aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'kernel')
-rw-r--r--kernel/audit.h13
-rw-r--r--kernel/auditfilter.c48
-rw-r--r--kernel/auditsc.c311
-rw-r--r--kernel/compat.c8
-rw-r--r--kernel/exit.c22
-rw-r--r--kernel/fork.c24
-rw-r--r--kernel/irq/proc.c7
-rw-r--r--kernel/pid.c11
-rw-r--r--kernel/ptrace.c3
-rw-r--r--kernel/signal.c32
-rw-r--r--kernel/stop_machine.c4
-rw-r--r--kernel/sys.c14
-rw-r--r--kernel/sys_ni.c7
13 files changed, 385 insertions, 119 deletions
diff --git a/kernel/audit.h b/kernel/audit.h
index a3370232a390..815d6f5c04ee 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -83,6 +83,7 @@ struct audit_krule {
83 u32 field_count; 83 u32 field_count;
84 char *filterkey; /* ties events to rules */ 84 char *filterkey; /* ties events to rules */
85 struct audit_field *fields; 85 struct audit_field *fields;
86 struct audit_field *arch_f; /* quick access to arch field */
86 struct audit_field *inode_f; /* quick access to an inode field */ 87 struct audit_field *inode_f; /* quick access to an inode field */
87 struct audit_watch *watch; /* associated watch */ 88 struct audit_watch *watch; /* associated watch */
88 struct list_head rlist; /* entry in audit_watch.rules list */ 89 struct list_head rlist; /* entry in audit_watch.rules list */
@@ -131,17 +132,19 @@ extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32,
131extern int selinux_audit_rule_update(void); 132extern int selinux_audit_rule_update(void);
132 133
133#ifdef CONFIG_AUDITSYSCALL 134#ifdef CONFIG_AUDITSYSCALL
134extern void __audit_signal_info(int sig, struct task_struct *t); 135extern int __audit_signal_info(int sig, struct task_struct *t);
135static inline void audit_signal_info(int sig, struct task_struct *t) 136static inline int audit_signal_info(int sig, struct task_struct *t)
136{ 137{
137 if (unlikely(audit_pid && t->tgid == audit_pid)) 138 if (unlikely((audit_pid && t->tgid == audit_pid) ||
138 __audit_signal_info(sig, t); 139 (audit_signals && !audit_dummy_context())))
140 return __audit_signal_info(sig, t);
141 return 0;
139} 142}
140extern enum audit_state audit_filter_inodes(struct task_struct *, 143extern enum audit_state audit_filter_inodes(struct task_struct *,
141 struct audit_context *); 144 struct audit_context *);
142extern void audit_set_auditable(struct audit_context *); 145extern void audit_set_auditable(struct audit_context *);
143#else 146#else
144#define audit_signal_info(s,t) 147#define audit_signal_info(s,t) AUDIT_DISABLED
145#define audit_filter_inodes(t,c) AUDIT_DISABLED 148#define audit_filter_inodes(t,c) AUDIT_DISABLED
146#define audit_set_auditable(c) 149#define audit_set_auditable(c)
147#endif 150#endif
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 3749193aed8c..6c61263ff96d 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -311,6 +311,43 @@ int audit_match_class(int class, unsigned syscall)
311 return classes[class][AUDIT_WORD(syscall)] & AUDIT_BIT(syscall); 311 return classes[class][AUDIT_WORD(syscall)] & AUDIT_BIT(syscall);
312} 312}
313 313
314static inline int audit_match_class_bits(int class, u32 *mask)
315{
316 int i;
317
318 if (classes[class]) {
319 for (i = 0; i < AUDIT_BITMASK_SIZE; i++)
320 if (mask[i] & classes[class][i])
321 return 0;
322 }
323 return 1;
324}
325
326static int audit_match_signal(struct audit_entry *entry)
327{
328 struct audit_field *arch = entry->rule.arch_f;
329
330 if (!arch) {
331 /* When arch is unspecified, we must check both masks on biarch
332 * as syscall number alone is ambiguous. */
333 return (audit_match_class_bits(AUDIT_CLASS_SIGNAL,
334 entry->rule.mask) &&
335 audit_match_class_bits(AUDIT_CLASS_SIGNAL_32,
336 entry->rule.mask));
337 }
338
339 switch(audit_classify_arch(arch->val)) {
340 case 0: /* native */
341 return (audit_match_class_bits(AUDIT_CLASS_SIGNAL,
342 entry->rule.mask));
343 case 1: /* 32bit on biarch */
344 return (audit_match_class_bits(AUDIT_CLASS_SIGNAL_32,
345 entry->rule.mask));
346 default:
347 return 1;
348 }
349}
350
314/* Common user-space to kernel rule translation. */ 351/* Common user-space to kernel rule translation. */
315static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule) 352static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
316{ 353{
@@ -429,6 +466,7 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
429 err = -EINVAL; 466 err = -EINVAL;
430 goto exit_free; 467 goto exit_free;
431 } 468 }
469 entry->rule.arch_f = f;
432 break; 470 break;
433 case AUDIT_PERM: 471 case AUDIT_PERM:
434 if (f->val & ~15) 472 if (f->val & ~15)
@@ -519,7 +557,6 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
519 case AUDIT_FSGID: 557 case AUDIT_FSGID:
520 case AUDIT_LOGINUID: 558 case AUDIT_LOGINUID:
521 case AUDIT_PERS: 559 case AUDIT_PERS:
522 case AUDIT_ARCH:
523 case AUDIT_MSGTYPE: 560 case AUDIT_MSGTYPE:
524 case AUDIT_PPID: 561 case AUDIT_PPID:
525 case AUDIT_DEVMAJOR: 562 case AUDIT_DEVMAJOR:
@@ -531,6 +568,9 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
531 case AUDIT_ARG2: 568 case AUDIT_ARG2:
532 case AUDIT_ARG3: 569 case AUDIT_ARG3:
533 break; 570 break;
571 case AUDIT_ARCH:
572 entry->rule.arch_f = f;
573 break;
534 case AUDIT_SUBJ_USER: 574 case AUDIT_SUBJ_USER:
535 case AUDIT_SUBJ_ROLE: 575 case AUDIT_SUBJ_ROLE:
536 case AUDIT_SUBJ_TYPE: 576 case AUDIT_SUBJ_TYPE:
@@ -1221,6 +1261,9 @@ static inline int audit_add_rule(struct audit_entry *entry,
1221#ifdef CONFIG_AUDITSYSCALL 1261#ifdef CONFIG_AUDITSYSCALL
1222 if (!dont_count) 1262 if (!dont_count)
1223 audit_n_rules++; 1263 audit_n_rules++;
1264
1265 if (!audit_match_signal(entry))
1266 audit_signals++;
1224#endif 1267#endif
1225 mutex_unlock(&audit_filter_mutex); 1268 mutex_unlock(&audit_filter_mutex);
1226 1269
@@ -1294,6 +1337,9 @@ static inline int audit_del_rule(struct audit_entry *entry,
1294#ifdef CONFIG_AUDITSYSCALL 1337#ifdef CONFIG_AUDITSYSCALL
1295 if (!dont_count) 1338 if (!dont_count)
1296 audit_n_rules--; 1339 audit_n_rules--;
1340
1341 if (!audit_match_signal(entry))
1342 audit_signals--;
1297#endif 1343#endif
1298 mutex_unlock(&audit_filter_mutex); 1344 mutex_unlock(&audit_filter_mutex);
1299 1345
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 628c7ac590a0..e36481ed61b4 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -78,17 +78,15 @@ extern int audit_enabled;
78 * for saving names from getname(). */ 78 * for saving names from getname(). */
79#define AUDIT_NAMES 20 79#define AUDIT_NAMES 20
80 80
81/* AUDIT_NAMES_RESERVED is the number of slots we reserve in the
82 * audit_context from being used for nameless inodes from
83 * path_lookup. */
84#define AUDIT_NAMES_RESERVED 7
85
86/* Indicates that audit should log the full pathname. */ 81/* Indicates that audit should log the full pathname. */
87#define AUDIT_NAME_FULL -1 82#define AUDIT_NAME_FULL -1
88 83
89/* number of audit rules */ 84/* number of audit rules */
90int audit_n_rules; 85int audit_n_rules;
91 86
87/* determines whether we collect data for signals sent */
88int audit_signals;
89
92/* When fs/namei.c:getname() is called, we store the pointer in name and 90/* When fs/namei.c:getname() is called, we store the pointer in name and
93 * we don't let putname() free it (instead we free all of the saved 91 * we don't let putname() free it (instead we free all of the saved
94 * pointers at syscall exit time). 92 * pointers at syscall exit time).
