1 files changed, 119 insertions, 63 deletions
diff --git a/kernel/signal.c b/kernel/signal.c
index 6705320784fd..dbd7fe073c55 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -22,12 +22,14 @@
 #include <linux/ptrace.h>
 #include <linux/signal.h>
 #include <linux/signalfd.h>
+#include <linux/ratelimit.h>
 #include <linux/tracehook.h>
 #include <linux/capability.h>
 #include <linux/freezer.h>
 #include <linux/pid_namespace.h>
 #include <linux/nsproxy.h>
-#include <trace/events/sched.h>
+#define CREATE_TRACE_POINTS
+#include <trace/events/signal.h>
 #include <asm/param.h>
 #include <asm/uaccess.h>
@@ -41,6 +43,8 @@
 static struct kmem_cache *sigqueue_cachep;
+int print_fatal_signals __read_mostly;
 static void __user *sig_handler(struct task_struct *t, int sig)
 {
        return t->sighand->action[sig - 1].sa.sa_handler;
@@ -155,62 +159,98 @@ void recalc_sigpending(void)
 /* Given the mask, find the first available signal that should be serviced. */
+#define SYNCHRONOUS_MASK \
+        (sigmask(SIGSEGV) | sigmask(SIGBUS) | sigmask(SIGILL) | \
+         sigmask(SIGTRAP) | sigmask(SIGFPE))
 int next_signal(struct sigpending *pending, sigset_t *mask)
 {
        unsigned long i, *s, *m, x;
        int sig = 0;
-        
        s = pending->signal.sig;
        m = mask->sig;
+        /*
+         * Handle the first word specially: it contains the
+         * synchronous signals that need to be dequeued first.
+         */
+        x = *s &~ *m;
+        if (x) {
+                if (x & SYNCHRONOUS_MASK)
+                        x &= SYNCHRONOUS_MASK;
+                sig = ffz(~x) + 1;
+                return sig;
+        }
        switch (_NSIG_WORDS) {
        default:
-                for (i = 0; i < _NSIG_WORDS; ++i, ++s, ++m)
+                for (i = 1; i < _NSIG_WORDS; ++i) {
-                        if ((x = *s &~ *m) != 0) {
+                        x = *++s &~ *++m;
-                                sig = ffz(~x) + i*_NSIG_BPW + 1;
+                        if (!x)
-                                break;
+                                continue;
-                        }
+                        sig = ffz(~x) + i*_NSIG_BPW + 1;
+                        break;
+                }
                break;
-        case 2: if ((x = s[0] &~ m[0]) != 0)
+        case 2:
-                        sig = 1;
+                x = s[1] &~ m[1];
-                else if ((x = s[1] &~ m[1]) != 0)
+                if (!x)
-                        sig = _NSIG_BPW + 1;
-                else
                        break;
-                sig += ffz(~x);
+                sig = ffz(~x) + _NSIG_BPW + 1;
                break;
-        case 1: if ((x = *s &~ *m) != 0)
+        case 1:
-                        sig = ffz(~x) + 1;
+                /* Nothing to do */
                break;
        }
-        
        return sig;
 }
+static inline void print_dropped_signal(int sig)
+{
+        static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
+        if (!print_fatal_signals)
+                return;
+        if (!__ratelimit(&ratelimit_state))
+                return;
+        printk(KERN_INFO "%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
+                                current->comm, current->pid, sig);
+}
 /*
 * allocate a new signal queue record
 * - this may be called without locks if and only if t == current, otherwise an
 *   appopriate lock must be held to stop the target task from exiting
 */
-static struct sigqueue *__sigqueue_alloc(struct task_struct *t, gfp_t flags,
+static struct sigqueue *
-                                         int override_rlimit)
+__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
 {
        struct sigqueue *q = NULL;
        struct user_struct *user;
        /*
-         * We won't get problems with the target's UID changing under us
+         * Protect access to @t credentials. This can go away when all
-         * because changing it requires RCU be used, and if t != current, the
+         * callers hold rcu read lock.
