aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/signal.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/signal.c')
-rw-r--r--kernel/signal.c63
1 files changed, 49 insertions, 14 deletions
diff --git a/kernel/signal.c b/kernel/signal.c
index f93efec14ff5..d2dd9cf5dcc6 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -55,10 +55,22 @@ static int sig_handler_ignored(void __user *handler, int sig)
55 (handler == SIG_DFL && sig_kernel_ignore(sig)); 55 (handler == SIG_DFL && sig_kernel_ignore(sig));
56} 56}
57 57
58static int sig_ignored(struct task_struct *t, int sig) 58static int sig_task_ignored(struct task_struct *t, int sig,
59 int from_ancestor_ns)
59{ 60{
60 void __user *handler; 61 void __user *handler;
61 62
63 handler = sig_handler(t, sig);
64
65 if (unlikely(t->signal->flags & SIGNAL_UNKILLABLE) &&
66 handler == SIG_DFL && !from_ancestor_ns)
67 return 1;
68
69 return sig_handler_ignored(handler, sig);
70}
71
72static int sig_ignored(struct task_struct *t, int sig, int from_ancestor_ns)
73{
62 /* 74 /*
63 * Blocked signals are never ignored, since the 75 * Blocked signals are never ignored, since the
64 * signal handler may change by the time it is 76 * signal handler may change by the time it is
@@ -67,14 +79,13 @@ static int sig_ignored(struct task_struct *t, int sig)
67 if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig)) 79 if (sigismember(&t->blocked, sig) || sigismember(&t->real_blocked, sig))
68 return 0; 80 return 0;
69 81
70 handler = sig_handler(t, sig); 82 if (!sig_task_ignored(t, sig, from_ancestor_ns))
71 if (!sig_handler_ignored(handler, sig))
72 return 0; 83 return 0;
73 84
74 /* 85 /*
75 * Tracers may want to know about even ignored signals. 86 * Tracers may want to know about even ignored signals.
76 */ 87 */
77 return !tracehook_consider_ignored_signal(t, sig, handler); 88 return !tracehook_consider_ignored_signal(t, sig);
78} 89}
79 90
80/* 91/*
@@ -323,7 +334,7 @@ int unhandled_signal(struct task_struct *tsk, int sig)
323 return 1; 334 return 1;
324 if (handler != SIG_IGN && handler != SIG_DFL) 335 if (handler != SIG_IGN && handler != SIG_DFL)
325 return 0; 336 return 0;
326 return !tracehook_consider_fatal_signal(tsk, sig, handler); 337 return !tracehook_consider_fatal_signal(tsk, sig);
327} 338}
328 339
329 340
@@ -629,7 +640,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
629 * Returns true if the signal should be actually delivered, otherwise 640 * Returns true if the signal should be actually delivered, otherwise
630 * it should be dropped. 641 * it should be dropped.
631 */ 642 */
632static int prepare_signal(int sig, struct task_struct *p) 643static int prepare_signal(int sig, struct task_struct *p, int from_ancestor_ns)
633{ 644{
634 struct signal_struct *signal = p->signal; 645 struct signal_struct *signal = p->signal;
635 struct task_struct *t; 646 struct task_struct *t;
@@ -713,7 +724,7 @@ static int prepare_signal(int sig, struct task_struct *p)
713 } 724 }
714 } 725 }
715 726
716 return !sig_ignored(p, sig); 727 return !sig_ignored(p, sig, from_ancestor_ns);
717} 728}
718 729
719/* 730/*
@@ -782,7 +793,7 @@ static void complete_signal(int sig, struct task_struct *p, int group)
782 !(signal->flags & (SIGNAL_UNKILLABLE | SIGNAL_GROUP_EXIT)) && 793 !(signal->flags & (SIGNAL_UNKILLABLE | SIGNAL_GROUP_EXIT)) &&
783 !sigismember(&t->real_blocked, sig) && 794 !sigismember(&t->real_blocked, sig) &&
784 (sig == SIGKILL || 795 (sig == SIGKILL ||
785 !tracehook_consider_fatal_signal(t, sig, SIG_DFL))) { 796 !tracehook_consider_fatal_signal(t, sig))) {
786 /* 797 /*
787 * This signal will be fatal to the whole group. 798 * This signal will be fatal to the whole group.
