github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 15:12:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
fb89bcbfbf
linux/arch/x86/kernel
History
Eric W. Biederman 686bf79203 signal: Replace force_fatal_sig with force_exit_sig when in doubt 
commit fcb116bc43 upstream.

Recently to prevent issues with SECCOMP_RET_KILL and similar signals
being changed before they are delivered SA_IMMUTABLE was added.

Unfortunately this broke debuggers[1][2] which reasonably expect
to be able to trap synchronous SIGTRAP and SIGSEGV even when
the target process is not configured to handle those signals.

Add force_exit_sig and use it instead of force_fatal_sig where
historically the code has directly called do_exit.  This has the
implementation benefits of going through the signal exit path
(including generating core dumps) without the danger of allowing
userspace to ignore or change these signals.

This avoids userspace regressions as older kernels exited with do_exit
which debuggers also can not intercept.

In the future is should be possible to improve the quality of
implementation of the kernel by changing some of these force_exit_sig
calls to force_fatal_sig.  That can be done where it matters on
a case-by-case basis with careful analysis.

Reported-by: Kyle Huey <me@kylehuey.com>
Reported-by: kernel test robot <oliver.sang@intel.com>
[1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw@mail.gmail.com
[2] https://lkml.kernel.org/r/20211117150258.GB5403@xsang-OptiPlex-9020
Fixes: 00b06da29c ("signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed")
Fixes: a3616a3c02 ("signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die")
Fixes: 83a1f27ad7 ("signal/powerpc: On swapcontext failure force SIGSEGV")
Fixes: 9bc508cf07 ("signal/s390: Use force_sigsegv in default_trap_handler")
Fixes: 086ec444f8 ("signal/sparc32: In setup_rt_frame and setup_fram use force_fatal_sig")
Fixes: c317d306d5 ("signal/sparc32: Exit with a fatal signal when try_to_clear_window_buffer fails")
Fixes: 695dd0d634 ("signal/x86: In emulate_vsyscall force a signal instead of calling do_exit")
Fixes: 1fbd60df8a ("signal/vm86_32: Properly send SIGSEGV when the vm86 state cannot be saved.")
Fixes: 941edc5bf1 ("exit/syscall_user_dispatch: Send ordinary signals on failure")
Link: https://lkml.kernel.org/r/871r3dqfv8.fsf_-_@email.froward.int.ebiederm.org
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Kees Cook <keescook@chromium.org>
Tested-by: Kyle Huey <khuey@kylehuey.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Thomas Backlund <tmb@iki.fi>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-11-25 09:49:07 +01:00
..
acpi x86: Fix typo s/ECLR/ELCR/ for the PIC register 2021-08-10 23:31:44 +02:00
apic A set of updates to support port 0x22/0x23 based PCI configuration space 2021-08-30 15:20:05 -07:00
cpu x86/sgx: Fix free page accounting 2021-11-25 09:48:43 +01:00
fpu x86/fpu: Mask out the invalid MXCSR bits properly 2021-10-16 12:37:50 +02:00
kprobes Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
alternative.c Linux 5.13-rc5 2021-06-07 11:02:30 +02:00
amd_gart_64.c x86/amd_gart: don't set failed sg dma_address to DMA_MAPPING_ERROR 2021-08-09 17:13:06 +02:00
amd_nb.c hwmon: (k10temp) Add support for yellow carp 2021-08-27 13:54:58 -07:00
aperture_64.c memblock: make memblock_find_in_range method private 2021-09-03 09:58:17 -07:00
apm_32.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
asm-offsets_32.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
asm-offsets_64.c x86/xen: Drop USERGS_SYSRET64 paravirt call 2021-02-10 12:32:07 +01:00
asm-offsets.c x86/paravirt: Switch iret pvops to ALTERNATIVE 2021-03-11 19:58:54 +01:00
audit_64.c x86/audit: Fix a -Wmissing-prototypes warning for ia32_classify_syscall() 2020-05-19 18:03:07 +02:00
bootflag.c
cc_platform.c x86/sev: Add an x86 version of cc_platform_has() 2021-11-18 19:17:21 +01:00
check.c
cpuid.c smp: Cleanup smp_call_function*() 2020-11-24 16:47:49 +01:00
crash_core_32.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
crash_core_64.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
crash_dump_32.c x86/crashdump/32: Simplify copy_oldmem_page() 2020-11-24 14:42:09 +01:00
crash_dump_64.c
crash.c x86/crash: Remove crash_reserve_low_1M() 2021-06-07 12:14:45 +02:00
devicetree.c x86/devicetree: Fix the ioapic interrupt type table 2020-10-28 20:26:24 +01:00
doublefault_32.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
dumpstack_32.c x86/32: Remove CONFIG_DOUBLEFAULT 2020-04-14 14:24:05 +02:00
dumpstack_64.c x86/mm/64: Improve stack overflow warnings 2021-11-18 19:16:10 +01:00
dumpstack.c x86/dumpstack: use %pSb/%pBb for backtrace printing 2021-07-08 11:48:22 -07:00
e820.c Power management updates for 5.13-rc1 2021-04-26 15:10:25 -07:00
early_printk.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
early-quirks.c x86/hpet: Use another crystalball to evaluate HPET usability 2021-10-01 13:38:13 +02:00
ebda.c
eisa.c
espfix_64.c mm: introduce include/linux/pgtable.h 2020-06-09 09:39:13 -07:00
ftrace_32.S x86: Change {JMP,CALL}_NOSPEC argument 2020-04-30 20:14:34 +02:00
ftrace_64.S x86/ftrace: Support objtool vmlinux.o validation in ftrace_64.S 2021-01-26 11:33:02 -06:00
ftrace.c x86: Remove dynamic NOP selection 2021-03-15 16:24:59 +01:00
head_32.S printk: Userspace format indexing support 2021-07-19 11:57:48 +02:00
head_64.S x86/entry: Unify definitions from <asm/calling.h> and <asm/ptrace-abi.h> 2021-05-12 10:49:13 +02:00
head32.c
head64.c x86/sev-es: Rename sev-es.{ch} to sev.{ch} 2021-05-10 07:40:27 +02:00
hpet.c x86/hpet: Use another crystalball to evaluate HPET usability 2021-10-01 13:38:13 +02:00
hw_breakpoint.c x86/debug: Prevent data breakpoints on cpu_dr7 2021-02-05 20:13:12 +01:00
i8237.c
i8253.c
i8259.c x86: Avoid magic number with ELCR register accesses 2021-08-10 23:31:43 +02:00
idt.c X86 interrupt related changes: 2021-06-29 12:36:59 -07:00
io_delay.c
ioport.c x86/ioperm: Prevent a memory leak when fork fails 2020-05-28 21:36:20 +02:00
irq_32.c softirq: Move do_softirq_own_stack() to generic asm header 2021-02-10 23:34:16 +01:00
irq_64.c x86/softirq/64: Inline do_softirq_own_stack() 2021-02-10 23:34:17 +01:00
irq_work.c x86/entry: Convert various system vectors 2020-06-11 15:15:14 +02:00
irq.c x86/irq: Ensure PI wakeup handler is unregistered before module unload 2021-11-18 19:15:56 +01:00
irqflags.S x86/pv: Rework arch_local_irq_restore() to not use popf 2021-02-10 12:36:45 +01:00
irqinit.c x86/headers: Remove APIC headers from <asm/smp.h> 2020-08-06 16:13:09 +02:00
itmt.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
jailhouse.c locking/seqlock, headers: Untangle the spaghetti monster 2020-08-06 16:13:13 +02:00
jump_label.c jump_labels: Mark __jump_label_transform() as __always_inlined to work around aggressive compiler un-inlining 2021-07-13 06:32:05 +02:00
kdebugfs.c x86/boot: Introduce setup_indirect 2019-11-12 16:21:15 +01:00
kexec-bzimage64.c x86: Use ELF fields defined in 'struct kimage' 2021-03-08 12:06:29 -07:00
kgdb.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
ksysfs.c x86/boot: Introduce setup_indirect 2019-11-12 16:21:15 +01:00
kvm.c x86/kvm: Don't enable IRQ when IRQ enabled in kvm_wait 2021-09-06 06:32:35 -04:00
kvmclock.c x86/kvmclock: Move this_cpu_pvti into kvmclock.h 2021-09-30 04:08:01 -04:00
ldt.c memcg: enable accounting for ldt_struct objects 2021-09-03 09:58:13 -07:00
machine_kexec_32.c x86/kexec: Set_[gi]dt() -> native_[gi]dt_invalidate() in machine_kexec_*.c 2021-05-21 12:36:45 +02:00
machine_kexec_64.c x86/kexec: Set_[gi]dt() -> native_[gi]dt_invalidate() in machine_kexec_*.c 2021-05-21 12:36:45 +02:00
Makefile x86/sev: Add an x86 version of cc_platform_has() 2021-11-18 19:17:21 +01:00
mmconf-fam10h_64.c x86/msr: Rename MSR_K8_SYSCFG to MSR_AMD64_SYSCFG 2021-05-10 07:51:38 +02:00
module.c x86/build: Treat R_386_PLT32 relocation as R_386_PC32 2021-01-28 12:24:06 +01:00
mpparse.c x86: Avoid magic number with ELCR register accesses 2021-08-10 23:31:43 +02:00
msr.c x86/MSR: Filter MSR writes through X86_IOC_WRMSR_REGS ioctl too 2021-01-27 19:06:47 +01:00
nmi_selftest.c
nmi.c x86/sev-es: Rename sev-es.{ch} to sev.{ch} 2021-05-10 07:40:27 +02:00
paravirt-spinlocks.c x86/paravirt: Add new features for paravirt patching 2021-03-11 19:51:49 +01:00
paravirt.c The x86 MM changes in this cycle were: 2021-04-29 11:41:43 -07:00