-         * caller must be holding the RCU readlock (by way of a spinlock) and
-         * we use RCU protection here
         */
+        rcu_read_lock();
        user = get_uid(__task_cred(t)->user);
        atomic_inc(&user->sigpending);
+        rcu_read_unlock();
        if (override_rlimit ||
            atomic_read(&user->sigpending) <=
-                        t->signal->rlim[RLIMIT_SIGPENDING].rlim_cur)
+                        task_rlimit(t, RLIMIT_SIGPENDING)) {
                q = kmem_cache_alloc(sigqueue_cachep, flags);
+        } else {
+                print_dropped_signal(sig);
+        }
        if (unlikely(q == NULL)) {
                atomic_dec(&user->sigpending);
                free_uid(user);
@@ -400,7 +440,7 @@ still_pending:
                 */
                info->si_signo = sig;
                info->si_errno = 0;
-                info->si_code = 0;
+                info->si_code = SI_USER;
                info->si_pid = 0;
                info->si_uid = 0;
        }
@@ -584,6 +624,17 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s)
        return 1;
 }
+static inline int is_si_special(const struct siginfo *info)
+{
+        return info <= SEND_SIG_FORCED;
+}
+static inline bool si_fromuser(const struct siginfo *info)
+{
+        return info == SEND_SIG_NOINFO ||
+                (!is_si_special(info) && SI_FROMUSER(info));
+}
 /*
 * Bad permissions for sending the signal
 * - the caller must hold at least the RCU read lock
@@ -598,7 +649,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
        if (!valid_signal(sig))
                return -EINVAL;
-        if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
+        if (!si_fromuser(info))
                return 0;
        error = audit_signal_info(sig, t); /* Let audit system see the signal */
@@ -834,7 +885,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
        struct sigqueue *q;
        int override_rlimit;
-        trace_sched_signal_send(sig, t);
+        trace_signal_generate(sig, info, t);
        assert_spin_locked(&t->sighand->siglock);
@@ -869,7 +920,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
        else
                override_rlimit = 0;
-        q = __sigqueue_alloc(t, GFP_ATOMIC | __GFP_NOTRACK_FALSE_POSITIVE,
+        q = __sigqueue_alloc(sig, t, GFP_ATOMIC | __GFP_NOTRACK_FALSE_POSITIVE,
                override_rlimit);
        if (q) {
                list_add_tail(&q->list, &pending->list);
@@ -896,12 +947,21 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
                        break;
                }
        } else if (!is_si_special(info)) {
-                if (sig >= SIGRTMIN && info->si_code != SI_USER)
+                if (sig >= SIGRTMIN && info->si_code != SI_USER) {
-                /*
+                        /*
-                 * Queue overflow, abort.  We may abort if the signal was rt
+                         * Queue overflow, abort.  We may abort if the
-                 * and sent by user using something other than kill().
+                         * signal was rt and sent by user using something
-                 */
+                         * other than kill().
+                         */
+                        trace_signal_overflow_fail(sig, group, info);
                        return -EAGAIN;
+                } else {
+                        /*
+                         * This is a silent loss of information.  We still
+                         * send the signal, but the *info bits are lost.
