| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2013 22:22:42 +0100
From: James Hogan <james.hogan@...tec.com>
To: <linux-kernel@...r.kernel.org>
CC: David Daney <david.daney@...ium.com>,
James Hogan <james.hogan@...tec.com>,
Ralf Baechle <ralf@...ux-mips.org>,
Oleg Nesterov <oleg@...hat.com>,
Denys Vlasenko <vda.linux@...glemail.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Al Viro <viro@...iv.linux.org.uk>,
"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
David Howells <dhowells@...hat.com>,
Dave Jones <davej@...hat.com>, <linux-mips@...ux-mips.org>,
<stable@...r.kernel.org>
Subject: [PATCH v4] MIPS: Reduce _NSIG from 128 to 127 to avoid BUG_ON
MIPS has 128 signals, the highest of which has the number 128 (they
start from 1). The following command causes get_signal_to_deliver() to
pass this signal number straight through to do_group_exit() as the exit
code:
strace sleep 10 & sleep 1 && kill -128 `pidof sleep`
However do_group_exit() checks for the core dump bit (0x80) in the exit
code which matches in this particular case and the kernel panics:
BUG_ON(exit_code & 0x80); /* core dumps don't get here */
Lets avoid this by changing the ABI by reducing the number of signals to
127 (so that the maximum signal number is 127). This is not the final
solution, since signal 127 also has its own share of problems, but it's
impact should be fairly minimal since Glibc already incorrectly sets
[__]SIGRTMAX to 127. uClibc used to set it to 128 so it's conceivable
that programs built against uClibc which intentionally use RT signals
from the top (SIGRTMAX-n, n>=0) would need an updated uClibc (and a
rebuild if it's crazy enough to use __SIGRTMAX).
Note that the signals man page seems to make clear that signals should
be referred to from SIGRTMIN, and it seems unlikely that any portable
program would ever need to use 96 RT signals:
"programs should never refer to real-time signals using hard-coded
numbers, but instead should always refer to real-time signals using
the notation SIGRTMIN+n, and include suitable (run-time) checks that
SIGRTMIN+n does not exceed SIGRTMAX."
Signed-off-by: James Hogan <james.hogan@...tec.com>
Acked-by: David Daney <david.daney@...ium.com>
Cc: Ralf Baechle <ralf@...ux-mips.org>
Cc: Oleg Nesterov <oleg@...hat.com>
Cc: Denys Vlasenko <vda.linux@...glemail.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>
Cc: Al Viro <viro@...iv.linux.org.uk>
Cc: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc: David Howells <dhowells@...hat.com>
Cc: Dave Jones <davej@...hat.com>
Cc: linux-mips@...ux-mips.org
Cc: stable@...r.kernel.org
---
Thanks for all the feedback on the patches.
This is a resend of v2 with tweaks to the commit message:
* add David Daney's Acked-by
* cc stable
* make clear it's not the final solution
* uClibc *used to* set __SIGRTMAX to 128 but is now fixed to match glibc
(thanks Denys)
arch/mips/include/uapi/asm/signal.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/mips/include/uapi/asm/signal.h b/arch/mips/include/uapi/asm/signal.h
index addb9f5..40e944d 100644
--- a/arch/mips/include/uapi/asm/signal.h
+++ b/arch/mips/include/uapi/asm/signal.h
@@ -11,9 +11,9 @@
#include <linux/types.h>
-#define _NSIG 128
+#define _NSIG 127
#define _NSIG_BPW (sizeof(unsigned long) * 8)
-#define _NSIG_WORDS (_NSIG / _NSIG_BPW)
+#define _NSIG_WORDS ((_NSIG + _NSIG_BPW - 1) / _NSIG_BPW)
typedef struct {
unsigned long sig[_NSIG_WORDS];
--
1.8.1.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists