lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170708131218.GP10672@ZenIV.linux.org.uk>
Date:   Sat, 8 Jul 2017 14:12:18 +0100
From:   Al Viro <viro@...IV.linux.org.uk>
To:     Markus Trippelsdorf <markus@...ppelsdorf.de>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: commit 67d7ddded32 (waitid(2): leave copyout of siginfo to
 syscall itself) breaks glibc posix/tst-waitid

On Sat, Jul 08, 2017 at 11:56:44AM +0200, Markus Trippelsdorf wrote:
> Since:
>  commit 67d7ddded322db99f451a7959d56ed6c70a6c4aa
>  Author: Al Viro <viro@...iv.linux.org.uk>
>  Date:   Sun May 14 20:53:13 2017 -0400
> 
>      waitid(2): leave copyout of siginfo to syscall itself
> 
> the glibc posix/tst-waitid.c testcase fails:
> 
> markus@x4 glibc-build % ./posix/tst-waitid
> waitid WNOHANG on stopped status 0

I think I see what's going on...  We lose the distinction between "got
a PID" and "nothing, but that's not an error" a bit too early waitid()
case.  Could you see if there are any problems left with the following
applied?

diff --git a/kernel/exit.c b/kernel/exit.c
index 462fc25eec6e..aa5d5e4de804 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -1604,9 +1604,6 @@ static long kernel_waitid(int which, pid_t upid, struct waitid_info *infop,
 	wo.wo_rusage	= ru;
 	ret = do_wait(&wo);
 
-	if (ret > 0)
-		ret = 0;
-
 	put_pid(pid);
 	return ret;
 }
@@ -1617,6 +1614,11 @@ SYSCALL_DEFINE5(waitid, int, which, pid_t, upid, struct siginfo __user *,
 	struct rusage r;
 	struct waitid_info info = {.status = 0};
 	long err = kernel_waitid(which, upid, &info, options, ru ? &r : NULL);
+	int signo = 0;
+	if (err > 0) {
+		signo = SIGCHLD;
+		err = 0;
+	}
 
 	if (!err) {
 		if (ru && copy_to_user(ru, &r, sizeof(struct rusage)))
@@ -1626,7 +1628,7 @@ SYSCALL_DEFINE5(waitid, int, which, pid_t, upid, struct siginfo __user *,
 		return err;
 
 	user_access_begin();
-	unsafe_put_user(err ? 0 : SIGCHLD, &infop->si_signo, Efault);
+	unsafe_put_user(signo, &infop->si_signo, Efault);
 	unsafe_put_user(0, &infop->si_errno, Efault);
 	unsafe_put_user((short)info.cause, &infop->si_code, Efault);
 	unsafe_put_user(info.pid, &infop->si_pid, Efault);
@@ -1728,6 +1730,11 @@ COMPAT_SYSCALL_DEFINE5(waitid,
 	struct rusage ru;
 	struct waitid_info info = {.status = 0};
 	long err = kernel_waitid(which, pid, &info, options, uru ? &ru : NULL);
+	int signo = 0;
+	if (err > 0) {
+		signo = SIGCHLD;
+		err = 0;
+	}
 
 	if (!err && uru) {
 		/* kernel_waitid() overwrites everything in ru */
@@ -1743,7 +1750,7 @@ COMPAT_SYSCALL_DEFINE5(waitid,
 		return err;
 
 	user_access_begin();
-	unsafe_put_user(err ? 0 : SIGCHLD, &infop->si_signo, Efault);
+	unsafe_put_user(signo, &infop->si_signo, Efault);
 	unsafe_put_user(0, &infop->si_errno, Efault);
 	unsafe_put_user((short)info.cause, &infop->si_code, Efault);
 	unsafe_put_user(info.pid, &infop->si_pid, Efault);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