lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220103181956.983342-4-walt@drummond.us>
Date:   Mon,  3 Jan 2022 10:19:51 -0800
From:   Walt Drummond <walt@...mmond.us>
To:     Thomas Gleixner <tglx@...utronix.de>,
        John Johansen <john.johansen@...onical.com>,
        James Morris <jmorris@...ei.org>,
        "Serge E. Hallyn" <serge@...lyn.com>
Cc:     linux-kernel@...r.kernel.org, Walt Drummond <walt@...mmond.us>,
        linux-security-module@...r.kernel.org
Subject: [RFC PATCH 3/8] signals: Use a helper function to test if a signal is a real-time signal.

Rather than testing against SIGRTMIN/SIGRTMAX directly, use this
helper to determine if a signal is a real-time signal.

Signed-off-by: Walt Drummond <walt@...mmond.us>
---
 include/linux/signal.h     | 8 ++++++++
 kernel/signal.c            | 6 +++---
 kernel/time/posix-timers.c | 3 ++-
 security/apparmor/ipc.c    | 4 ++--
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/include/linux/signal.h b/include/linux/signal.h
index c66d4f520228..a730f3d4615e 100644
--- a/include/linux/signal.h
+++ b/include/linux/signal.h
@@ -53,6 +53,14 @@ enum siginfo_layout {
 
 enum siginfo_layout siginfo_layout(unsigned sig, int si_code);
 
+/* Test if 'sig' is a realtime signal.  Use this instead of testing
+ * SIGRTMIN/SIGRTMAX directly.
+ */
+static inline int realtime_signal(unsigned long sig)
+{
+	return (sig >= SIGRTMIN) && (sig <= SIGRTMAX);
+}
+
 /*
  * Define some primitives to manipulate sigset_t.
  */
diff --git a/kernel/signal.c b/kernel/signal.c
index 94b1828ae973..a2f0e38ba934 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -1065,7 +1065,7 @@ static void complete_signal(int sig, struct task_struct *p, enum pid_type type)
 
 static inline bool legacy_queue(struct sigpending *signals, int sig)
 {
-	return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
+	return !realtime_signal(sig) && sigismember(&signals->signal, sig);
 }
 
 static int __send_signal(int sig, struct kernel_siginfo *info, struct task_struct *t,
@@ -1108,7 +1108,7 @@ static int __send_signal(int sig, struct kernel_siginfo *info, struct task_struc
 	 * make sure at least one signal gets delivered and don't
 	 * pass on the info struct.
 	 */
-	if (sig < SIGRTMIN)
+	if (!realtime_signal(sig))
 		override_rlimit = (is_si_special(info) || info->si_code >= 0);
 	else
 		override_rlimit = 0;
@@ -1144,7 +1144,7 @@ static int __send_signal(int sig, struct kernel_siginfo *info, struct task_struc
 			break;
 		}
 	} else if (!is_si_special(info) &&
-		   sig >= SIGRTMIN && info->si_code != SI_USER) {
+		   realtime_signal(sig) && info->si_code != SI_USER) {
 		/*
 		 * Queue overflow, abort.  We may abort if the
 		 * signal was rt and sent by user using something
diff --git a/kernel/time/posix-timers.c b/kernel/time/posix-timers.c
index 1cd10b102c51..6afb98eadd1d 100644
--- a/kernel/time/posix-timers.c
+++ b/kernel/time/posix-timers.c
@@ -442,7 +442,8 @@ static struct pid *good_sigevent(sigevent_t * event)
 		fallthrough;
 	case SIGEV_SIGNAL:
 	case SIGEV_THREAD:
-		if (event->sigev_signo <= 0 || event->sigev_signo > SIGRTMAX)
+		/* Signal 0 is a valid signal, just not here. */
+		if (!valid_signal(event->sigev_signo) || event->sigev_signo == 0)
 			return NULL;
 		fallthrough;
 	case SIGEV_NONE:
diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c
index fe36d112aad9..8149b989b665 100644
--- a/security/apparmor/ipc.c
+++ b/security/apparmor/ipc.c
@@ -130,9 +130,9 @@ int aa_may_ptrace(struct aa_label *tracer, struct aa_label *tracee,
 
 static inline int map_signal_num(int sig)
 {
-	if (sig > SIGRTMAX)
+	if (!valid_signal(sig))
 		return SIGUNKNOWN;
-	else if (sig >= SIGRTMIN)
+	else if (realtime_signal(sig))
 		return sig - SIGRTMIN + SIGRT_BASE;
 	else if (sig < MAXMAPPED_SIG)
 		return sig_map[sig];
-- 
2.30.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