@@ -114,6 +112,9 @@ struct audit_aux_data {
114 112
115#define AUDIT_AUX_IPCPERM 0 113#define AUDIT_AUX_IPCPERM 0
116 114
115/* Number of target pids per aux struct. */
116#define AUDIT_AUX_PIDS 16
117
117struct audit_aux_data_mq_open { 118struct audit_aux_data_mq_open {
118 struct audit_aux_data d; 119 struct audit_aux_data d;
119 int oflag; 120 int oflag;
@@ -181,6 +182,13 @@ struct audit_aux_data_path {
181 struct vfsmount *mnt; 182 struct vfsmount *mnt;
182}; 183};
183 184
185struct audit_aux_data_pids {
186 struct audit_aux_data d;
187 pid_t target_pid[AUDIT_AUX_PIDS];
188 u32 target_sid[AUDIT_AUX_PIDS];
189 int pid_count;
190};
191
184/* The per-task audit context. */ 192/* The per-task audit context. */
185struct audit_context { 193struct audit_context {
186 int dummy; /* must be the first element */ 194 int dummy; /* must be the first element */
@@ -201,6 +209,7 @@ struct audit_context {
201 struct vfsmount * pwdmnt; 209 struct vfsmount * pwdmnt;
202 struct audit_context *previous; /* For nested syscalls */ 210 struct audit_context *previous; /* For nested syscalls */
203 struct audit_aux_data *aux; 211 struct audit_aux_data *aux;
212 struct audit_aux_data *aux_pids;
204 213
205 /* Save things to print about task_struct */ 214 /* Save things to print about task_struct */
206 pid_t pid, ppid; 215 pid_t pid, ppid;
@@ -209,6 +218,9 @@ struct audit_context {
209 unsigned long personality; 218 unsigned long personality;
210 int arch; 219 int arch;
211 220
221 pid_t target_pid;
222 u32 target_sid;
223
212#if AUDIT_DEBUG 224#if AUDIT_DEBUG
213 int put_count; 225 int put_count;
214 int ino_count; 226 int ino_count;
@@ -654,6 +666,10 @@ static inline void audit_free_aux(struct audit_context *context)
654 context->aux = aux->next; 666 context->aux = aux->next;
655 kfree(aux); 667 kfree(aux);
656 } 668 }
669 while ((aux = context->aux_pids)) {
670 context->aux_pids = aux->next;
671 kfree(aux);
672 }
657} 673}
658 674
659static inline void audit_zero_context(struct audit_context *context, 675static inline void audit_zero_context(struct audit_context *context,
@@ -795,6 +811,29 @@ static void audit_log_task_info(struct audit_buffer *ab, struct task_struct *tsk
795 audit_log_task_context(ab); 811 audit_log_task_context(ab);
796} 812}
797 813
814static int audit_log_pid_context(struct audit_context *context, pid_t pid,
815 u32 sid)
816{
817 struct audit_buffer *ab;
818 char *s = NULL;
819 u32 len;
820 int rc = 0;
821
822 ab = audit_log_start(context, GFP_KERNEL, AUDIT_OBJ_PID);
823 if (!ab)
824 return 1;
825
826 if (selinux_sid_to_string(sid, &s, &len)) {
827 audit_log_format(ab, "opid=%d obj=(none)", pid);
828 rc = 1;
829 } else
830 audit_log_format(ab, "opid=%d obj=%s", pid, s);
831 audit_log_end(ab);
832 kfree(s);
833
834 return rc;
835}
836
798static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) 837static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
799{ 838{
800 int i, call_panic = 0; 839 int i, call_panic = 0;
@@ -973,6 +1012,21 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
973 audit_log_end(ab); 1012 audit_log_end(ab);
974 } 1013 }
975 1014
1015 for (aux = context->aux_pids; aux; aux = aux->next) {
1016 struct audit_aux_data_pids *axs = (void *)aux;
1017 int i;
1018
1019 for (i = 0; i < axs->pid_count; i++)
1020 if (audit_log_pid_context(context, axs->target_pid[i],
1021 axs->target_sid[i]))
1022 call_panic = 1;
1023 }
1024
1025 if (context->target_pid &&
1026 audit_log_pid_context(context, context->target_pid,
1027 context->target_sid))
1028 call_panic = 1;
1029
976 if (context->pwd && context->pwdmnt) { 1030 if (context->pwd && context->pwdmnt) {
977 ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD); 1031 ab = audit_log_start(context, GFP_KERNEL, AUDIT_CWD);
978 if (ab) { 1032 if (ab) {
@@ -1193,6 +1247,10 @@ void audit_syscall_exit(int valid, long return_code)
1193 } else { 1247 } else {
1194 audit_free_names(context); 1248 audit_free_names(context);
1195 audit_free_aux(context); 1249 audit_free_aux(context);
1250 context->aux = NULL;
1251 context->aux_pids = NULL;
1252 context->target_pid = 0;
1253 context->target_sid = 0;
1196 kfree(context->filterkey); 1254 kfree(context->filterkey);
1197 context->filterkey = NULL; 1255 context->filterkey = NULL;
1198 tsk->audit_context = context; 1256 tsk->audit_context = context;
@@ -1226,6 +1284,7 @@ void __audit_getname(const char *name)
1226 context->names[context->name_count].name_len = AUDIT_NAME_FULL; 1284 context->names[context->name_count].name_len = AUDIT_NAME_FULL;
1227 context->names[context->name_count].name_put = 1; 1285 context->names[context->name_count].name_put = 1;
1228 context->names[context->name_count].ino = (unsigned long)-1; 1286 context->names[context->name_count].ino = (unsigned long)-1;
1287 context->names[context->name_count].osid = 0;
1229 ++context->name_count; 1288 ++context->name_count;
1230 if (!context->pwd) { 1289 if (!context->pwd) {
1231 read_lock(&current->fs->lock); 1290 read_lock(&current->fs->lock);
@@ -1279,6 +1338,28 @@ void audit_putname(const char *name)
1279#endif 1338#endif
1280} 1339}
1281 1340
1341static int audit_inc_name_count(struct audit_context *context,
1342 const struct inode *inode)
1343{
1344 if (context->name_count >= AUDIT_NAMES) {
1345 if (inode)
1346 printk(KERN_DEBUG "name_count maxed, losing inode data: "
1347 "dev=%02x:%02x, inode=%lu",
