1 files changed, 147 insertions, 132 deletions
diff --git a/kernel/signal.c b/kernel/signal.c
index 64c5deeaca5d..1814e68e4de3 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -22,12 +22,14 @@
 #include <linux/ptrace.h>
 #include <linux/signal.h>
 #include <linux/signalfd.h>
+#include <linux/ratelimit.h>
 #include <linux/tracehook.h>
 #include <linux/capability.h>
 #include <linux/freezer.h>
 #include <linux/pid_namespace.h>
 #include <linux/nsproxy.h>
-#include <trace/events/sched.h>
+#define CREATE_TRACE_POINTS
+#include <trace/events/signal.h>
 #include <asm/param.h>
 #include <asm/uaccess.h>
@@ -41,6 +43,8 @@
 static struct kmem_cache *sigqueue_cachep;
+int print_fatal_signals __read_mostly;
 static void __user *sig_handler(struct task_struct *t, int sig)
 {
        return t->sighand->action[sig - 1].sa.sa_handler;
@@ -159,7 +163,7 @@ int next_signal(struct sigpending *pending, sigset_t *mask)
 {
        unsigned long i, *s, *m, x;
        int sig = 0;
-        
        s = pending->signal.sig;
        m = mask->sig;
        switch (_NSIG_WORDS) {
@@ -184,17 +188,31 @@ int next_signal(struct sigpending *pending, sigset_t *mask)
                        sig = ffz(~x) + 1;
                break;
        }
-        
        return sig;
 }
+static inline void print_dropped_signal(int sig)
+{
+        static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
+        if (!print_fatal_signals)
+                return;
+        if (!__ratelimit(&ratelimit_state))
+                return;
+        printk(KERN_INFO "%s/%d: reached RLIMIT_SIGPENDING, dropped signal %d\n",
+                                current->comm, current->pid, sig);
+}
 /*
 * allocate a new signal queue record
 * - this may be called without locks if and only if t == current, otherwise an
 *   appopriate lock must be held to stop the target task from exiting
 */
-static struct sigqueue *__sigqueue_alloc(struct task_struct *t, gfp_t flags,
+static struct sigqueue *
-                                         int override_rlimit)
+__sigqueue_alloc(int sig, struct task_struct *t, gfp_t flags, int override_rlimit)
 {
        struct sigqueue *q = NULL;
        struct user_struct *user;
@@ -207,10 +225,15 @@ static struct sigqueue *__sigqueue_alloc(struct task_struct *t, gfp_t flags,
         */
        user = get_uid(__task_cred(t)->user);
        atomic_inc(&user->sigpending);
        if (override_rlimit ||
            atomic_read(&user->sigpending) <=
-                        t->signal->rlim[RLIMIT_SIGPENDING].rlim_cur)
+                        t->signal->rlim[RLIMIT_SIGPENDING].rlim_cur) {
                q = kmem_cache_alloc(sigqueue_cachep, flags);
+        } else {
+                print_dropped_signal(sig);
+        }
        if (unlikely(q == NULL)) {
                atomic_dec(&user->sigpending);
                free_uid(user);
@@ -400,7 +423,7 @@ still_pending:
                 */
                info->si_signo = sig;
                info->si_errno = 0;
-                info->si_code = 0;
+                info->si_code = SI_USER;
                info->si_pid = 0;
                info->si_uid = 0;
        }
@@ -584,6 +607,17 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s)
        return 1;
 }
+static inline int is_si_special(const struct siginfo *info)
+{
+        return info <= SEND_SIG_FORCED;
+}
+static inline bool si_fromuser(const struct siginfo *info)
+{
+        return info == SEND_SIG_NOINFO ||
+                (!is_si_special(info) && SI_FROMUSER(info));
+}
 /*
 * Bad permissions for sending the signal
 * - the caller must hold at least the RCU read lock
@@ -598,7 +632,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
        if (!valid_signal(sig))
                return -EINVAL;
-        if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
+        if (!si_fromuser(info))
                return 0;
        error = audit_signal_info(sig, t); /* Let audit system see the signal */
@@ -705,7 +739,7 @@ static int prepare_signal(int sig, struct task_struct *p, int from_ancestor_ns)
                if (why) {
                        /*
-                         * The first thread which returns from finish_stop()
+                         * The first thread which returns from do_signal_stop()
                         * will take ->siglock, notice SIGNAL_CLD_MASK, and
                         * notify its parent. See get_signal_to_deliver().