pci-dma.c dma-mapping: move dma-debug.h to kernel/dma/ 2020-10-06 07:07:05 +02:00
pci-iommu_table.c x86: Remove definition of DEBUG 2021-01-15 08:23:10 +01:00
pci-swiotlb.c
pcspeaker.c
perf_regs.c - Remove all uses of TIF_IA32 and TIF_X32 and reclaim the two bits in the end 2020-12-14 13:45:26 -08:00
platform-quirks.c
pmem.c
probe_roms.c maccess: make get_kernel_nofault() check for minimal type compatibility 2020-06-18 12:10:37 -07:00
process_32.c x86/dumpstack: Add log_lvl to __show_regs() 2020-07-22 23:56:53 +02:00
process_64.c x86/fpu: Add PKRU storage outside of task XSAVE buffer 2021-06-23 19:37:45 +02:00
process.c x86/iopl: Fake iopl(3) CLI/STI usage 2021-11-18 19:15:56 +01:00
process.h x86: Use the correct SPDX License Identifier in headers 2019-10-01 20:31:35 +02:00
ptrace.c x86/regs: Syscall_get_nr() returns -1 for a non-system call 2021-05-12 10:49:15 +02:00
pvclock.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
quirks.c x86, powerpc: Rename memcpy_mcsafe() to copy_mc_to_{user, kernel}() 2020-10-06 11:18:04 +02:00
reboot_fixups_32.c
reboot.c x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions 2021-08-12 12:06:58 +02:00
relocate_kernel_32.S x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
relocate_kernel_64.S x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
resource.c
rtc.c
setup_percpu.c memblock: introduce saner 'memblock_free_ptr()' interface 2021-09-14 13:23:22 -07:00
setup.c x86/boot: Pull up cmdline preparation and early param parsing 2021-11-25 09:48:43 +01:00
sev_verify_cbit.S x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path 2020-10-29 18:06:52 +01:00
sev-shared.c x86/sev: Return an error on a returned non-zero SW_EXITINFO1[31:0] 2021-10-01 11:14:41 +02:00
sev.c x86/sev: Make the #VC exception stacks part of the default stacks storage 2021-11-18 19:17:21 +01:00
signal_compat.c signal: Verify the alignment and size of siginfo_t 2021-07-23 13:15:31 -05:00
signal.c Fixes and improvements for FPU handling on x86: 2021-07-07 11:12:01 -07:00
smp.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
smpboot.c x86/smp: Add a per-cpu view of SMT state 2021-07-28 11:42:23 +02:00
stacktrace.c stacktrace: Move documentation for arch_stack_walk_reliable() to header 2021-03-10 15:52:31 +01:00
static_call.c x86: Remove dynamic NOP selection 2021-03-15 16:24:59 +01:00
step.c entry: Ensure trap after single-step on system call return 2021-02-06 00:21:42 +01:00
sys_ia32.c x86: switch to kernel_clone() 2020-08-20 13:12:58 +02:00
sys_x86_64.c x86/mm: Refine mmap syscall implementation 2021-01-05 19:07:42 +01:00
tboot.c x86/boot/tboot: Avoid Wstringop-overread-warning 2021-03-23 00:16:13 +01:00
time.c A set of fixes and updates for x86: 2020-06-11 15:54:31 -07:00
tls.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
tls.h x86: switch to ->regset_get() 2020-07-27 14:31:07 -04:00
topology.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
trace_clock.c
trace.c trace/osnoise: Fix 'no previous prototype' warnings 2021-06-28 14:12:26 -04:00
tracepoint.c x86/entry: Convert reschedule interrupt to IDTENTRY_SYSVEC_SIMPLE 2020-06-11 15:15:16 +02:00
traps.c x86/sev: Fix stack type check in vc_switch_off_ist() 2021-11-18 19:16:39 +01:00
tsc_msr.c Misc fixes and small updates all around the place: 2020-08-15 10:38:03 -07:00
tsc_sync.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
tsc.c clocksource: Reduce clocksource-skew threshold 2021-06-22 16:53:16 +02:00
umip.c x86/insn: Extend error reporting from insn_fetch_from_user[_inatomic]() 2021-06-15 11:39:30 +02:00
unwind_frame.c fork-v5.9 2020-08-04 14:47:45 -07:00
unwind_guess.c
unwind_orc.c x86/unwind/orc: Silence warnings caused by missing ORC data 2021-03-06 13:09:45 +01:00
uprobes.c x86/uprobes: Convert to insn_decode() 2021-03-15 12:05:03 +01:00
verify_cpu.S x86/asm: Annotate local pseudo-functions 2019-10-18 10:04:04 +02:00
vm86_32.c signal: Replace force_fatal_sig with force_exit_sig when in doubt 2021-11-25 09:49:07 +01:00
vmlinux.lds.S x86/build: Fix vmlinux size check on 64-bit 2020-10-29 21:54:35 +01:00
vsmp_64.c
x86_init.c x86/apic: Support 15 bits of APIC ID in MSI where available 2020-10-28 20:26:29 +01:00