+                         */
+                        trace_signal_lose_info(sig, group, info);
+                }
        }
 out_set:
@@ -917,16 +977,13 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
        int from_ancestor_ns = 0;
 #ifdef CONFIG_PID_NS
-        if (!is_si_special(info) && SI_FROMUSER(info) &&
+        from_ancestor_ns = si_fromuser(info) &&
-                        task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)
+                           !task_pid_nr_ns(current, task_active_pid_ns(t));
-                from_ancestor_ns = 1;
 #endif
        return __send_signal(sig, info, t, group, from_ancestor_ns);
 }
-int print_fatal_signals;
 static void print_fatal_signal(struct pt_regs *regs, int signr)
 {
        printk("%s/%d: potentially unexpected fatal signal %d.\n",
@@ -939,7 +996,8 @@ static void print_fatal_signal(struct pt_regs *regs, int signr)
                for (i = 0; i < 16; i++) {
                        unsigned char insn;
-                        __get_user(insn, (unsigned char *)(regs->ip + i));
+                        if (get_user(insn, (unsigned char *)(regs->ip + i)))
+                                break;
                        printk("%02x ", insn);
                }
        }
@@ -1022,12 +1080,6 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t)
        return ret;
 }
-void
-force_sig_specific(int sig, struct task_struct *t)
-{
-        force_sig_info(sig, SEND_SIG_FORCED, t);
-}
 /*
 * Nuke all other threads in the group.
 */
@@ -1145,19 +1197,19 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
        int ret = -EINVAL;
        struct task_struct *p;
        const struct cred *pcred;
+        unsigned long flags;
        if (!valid_signal(sig))
                return ret;
-        read_lock(&tasklist_lock);
+        rcu_read_lock();
        p = pid_task(pid, PIDTYPE_PID);
        if (!p) {
                ret = -ESRCH;
                goto out_unlock;
        }
        pcred = __task_cred(p);
-        if ((info == SEND_SIG_NOINFO ||
+        if (si_fromuser(info) &&
-             (!is_si_special(info) && SI_FROMUSER(info))) &&
            euid != pcred->suid && euid != pcred->uid &&
            uid  != pcred->suid && uid  != pcred->uid) {
                ret = -EPERM;
@@ -1166,14 +1218,16 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
        ret = security_task_kill(p, info, sig, secid);
        if (ret)
                goto out_unlock;
-        if (sig && p->sighand) {
-                unsigned long flags;
+        if (sig) {
-                spin_lock_irqsave(&p->sighand->siglock, flags);
+                if (lock_task_sighand(p, &flags)) {
-                ret = __send_signal(sig, info, p, 1, 0);
+                        ret = __send_signal(sig, info, p, 1, 0);
-                spin_unlock_irqrestore(&p->sighand->siglock, flags);
+                        unlock_task_sighand(p, &flags);
+                } else
+                        ret = -ESRCH;
        }
 out_unlock:
-        read_unlock(&tasklist_lock);
+        rcu_read_unlock();
        return ret;
 }
 EXPORT_SYMBOL_GPL(kill_pid_info_as_uid);
@@ -1293,19 +1347,19 @@ EXPORT_SYMBOL(kill_pid);
 * These functions support sending signals using preallocated sigqueue
 * structures.  This is needed "because realtime applications cannot
 * afford to lose notifications of asynchronous events, like timer
- * expirations or I/O completions".  In the case of Posix Timers 
+ * expirations or I/O completions".  In the case of Posix Timers
 * we allocate the sigqueue structure from the timer_create.  If this
 * allocation fails we are able to report the failure to the application
 * with an EAGAIN error.
 */
- 
 struct sigqueue *sigqueue_alloc(void)
 {
-        struct sigqueue *q;
+        struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
-        if ((q = __sigqueue_alloc(current, GFP_KERNEL, 0)))
+        if (q)
                q->flags |= SIGQUEUE_PREALLOC;
-        return(q);
+        return q;
 }
 void sigqueue_free(struct sigqueue *q)
@@ -1807,11 +1861,6 @@ relock:
        for (;;) {
                struct k_sigaction *ka;
-                if (unlikely(signal->group_stop_count > 0) &&
-                    do_signal_stop(0))
-                        goto relock;
                /*
                 * Tracing can induce an artifical signal and choose sigaction.