1348 MAJOR(inode->i_sb->s_dev),
1349 MINOR(inode->i_sb->s_dev),
1350 inode->i_ino);
1351
1352 else
1353 printk(KERN_DEBUG "name_count maxed, losing inode data");
1354 return 1;
1355 }
1356 context->name_count++;
1357#if AUDIT_DEBUG
1358 context->ino_count++;
1359#endif
1360 return 0;
1361}
1362
1282/* Copy inode data into an audit_names. */ 1363/* Copy inode data into an audit_names. */
1283static void audit_copy_inode(struct audit_names *name, const struct inode *inode) 1364static void audit_copy_inode(struct audit_names *name, const struct inode *inode)
1284{ 1365{
@@ -1316,13 +1397,10 @@ void __audit_inode(const char *name, const struct inode *inode)
1316 else { 1397 else {
1317 /* FIXME: how much do we care about inodes that have no 1398 /* FIXME: how much do we care about inodes that have no
1318 * associated name? */ 1399 * associated name? */
1319 if (context->name_count >= AUDIT_NAMES - AUDIT_NAMES_RESERVED) 1400 if (audit_inc_name_count(context, inode))
1320 return; 1401 return;
1321 idx = context->name_count++; 1402 idx = context->name_count - 1;
1322 context->names[idx].name = NULL; 1403 context->names[idx].name = NULL;
1323#if AUDIT_DEBUG
1324 ++context->ino_count;
1325#endif
1326 } 1404 }
1327 audit_copy_inode(&context->names[idx], inode); 1405 audit_copy_inode(&context->names[idx], inode);
1328} 1406}
@@ -1346,7 +1424,7 @@ void __audit_inode_child(const char *dname, const struct inode *inode,
1346{ 1424{
1347 int idx; 1425 int idx;
1348 struct audit_context *context = current->audit_context; 1426 struct audit_context *context = current->audit_context;
1349 const char *found_name = NULL; 1427 const char *found_parent = NULL, *found_child = NULL;
1350 int dirlen = 0; 1428 int dirlen = 0;
1351 1429
1352 if (!context->in_syscall) 1430 if (!context->in_syscall)
@@ -1354,88 +1432,73 @@ void __audit_inode_child(const char *dname, const struct inode *inode,
1354 1432
1355 /* determine matching parent */ 1433 /* determine matching parent */
1356 if (!dname) 1434 if (!dname)
1357 goto update_context; 1435 goto add_names;
1358 for (idx = 0; idx < context->name_count; idx++)
1359 if (context->names[idx].ino == parent->i_ino) {
1360 const char *name = context->names[idx].name;
1361 1436
1362 if (!name) 1437 /* parent is more likely, look for it first */
1363 continue; 1438 for (idx = 0; idx < context->name_count; idx++) {
1439 struct audit_names *n = &context->names[idx];
1364 1440
1365 if (audit_compare_dname_path(dname, name, &dirlen) == 0) { 1441 if (!n->name)
1366 context->names[idx].name_len = dirlen; 1442 continue;
1367 found_name = name; 1443
1368 break; 1444 if (n->ino == parent->i_ino &&
1369 } 1445 !audit_compare_dname_path(dname, n->name, &dirlen)) {
1446 n->name_len = dirlen; /* update parent data in place */
1447 found_parent = n->name;
1448 goto add_names;
1370 } 1449 }
1450 }
1371 1451
1372update_context: 1452 /* no matching parent, look for matching child */
1373 idx = context->name_count; 1453 for (idx = 0; idx < context->name_count; idx++) {
1374 if (context->name_count == AUDIT_NAMES) { 1454 struct audit_names *n = &context->names[idx];
1375 printk(KERN_DEBUG "name_count maxed and losing %s\n", 1455
1376 found_name ?: "(null)"); 1456 if (!n->name)
1377 return; 1457 continue;
1458
1459 /* strcmp() is the more likely scenario */
1460 if (!strcmp(dname, n->name) ||
1461 !audit_compare_dname_path(dname, n->name, &dirlen)) {
1462 if (inode)
1463 audit_copy_inode(n, inode);
1464 else
1465 n->ino = (unsigned long)-1;
1466 found_child = n->name;
1467 goto add_names;
1468 }
1378 } 1469 }
1379 context->name_count++; 1470
1380#if AUDIT_DEBUG 1471add_names:
1381 context->ino_count++; 1472 if (!found_parent) {
1382#endif 1473 if (audit_inc_name_count(context, parent))
1383 /* Re-use the name belonging to the slot for a matching parent directory.
1384 * All names for this context are relinquished in audit_free_names() */
1385 context->names[idx].name = found_name;
1386 context->names[idx].name_len = AUDIT_NAME_FULL;
1387 context->names[idx].name_put = 0; /* don't call __putname() */
1388
1389 if (!inode)
1390 context->names[idx].ino = (unsigned long)-1;
1391 else
1392 audit_copy_inode(&context->names[idx], inode);
1393
1394 /* A parent was not found in audit_names, so copy the inode data for the
1395 * provided parent. */
1396 if (!found_name) {
1397 idx = context->name_count;
1398 if (context->name_count == AUDIT_NAMES) {
1399 printk(KERN_DEBUG
1400 "name_count maxed and losing parent inode data: dev=%02x:%02x, inode=%lu",
1401 MAJOR(parent->i_sb->s_dev),
1402 MINOR(parent->i_sb->s_dev),
1403 parent->i_ino);
1404 return; 1474 return;
1405 } 1475 idx = context->name_count - 1;
1406 context->name_count++; 1476 context->names[idx].name = NULL;
1407#if AUDIT_DEBUG
1408 context->ino_count++;
1409#endif
1410 audit_copy_inode(&context->names[idx], parent); 1477 audit_copy_inode(&context->names[idx], parent);
1411 } 1478 }
1412}
1413 1479
1414/** 1480 if (!found_child) {
1415 * audit_inode_update - update inode info for last collected name 1481 if (audit_inc_name_count(context, inode))
1416 * @inode: inode being audited 1482 return;
1417 * 1483 idx = context->name_count - 1;
1418 * When open() is called on an existing object with the O_CREAT flag, the inode
1419 * data audit initially collects is incorrect. This additional hook ensures
1420 * audit has the inode data for the actual object to be opened.