                         */
@@ -834,7 +868,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
        struct sigqueue *q;
        int override_rlimit;
-        trace_sched_signal_send(sig, t);
+        trace_signal_generate(sig, info, t);
        assert_spin_locked(&t->sighand->siglock);
@@ -869,7 +903,7 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
        else
                override_rlimit = 0;
-        q = __sigqueue_alloc(t, GFP_ATOMIC | __GFP_NOTRACK_FALSE_POSITIVE,
+        q = __sigqueue_alloc(sig, t, GFP_ATOMIC | __GFP_NOTRACK_FALSE_POSITIVE,
                override_rlimit);
        if (q) {
                list_add_tail(&q->list, &pending->list);
@@ -896,12 +930,21 @@ static int __send_signal(int sig, struct siginfo *info, struct task_struct *t,
                        break;
                }
        } else if (!is_si_special(info)) {
-                if (sig >= SIGRTMIN && info->si_code != SI_USER)
+                if (sig >= SIGRTMIN && info->si_code != SI_USER) {
-                /*
+                        /*
-                 * Queue overflow, abort.  We may abort if the signal was rt
+                         * Queue overflow, abort.  We may abort if the
-                 * and sent by user using something other than kill().
+                         * signal was rt and sent by user using something
-                 */
+                         * other than kill().
+                         */
+                        trace_signal_overflow_fail(sig, group, info);
                        return -EAGAIN;
+                } else {
+                        /*
+                         * This is a silent loss of information.  We still
+                         * send the signal, but the *info bits are lost.
+                         */
+                        trace_signal_lose_info(sig, group, info);
+                }
        }
 out_set:
@@ -917,16 +960,13 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
        int from_ancestor_ns = 0;
 #ifdef CONFIG_PID_NS
-        if (!is_si_special(info) && SI_FROMUSER(info) &&
+        from_ancestor_ns = si_fromuser(info) &&
-                        task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)
+                           !task_pid_nr_ns(current, task_active_pid_ns(t));
-                from_ancestor_ns = 1;
 #endif
        return __send_signal(sig, info, t, group, from_ancestor_ns);
 }
-int print_fatal_signals;
 static void print_fatal_signal(struct pt_regs *regs, int signr)
 {
        printk("%s/%d: potentially unexpected fatal signal %d.\n",
@@ -971,6 +1011,20 @@ specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t)
        return send_signal(sig, info, t, 0);
 }
+int do_send_sig_info(int sig, struct siginfo *info, struct task_struct *p,
+                        bool group)
+{
+        unsigned long flags;
+        int ret = -ESRCH;
+        if (lock_task_sighand(p, &flags)) {
+                ret = send_signal(sig, info, p, group);
+                unlock_task_sighand(p, &flags);
+        }
+        return ret;
+}
 /*
 * Force a signal that the process can't ignore: if necessary
 * we unblock the signal and change any SIG_IGN to SIG_DFL.
@@ -1008,12 +1062,6 @@ force_sig_info(int sig, struct siginfo *info, struct task_struct *t)
        return ret;
 }
-void
-force_sig_specific(int sig, struct task_struct *t)
-{
-        force_sig_info(sig, SEND_SIG_FORCED, t);
-}
 /*
 * Nuke all other threads in the group.
