diff options
Diffstat (limited to 'kernel/signal.c')
| -rw-r--r-- | kernel/signal.c | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/kernel/signal.c b/kernel/signal.c index 2ac3a668d9dd..364fc95bf97c 100644 --- a/kernel/signal.c +++ b/kernel/signal.c | |||
| @@ -21,6 +21,7 @@ | |||
| 21 | #include <linux/syscalls.h> | 21 | #include <linux/syscalls.h> |
| 22 | #include <linux/ptrace.h> | 22 | #include <linux/ptrace.h> |
| 23 | #include <linux/signal.h> | 23 | #include <linux/signal.h> |
| 24 | #include <linux/signalfd.h> | ||
| 24 | #include <linux/capability.h> | 25 | #include <linux/capability.h> |
| 25 | #include <linux/freezer.h> | 26 | #include <linux/freezer.h> |
| 26 | #include <linux/pid_namespace.h> | 27 | #include <linux/pid_namespace.h> |
| @@ -113,8 +114,7 @@ void recalc_sigpending(void) | |||
| 113 | 114 | ||
| 114 | /* Given the mask, find the first available signal that should be serviced. */ | 115 | /* Given the mask, find the first available signal that should be serviced. */ |
| 115 | 116 | ||
| 116 | static int | 117 | int next_signal(struct sigpending *pending, sigset_t *mask) |
| 117 | next_signal(struct sigpending *pending, sigset_t *mask) | ||
| 118 | { | 118 | { |
| 119 | unsigned long i, *s, *m, x; | 119 | unsigned long i, *s, *m, x; |
| 120 | int sig = 0; | 120 | int sig = 0; |
| @@ -497,6 +497,11 @@ static int check_kill_permission(int sig, struct siginfo *info, | |||
| 497 | int error = -EINVAL; | 497 | int error = -EINVAL; |
| 498 | if (!valid_signal(sig)) | 498 | if (!valid_signal(sig)) |
| 499 | return error; | 499 | return error; |
| 500 | |||
| 501 | error = audit_signal_info(sig, t); /* Let audit system see the signal */ | ||
| 502 | if (error) | ||
| 503 | return error; | ||
| 504 | |||
| 500 | error = -EPERM; | 505 | error = -EPERM; |
| 501 | if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) | 506 | if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) |
| 502 | && ((sig != SIGCONT) || | 507 | && ((sig != SIGCONT) || |
| @@ -506,10 +511,7 @@ static int check_kill_permission(int sig, struct siginfo *info, | |||
| 506 | && !capable(CAP_KILL)) | 511 | && !capable(CAP_KILL)) |
| 507 | return error; | 512 | return error; |
| 508 | 513 | ||
| 509 | error = security_task_kill(t, info, sig, 0); | 514 | return security_task_kill(t, info, sig, 0); |
| 510 | if (!error) | ||
| 511 | audit_signal_info(sig, t); /* Let audit system see the signal */ | ||
| 512 | return error; | ||
| 513 | } | 515 | } |
| 514 | 516 | ||
| 515 | /* forward decl */ | 517 | /* forward decl */ |
| @@ -630,6 +632,12 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t, | |||
| 630 | int ret = 0; | 632 | int ret = 0; |
| 631 | 633 | ||
| 632 | /* | 634 | /* |
| 635 | * Deliver the signal to listening signalfds. This must be called | ||
| 636 | * with the sighand lock held. | ||
| 637 | */ | ||
| 638 | signalfd_notify(t, sig); | ||
| 639 | |||
| 640 | /* | ||
| 633 | * fast-pathed signals for kernel-internal things like SIGSTOP | 641 | * fast-pathed signals for kernel-internal things like SIGSTOP |
| 634 | * or SIGKILL. | 642 | * or SIGKILL. |
| 635 | */ | 643 | */ |
| @@ -1280,6 +1288,11 @@ int send_sigqueue(int sig, struct sigqueue *q, struct task_struct *p) | |||
| 1280 | ret = 1; | 1288 | ret = 1; |
| 1281 | goto out; | 1289 | goto out; |
| 1282 | } | 1290 | } |
| 1291 | /* | ||
| 1292 | * Deliver the signal to listening signalfds. This must be called | ||
| 1293 | * with the sighand lock held. | ||
| 1294 | */ | ||
| 1295 | signalfd_notify(p, sig); | ||
| 1283 | 1296 | ||
| 1284 | list_add_tail(&q->list, &p->pending.list); | 1297 | list_add_tail(&q->list, &p->pending.list); |
| 1285 | sigaddset(&p->pending.signal, sig); | 1298 | sigaddset(&p->pending.signal, sig); |
| @@ -1323,6 +1336,11 @@ send_group_sigqueue(int sig, struct sigqueue *q, struct task_struct *p) | |||
| 1323 | q->info.si_overrun++; | 1336 | q->info.si_overrun++; |
| 1324 | goto out; | 1337 | goto out; |
| 1325 | } | 1338 | } |
| 1339 | /* | ||
| 1340 | * Deliver the signal to listening signalfds. This must be called | ||
| 1341 | * with the sighand lock held. | ||
| 1342 | */ | ||
| 1343 | signalfd_notify(p, sig); | ||
| 1326 | 1344 | ||
| 1327 | /* | 1345 | /* |
| 1328 | * Put this signal on the shared-pending queue. | 1346 | * Put this signal on the shared-pending queue. |
| @@ -1983,6 +2001,8 @@ int copy_siginfo_to_user(siginfo_t __user *to, siginfo_t *from) | |||
| 1983 | /* | 2001 | /* |
| 1984 | * If you change siginfo_t structure, please be sure | 2002 | * If you change siginfo_t structure, please be sure |
| 1985 | * this code is fixed accordingly. | 2003 | * this code is fixed accordingly. |
| 2004 | * Please remember to update the signalfd_copyinfo() function | ||
| 2005 | * inside fs/signalfd.c too, in case siginfo_t changes. | ||
| 1986 | * It should never copy any pad contained in the structure | 2006 | * It should never copy any pad contained in the structure |
| 1987 | * to avoid security leaks, but must copy the generic | 2007 | * to avoid security leaks, but must copy the generic |
| 1988 | * 3 ints plus the relevant union member. | 2008 | * 3 ints plus the relevant union member. |