1421 */
1422void __audit_inode_update(const struct inode *inode)
1423{
1424 struct audit_context *context = current->audit_context;
1425 int idx;
1426 1484
1427 if (!context->in_syscall || !inode) 1485 /* Re-use the name belonging to the slot for a matching parent
1428 return; 1486 * directory. All names for this context are relinquished in
1487 * audit_free_names() */
1488 if (found_parent) {
1489 context->names[idx].name = found_parent;
1490 context->names[idx].name_len = AUDIT_NAME_FULL;
1491 /* don't call __putname() */
1492 context->names[idx].name_put = 0;
1493 } else {
1494 context->names[idx].name = NULL;
1495 }
1429 1496
1430 if (context->name_count == 0) { 1497 if (inode)
1431 context->name_count++; 1498 audit_copy_inode(&context->names[idx], inode);
1432#if AUDIT_DEBUG 1499 else
1433 context->ino_count++; 1500 context->names[idx].ino = (unsigned long)-1;
1434#endif
1435 } 1501 }
1436 idx = context->name_count - 1;
1437
1438 audit_copy_inode(&context->names[idx], inode);
1439} 1502}
1440 1503
1441/** 1504/**
@@ -1880,6 +1943,14 @@ int audit_sockaddr(int len, void *a)
1880 return 0; 1943 return 0;
1881} 1944}
1882 1945
1946void __audit_ptrace(struct task_struct *t)
1947{
1948 struct audit_context *context = current->audit_context;
1949
1950 context->target_pid = t->pid;
1951 selinux_get_task_sid(t, &context->target_sid);
1952}
1953
1883/** 1954/**
1884 * audit_avc_path - record the granting or denial of permissions 1955 * audit_avc_path - record the granting or denial of permissions
1885 * @dentry: dentry to record 1956 * @dentry: dentry to record
@@ -1918,15 +1989,17 @@ int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt)
1918 * If the audit subsystem is being terminated, record the task (pid) 1989 * If the audit subsystem is being terminated, record the task (pid)
1919 * and uid that is doing that. 1990 * and uid that is doing that.
1920 */ 1991 */
1921void __audit_signal_info(int sig, struct task_struct *t) 1992int __audit_signal_info(int sig, struct task_struct *t)
1922{ 1993{
1994 struct audit_aux_data_pids *axp;
1995 struct task_struct *tsk = current;
1996 struct audit_context *ctx = tsk->audit_context;
1923 extern pid_t audit_sig_pid; 1997 extern pid_t audit_sig_pid;
1924 extern uid_t audit_sig_uid; 1998 extern uid_t audit_sig_uid;
1925 extern u32 audit_sig_sid; 1999 extern u32 audit_sig_sid;
1926 2000
1927 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1) { 2001 if (audit_pid && t->tgid == audit_pid &&
1928 struct task_struct *tsk = current; 2002 (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1)) {
1929 struct audit_context *ctx = tsk->audit_context;
1930 audit_sig_pid = tsk->pid; 2003 audit_sig_pid = tsk->pid;
1931 if (ctx) 2004 if (ctx)
1932 audit_sig_uid = ctx->loginuid; 2005 audit_sig_uid = ctx->loginuid;
@@ -1934,4 +2007,72 @@ void __audit_signal_info(int sig, struct task_struct *t)
1934 audit_sig_uid = tsk->uid; 2007 audit_sig_uid = tsk->uid;
1935 selinux_get_task_sid(tsk, &audit_sig_sid); 2008 selinux_get_task_sid(tsk, &audit_sig_sid);
1936 } 2009 }
2010
2011 if (!audit_signals) /* audit_context checked in wrapper */
2012 return 0;
2013
2014 /* optimize the common case by putting first signal recipient directly
2015 * in audit_context */
2016 if (!ctx->target_pid) {
2017 ctx->target_pid = t->tgid;
2018 selinux_get_task_sid(t, &ctx->target_sid);
2019 return 0;
2020 }
2021
2022 axp = (void *)ctx->aux_pids;
2023 if (!axp || axp->pid_count == AUDIT_AUX_PIDS) {
2024 axp = kzalloc(sizeof(*axp), GFP_ATOMIC);
2025 if (!axp)
2026 return -ENOMEM;
2027
2028 axp->d.type = AUDIT_OBJ_PID;
2029 axp->d.next = ctx->aux_pids;
2030 ctx->aux_pids = (void *)axp;
2031 }
2032 BUG_ON(axp->pid_count > AUDIT_AUX_PIDS);
2033
2034 axp->target_pid[axp->pid_count] = t->tgid;
2035 selinux_get_task_sid(t, &axp->target_sid[axp->pid_count]);
2036 axp->pid_count++;
2037
2038 return 0;
2039}
2040
2041/**
2042 * audit_core_dumps - record information about processes that end abnormally
2043 * @sig: signal value
2044 *
2045 * If a process ends with a core dump, something fishy is going on and we
2046 * should record the event for investigation.