 */
@@ -1036,12 +1084,6 @@ void zap_other_threads(struct task_struct *p)
        }
 }
-int __fatal_signal_pending(struct task_struct *tsk)
-{
-        return sigismember(&tsk->pending.signal, SIGKILL);
-}
-EXPORT_SYMBOL(__fatal_signal_pending);
 struct sighand_struct *lock_task_sighand(struct task_struct *tsk, unsigned long *flags)
 {
        struct sighand_struct *sighand;
@@ -1068,18 +1110,10 @@ struct sighand_struct *lock_task_sighand(struct task_struct *tsk, unsigned long
 */
 int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p)
 {
-        unsigned long flags;
+        int ret = check_kill_permission(sig, info, p);
-        int ret;
-        ret = check_kill_permission(sig, info, p);
-        if (!ret && sig) {
+        if (!ret && sig)
-                ret = -ESRCH;
+                ret = do_send_sig_info(sig, info, p, true);
-                if (lock_task_sighand(p, &flags)) {
-                        ret = __group_send_sig_info(sig, info, p);
-                        unlock_task_sighand(p, &flags);
-                }
-        }
        return ret;
 }
@@ -1156,8 +1190,7 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
                goto out_unlock;
        }
        pcred = __task_cred(p);
-        if ((info == SEND_SIG_NOINFO ||
+        if (si_fromuser(info) &&
-             (!is_si_special(info) && SI_FROMUSER(info))) &&
            euid != pcred->suid && euid != pcred->uid &&
            uid  != pcred->suid && uid  != pcred->uid) {
                ret = -EPERM;
@@ -1224,15 +1257,9 @@ static int kill_something_info(int sig, struct siginfo *info, pid_t pid)
 * These are for backward compatibility with the rest of the kernel source.
 */
-/*
- * The caller must ensure the task can't exit.
- */
 int
 send_sig_info(int sig, struct siginfo *info, struct task_struct *p)
 {
-        int ret;
-        unsigned long flags;
        /*
         * Make sure legacy kernel users don't send in bad values
         * (normal paths check this in check_kill_permission).
@@ -1240,10 +1267,7 @@ send_sig_info(int sig, struct siginfo *info, struct task_struct *p)
        if (!valid_signal(sig))
                return -EINVAL;
-        spin_lock_irqsave(&p->sighand->siglock, flags);
+        return do_send_sig_info(sig, info, p, false);
-        ret = specific_send_sig_info(sig, info, p);
-        spin_unlock_irqrestore(&p->sighand->siglock, flags);
-        return ret;
 }
 #define __si_special(priv) \
@@ -1302,19 +1326,19 @@ EXPORT_SYMBOL(kill_pid);
 * These functions support sending signals using preallocated sigqueue
 * structures.  This is needed "because realtime applications cannot
 * afford to lose notifications of asynchronous events, like timer
- * expirations or I/O completions".  In the case of Posix Timers 
+ * expirations or I/O completions".  In the case of Posix Timers
 * we allocate the sigqueue structure from the timer_create.  If this
 * allocation fails we are able to report the failure to the application
 * with an EAGAIN error.
 */
- 
 struct sigqueue *sigqueue_alloc(void)
 {
-        struct sigqueue *q;
+        struct sigqueue *q = __sigqueue_alloc(-1, current, GFP_KERNEL, 0);
-        if ((q = __sigqueue_alloc(current, GFP_KERNEL, 0)))
+        if (q)
                q->flags |= SIGQUEUE_PREALLOC;
-        return(q);
+        return q;
 }
 void sigqueue_free(struct sigqueue *q)
@@ -1383,15 +1407,6 @@ ret:
 }
 /*
- * Wake up any threads in the parent blocked in wait* syscalls.
- */
-static inline void __wake_up_parent(struct task_struct *p,
-                                    struct task_struct *parent)
-{
-        wake_up_interruptible_sync(&parent->signal->wait_chldexit);
-}
-/*
 * Let a parent know about the death of a child.