                 * The return value in @signr determines the default action,
@@ -1823,6 +1872,10 @@ relock:
                if (unlikely(signr != 0))
                        ka = return_ka;
                else {
+                        if (unlikely(signal->group_stop_count > 0) &&
+                            do_signal_stop(0))
+                                goto relock;
                        signr = dequeue_signal(current, &current->blocked,
                                               info);
@@ -1839,6 +1892,9 @@ relock:
                        ka = &sighand->action[signr-1];
                }
+                /* Trace actually delivered signals. */
+                trace_signal_deliver(signr, info, ka);
                if (ka->sa.sa_handler == SIG_IGN) /* Do nothing.  */
                        continue;
                if (ka->sa.sa_handler != SIG_DFL) {

diff --git a/kernel/signal.c b/kernel/signal.c index 6705320784fd..dbd7fe073c55 100644 --- a/kernel/signal.c +++ b/kernel/signal.c
@@ -22,12 +22,14 @@
22	#include <linux/ptrace.h>	22	#include <linux/ptrace.h>
23	#include <linux/signal.h>	23	#include <linux/signal.h>
24	#include <linux/signalfd.h>	24	#include <linux/signalfd.h>
		25	#include <linux/ratelimit.h>
25	#include <linux/tracehook.h>	26	#include <linux/tracehook.h>
26	#include <linux/capability.h>	27	#include <linux/capability.h>
27	#include <linux/freezer.h>	28	#include <linux/freezer.h>
28	#include <linux/pid_namespace.h>	29	#include <linux/pid_namespace.h>
29	#include <linux/nsproxy.h>	30	#include <linux/nsproxy.h>
30	#include <trace/events/sched.h>	31	#define CREATE_TRACE_POINTS
		32	#include <trace/events/signal.h>
31		33
32	#include <asm/param.h>	34	#include <asm/param.h>
33	#include <asm/uaccess.h>	35	#include <asm/uaccess.h>
@@ -41,6 +43,8 @@
41		43
42	static struct kmem_cache *sigqueue_cachep;	44	static struct kmem_cache *sigqueue_cachep;
43		45
		46	int print_fatal_signals __read_mostly;
		47
44	static void __user sig_handler(struct task_struct t, int sig)	48	static void __user sig_handler(struct task_struct t, int sig)
45	{	49	{
46	return t->sighand->action[sig - 1].sa.sa_handler;	50	return t->sighand->action[sig - 1].sa.sa_handler;
@@ -155,62 +159,98 @@ void recalc_sigpending(void)
155		159
156	/* Given the mask, find the first available signal that should be serviced. */	160	/* Given the mask, find the first available signal that should be serviced. */
157		161
		162	#define SYNCHRONOUS_MASK \
		163	(sigmask(SIGSEGV) \| sigmask(SIGBUS) \| sigmask(SIGILL) \| \
		164	sigmask(SIGTRAP) \| sigmask(SIGFPE))
		165
158	int next_signal(struct sigpending pending, sigset_t mask)	166	int next_signal(struct sigpending pending, sigset_t mask)
159	{	167	{
160	unsigned long i, s, m, x;	168	unsigned long i, s, m, x;
161	int sig = 0;	169	int sig = 0;
162		170
163	s = pending->signal.sig;	171	s = pending->signal.sig;
164	m = mask->sig;	172	m = mask->sig;
		173
		174	/*
		175	* Handle the first word specially: it contains the
		176	* synchronous signals that need to be dequeued first.
