211020174406.17889-4-ebiederm@xmission.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <87y26nmwkb.fsf@disp2133> References: <87y26nmwkb.fsf@disp2133> MIME-Version: 1.0 X-XM-SPF: eid=1mdFdw-001NdN-DC;;;mid=<20211020174406.17889-4-ebiederm@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+5xPDePglvOJbR0eiAg965Omb5l3uiL9A= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa07.xmission.com X-Spam-Level: ** X-Spam-Status: No, score=2.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01,XMNoVowels, XMSubLong autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5107] * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: **;linux-kernel@vger.kernel.org X-Spam-Relay-Country: X-Spam-Timing: total 358 ms - load_scoreonly_sql: 0.06 (0.0%), signal_user_changed: 11 (3.2%), b_tie_ro: 10 (2.8%), parse: 0.95 (0.3%), extract_message_metadata: 15 (4.3%), get_uri_detail_list: 1.04 (0.3%), tests_pri_-1000: 16 (4.6%), tests_pri_-950: 1.39 (0.4%), tests_pri_-900: 1.13 (0.3%), tests_pri_-90: 119 (33.4%), check_bayes: 112 (31.4%), b_tokenize: 6 (1.6%), b_tok_get_all: 5 (1.5%), b_comp_prob: 1.99 (0.6%), b_tok_touch_all: 96 (26.7%), b_finish: 0.96 (0.3%), tests_pri_0: 179 (50.2%), check_dkim_signature: 0.62 (0.2%), check_dkim_adsp: 2.8 (0.8%), poll_dns_idle: 0.53 (0.1%), tests_pri_10: 2.2 (0.6%), tests_pri_500: 7 (1.9%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 04/20] signal/sparc32: Remove unreachable do_exit in do_sparc_fault X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org The call to do_exit in do_sparc_fault immediately follows a call to unhandled_fault. The function unhandled_fault never returns. This means the call to do_exit can never be reached. Cc: David Miller Cc: sparclinux@vger.kernel.org Fixes: 2.3.41 Signed-off-by: "Eric W. Biederman" Reviewed-by: Kees Cook --- arch/sparc/mm/fault_32.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/sparc/mm/fault_32.c b/arch/sparc/mm/fault_32.c index fa858626b85b..90dc4ae315c8 100644 --- a/arch/sparc/mm/fault_32.c +++ b/arch/sparc/mm/fault_32.c @@ -248,7 +248,6 @@ asmlinkage void do_sparc_fault(struct pt_regs *regs, int text_fault, int write, } unhandled_fault(address, tsk, regs); - do_exit(SIGKILL); /* * We ran out of memory, or some other thing happened to us that made From patchwork Wed Oct 20 17:43:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1543990 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HZJ0k5cBnz9s5P for ; Thu, 21 Oct 2021 04:45:10 +1100 (AEDT) Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ0k4vsQz4xdP for ; Thu, 21 Oct 2021 04:45:10 +1100 (AEDT) Received: by gandalf.ozlabs.org (Postfix) id 4HZJ0k4tKLz4xdQ; Thu, 21 Oct 2021 04:45:10 +1100 (AEDT) Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: gandalf.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=sparclinux-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ0k4r3Nz4xdP for ; Thu, 21 Oct 2021 04:45:10 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231283AbhJTRrU (ORCPT ); Wed, 20 Oct 2021 13:47:20 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:43342 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231202AbhJTRrP (ORCPT ); Wed, 20 Oct 2021 13:47:15 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]:50228) by out01.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFe8-00EwIU-Fz; Wed, 20 Oct 2021 11:45:00 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]:47894 helo=localhost.localdomain) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFe7-001NdN-FW; Wed, 20 Oct 2021 11:45:00 -0600 From: "Eric W. Biederman" To: linux-kernel@vger.kernel.org Cc: linux-arch@vger.kernel.org, Linus Torvalds , Oleg Nesterov , Al Viro , Kees Cook , "Eric W. Biederman" , David Miller , sparclinux@vger.kernel.org Date: Wed, 20 Oct 2021 12:43:54 -0500 Message-Id: <20211020174406.17889-8-ebiederm@xmission.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <87y26nmwkb.fsf@disp2133> References: <87y26nmwkb.fsf@disp2133> MIME-Version: 1.0 X-XM-SPF: eid=1mdFe7-001NdN-FW;;;mid=<20211020174406.17889-8-ebiederm@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+m7zFDieSDYP9ie4oAgZCOoskjv4SbOX8= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa06.xmission.com X-Spam-Level: ** X-Spam-Status: No, score=2.2 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01,XMNoVowels, XMSubLong,XM_B_SpammyWords autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.2 XM_B_SpammyWords One or more commonly used spammy words * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: **;linux-kernel@vger.kernel.org X-Spam-Relay-Country: X-Spam-Timing: total 376 ms - load_scoreonly_sql: 0.08 (0.0%), signal_user_changed: 12 (3.1%), b_tie_ro: 10 (2.6%), parse: 1.09 (0.3%), extract_message_metadata: 16 (4.1%), get_uri_detail_list: 1.36 (0.4%), tests_pri_-1000: 22 (5.7%), tests_pri_-950: 1.44 (0.4%), tests_pri_-900: 1.13 (0.3%), tests_pri_-90: 92 (24.5%), check_bayes: 91 (24.1%), b_tokenize: 6 (1.7%), b_tok_get_all: 7 (1.7%), b_comp_prob: 2.4 (0.6%), b_tok_touch_all: 72 (19.2%), b_finish: 0.86 (0.2%), tests_pri_0: 213 (56.6%), check_dkim_signature: 0.68 (0.2%), check_dkim_adsp: 3.1 (0.8%), poll_dns_idle: 0.82 (0.2%), tests_pri_10: 2.4 (0.6%), tests_pri_500: 13 (3.4%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 08/20] signal/sparc: In setup_tsb_params convert open coded BUG into BUG X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org The function setup_tsb_params has exactly one caller tsb_grow. The function tsb_grow passes in a tsb_bytes value that is between 8192 and 1048576 inclusive, and is guaranteed to be a power of 2. The function setup_tsb_params verifies this property with a switch statement and then prints an error and causes the task to exit if this is not true. In practice that print statement can never be reached because tsb_grow never passes in a bad tsb_size. So if tsb_size ever gets a bad value that is a kernel bug. So replace the do_exit which is effectively an open coded version of BUG() with an actuall call to BUG(). Making it clearer that this is a case that can never, and should never happen. Cc: David Miller Cc: sparclinux@vger.kernel.org Signed-off-by: "Eric W. Biederman" Reviewed-by: Kees Cook --- arch/sparc/mm/tsb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/sparc/mm/tsb.c b/arch/sparc/mm/tsb.c index 0dce4b7ff73e..912205787161 100644 --- a/arch/sparc/mm/tsb.c +++ b/arch/sparc/mm/tsb.c @@ -266,7 +266,7 @@ static void setup_tsb_params(struct mm_struct *mm, unsigned long tsb_idx, unsign default: printk(KERN_ERR "TSB[%s:%d]: Impossible TSB size %lu, killing process.\n", current->comm, current->pid, tsb_bytes); - do_exit(SIGSEGV); + BUG(); } tte |= pte_sz_bits(page_sz); From patchwork Wed Oct 20 17:44:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1543993 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HZJ1X4DF5z9s5P for ; Thu, 21 Oct 2021 04:45:52 +1100 (AEDT) Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ1X2Cvpz4xdR for ; Thu, 21 Oct 2021 04:45:52 +1100 (AEDT) Received: by gandalf.ozlabs.org (Postfix) id 4HZJ1X251nz4xdT; Thu, 21 Oct 2021 04:45:52 +1100 (AEDT) Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: gandalf.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=sparclinux-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ1X1wcJz4xdR for ; Thu, 21 Oct 2021 04:45:52 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231354AbhJTRsG (ORCPT ); Wed, 20 Oct 2021 13:48:06 -0400 Received: from out03.mta.xmission.com ([166.70.13.233]:57266 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231289AbhJTRrh (ORCPT ); Wed, 20 Oct 2021 13:47:37 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]:53180) by out03.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFeU-002tQl-C2; Wed, 20 Oct 2021 11:45:22 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]:47894 helo=localhost.localdomain) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFeT-001NdN-BO; Wed, 20 Oct 2021 11:45:21 -0600 From: "Eric W. Biederman" To: linux-kernel@vger.kernel.org Cc: linux-arch@vger.kernel.org, Linus Torvalds , Oleg Nesterov , Al Viro , Kees Cook , "Eric W. Biederman" , David Miller , sparclinux@vger.kernel.org Date: Wed, 20 Oct 2021 12:44:01 -0500 Message-Id: <20211020174406.17889-15-ebiederm@xmission.