2047 */
2048void audit_core_dumps(long signr)
2049{
2050 struct audit_buffer *ab;
2051 u32 sid;
2052
2053 if (!audit_enabled)
2054 return;
2055
2056 if (signr == SIGQUIT) /* don't care for those */
2057 return;
2058
2059 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_ANOM_ABEND);
2060 audit_log_format(ab, "auid=%u uid=%u gid=%u",
2061 audit_get_loginuid(current->audit_context),
2062 current->uid, current->gid);
2063 selinux_get_task_sid(current, &sid);
2064 if (sid) {
2065 char *ctx = NULL;
2066 u32 len;
2067
2068 if (selinux_sid_to_string(sid, &ctx, &len))
2069 audit_log_format(ab, " ssid=%u", sid);
2070 else
2071 audit_log_format(ab, " subj=%s", ctx);
2072 kfree(ctx);
2073 }
2074 audit_log_format(ab, " pid=%d comm=", current->pid);
2075 audit_log_untrustedstring(ab, current->comm);
2076 audit_log_format(ab, " sig=%ld", signr);
2077 audit_log_end(ab);
1937} 2078}
diff --git a/kernel/compat.c b/kernel/compat.c
index cebb4c28c039..3bae3742c2aa 100644
--- a/kernel/compat.c
+++ b/kernel/compat.c
@@ -475,8 +475,8 @@ asmlinkage long compat_sys_sched_getaffinity(compat_pid_t pid, unsigned int len,
475 return min_length; 475 return min_length;
476} 476}
477 477
478static int get_compat_itimerspec(struct itimerspec *dst, 478int get_compat_itimerspec(struct itimerspec *dst,
479 struct compat_itimerspec __user *src) 479 const struct compat_itimerspec __user *src)
480{ 480{
481 if (get_compat_timespec(&dst->it_interval, &src->it_interval) || 481 if (get_compat_timespec(&dst->it_interval, &src->it_interval) ||
482 get_compat_timespec(&dst->it_value, &src->it_value)) 482 get_compat_timespec(&dst->it_value, &src->it_value))
@@ -484,8 +484,8 @@ static int get_compat_itimerspec(struct itimerspec *dst,
484 return 0; 484 return 0;
485} 485}
486 486
487static int put_compat_itimerspec(struct compat_itimerspec __user *dst, 487int put_compat_itimerspec(struct compat_itimerspec __user *dst,
488 struct itimerspec *src) 488 const struct itimerspec *src)
489{ 489{
490 if (put_compat_timespec(&src->it_interval, &dst->it_interval) || 490 if (put_compat_timespec(&src->it_interval, &dst->it_interval) ||
491 put_compat_timespec(&src->it_value, &dst->it_value)) 491 put_compat_timespec(&src->it_value, &dst->it_value))
diff --git a/kernel/exit.c b/kernel/exit.c
index b0c6f0c3a2df..c6d14b8008dd 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -24,6 +24,7 @@
24#include <linux/pid_namespace.h> 24#include <linux/pid_namespace.h>
25#include <linux/ptrace.h> 25#include <linux/ptrace.h>
26#include <linux/profile.h> 26#include <linux/profile.h>
27#include <linux/signalfd.h>
27#include <linux/mount.h> 28#include <linux/mount.h>
28#include <linux/proc_fs.h> 29#include <linux/proc_fs.h>
29#include <linux/kthread.h> 30#include <linux/kthread.h>
@@ -42,6 +43,7 @@
42#include <linux/audit.h> /* for audit_free() */ 43#include <linux/audit.h> /* for audit_free() */
43#include <linux/resource.h> 44#include <linux/resource.h>
44#include <linux/blkdev.h> 45#include <linux/blkdev.h>
46#include <linux/task_io_accounting_ops.h>
45 47
46#include <asm/uaccess.h> 48#include <asm/uaccess.h>
47#include <asm/unistd.h> 49#include <asm/unistd.h>
@@ -82,6 +84,14 @@ static void __exit_signal(struct task_struct *tsk)
82 sighand = rcu_dereference(tsk->sighand); 84 sighand = rcu_dereference(tsk->sighand);
83 spin_lock(&sighand->siglock); 85 spin_lock(&sighand->siglock);
84 86
87 /*
88 * Notify that this sighand has been detached. This must
89 * be called with the tsk->sighand lock held. Also, this
90 * access tsk->sighand internally, so it must be called
91 * before tsk->sighand is reset.
92 */
93 signalfd_detach_locked(tsk);
94
85 posix_cpu_timers_exit(tsk); 95 posix_cpu_timers_exit(tsk);
86 if (atomic_dec_and_test(&sig->count)) 96 if (atomic_dec_and_test(&sig->count))
87 posix_cpu_timers_exit_group(tsk); 97 posix_cpu_timers_exit_group(tsk);
@@ -113,6 +123,8 @@ static void __exit_signal(struct task_struct *tsk)
113 sig->nvcsw += tsk->nvcsw; 123 sig->nvcsw += tsk->nvcsw;
114 sig->nivcsw += tsk->nivcsw; 124 sig->nivcsw += tsk->nivcsw;
115 sig->sched_time += tsk->sched_time; 125 sig->sched_time += tsk->sched_time;
126 sig->inblock += task_io_get_inblock(tsk);
127 sig->oublock += task_io_get_oublock(tsk);
116 sig = NULL; /* Marker for below. */ 128 sig = NULL; /* Marker for below. */
117 } 129 }
118 130
@@ -299,12 +311,12 @@ void __set_special_pids(pid_t session, pid_t pgrp)
299 if (process_session(curr) != session) { 311 if (process_session(curr) != session) {
300 detach_pid(curr, PIDTYPE_SID); 312 detach_pid(curr, PIDTYPE_SID);
301 set_signal_session(curr->signal, session); 313 set_signal_session(curr->signal, session);
302 attach_pid(curr, PIDTYPE_SID, session); 314 attach_pid(curr, PIDTYPE_SID, find_pid(session));
303 } 315 }
304 if (process_group(curr) != pgrp) { 316 if (process_group(curr) != pgrp) {
305 detach_pid(curr, PIDTYPE_PGID); 317 detach_pid(curr, PIDTYPE_PGID);
306 curr->signal->pgrp = pgrp; 318 curr->signal->pgrp = pgrp;
307 attach_pid(curr, PIDTYPE_PGID, pgrp); 319 attach_pid(curr, PIDTYPE_PGID, find_pid(pgrp));
308 } 320 }
309} 321}
310 322
@@ -1193,6 +1205,12 @@ static int wait_task_zombie(struct task_struct *p, int noreap,
1193 p->nvcsw + sig->nvcsw + sig->cnvcsw; 1205 p->nvcsw + sig->nvcsw + sig->cnvcsw;
1194 psig->cnivcsw += 1206 psig->cnivcsw +=
1195 p->nivcsw + sig->nivcsw + sig->cnivcsw; 1207 p->nivcsw + sig->nivcsw + sig->cnivcsw;
1208 psig->cinblock +=
1209 task_io_get_inblock(p) +
1210 sig->inblock + sig->cinblock;
1211 psig->coublock +=
1212 task_io_get_oublock(p) +
1213 sig->oublock + sig->coublock;
1196 spin_unlock_irq(&p->parent->sighand->siglock); 1214 spin_unlock_irq(&p->parent->sighand->siglock);
1197 } 1215 }
1198 1216
diff --git a/kernel/fork.c b/kernel/fork.c
index 5dd3979747f5..49530e40ea8b 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -875,6 +875,7 @@ static inline int copy_signal(unsigned long clone_flags, struct task_struct * ts
875 sig->utime = sig->stime = sig->cutime = sig->cstime = cputime_zero; 875 sig->utime = sig->stime = sig->cutime = sig->cstime = cputime_zero;
876 sig->nvcsw = sig->nivcsw = sig->cnvcsw = sig->cnivcsw = 0; 876 sig->nvcsw = sig->nivcsw = sig->cnvcsw = sig->cnivcsw = 0;
877 sig->min_flt = sig->maj_flt = sig->cmin_flt = sig->cmaj_flt = 0; 877 sig->min_flt = sig->maj_flt = sig->cmin_flt = sig->cmaj_flt = 0;
878 sig->inblock = sig->oublock = sig->cinblock = sig->coublock = 0;
878 sig->sched_time = 0; 879 sig->sched_time = 0;
879 INIT_LIST_HEAD(&sig->cpu_timers[0]); 880 INIT_LIST_HEAD(&sig->cpu_timers[0]);
880 INIT_LIST_HEAD(&sig->cpu_timers[1]); 881 INIT_LIST_HEAD(&sig->cpu_timers[1]);
@@ -955,7 +956,7 @@ static struct task_struct *copy_process(unsigned long clone_flags,
955 unsigned long stack_size, 956 unsigned long stack_size,
956 int __user *parent_tidptr, 957 int __user *parent_tidptr,
957 int __user *child_tidptr, 958 int __user *child_tidptr,
958 int pid) 959 struct pid *pid)
959{ 960{
960 int retval; 961 int retval;
961 struct task_struct *p = NULL; 962 struct task_struct *p = NULL;
@@ -1022,7 +1023,7 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1022 p->did_exec = 0; 1023 p->did_exec = 0;
1023 delayacct_tsk_init(p); /* Must remain after dup_task_struct() */ 1024 delayacct_tsk_init(p); /* Must remain after dup_task_struct() */
1024 copy_flags(clone_flags, p); 1025 copy_flags(clone_flags, p);
1025 p->pid = pid; 1026 p->pid = pid_nr(pid);
1026 retval = -EFAULT; 1027 retval = -EFAULT;
1027 if (clone_flags & CLONE_PARENT_SETTID) 1028 if (clone_flags & CLONE_PARENT_SETTID)
1028 if (put_user(p->pid, parent_tidptr)) 1029 if (put_user(p->pid, parent_tidptr))
@@ -1251,13 +1252,13 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1251 p->signal->tty = current->signal->tty; 1252 p->signal->tty = current->signal->tty;
1252 p->signal->pgrp = process_group(current); 1253 p->signal->pgrp = process_group(current);
1253 set_signal_session(p->signal, process_session(current)); 1254 set_signal_session(p->signal, process_session(current));
1254 attach_pid(p, PIDTYPE_PGID, process_group(p)); 1255 attach_pid(p, PIDTYPE_PGID, task_pgrp(current));
1255 attach_pid(p, PIDTYPE_SID, process_session(p)); 1256 attach_pid(p, PIDTYPE_SID, task_session(current));
1256 1257
1257 list_add_tail_rcu(&p->tasks, &init_task.tasks); 1258 list_add_tail_rcu(&p->tasks, &init_task.tasks);
1258 __get_cpu_var(process_counts)++; 1259 __get_cpu_var(process_counts)++;
1259 } 1260 }
1260 attach_pid(p, PIDTYPE_PID, p->pid); 1261 attach_pid(p, PIDTYPE_PID, pid);
1261 nr_threads++; 1262 nr_threads++;
1262 } 1263 }
1263 1264
@@ -1321,7 +1322,8 @@ struct task_struct * __cpuinit fork_idle(int cpu)
1321 struct task_struct *task; 1322 struct task_struct *task;
1322 struct pt_regs regs; 1323 struct pt_regs regs;
1323 1324
1324 task = copy_process(CLONE_VM, 0, idle_regs(&regs), 0, NULL, NULL, 0); 1325 task = copy_process(CLONE_VM, 0, idle_regs(&regs), 0, NULL, NULL,
1326 &init_struct_pid);
1325 if (!IS_ERR(task)) 1327 if (!IS_ERR(task))
1326 init_idle(task, cpu); 1328 init_idle(task, cpu);
1327 1329
@@ -1371,7 +1373,7 @@ long do_fork(unsigned long clone_flags,
1371 clone_flags |= CLONE_PTRACE; 1373 clone_flags |= CLONE_PTRACE;
1372 } 1374 }
1373 1375
1374 p = copy_process(clone_flags, stack_start, regs, stack_size, parent_tidptr, child_tidptr, nr); 1376 p = copy_process(clone_flags, stack_start, regs, stack_size, parent_tidptr, child_tidptr, pid);
1375 /* 1377 /*
1376 * Do this prior waking up the new thread - the thread pointer 1378 * Do this prior waking up the new thread - the thread pointer
1377 * might get invalid after that point, if the thread exits quickly. 1379 * might get invalid after that point, if the thread exits quickly.
@@ -1420,12 +1422,15 @@ long do_fork(unsigned long clone_flags,
1420#define ARCH_MIN_MMSTRUCT_ALIGN 0 1422#define ARCH_MIN_MMSTRUCT_ALIGN 0
1421#endif 1423#endif
1422 1424
1423static void sighand_ctor(void *data, struct kmem_cache *cachep, unsigned long flags) 1425static void sighand_ctor(void *data, struct kmem_cache *cachep,
1426 unsigned long flags)
1424{ 1427{
1425 struct sighand_struct *sighand = data; 1428 struct sighand_struct *sighand = data;
1426 1429
1427 if (flags & SLAB_CTOR_CONSTRUCTOR) 1430 if (flags & SLAB_CTOR_CONSTRUCTOR) {
1428 spin_lock_init(&sighand->siglock); 1431 spin_lock_init(&sighand->siglock);
1432 INIT_LIST_HEAD(&sighand->signalfd_list);
1433 }
1429} 1434}
1430 1435
1431void __init proc_caches_init(void) 1436void __init proc_caches_init(void)
@@ -1451,7 +1456,6 @@ void __init proc_caches_init(void)
1451 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL); 1456 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL);
1452} 1457}
1453 1458
1454
1455/* 1459/*
1456 * Check constraints on flags passed to the unshare system call and 1460 * Check constraints on flags passed to the unshare system call and
1457 * force unsharing of additional process context as appropriate. 1461 * force unsharing of additional process context as appropriate.
diff --git a/kernel/irq/proc.c b/kernel/irq/proc.c
index ddde0ef9ccdc..b4f1674fca79 100644
--- a/kernel/irq/proc.c
+++ b/kernel/irq/proc.c
@@ -27,6 +27,10 @@ static int irq_affinity_read_proc(char *page, char **start, off_t off,
27 return len; 27 return len;
28} 28}
29 29
30#ifndef is_affinity_mask_valid
31#define is_affinity_mask_valid(val) 1
32#endif
33
30int no_irq_affinity; 34int no_irq_affinity;
31static int irq_affinity_write_proc(struct file *file, const char __user *buffer, 35static int irq_affinity_write_proc(struct file *file, const char __user *buffer,
32 unsigned long count, void *data) 36 unsigned long count, void *data)
@@ -42,6 +46,9 @@ static int irq_affinity_write_proc(struct file *file, const char __user *buffer,
42 if (err) 46 if (err)
43 return err; 47 return err;
44 48
49 if (!is_affinity_mask_valid(new_value))
50 return -EINVAL;
51
45 /* 52 /*
46 * Do not allow disabling IRQs completely - it's a too easy 53 * Do not allow disabling IRQs completely - it's a too easy
47 * way to make the system unusable accidentally :-) At least 54 * way to make the system unusable accidentally :-) At least
diff --git a/kernel/pid.c b/kernel/pid.c
index d3ad724afa83..eb66bd2953ab 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -27,11 +27,13 @@
27#include <linux/bootmem.h> 27#include <linux/bootmem.h>
28#include <linux/hash.h> 28#include <linux/hash.h>
29#include <linux/pid_namespace.h> 29#include <linux/pid_namespace.h>
30#include <linux/init_task.h>
30 31
31#define pid_hashfn(nr) hash_long((unsigned long)nr, pidhash_shift) 32#define pid_hashfn(nr) hash_long((unsigned long)nr, pidhash_shift)
32static struct hlist_head *pid_hash; 33static struct hlist_head *pid_hash;
33static int pidhash_shift; 34static int pidhash_shift;
34static struct kmem_cache *pid_cachep; 35static struct kmem_cache *pid_cachep;
36struct pid init_struct_pid = INIT_STRUCT_PID;
35 37
36int pid_max = PID_MAX_DEFAULT; 38int pid_max = PID_MAX_DEFAULT;
37 39
@@ -247,13 +249,16 @@ struct pid * fastcall find_pid(int nr)
247} 249}
248EXPORT_SYMBOL_GPL(find_pid); 250EXPORT_SYMBOL_GPL(find_pid);
249 251
250int fastcall attach_pid(struct task_struct *task, enum pid_type type, int nr) 252/*
253 * attach_pid() must be called with the tasklist_lock write-held.
