diff options
| author | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2015-09-08 16:25:39 +0300 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2015-10-13 05:46:10 +0300 |
| commit | 9bf6bf61ff1ff2de8525880e31a82a5be8859db2 (patch) | |
| tree | d0ff3c7563dcb3cb4df141981f6a9c9a626ff967 /arch | |
| parent | 1329f22dd13b2976203c54699f5a9f16425efa00 (diff) | |
| download | linux-9bf6bf61ff1ff2de8525880e31a82a5be8859db2.tar.xz | |
s390/compat: correct uc_sigmask of the compat signal frame
commit 8d4bd0ed0439dfc780aab801a085961925ed6838 upstream.
The uc_sigmask in the ucontext structure is an array of words to keep
the 64 signal bits (or 1024 if you ask glibc but the kernel sigset_t
only has 64 bits).
For 64 bit the sigset_t contains a single 8 byte word, but for 31 bit
there are two 4 byte words. The compat signal handler code uses a
simple copy of the 64 bit sigset_t to the 31 bit compat_sigset_t.
As s390 is a big-endian architecture this is incorrect, the two words
in the 31 bit sigset_t array need to be swapped.
Reported-by: Stefan Liebler <stli@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
[bwh: Backported to 3.2:
- Introduce local compat_sigset_t in setup_frame32()
- Adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/s390/kernel/compat_signal.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/arch/s390/kernel/compat_signal.c b/arch/s390/kernel/compat_signal.c index 9fdd05d54dd2..8831a407bf10 100644 --- a/arch/s390/kernel/compat_signal.c +++ b/arch/s390/kernel/compat_signal.c @@ -52,6 +52,19 @@ typedef struct __u32 gprs_high[NUM_GPRS]; } rt_sigframe32; +static inline void sigset_to_sigset32(unsigned long *set64, + compat_sigset_word *set32) +{ + set32[0] = (compat_sigset_word) set64[0]; + set32[1] = (compat_sigset_word)(set64[0] >> 32); +} + +static inline void sigset32_to_sigset(compat_sigset_word *set32, + unsigned long *set64) +{ + set64[0] = (unsigned long) set32[0] | ((unsigned long) set32[1] << 32); +} + int copy_siginfo_to_user32(compat_siginfo_t __user *to, siginfo_t *from) { int err; @@ -361,12 +374,14 @@ asmlinkage long sys32_sigreturn(void) { struct pt_regs *regs = task_pt_regs(current); sigframe32 __user *frame = (sigframe32 __user *)regs->gprs[15]; + compat_sigset_t cset; sigset_t set; if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) goto badframe; - if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32)) + if (__copy_from_user(&cset.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32)) goto badframe; + sigset32_to_sigset(cset.sig, set.sig); sigdelsetmask(&set, ~_BLOCKABLE); set_current_blocked(&set); if (restore_sigregs32(regs, &frame->sregs)) @@ -383,6 +398,7 @@ asmlinkage long sys32_rt_sigreturn(void) { struct pt_regs *regs = task_pt_regs(current); rt_sigframe32 __user *frame = (rt_sigframe32 __user *)regs->gprs[15]; + compat_sigset_t cset; sigset_t set; stack_t st; __u32 ss_sp; @@ -391,8 +407,9 @@ asmlinkage long sys32_rt_sigreturn(void) if (!access_ok(VERIFY_READ, frame, sizeof(*frame))) goto badframe; - if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set))) + if (__copy_from_user(&cset, &frame->uc.uc_sigmask, sizeof(cset))) goto badframe; + sigset32_to_sigset(cset.sig, set.sig); sigdelsetmask(&set, ~_BLOCKABLE); set_current_blocked(&set); if (restore_sigregs32(regs, &frame->uc.uc_mcontext)) @@ -464,13 +481,16 @@ static int setup_frame32(int sig, struct k_sigaction *ka, sigset_t *set, struct pt_regs * regs) { sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(sigframe32)); + compat_sigset_t cset; + if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe32))) goto give_sigsegv; if (frame == (void __user *) -1UL) goto give_sigsegv; - if (__copy_to_user(&frame->sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE32)) + sigset_to_sigset32(set->sig, cset.sig); + if (__copy_to_user(&frame->sc.oldmask, &cset.sig, _SIGMASK_COPY_SIZE32)) goto give_sigsegv; if (save_sigregs32(regs, &frame->sregs)) @@ -524,6 +544,7 @@ give_sigsegv: static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info, sigset_t *set, struct pt_regs * regs) { + compat_sigset_t cset; int err = 0; rt_sigframe32 __user *frame = get_sigframe(ka, regs, sizeof(rt_sigframe32)); if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe32))) @@ -536,6 +557,7 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info, goto give_sigsegv; /* Create the ucontext. */ + sigset_to_sigset32(set->sig, cset.sig); err |= __put_user(UC_EXTENDED, &frame->uc.uc_flags); err |= __put_user(0, &frame->uc.uc_link); err |= __put_user(current->sas_ss_sp, &frame->uc.uc_stack.ss_sp); @@ -544,7 +566,7 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info, err |= __put_user(current->sas_ss_size, &frame->uc.uc_stack.ss_size); err |= save_sigregs32(regs, &frame->uc.uc_mcontext); err |= save_sigregs_gprs_high(regs, frame->gprs_high); - err |= __copy_to_user(&frame->uc.uc_sigmask, set, sizeof(*set)); + err |= __copy_to_user(&frame->uc.uc_sigmask, &cset, sizeof(cset)); if (err) goto give_sigsegv; |