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <87y26nmwkb.fsf@disp2133> References: <87y26nmwkb.fsf@disp2133> MIME-Version: 1.0 X-XM-SPF: eid=1mdFeT-001NdN-BO;;;mid=<20211020174406.17889-15-ebiederm@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1/AOAfq9OrbTsAKGIOxrYpXtjiyRsjzJi8= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa06.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.5 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01, XMGappySubj_01,XMGappySubj_02,XMNoVowels,XMSubLong autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5008] * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 1.0 XMGappySubj_02 Gappier still * 0.5 XMGappySubj_01 Very gappy subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***;linux-kernel@vger.kernel.org X-Spam-Relay-Country: X-Spam-Timing: total 419 ms - load_scoreonly_sql: 0.07 (0.0%), signal_user_changed: 14 (3.4%), b_tie_ro: 13 (3.0%), parse: 1.23 (0.3%), extract_message_metadata: 17 (4.1%), get_uri_detail_list: 1.87 (0.4%), tests_pri_-1000: 21 (5.1%), tests_pri_-950: 1.30 (0.3%), tests_pri_-900: 1.08 (0.3%), tests_pri_-90: 109 (25.9%), check_bayes: 106 (25.3%), b_tokenize: 6 (1.5%), b_tok_get_all: 7 (1.6%), b_comp_prob: 2.5 (0.6%), b_tok_touch_all: 87 (20.7%), b_finish: 1.12 (0.3%), tests_pri_0: 239 (57.0%), check_dkim_signature: 0.57 (0.1%), check_dkim_adsp: 3.1 (0.8%), poll_dns_idle: 1.32 (0.3%), tests_pri_10: 3.2 (0.8%), tests_pri_500: 9 (2.2%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 15/20] signal/sparc32: Exit with a fatal signal when try_to_clear_window_buffer fails X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org The function try_to_clear_window_buffer is only called from rtrap_32.c. After it is called the signal pending state is retested, and signals are handled if TIF_SIGPENDING is set. This allows try_to_clear_window_buffer to call force_fatal_signal and then rely on the signal being delivered to kill the process, without any danger of returning to userspace, or otherwise using possible corrupt state on failure. The functional difference between force_fatal_sig and do_exit is that do_exit will only terminate a single thread, and will never trigger a core-dump. A multi-threaded program for which a single thread terminates unexpectedly is hard to reason about. Calling force_fatal_sig does not give userspace a chance to catch the signal, but otherwise is an ordinary fatal signal exit, and it will trigger a coredump of the offending process if core dumps are enabled. Cc: David Miller Cc: sparclinux@vger.kernel.org Signed-off-by: "Eric W. Biederman" --- arch/sparc/kernel/windows.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/sparc/kernel/windows.c b/arch/sparc/kernel/windows.c index 69a6ba6e9293..bbbd40cc6b28 100644 --- a/arch/sparc/kernel/windows.c +++ b/arch/sparc/kernel/windows.c @@ -121,8 +121,10 @@ void try_to_clear_window_buffer(struct pt_regs *regs, int who) if ((sp & 7) || copy_to_user((char __user *) sp, &tp->reg_window[window], - sizeof(struct reg_window32))) - do_exit(SIGILL); + sizeof(struct reg_window32))) { + force_fatal_sig(SIGILL); + return; + } } tp->w_saved = 0; } From patchwork Wed Oct 20 17:44:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1543994 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HZJ1c29Klz9s5P for ; Thu, 21 Oct 2021 04:45:56 +1100 (AEDT) Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ1c1X1Nz4xd9 for ; Thu, 21 Oct 2021 04:45:56 +1100 (AEDT) Received: by gandalf.ozlabs.org (Postfix) id 4HZJ1c1VP1z4xdT; Thu, 21 Oct 2021 04:45:56 +1100 (AEDT) Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: gandalf.