 * For a stopped/continued status change, use do_notify_parent_cldstop instead.
 *
@@ -1673,29 +1688,6 @@ void ptrace_notify(int exit_code)
        spin_unlock_irq(&current->sighand->siglock);
 }
-static void
-finish_stop(int stop_count)
-{
-        /*
-         * If there are no other threads in the group, or if there is
-         * a group stop in progress and we are the last to stop,
-         * report to the parent.  When ptraced, every thread reports itself.
-         */
-        if (tracehook_notify_jctl(stop_count == 0, CLD_STOPPED)) {
-                read_lock(&tasklist_lock);
-                do_notify_parent_cldstop(current, CLD_STOPPED);
-                read_unlock(&tasklist_lock);
-        }
-        do {
-                schedule();
-        } while (try_to_freeze());
-        /*
-         * Now we don't run again until continued.
-         */
-        current->exit_code = 0;
-}
 /*
 * This performs the stopping for SIGSTOP and other stop signals.
 * We have to stop all threads in the thread group.
@@ -1705,15 +1697,9 @@ finish_stop(int stop_count)
 static int do_signal_stop(int signr)
 {
        struct signal_struct *sig = current->signal;
-        int stop_count;
+        int notify;
-        if (sig->group_stop_count > 0) {
+        if (!sig->group_stop_count) {
-                /*
-                 * There is a group stop in progress.  We don't need to
-                 * start another one.
-                 */
-                stop_count = --sig->group_stop_count;
-        } else {
                struct task_struct *t;
                if (!likely(sig->flags & SIGNAL_STOP_DEQUEUED) ||
@@ -1725,7 +1711,7 @@ static int do_signal_stop(int signr)
                 */
                sig->group_exit_code = signr;
-                stop_count = 0;
+                sig->group_stop_count = 1;
                for (t = next_thread(current); t != current; t = next_thread(t))
                        /*
                         * Setting state to TASK_STOPPED for a group
@@ -1734,19 +1720,44 @@ static int do_signal_stop(int signr)
                         */
                        if (!(t->flags & PF_EXITING) &&
                            !task_is_stopped_or_traced(t)) {
-                                stop_count++;
+                                sig->group_stop_count++;
                                signal_wake_up(t, 0);
                        }
-                sig->group_stop_count = stop_count;
        }
+        /*
+         * If there are no other threads in the group, or if there is
+         * a group stop in progress and we are the last to stop, report
+         * to the parent.  When ptraced, every thread reports itself.
+         */
+        notify = sig->group_stop_count == 1 ? CLD_STOPPED : 0;
+        notify = tracehook_notify_jctl(notify, CLD_STOPPED);
+        /*
+         * tracehook_notify_jctl() can drop and reacquire siglock, so
+         * we keep ->group_stop_count != 0 before the call. If SIGCONT
+         * or SIGKILL comes in between ->group_stop_count == 0.