		177	*/
		178	x = s &~ m;
		179	if (x) {
		180	if (x & SYNCHRONOUS_MASK)
		181	x &= SYNCHRONOUS_MASK;
		182	sig = ffz(~x) + 1;
		183	return sig;
		184	}
		185
165	switch (_NSIG_WORDS) {	186	switch (_NSIG_WORDS) {
166	default:	187	default:
167	for (i = 0; i < _NSIG_WORDS; ++i, ++s, ++m)	188	for (i = 1; i < _NSIG_WORDS; ++i) {
168	if ((x = s &~ m) != 0) {	189	x = ++s &~ ++m;
169	sig = ffz(~x) + i*_NSIG_BPW + 1;	190	if (!x)
170	break;	191	continue;
171	}	192	sig = ffz(~x) + i*_NSIG_BPW + 1;
		193	break;
		194	}
172	break;	195	break;
173		196
174	case 2: if ((x = s[0] &~ m[0]) != 0)	197	case 2:
175	sig = 1;	198	x = s[1] &~ m[1];
176	else if ((x = s[1] &~ m[1]) != 0)	199	if (!x)
177	sig = _NSIG_BPW + 1;
178	else
179	break;	200	break;
180	sig += ffz(~x);	201	sig = ffz(~x) + _NSIG_BPW + 1;
181	break;	202	break;
182		203
183	case 1: if ((x = s &~ m) != 0)	204	case 1:
184	sig = ffz(~x) + 1;	205	/* Nothing to do */
185	break;	206	break;
186	}	207	}
187		208
188	return sig;	209	return sig;
189	}	210	}
190		211
		212	static inline void print_dropped_signal(int sig)
		213	{
		214	static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
		215
		216	if (!print_fatal_signals)
		217	return;
		218
		219	if (!__ratelimit(&ratelimit_state))
		220	return;
		221
		222	printk(KERN_INFO "%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
		223	current->comm, current->pid, sig);
		224	}
		225
191	/*	226	/*
192	* allocate a new signal queue record	227	* allocate a new signal queue record
193	* - this may be called without locks if and only if t == current, otherwise an	228	* - this may be called without locks if and only if t == current, otherwise an
194	* appopriate lock must be held to stop the target task from exiting	229	* appopriate lock must be held to stop the target task from exiting
195	*/	230	*/
196	static struct sigqueue __sigqueue_alloc(struct task_struct t, gfp_t flags,	231	static struct sigqueue *
197	int override_rlimit)	232	__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
198	{	233	{
199	struct sigqueue *q = NULL;	234	struct sigqueue *q = NULL;
200	struct user_struct *user;	235	struct user_struct *user;
201		236
202	/*	237	/*
203	* We won't get problems with the target's UID changing under us	238	* Protect access to @t credentials. This can go away when all
204	* because changing it requires RCU be used, and if t != current, the	239	* callers hold rcu read lock.
205	* caller must be holding the RCU readlock (by way of a spinlock) and
206	* we use RCU protection here
207	*/	240	*/
		241	rcu_read_lock();
208	user = get_uid(__task_cred(t)->user);	242	user = get_uid(__task_cred(t)->user);
209	atomic_inc(&user->sigpending);	243	atomic_inc(&user->sigpending);
		244	rcu_read_unlock();
		245
210	if (override_rlimit \|\|	246	if (override_rlimit \|\|
211	atomic_read(&user->sigpending) <=	247	atomic_read(&user->sigpending) <=
212	t->signal->rlim[RLIMIT_SIGPENDING].rlim_cur)	248	task_rlimit(t, RLIMIT_SIGPENDING)) {
213	q = kmem_cache_alloc(sigqueue_cachep, flags);	249	q = kmem_cache_alloc(sigqueue_cachep, flags);
		250	} else {
		251	print_dropped_signal(sig);
		252	}
		253
214	if (unlikely(q == NULL)) {	254	if (unlikely(q == NULL)) {