788 */ 799 */
@@ -818,8 +829,8 @@ static inline int legacy_queue(struct sigpending *signals, int sig)
818 return (sig < SIGRTMIN) && sigismember(&signals->signal, sig); 829 return (sig < SIGRTMIN) && sigismember(&signals->signal, sig);
819} 830}
820 831
821static int send_signal(int sig, struct siginfo *info, struct task_struct *t, 832static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
822 int group) 833 int group, int from_ancestor_ns)
823{ 834{
824 struct sigpending *pending; 835 struct sigpending *pending;
825 struct sigqueue *q; 836 struct sigqueue *q;
@@ -827,7 +838,8 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
827 trace_sched_signal_send(sig, t); 838 trace_sched_signal_send(sig, t);
828 839
829 assert_spin_locked(&t->sighand->siglock); 840 assert_spin_locked(&t->sighand->siglock);
830 if (!prepare_signal(sig, t)) 841
842 if (!prepare_signal(sig, t, from_ancestor_ns))
831 return 0; 843 return 0;
832 844
833 pending = group ? &t->signal->shared_pending : &t->pending; 845 pending = group ? &t->signal->shared_pending : &t->pending;
@@ -876,6 +888,8 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
876 break; 888 break;
877 default: 889 default:
878 copy_siginfo(&q->info, info); 890 copy_siginfo(&q->info, info);
891 if (from_ancestor_ns)
892 q->info.si_pid = 0;
879 break; 893 break;
880 } 894 }
881 } else if (!is_si_special(info)) { 895 } else if (!is_si_special(info)) {
@@ -894,6 +908,20 @@ out_set:
894 return 0; 908 return 0;
895} 909}
896 910
911static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
912 int group)
913{
914 int from_ancestor_ns = 0;
915
916#ifdef CONFIG_PID_NS
917 if (!is_si_special(info) && SI_FROMUSER(info) &&
918 task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)
919 from_ancestor_ns = 1;
920#endif
921
922 return __send_signal(sig, info, t, group, from_ancestor_ns);
923}
924
897int print_fatal_signals; 925int print_fatal_signals;
898 926
899static void print_fatal_signal(struct pt_regs *regs, int signr) 927static void print_fatal_signal(struct pt_regs *regs, int signr)
@@ -1138,7 +1166,7 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
1138 if (sig && p->sighand) { 1166 if (sig && p->sighand) {
1139 unsigned long flags; 1167 unsigned long flags;
1140 spin_lock_irqsave(&p->sighand->siglock, flags); 1168 spin_lock_irqsave(&p->sighand->siglock, flags);
1141 ret = __group_send_sig_info(sig, info, p); 1169 ret = __send_signal(sig, info, p, 1, 0);
1142 spin_unlock_irqrestore(&p->sighand->siglock, flags); 1170 spin_unlock_irqrestore(&p->sighand->siglock, flags);
1143 } 1171 }
1144out_unlock: 1172out_unlock:
@@ -1325,7 +1353,7 @@ int send_sigqueue(struct sigqueue *q, struct task_struct *t, int group)
1325 goto ret; 1353 goto ret;
1326 1354
1327 ret = 1; /* the signal is ignored */ 1355 ret = 1; /* the signal is ignored */
1328 if (!prepare_signal(sig, t)) 1356 if (!prepare_signal(sig, t, 0))
1329 goto out; 1357 goto out;
1330 1358
1331 ret = 0; 1359 ret = 0;
@@ -1849,9 +1877,16 @@ relock:
1849 1877
1850 /* 1878 /*
1851 * Global init gets no signals it doesn't want. 1879 * Global init gets no signals it doesn't want.
1880 * Container-init gets no signals it doesn't want from same
1881 * container.
1882 *
1883 * Note that if global/container-init sees a sig_kernel_only()
1884 * signal here, the signal must have been generated internally
1885 * or must have come from an ancestor namespace. In either
1886 * case, the signal cannot be dropped.
1852 */ 1887 */
1853 if (unlikely(signal->flags & SIGNAL_UNKILLABLE) && 1888 if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
1854 !signal_group_exit(signal)) 1889 !sig_kernel_only(signr))
1855 continue; 1890 continue;
1856 1891
1857 if (sig_kernel_stop(signr)) { 1892 if (sig_kernel_stop(signr)) {