+         */
+        if (sig->group_stop_count) {
+                if (!--sig->group_stop_count)
+                        sig->flags = SIGNAL_STOP_STOPPED;
+                current->exit_code = sig->group_exit_code;
+                __set_current_state(TASK_STOPPED);
+        }
+        spin_unlock_irq(&current->sighand->siglock);
-        if (stop_count == 0)
+        if (notify) {
-                sig->flags = SIGNAL_STOP_STOPPED;
+                read_lock(&tasklist_lock);
-        current->exit_code = sig->group_exit_code;
+                do_notify_parent_cldstop(current, notify);
-        __set_current_state(TASK_STOPPED);
+                read_unlock(&tasklist_lock);
+        }
+        /* Now we don't run again until woken by SIGCONT or SIGKILL */
+        do {
+                schedule();
+        } while (try_to_freeze());
+        tracehook_finish_jctl();
+        current->exit_code = 0;
-        spin_unlock_irq(&current->sighand->siglock);
-        finish_stop(stop_count);
        return 1;
 }
@@ -1815,24 +1826,20 @@ relock:
                int why = (signal->flags & SIGNAL_STOP_CONTINUED)
                                ? CLD_CONTINUED : CLD_STOPPED;
                signal->flags &= ~SIGNAL_CLD_MASK;
-                spin_unlock_irq(&sighand->siglock);
-                if (unlikely(!tracehook_notify_jctl(1, why)))
+                why = tracehook_notify_jctl(why, CLD_CONTINUED);
-                        goto relock;
+                spin_unlock_irq(&sighand->siglock);
-                read_lock(&tasklist_lock);
+                if (why) {
-                do_notify_parent_cldstop(current->group_leader, why);
+                        read_lock(&tasklist_lock);
-                read_unlock(&tasklist_lock);
+                        do_notify_parent_cldstop(current->group_leader, why);
+                        read_unlock(&tasklist_lock);
+                }
                goto relock;
        }
        for (;;) {
                struct k_sigaction *ka;
-                if (unlikely(signal->group_stop_count > 0) &&
-                    do_signal_stop(0))
-                        goto relock;
                /*
                 * Tracing can induce an artifical signal and choose sigaction.
                 * The return value in @signr determines the default action,
@@ -1844,6 +1851,10 @@ relock:
                if (unlikely(signr != 0))
                        ka = return_ka;
                else {
+                        if (unlikely(signal->group_stop_count > 0) &&
+                            do_signal_stop(0))
+                                goto relock;
                        signr = dequeue_signal(current, &current->blocked,
                                               info);
@@ -1860,6 +1871,9 @@ relock:
                        ka = &sighand->action[signr-1];
                }
+                /* Trace actually delivered signals. */
+                trace_signal_deliver(signr, info, ka);
                if (ka->sa.sa_handler == SIG_IGN) /* Do nothing.  */
                        continue;
                if (ka->sa.sa_handler != SIG_DFL) {
@@ -1987,14 +2001,14 @@ void exit_signals(struct task_struct *tsk)
        if (unlikely(tsk->signal->group_stop_count) &&
                        !--tsk->signal->group_stop_count) {
                tsk->signal->flags = SIGNAL_STOP_STOPPED;
-                group_stop = 1;
+                group_stop = tracehook_notify_jctl(CLD_STOPPED, CLD_STOPPED);
        }
 out:
        spin_unlock_irq(&tsk->sighand->siglock);
-        if (unlikely(group_stop) && tracehook_notify_jctl(1, CLD_STOPPED)) {
+        if (unlikely(group_stop)) {
                read_lock(&tasklist_lock);
-                do_notify_parent_cldstop(tsk, CLD_STOPPED);
+                do_notify_parent_cldstop(tsk, group_stop);
                read_unlock(&tasklist_lock);
        }
 }
@@ -2290,7 +2304,6 @@ static int
 do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info)
 {
        struct task_struct *p;
-        unsigned long flags;
        int error = -ESRCH;
        rcu_read_lock();
@@ -2300,14 +2313,16 @@ do_send_specific(pid_t tgid, pid_t pid, int sig, struct siginfo *info)
                /*
                 * The null signal is a permissions and process existence
                 * probe.  No signal is actually delivered.
-                 *
-                 * If lock_task_sighand() fails we pretend the task dies
-                 * after receiving the signal. The window is tiny, and the
-                 * signal is private anyway.
                 */
-                if (!error && sig && lock_task_sighand(p, &flags)) {
+                if (!error && sig) {
-                        error = specific_send_sig_info(sig, info, p);
+                        error = do_send_sig_info(sig, info, p, false);
-                        unlock_task_sighand(p, &flags);
+                        /*
+                         * If lock_task_sighand() failed we pretend the task
+                         * dies after receiving the signal. The window is tiny,
+                         * and the signal is private anyway.
+                         */
+                        if (unlikely(error == -ESRCH))
+                                error = 0;
                }
        }
        rcu_read_unlock();