215	atomic_dec(&user->sigpending);	255	atomic_dec(&user->sigpending);
216	free_uid(user);	256	free_uid(user);
@@ -400,7 +440,7 @@ still_pending:
400	*/	440	*/
401	info->si_signo = sig;	441	info->si_signo = sig;
402	info->si_errno = 0;	442	info->si_errno = 0;
403	info->si_code = 0;	443	info->si_code = SI_USER;
404	info->si_pid = 0;	444	info->si_pid = 0;
405	info->si_uid = 0;	445	info->si_uid = 0;
406	}	446	}
@@ -584,6 +624,17 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s)
584	return 1;	624	return 1;
585	}	625	}
586		626
		627	static inline int is_si_special(const struct siginfo *info)
		628	{
		629	return info <= SEND_SIG_FORCED;
		630	}
		631
		632	static inline bool si_fromuser(const struct siginfo *info)
		633	{
		634	return info == SEND_SIG_NOINFO \|\|
		635	(!is_si_special(info) && SI_FROMUSER(info));
		636	}
		637
587	/*	638	/*
588	* Bad permissions for sending the signal	639	* Bad permissions for sending the signal
589	* - the caller must hold at least the RCU read lock	640	* - the caller must hold at least the RCU read lock
@@ -598,7 +649,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
598	if (!valid_signal(sig))	649	if (!valid_signal(sig))
599	return -EINVAL;	650	return -EINVAL;
600		651
601	if (info != SEND_SIG_NOINFO && (is_si_special(info) \|\| SI_FROMKERNEL(info)))	652	if (!si_fromuser(info))
602	return 0;	653	return 0;
603		654
604	error = audit_signal_info(sig, t); /* Let audit system see the signal */	655	error = audit_signal_info(sig, t); /* Let audit system see the signal */
@@ -834,7 +885,7 @@ static int __send_signal(int sig, struct siginfo info, struct task_struct t,
834	struct sigqueue *q;	885	struct sigqueue *q;
835	int override_rlimit;	886	int override_rlimit;
836		887
837	trace_sched_signal_send(sig, t);	888	trace_signal_generate(sig, info, t);
838		889
839	assert_spin_locked(&t->sighand->siglock);	890	assert_spin_locked(&t->sighand->siglock);
840		891
@@ -869,7 +920,7 @@ static int __send_signal(int sig, struct siginfo info, struct task_struct t,
869	else	920	else
870	override_rlimit = 0;	921	override_rlimit = 0;
871		922
872	q = __sigqueue_alloc(t, GFP_ATOMIC \| __GFP_NOTRACK_FALSE_POSITIVE,	923	q = __sigqueue_alloc(sig, t, GFP_ATOMIC \| __GFP_NOTRACK_FALSE_POSITIVE,
873	override_rlimit);	924	override_rlimit);
874	if (q) {	925	if (q) {
875	list_add_tail(&q->list, &pending->list);	926	list_add_tail(&q->list, &pending->list);
@@ -896,12 +947,21 @@ static int __send_signal(int sig, struct siginfo info, struct task_struct t,
896	break;	947	break;
897	}	948	}
898	} else if (!is_si_special(info)) {	949	} else if (!is_si_special(info)) {
899	if (sig >= SIGRTMIN && info->si_code != SI_USER)	950	if (sig >= SIGRTMIN && info->si_code != SI_USER) {
900	/*	951	/*
901	* Queue overflow, abort. We may abort if the signal was rt	952	* Queue overflow, abort. We may abort if the
902	* and sent by user using something other than kill().	953	* signal was rt and sent by user using something
903	*/	954	* other than kill().
		955	*/
		956	trace_signal_overflow_fail(sig, group, info);
904	return -EAGAIN;	957	return -EAGAIN;
		958	} else {
		959	/*
		960	* This is a silent loss of information. We still
		961	* send the signal, but the *info bits are lost.
		962	*/
		963	trace_signal_lose_info(sig, group, info);
		964	}
905	}	965	}
906		966
907	out_set:	967	out_set:
@@ -917,16 +977,13 @@ static int send_signal(int sig, struct siginfo info, struct task_struct t,
917	int from_ancestor_ns = 0;	977	int from_ancestor_ns = 0;
918		978
919	#ifdef CONFIG_PID_NS	979	#ifdef CONFIG_PID_NS
920	if (!is_si_special(info) && SI_FROMUSER(info) &&	980	from_ancestor_ns = si_fromuser(info) &&
921	task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)	981	!task_pid_nr_ns(current, task_active_pid_ns(t));
922	from_ancestor_ns = 1;
923	#endif	982	#endif
924		983
925	return __send_signal(sig, info, t, group, from_ancestor_ns);	984	return __send_signal(sig, info, t, group, from_ancestor_ns);
926	}	985	}
927		986
928	int print_fatal_signals;
929
930	static void print_fatal_signal(struct pt_regs *regs, int signr)	987	static void print_fatal_signal(struct pt_regs *regs, int signr)
931	{	988	{
932	printk("%s/%d: potentially unexpected fatal signal %d.\n",	989	printk("%s/%d: potentially unexpected fatal signal %d.\n",
@@ -939,7 +996,8 @@ static void print_fatal_signal(struct pt_regs *regs, int signr)
939	for (i = 0; i < 16; i++) {	996	for (i = 0; i < 16; i++) {
940	unsigned char insn;	997	unsigned char insn;
941		998
942	__get_user(insn, (unsigned char *)(regs->ip + i));	999	if (get_user(insn, (unsigned char *)(regs->ip + i)))
		1000	break;
943	printk("%02x ", insn);	1001	printk("%02x ", insn);
944	}	1002	}
945	}	1003	}
@@ -1022,12 +1080,6 @@ force_sig_info(int sig, struct siginfo info, struct task_struct t)
1022	return ret;	1080	return ret;
1023	}	1081	}
1024		1082
1025	void
1026	force_sig_specific(int sig, struct task_struct *t)
1027	{
1028	force_sig_info(sig, SEND_SIG_FORCED, t);
1029	}
1030
1031	/*	1083	/*
1032	* Nuke all other threads in the group.	1084	* Nuke all other threads in the group.
1033	*/	1085	*/
@@ -1145,19 +1197,19 @@ int kill_pid_info_as_uid(int sig, struct siginfo info, struct pid pid,
1145	int ret = -EINVAL;	1197	int ret = -EINVAL;
1146	struct task_struct *p;	1198	struct task_struct *p;
1147	const struct cred *pcred;	1199	const struct cred *pcred;
		1200	unsigned long flags;
1148		1201
1149	if (!valid_signal(sig))	1202	if (!valid_signal(sig))
1150	return ret;	1203	return ret;
1151		1204
1152	read_lock(&tasklist_lock);	1205	rcu_read_lock();
1153	p = pid_task(pid, PIDTYPE_PID);	1206	p = pid_task(pid, PIDTYPE_PID);
1154	if (!p) {	1207	if (!p) {
1155	ret = -ESRCH;	1208	ret = -ESRCH;
1156	goto out_unlock;	1209	goto out_unlock;
1157	}	1210	}
1158	pcred = __task_cred(p);	1211	pcred = __task_cred(p);
1159	if ((info == SEND_SIG_NOINFO \|\|	1212	if (si_fromuser(info) &&
1160	(!is_si_special(info) && SI_FROMUSER(info))) &&
1161	euid != pcred->suid && euid != pcred->uid &&	1213	euid != pcred->suid && euid != pcred->uid &&
1162	uid != pcred->suid && uid != pcred->uid) {	1214	uid != pcred->suid && uid != pcred->uid) {
1163	ret = -EPERM;	1215	ret = -EPERM;
@@ -1166,14 +1218,16 @@ int kill_pid_info_as_uid(int sig, struct siginfo info, struct pid pid,
1166	ret = security_task_kill(p, info, sig, secid);	1218	ret = security_task_kill(p, info, sig, secid);
1167	if (ret)	1219	if (ret)
1168	goto out_unlock;	1220	goto out_unlock;
1169	if (sig && p->sighand) {	1221
1170	unsigned long flags;	1222	if (sig) {
1171	spin_lock_irqsave(&p->sighand->siglock, flags);	1223	if (lock_task_sighand(p, &flags)) {
1172	ret = __send_signal(sig, info, p, 1, 0);	1224	ret = __send_signal(sig, info, p, 1, 0);
1173	spin_unlock_irqrestore(&p->sighand->siglock, flags);	1225	unlock_task_sighand(p, &flags);
		1226	} else
		1227	ret = -ESRCH;
1174	}	1228	}
1175	out_unlock:	1229	out_unlock:
1176	read_unlock(&tasklist_lock);	1230	rcu_read_unlock();
1177	return ret;	1231	return ret;
1178	}	1232	}
1179	EXPORT_SYMBOL_GPL(kill_pid_info_as_uid);	1233	EXPORT_SYMBOL_GPL(kill_pid_info_as_uid);
@@ -1293,19 +1347,19 @@ EXPORT_SYMBOL(kill_pid);
1293	* These functions support sending signals using preallocated sigqueue	1347	* These functions support sending signals using preallocated sigqueue
1294	* structures. This is needed "because realtime applications cannot	1348	* structures. This is needed "because realtime applications cannot
1295	* afford to lose notifications of asynchronous events, like timer	1349	* afford to lose notifications of asynchronous events, like timer
1296	* expirations or I/O completions". In the case of Posix Timers	1350	* expirations or I/O completions". In the case of Posix Timers
1297	* we allocate the sigqueue structure from the timer_create. If this	1351	* we allocate the sigqueue structure from the timer_create. If this
1298	* allocation fails we are able to report the failure to the application	1352	* allocation fails we are able to report the failure to the application
1299	* with an EAGAIN error.	1353	* with an EAGAIN error.
1300	*/	1354	*/
1301
1302	struct sigqueue *sigqueue_alloc(void)	1355	struct sigqueue *sigqueue_alloc(void)
1303	{	1356	{
1304	struct sigqueue *q;	1357	struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
1305		1358
1306	if ((q = __sigqueue_alloc(current, GFP_KERNEL, 0)))	1359	if (q)
1307	q->flags \|= SIGQUEUE_PREALLOC;	1360	q->flags \|= SIGQUEUE_PREALLOC;
1308	return(q);	1361
		1362	return q;
1309	}	1363	}
1310		1364
1311	void sigqueue_free(struct sigqueue *q)	1365	void sigqueue_free(struct sigqueue *q)
@@ -1807,11 +1861,6 @@ relock:
1807		1861
1808	for (;;) {	1862	for (;;) {
1809	struct k_sigaction *ka;	1863	struct k_sigaction *ka;
1810
1811	if (unlikely(signal->group_stop_count > 0) &&
1812	do_signal_stop(0))
1813	goto relock;
1814
1815	/*	1864	/*
1816	* Tracing can induce an artifical signal and choose sigaction.	1865	* Tracing can induce an artifical signal and choose sigaction.
1817	* The return value in @signr determines the default action,	1866	* The return value in @signr determines the default action,
@@ -1823,6 +1872,10 @@ relock:
1823	if (unlikely(signr != 0))	1872	if (unlikely(signr != 0))
1824	ka = return_ka;	1873	ka = return_ka;
1825	else {	1874	else {
		1875	if (unlikely(signal->group_stop_count > 0) &&
		1876	do_signal_stop(0))
		1877	goto relock;
		1878
1826	signr = dequeue_signal(current, &current->blocked,	1879	signr = dequeue_signal(current, &current->blocked,
1827	info);	1880	info);
1828		1881
@@ -1839,6 +1892,9 @@ relock:
1839	ka = &sighand->action[signr-1];	1892	ka = &sighand->action[signr-1];
1840	}	1893	}
1841		1894
		1895	/* Trace actually delivered signals. */
		1896	trace_signal_deliver(signr, info, ka);
		1897
1842	if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */	1898	if (ka->sa.sa_handler == SIG_IGN) /* Do nothing. */
1843	continue;	1899	continue;
1844	if (ka->sa.sa_handler != SIG_DFL) {	1900	if (ka->sa.sa_handler != SIG_DFL) {