254 */
255int fastcall attach_pid(struct task_struct *task, enum pid_type type,
256 struct pid *pid)
251{ 257{
252 struct pid_link *link; 258 struct pid_link *link;
253 struct pid *pid;
254 259
255 link = &task->pids[type]; 260 link = &task->pids[type];
256 link->pid = pid = find_pid(nr); 261 link->pid = pid;
257 hlist_add_head_rcu(&link->node, &pid->tasks[type]); 262 hlist_add_head_rcu(&link->node, &pid->tasks[type]);
258 263
259 return 0; 264 return 0;
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 4d50e06fd745..ad7949a589dd 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -18,6 +18,7 @@
18#include <linux/ptrace.h> 18#include <linux/ptrace.h>
19#include <linux/security.h> 19#include <linux/security.h>
20#include <linux/signal.h> 20#include <linux/signal.h>
21#include <linux/audit.h>
21 22
22#include <asm/pgtable.h> 23#include <asm/pgtable.h>
23#include <asm/uaccess.h> 24#include <asm/uaccess.h>
@@ -161,6 +162,8 @@ int ptrace_attach(struct task_struct *task)
161{ 162{
162 int retval; 163 int retval;
163 164
165 audit_ptrace(task);
166
164 retval = -EPERM; 167 retval = -EPERM;
165 if (task->pid <= 1) 168 if (task->pid <= 1)
166 goto out; 169 goto out;
diff --git a/kernel/signal.c b/kernel/signal.c
index 2ac3a668d9dd..364fc95bf97c 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -21,6 +21,7 @@
21#include <linux/syscalls.h> 21#include <linux/syscalls.h>
22#include <linux/ptrace.h> 22#include <linux/ptrace.h>
23#include <linux/signal.h> 23#include <linux/signal.h>
24#include <linux/signalfd.h>
24#include <linux/capability.h> 25#include <linux/capability.h>
25#include <linux/freezer.h> 26#include <linux/freezer.h>
26#include <linux/pid_namespace.h> 27#include <linux/pid_namespace.h>
@@ -113,8 +114,7 @@ void recalc_sigpending(void)
113 114
114/* Given the mask, find the first available signal that should be serviced. */ 115/* Given the mask, find the first available signal that should be serviced. */
115 116
116static int 117int next_signal(struct sigpending *pending, sigset_t *mask)
117next_signal(struct sigpending *pending, sigset_t *mask)
118{ 118{
119 unsigned long i, *s, *m, x; 119 unsigned long i, *s, *m, x;
120 int sig = 0; 120 int sig = 0;
@@ -497,6 +497,11 @@ static int check_kill_permission(int sig, struct siginfo *info,
497 int error = -EINVAL; 497 int error = -EINVAL;
498 if (!valid_signal(sig)) 498 if (!valid_signal(sig))
499 return error; 499 return error;
500
501 error = audit_signal_info(sig, t); /* Let audit system see the signal */
502 if (error)
503 return error;
504
500 error = -EPERM; 505 error = -EPERM;
501 if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) 506 if ((info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info)))
502 && ((sig != SIGCONT) || 507 && ((sig != SIGCONT) ||
@@ -506,10 +511,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
506 && !capable(CAP_KILL)) 511 && !capable(CAP_KILL))
507 return error; 512 return error;
508 513
509 error = security_task_kill(t, info, sig, 0); 514 return security_task_kill(t, info, sig, 0);
510 if (!error)
511 audit_signal_info(sig, t); /* Let audit system see the signal */
512 return error;
513} 515}
514 516
515/* forward decl */ 517/* forward decl */
@@ -630,6 +632,12 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t,
630 int ret = 0; 632 int ret = 0;
631 633
632 /* 634 /*
635 * Deliver the signal to listening signalfds. This must be called
636 * with the sighand lock held.
637 */
638 signalfd_notify(t, sig);
639
640 /*
633 * fast-pathed signals for kernel-internal things like SIGSTOP 641 * fast-pathed signals for kernel-internal things like SIGSTOP
634 * or SIGKILL. 642 * or SIGKILL.
635 */ 643 */
@@ -1280,6 +1288,11 @@ int send_sigqueue(int sig, struct sigqueue *q, struct task_struct *p)
1280 ret = 1; 1288 ret = 1;
1281 goto out; 1289 goto out;
1282 } 1290 }
1291 /*
1292 * Deliver the signal to listening signalfds. This must be called
1293 * with the sighand lock held.
1294 */
1295 signalfd_notify(p, sig);
1283 1296
1284 list_add_tail(&q->list, &p->pending.list); 1297 list_add_tail(&q->list, &p->pending.list);
1285 sigaddset(&p->pending.signal, sig); 1298 sigaddset(&p->pending.signal, sig);
@@ -1323,6 +1336,11 @@ send_group_sigqueue(int sig, struct sigqueue *q, struct task_struct *p)
1323 q->info.si_overrun++; 1336 q->info.si_overrun++;
1324 goto out; 1337 goto out;
1325 } 1338 }
1339 /*
1340 * Deliver the signal to listening signalfds. This must be called
1341 * with the sighand lock held.
1342 */
1343 signalfd_notify(p, sig);
1326 1344
1327 /* 1345 /*
1328 * Put this signal on the shared-pending queue. 1346 * Put this signal on the shared-pending queue.
@@ -1983,6 +2001,8 @@ int copy_siginfo_to_user(siginfo_t __user *to, siginfo_t *from)
1983 /* 2001 /*
1984 * If you change siginfo_t structure, please be sure 2002 * If you change siginfo_t structure, please be sure
1985 * this code is fixed accordingly. 2003 * this code is fixed accordingly.
2004 * Please remember to update the signalfd_copyinfo() function
2005 * inside fs/signalfd.c too, in case siginfo_t changes.
