| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87tugkm3gc.fsf@disp2133>
Date: Wed, 10 Nov 2021 09:32:19 -0600
From: ebiederm@...ssion.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: <linux-kernel@...r.kernel.org>, <linux-arch@...r.kernel.org>,
Kees Cook <keescook@...omium.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Christoph Hellwig <hch@...radead.org>,
Andy Lutomirski <luto@...capital.net>
Subject: [GIT PULL] exit cleanups for v5.16
Linus,
Please pull the exit-cleanups-for-v5.16 branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git exit-cleanups-for-v5.16
HEAD: f91140e4553408cacd326624cd50fc367725e04a Arnd Bergmann <arnd@...db.de>
While looking at some issues related to the exit path in the kernel I
found several instances where the code is not using the existing
abstractions properly.
This set of changes introduces force_fatal_sig a way of sending
a signal and not allowing it to be caught, and corrects the
misuse of the existing abstractions that I found.
A lot of the misuse of the existing abstractions are silly things such
as doing something after calling a no return function, rolling BUG by
hand, doing more work than necessary to terminate a kernel thread, or
calling do_exit(SIGKILL) instead of calling force_sig(SIGKILL).
In the review a deficiency in force_fatal_sig and force_sig_seccomp
where ptrace or sigaction could prevent the delivery of the signal was
found. I have added a change that adds SA_IMMUTABLE to change that
makes it impossible to interrupt the delivery of those signals, and
allows backporting to fix force_sig_seccomp.
Arnd found an issue where a function passed to kthread_run had the wrong
prototype, and after my cleanup was failing to build.
Arnd Bergmann (1):
soc: ti: fix wkup_m3_rproc_boot_thread return type
Eric W. Biederman (22):
exit/doublefault: Remove apparently bogus comment about rewind_stack_do_exit
exit: Remove calls of do_exit after noreturn versions of die
reboot: Remove the unreachable panic after do_exit in reboot(2)
signal/sparc32: Remove unreachable do_exit in do_sparc_fault
signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
signal/sh: Use force_sig(SIGKILL) instead of do_group_exit(SIGKILL)
signal/powerpc: On swapcontext failure force SIGSEGV
signal/sparc: In setup_tsb_params convert open coded BUG into BUG
signal/vm86_32: Replace open coded BUG_ON with an actual BUG_ON
signal/vm86_32: Properly send SIGSEGV when the vm86 state cannot be saved.
signal/s390: Use force_sigsegv in default_trap_handler
exit/kthread: Have kernel threads return instead of calling do_exit
signal: Implement force_fatal_sig
exit/syscall_user_dispatch: Send ordinary signals on failure
signal/sparc32: Exit with a fatal signal when try_to_clear_window_buffer fails
signal/sparc32: In setup_rt_frame and setup_fram use force_fatal_sig
signal/x86: In emulate_vsyscall force a signal instead of calling do_exit
exit/rtl8723bs: Replace the macro thread_exit with a simple return 0
exit/rtl8712: Replace the macro thread_exit with a simple return 0
exit/r8188eu: Replace the macro thread_exit with a simple return 0
signal: Replace force_sigsegv(SIGSEGV) with force_fatal_sig(SIGSEGV)
signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed
arch/arc/kernel/process.c | 2 +-
arch/m68k/kernel/traps.c | 2 +-
arch/mips/kernel/r2300_fpu.S | 4 +--
arch/mips/kernel/syscall.c | 9 ------
arch/nds32/kernel/traps.c | 2 +-
arch/nds32/mm/fault.c | 6 +---
arch/openrisc/kernel/traps.c | 2 +-
arch/openrisc/mm/fault.c | 4 +--
arch/powerpc/kernel/signal_32.c | 6 ++--
arch/powerpc/kernel/signal_64.c | 9 ++++--
arch/s390/include/asm/kdebug.h | 2 +-
arch/s390/kernel/dumpstack.c | 2 +-
arch/s390/kernel/traps.c | 2 +-
arch/s390/mm/fault.c | 2 --
arch/sh/kernel/cpu/fpu.c | 10 ++++---
arch/sh/kernel/traps.c | 2 +-
arch/sh/mm/fault.c | 2 --
arch/sparc/kernel/signal_32.c | 4 +--
arch/sparc/kernel/windows.c | 6 ++--
arch/sparc/mm/fault_32.c | 1 -
arch/sparc/mm/tsb.c | 2 +-
arch/um/kernel/trap.c | 2 +-
arch/x86/entry/vsyscall/vsyscall_64.c | 3 +-
arch/x86/kernel/doublefault_32.c | 3 --
arch/x86/kernel/vm86_32.c | 10 +++----
arch/xtensa/kernel/traps.c | 2 +-
arch/xtensa/mm/fault.c | 3 +-
drivers/firmware/stratix10-svc.c | 4 +--
drivers/soc/ti/wkup_m3_ipc.c | 7 +++--
drivers/staging/r8188eu/core/rtw_cmd.c | 2 +-
drivers/staging/r8188eu/core/rtw_mp.c | 2 +-
drivers/staging/r8188eu/include/osdep_service.h | 2 --
drivers/staging/rtl8712/osdep_service.h | 1 -
drivers/staging/rtl8712/rtl8712_cmd.c | 2 +-
drivers/staging/rtl8723bs/core/rtw_cmd.c | 2 +-
drivers/staging/rtl8723bs/core/rtw_xmit.c | 2 +-
drivers/staging/rtl8723bs/hal/rtl8723bs_xmit.c | 2 +-
.../rtl8723bs/include/osdep_service_linux.h | 2 --
fs/exec.c | 2 +-
fs/ocfs2/journal.c | 5 +---
include/linux/sched/signal.h | 1 +
include/linux/signal_types.h | 3 ++
include/uapi/asm-generic/signal-defs.h | 1 +
kernel/entry/syscall_user_dispatch.c | 12 +++++---
kernel/kthread.c | 2 +-
kernel/reboot.c | 1 -
kernel/signal.c | 34 +++++++++++++++-------
net/batman-adv/tp_meter.c | 2 +-
48 files changed, 98 insertions(+), 97 deletions(-)
Link: https://lkml.kernel.org/r/87y26nmwkb.fsf@disp2133
Eric
Powered by blists - more mailing lists