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=sparclinux-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZJ1c1RPfz4xd9 for ; Thu, 21 Oct 2021 04:45:56 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231473AbhJTRsH (ORCPT ); Wed, 20 Oct 2021 13:48:07 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:43558 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231359AbhJTRrk (ORCPT ); Wed, 20 Oct 2021 13:47:40 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]:50654) by out01.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFeX-00EwP4-Bx; Wed, 20 Oct 2021 11:45:25 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]:47894 helo=localhost.localdomain) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdFeV-001NdN-HO; Wed, 20 Oct 2021 11:45:24 -0600 From: "Eric W. Biederman" To: linux-kernel@vger.kernel.org Cc: linux-arch@vger.kernel.org, Linus Torvalds , Oleg Nesterov , Al Viro , Kees Cook , "Eric W. Biederman" , David Miller , sparclinux@vger.kernel.org Date: Wed, 20 Oct 2021 12:44:02 -0500 Message-Id: <20211020174406.17889-16-ebiederm@xmission.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <87y26nmwkb.fsf@disp2133> References: <87y26nmwkb.fsf@disp2133> MIME-Version: 1.0 X-XM-SPF: eid=1mdFeV-001NdN-HO;;;mid=<20211020174406.17889-16-ebiederm@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+PPL8dLrIlJ5bbcAk6ZNzCrUxBuSVPrlA= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa07.xmission.com X-Spam-Level: ** X-Spam-Status: No, score=2.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,T_TooManySym_01,XMNoVowels, XMSubLong autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5022] * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: **;linux-kernel@vger.kernel.org X-Spam-Relay-Country: X-Spam-Timing: total 487 ms - load_scoreonly_sql: 0.08 (0.0%), signal_user_changed: 12 (2.4%), b_tie_ro: 10 (2.0%), parse: 1.12 (0.2%), extract_message_metadata: 18 (3.7%), get_uri_detail_list: 1.53 (0.3%), tests_pri_-1000: 22 (4.6%), tests_pri_-950: 1.66 (0.3%), tests_pri_-900: 1.10 (0.2%), tests_pri_-90: 223 (45.8%), check_bayes: 221 (45.5%), b_tokenize: 6 (1.2%), b_tok_get_all: 6 (1.2%), b_comp_prob: 1.98 (0.4%), b_tok_touch_all: 204 (41.9%), b_finish: 0.95 (0.2%), tests_pri_0: 196 (40.3%), check_dkim_signature: 0.59 (0.1%), check_dkim_adsp: 2.5 (0.5%), poll_dns_idle: 0.69 (0.1%), tests_pri_10: 2.1 (0.4%), tests_pri_500: 7 (1.4%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 16/20] signal/sparc32: In setup_rt_frame and setup_fram use force_fatal_sig X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org Modify the 32bit version of setup_rt_frame and setup_frame to act similar to the 64bit version of setup_rt_frame and fail with a signal instead of calling do_exit. Replacing do_exit(SIGILL) with force_fatal_signal(SIGILL) ensures that the process will be terminated cleanly when the stack frame is invalid, instead of just killing off a single thread and leaving the process is a weird state. Cc: David Miller Cc: sparclinux@vger.kernel.org Signed-off-by: Eric W. Biederman Reviewed-by: Kees Cook --- arch/sparc/kernel/signal_32.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/sparc/kernel/signal_32.c b/arch/sparc/kernel/signal_32.c index 02f3ad55dfe3..cd677bc564a7 100644 --- a/arch/sparc/kernel/signal_32.c +++ b/arch/sparc/kernel/signal_32.c @@ -244,7 +244,7 @@ static int setup_frame(struct ksignal *ksig, struct pt_regs *regs, get_sigframe(ksig, regs, sigframe_size); if (invalid_frame_pointer(sf, sigframe_size)) { - do_exit(SIGILL); + force_fatal_sig(SIGILL); return -EINVAL; } @@ -336,7 +336,7 @@ static int setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs, sf = (struct rt_signal_frame __user *) get_sigframe(ksig, regs, sigframe_size); if (invalid_frame_pointer(sf, sigframe_size)) { - do_exit(SIGILL); + force_fatal_sig(SIGILL); return -EINVAL; } From patchwork Wed Oct 20 21:51:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1544050 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HZPTw5H24z9sR4 for ; Thu, 21 Oct 2021 08:52:20 +1100 (AEDT) Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZPTp289sz4xcb for ; Thu, 21 Oct 2021 08:52:14 +1100 (AEDT) Received: by gandalf.ozlabs.org (Postfix) id 4HZPTp22Bsz4xd8; Thu, 21 Oct 2021 08:52:14 +1100 (AEDT) Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: gandalf.