1986 * It should never copy any pad contained in the structure 2006 * It should never copy any pad contained in the structure
1987 * to avoid security leaks, but must copy the generic 2007 * to avoid security leaks, but must copy the generic
1988 * 3 ints plus the relevant union member. 2008 * 3 ints plus the relevant union member.
diff --git a/kernel/stop_machine.c b/kernel/stop_machine.c
index daabb74ee0bc..fcee2a8e6da3 100644
--- a/kernel/stop_machine.c
+++ b/kernel/stop_machine.c
@@ -8,6 +8,8 @@
8#include <linux/sched.h> 8#include <linux/sched.h>
9#include <linux/stop_machine.h> 9#include <linux/stop_machine.h>
10#include <linux/syscalls.h> 10#include <linux/syscalls.h>
11#include <linux/interrupt.h>
12
11#include <asm/atomic.h> 13#include <asm/atomic.h>
12#include <asm/semaphore.h> 14#include <asm/semaphore.h>
13#include <asm/uaccess.h> 15#include <asm/uaccess.h>
@@ -45,6 +47,7 @@ static int stopmachine(void *cpu)
45 if (stopmachine_state == STOPMACHINE_DISABLE_IRQ 47 if (stopmachine_state == STOPMACHINE_DISABLE_IRQ
46 && !irqs_disabled) { 48 && !irqs_disabled) {
47 local_irq_disable(); 49 local_irq_disable();
50 hard_irq_disable();
48 irqs_disabled = 1; 51 irqs_disabled = 1;
49 /* Ack: irqs disabled. */ 52 /* Ack: irqs disabled. */
50 smp_mb(); /* Must read state first. */ 53 smp_mb(); /* Must read state first. */
@@ -124,6 +127,7 @@ static int stop_machine(void)
124 127
125 /* Make them disable irqs. */ 128 /* Make them disable irqs. */
126 local_irq_disable(); 129 local_irq_disable();
130 hard_irq_disable();
127 stopmachine_set_state(STOPMACHINE_DISABLE_IRQ); 131 stopmachine_set_state(STOPMACHINE_DISABLE_IRQ);
128 132
129 return 0; 133 return 0;
diff --git a/kernel/sys.c b/kernel/sys.c
index cdb7e9457ba6..872271ccc384 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -14,6 +14,7 @@
14#include <linux/prctl.h> 14#include <linux/prctl.h>
15#include <linux/highuid.h> 15#include <linux/highuid.h>
16#include <linux/fs.h> 16#include <linux/fs.h>
17#include <linux/resource.h>
17#include <linux/kernel.h> 18#include <linux/kernel.h>
18#include <linux/kexec.h> 19#include <linux/kexec.h>
19#include <linux/workqueue.h> 20#include <linux/workqueue.h>
@@ -29,6 +30,7 @@
29#include <linux/signal.h> 30#include <linux/signal.h>
30#include <linux/cn_proc.h> 31#include <linux/cn_proc.h>
31#include <linux/getcpu.h> 32#include <linux/getcpu.h>
33#include <linux/task_io_accounting_ops.h>
32 34
33#include <linux/compat.h> 35#include <linux/compat.h>
34#include <linux/syscalls.h> 36#include <linux/syscalls.h>
@@ -658,7 +660,7 @@ asmlinkage long sys_setpriority(int which, int who, int niceval)
658 int error = -EINVAL; 660 int error = -EINVAL;
659 struct pid *pgrp; 661 struct pid *pgrp;
660 662
661 if (which > 2 || which < 0) 663 if (which > PRIO_USER || which < PRIO_PROCESS)
662 goto out; 664 goto out;
663 665
664 /* normalize: avoid signed division (rounding problems) */ 666 /* normalize: avoid signed division (rounding problems) */
@@ -722,7 +724,7 @@ asmlinkage long sys_getpriority(int which, int who)
722 long niceval, retval = -ESRCH; 724 long niceval, retval = -ESRCH;
723 struct pid *pgrp; 725 struct pid *pgrp;
724 726
725 if (which > 2 || which < 0) 727 if (which > PRIO_USER || which < PRIO_PROCESS)
726 return -EINVAL; 728 return -EINVAL;
727 729
728 read_lock(&tasklist_lock); 730 read_lock(&tasklist_lock);
@@ -1486,7 +1488,7 @@ asmlinkage long sys_setpgid(pid_t pid, pid_t pgid)
1486 if (process_group(p) != pgid) { 1488 if (process_group(p) != pgid) {
1487 detach_pid(p, PIDTYPE_PGID); 1489 detach_pid(p, PIDTYPE_PGID);
1488 p->signal->pgrp = pgid; 1490 p->signal->pgrp = pgid;
1489 attach_pid(p, PIDTYPE_PGID, pgid); 1491 attach_pid(p, PIDTYPE_PGID, find_pid(pgid));
1490 } 1492 }
1491 1493
1492 err = 0; 1494 err = 0;
@@ -2082,6 +2084,8 @@ static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
2082 r->ru_nivcsw = p->signal->cnivcsw; 2084 r->ru_nivcsw = p->signal->cnivcsw;
2083 r->ru_minflt = p->signal->cmin_flt; 2085 r->ru_minflt = p->signal->cmin_flt;
2084 r->ru_majflt = p->signal->cmaj_flt; 2086 r->ru_majflt = p->signal->cmaj_flt;
2087 r->ru_inblock = p->signal->cinblock;
2088 r->ru_oublock = p->signal->coublock;
2085 2089
2086 if (who == RUSAGE_CHILDREN) 2090 if (who == RUSAGE_CHILDREN)
2087 break; 2091 break;
@@ -2093,6 +2097,8 @@ static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
2093 r->ru_nivcsw += p->signal->nivcsw; 2097 r->ru_nivcsw += p->signal->nivcsw;
2094 r->ru_minflt += p->signal->min_flt; 2098 r->ru_minflt += p->signal->min_flt;
2095 r->ru_majflt += p->signal->maj_flt; 2099 r->ru_majflt += p->signal->maj_flt;
2100 r->ru_inblock += p->signal->inblock;
2101 r->ru_oublock += p->signal->oublock;
2096 t = p; 2102 t = p;
2097 do { 2103 do {
2098 utime = cputime_add(utime, t->utime); 2104 utime = cputime_add(utime, t->utime);
@@ -2101,6 +2107,8 @@ static void k_getrusage(struct task_struct *p, int who, struct rusage *r)
2101 r->ru_nivcsw += t->nivcsw; 2107 r->ru_nivcsw += t->nivcsw;
2102 r->ru_minflt += t->min_flt; 2108 r->ru_minflt += t->min_flt;
2103 r->ru_majflt += t->maj_flt; 2109 r->ru_majflt += t->maj_flt;
2110 r->ru_inblock += task_io_get_inblock(t);
2111 r->ru_oublock += task_io_get_oublock(t);
2104 t = next_thread(t); 2112 t = next_thread(t);
2105 } while (t != p); 2113 } while (t != p);
2106 break; 2114 break;
diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
index d7306d0f3dfc..7e11e2c98bf9 100644
--- a/kernel/sys_ni.c
+++ b/kernel/sys_ni.c
@@ -141,3 +141,10 @@ cond_syscall(compat_sys_migrate_pages);
141cond_syscall(sys_bdflush); 141cond_syscall(sys_bdflush);
142cond_syscall(sys_ioprio_set); 142cond_syscall(sys_ioprio_set);
143cond_syscall(sys_ioprio_get); 143cond_syscall(sys_ioprio_get);
144
145/* New file descriptors */
146cond_syscall(sys_signalfd);
147cond_syscall(sys_timerfd);
148cond_syscall(compat_sys_signalfd);
149cond_syscall(compat_sys_timerfd);
150cond_syscall(sys_eventfd);
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-24 03:13:15 -0500