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=23.128.96.18; helo=vger.kernel.org; envelope-from=sparclinux-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by gandalf.ozlabs.org (Postfix) with ESMTP id 4HZPTp1y32z4xcb for ; Thu, 21 Oct 2021 08:52:14 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230484AbhJTVy1 (ORCPT ); Wed, 20 Oct 2021 17:54:27 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:51492 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229842AbhJTVy0 (ORCPT ); Wed, 20 Oct 2021 17:54:26 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]:40000) by out01.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdJVD-00FiWe-CQ; Wed, 20 Oct 2021 15:52:03 -0600 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95]:59328 helo=email.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1mdJVA-002PXD-JP; Wed, 20 Oct 2021 15:52:02 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Cc: , Linus Torvalds , Oleg Nesterov , Al Viro , Kees Cook , Andy Lutomirski , Jonas Bonn , Stefan Kristiansson , Stafford Horne , openrisc@lists.librecores.org, Nick Hu , Greentime Hu , Vincent Chen , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , linux-s390@vger.kernel.org, Yoshinori Sato , Rich Felker , linux-sh@vger.kernel.org, linux-xtensa@linux-xtensa.org, Chris Zankel , Max Filippov , David Miller , sparclinux@vger.kernel.org, Thomas Bogendoerfer , Maciej Rozycki , linux-mips@vger.kernel.org, Michael Ellerman , Benjamin Herrenschmidt , Paul Mackerras , linuxppc-dev@lists.ozlabs.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , H Peter Anvin , Greg Kroah-Hartman References: <87y26nmwkb.fsf@disp2133> Date: Wed, 20 Oct 2021 16:51:52 -0500 In-Reply-To: <87y26nmwkb.fsf@disp2133> (Eric W. Biederman's message of "Wed, 20 Oct 2021 12:32:20 -0500") Message-ID: <877de7jrev.fsf@disp2133> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-XM-SPF: eid=1mdJVA-002PXD-JP;;;mid=<877de7jrev.fsf@disp2133>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18ePEKUK1liVK4VGBQcsP6jPz9QJs+YQsA= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa07.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.9 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,FVGT_m_MULTI_ODD,TR_Symld_Words,T_TooManySym_01, T_TooManySym_02,T_TooManySym_03,XMNoVowels,XMSubLong autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 1.5 TR_Symld_Words too many words that have symbols inside * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject * 0.0 T_TooManySym_03 6+ unique symbols in subject * 0.0 T_TooManySym_02 5+ unique symbols in subject * 0.4 FVGT_m_MULTI_ODD Contains multiple odd letter combinations X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***; X-Spam-Relay-Country: X-Spam-Timing: total 1553 ms - load_scoreonly_sql: 0.05 (0.0%), signal_user_changed: 11 (0.7%), b_tie_ro: 10 (0.6%), parse: 1.12 (0.1%), extract_message_metadata: 13 (0.8%), get_uri_detail_list: 2.4 (0.2%), tests_pri_-1000: 17 (1.1%), tests_pri_-950: 1.59 (0.1%), tests_pri_-900: 1.24 (0.1%), tests_pri_-90: 85 (5.5%), check_bayes: 83 (5.4%), b_tokenize: 16 (1.1%), b_tok_get_all: 10 (0.7%), b_comp_prob: 3.1 (0.2%), b_tok_touch_all: 49 (3.2%), b_finish: 0.85 (0.1%), tests_pri_0: 1408 (90.7%), check_dkim_signature: 0.63 (0.0%), check_dkim_adsp: 2.3 (0.2%), poll_dns_idle: 0.55 (0.0%), tests_pri_10: 3.1 (0.2%), tests_pri_500: 9 (0.6%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 21/20] signal: Replace force_sigsegv(SIGSEGV) with force_fatal_sig(SIGSEGV) X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org Now that force_fatal_sig exists it is unnecessary and a bit confusing to use force_sigsegv in cases where the simpler force_fatal_sig is wanted. So change every instance we can to make the code clearer. Signed-off-by: "Eric W. Biederman" Acked-by: Geert Uytterhoeven Reviewed-by: Philippe Mathieu-Daudé --- arch/arc/kernel/process.c | 2 +- arch/m68k/kernel/traps.c | 2 +- arch/powerpc/kernel/signal_32.c | 2 +- arch/powerpc/kernel/signal_64.c | 4 ++-- arch/s390/kernel/traps.c | 2 +- arch/um/kernel/trap.c | 2 +- arch/x86/kernel/vm86_32.c | 2 +- fs/exec.c | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/arc/kernel/process.c b/arch/arc/kernel/process.c index 3793876f42d9..8e90052f6f05 100644 --- a/arch/arc/kernel/process.c +++ b/arch/arc/kernel/process.c @@ -294,7 +294,7 @@ int elf_check_arch(const struct elf32_hdr *x) eflags = x->e_flags; if ((eflags & EF_ARC_OSABI_MSK) != EF_ARC_OSABI_CURRENT) { pr_err("ABI mismatch - you need newer toolchain\n"); - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); return 0; } diff --git a/arch/m68k/kernel/traps.c b/arch/m68k/kernel/traps.c index 5b19fcdcd69e..74045d164ddb 100644 --- a/arch/m68k/kernel/traps.c +++ b/arch/m68k/kernel/traps.c @@ -1150,7 +1150,7 @@ asmlinkage void set_esp0(unsigned long ssp) */ asmlinkage void fpsp040_die(void) { - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); } #ifdef CONFIG_M68KFPU_EMU diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c index 666f3da41232..933ab95805a6 100644 --- a/arch/powerpc/kernel/signal_32.c +++ b/arch/powerpc/kernel/signal_32.c @@ -1063,7 +1063,7 @@ SYSCALL_DEFINE3(swapcontext, struct ucontext __user *, old_ctx, * We kill the task with a SIGSEGV in this situation. */ if (do_setcontext(new_ctx, regs, 0)) { - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); return -EFAULT; } diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c index d8de622c9e4a..8ead9b3f47c6 100644 --- a/arch/powerpc/kernel/signal_64.c +++ b/arch/powerpc/kernel/signal_64.c @@ -704,7 +704,7 @@ SYSCALL_DEFINE3(swapcontext, struct ucontext __user *, old_ctx, */ if (__get_user_sigset(&set, &new_ctx->uc_sigmask)) { - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); return -EFAULT; } set_current_blocked(&set); @@ -713,7 +713,7 @@ SYSCALL_DEFINE3(swapcontext, struct ucontext __user *, old_ctx, return -EFAULT; if (__unsafe_restore_sigcontext(current, NULL, 0, &new_ctx->uc_mcontext)) { user_read_access_end(); - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); return -EFAULT; } user_read_access_end(); diff --git a/arch/s390/kernel/traps.c b/arch/s390/kernel/traps.c index 51729ea2cf8e..01a7c68dcfb6 100644 --- a/arch/s390/kernel/traps.c +++ b/arch/s390/kernel/traps.c @@ -84,7 +84,7 @@ static void default_trap_handler(struct pt_regs *regs) { if (user_mode(regs)) { report_user_fault(regs, SIGSEGV, 0); - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); } else die(regs, "Unknown program exception"); } diff --git a/arch/um/kernel/trap.c b/arch/um/kernel/trap.c index 3198c4767387..c32efb09db21 100644 --- a/arch/um/kernel/trap.c +++ b/arch/um/kernel/trap.c @@ -158,7 +158,7 @@ static void bad_segv(struct faultinfo fi, unsigned long ip) void fatal_sigsegv(void) { - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); do_signal(¤t->thread.regs); /* * This is to tell gcc that we're not returning - do_signal diff --git a/arch/x86/kernel/vm86_32.c b/arch/x86/kernel/vm86_32.c index 040fd01be8b3..7ff0f622abd4 100644 --- a/arch/x86/kernel/vm86_32.c +++ b/arch/x86/kernel/vm86_32.c @@ -159,7 +159,7 @@ void save_v86_state(struct kernel_vm86_regs *regs, int retval) user_access_end(); Efault: pr_alert("could not access userspace vm86 info\n"); - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); } static int do_vm86_irq_handling(int subfunction, int irqnumber); diff --git a/fs/exec.c b/fs/exec.c index a098c133d8d7..ac7b51b51f38 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1852,7 +1852,7 @@ static int bprm_execve(struct linux_binprm *bprm, * SIGSEGV. */ if (bprm->point_of_no_return && !fatal_signal_pending(current)) - force_sigsegv(SIGSEGV); + force_fatal_sig(SIGSEGV); out_unmark: current->fs->in_exec = 0;