[REVIEW][PATCH 11/20] signal/x86/traps: Simplify trap generation

when all of the information is present. Making this a more obvious, simpler and less error prone construction. Signed-off-by: "Eric W. Biederman" --- arch/x86/kernel/traps.c | 85 - 1 file changed, 24 insertions(+), 61 deletions(-) diff --git

[REVIEW][PATCH 19/20] signal/x86: Pass pkey by value

Now that si_code == SEGV_PKUERR is the flag indicating that a pkey is present there is no longer a need to pass a pointer to a local pkey value, instead pkey can be passed more efficiently by value. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 14 +++--- 1 fi

[REVIEW][PATCH 15/20] signal/x86: Don't compute pkey in __do_page_fault

There are no more users of the computed pkey value in __do_page_fault so stop computing the value. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 4 1 file changed, 4 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 7ba00519fa5d..f82106578

[REVIEW][PATCH 15/20] signal/x86: Don't compute pkey in __do_page_fault

There are no more users of the computed pkey value in __do_page_fault so stop computing the value. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 4 1 file changed, 4 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 7ba00519fa5d..f82106578

[REVIEW][PATCH 12/20] signal/x86: Remove pkey parameter from bad_area_nosemaphore

The function bad_area_nosemaphore always sets si_code to SEGV_MAPERR and as such can never return a pkey parameter. Therefore remove the unusable pkey parameter from bad_area_nosemaphore. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 14 +++--- 1 file

[REVIEW][PATCH 12/20] signal/x86: Remove pkey parameter from bad_area_nosemaphore

The function bad_area_nosemaphore always sets si_code to SEGV_MAPERR and as such can never return a pkey parameter. Therefore remove the unusable pkey parameter from bad_area_nosemaphore. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 14 +++--- 1 file

[REVIEW][PATCH 14/20] signal/x86: Remove pkey parameter from mm_fault_error

After the previous cleanups to do_sigbus and and bad_area_nosemaphore mm_fault_error no now longer uses it's pkey parameter. Therefore remove the unused parameter. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

[REVIEW][PATCH 17/20] signal/x86: Call force_sig_pkuerr from __bad_area_nosemaphore

directly from __bad_area_semaphore and remove fill_sig_info_pkey. At the same time move the comment above force_sig_info_pkey into bad_area_access_error, so that the documentation of about pkey generation races is not lost. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fa

[REVIEW][PATCH 18/20] signal/x86: Replace force_sig_info_fault with force_sig_fault

Now that the pkey handling has been removed force_sig_info_fault and force_sig_fault perform identical work. Just the type of the address paramter is different. So replace calls to force_sig_info_fault with calls to force_sig_fault, and remove force_sig_info_fault. Signed-off-by: "E

[REVIEW][PATCH 13/20] signal/x86: Remove the pkey parameter from do_sigbus

The function do_sigbus never sets si_code to PKUERR so it can never return a pkey to userspace. Therefore remove the unusable pkey parameter from do_sigbus. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --

[REVIEW][PATCH 20/20] signal/x86: Use force_sig_fault where appropriate

Signed-off-by: "Eric W. Biederman" --- arch/x86/entry/vsyscall/vsyscall_64.c | 9 + arch/x86/kernel/ptrace.c | 10 ++ arch/x86/kernel/traps.c | 14 +- arch/x86/kernel/umip.c| 8 +--- 4 files changed, 9 inserti

[REVIEW][PATCH 16/20] signal/x86: Pass pkey not vma into __bad_area

There is only one caller of __bad_area that passes in PKUERR and thus will generate a siginfo with si_pkey set. Therefore simplify the logic and hoist reading of vma_pkey up into that caller, and just pass *pkey into __bad_area. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fa

[REVIEW][PATCH 14/20] signal/x86: Remove pkey parameter from mm_fault_error

After the previous cleanups to do_sigbus and and bad_area_nosemaphore mm_fault_error no now longer uses it's pkey parameter. Therefore remove the unused parameter. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

[REVIEW][PATCH 17/20] signal/x86: Call force_sig_pkuerr from __bad_area_nosemaphore

directly from __bad_area_semaphore and remove fill_sig_info_pkey. At the same time move the comment above force_sig_info_pkey into bad_area_access_error, so that the documentation of about pkey generation races is not lost. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fa

[REVIEW][PATCH 18/20] signal/x86: Replace force_sig_info_fault with force_sig_fault

Now that the pkey handling has been removed force_sig_info_fault and force_sig_fault perform identical work. Just the type of the address paramter is different. So replace calls to force_sig_info_fault with calls to force_sig_fault, and remove force_sig_info_fault. Signed-off-by: "E

[REVIEW][PATCH 13/20] signal/x86: Remove the pkey parameter from do_sigbus

The function do_sigbus never sets si_code to PKUERR so it can never return a pkey to userspace. Therefore remove the unusable pkey parameter from do_sigbus. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --

[REVIEW][PATCH 20/20] signal/x86: Use force_sig_fault where appropriate

Signed-off-by: "Eric W. Biederman" --- arch/x86/entry/vsyscall/vsyscall_64.c | 9 + arch/x86/kernel/ptrace.c | 10 ++ arch/x86/kernel/traps.c | 14 +- arch/x86/kernel/umip.c| 8 +--- 4 files changed, 9 inserti

[REVIEW][PATCH 16/20] signal/x86: Pass pkey not vma into __bad_area

There is only one caller of __bad_area that passes in PKUERR and thus will generate a siginfo with si_pkey set. Therefore simplify the logic and hoist reading of vma_pkey up into that caller, and just pass *pkey into __bad_area. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fa

[REVIEW][PATCH 09/20] signal/x86/traps: Use force_sig_bnderr

Instead of generating the siginfo in x86 specific code use the new helper function force_sig_bnderr to separate the concerns of collecting the information and generating a proper siginfo. Making the code easier to understand and maintain. Signed-off-by: "Eric W. Biederman" --- arch/

[REVIEW][PATCH 08/20] signal/x86/traps: Move setting error_code and trap_nr into do_trap_no_signal

-by: "Eric W. Biederman" --- arch/x86/kernel/traps.c | 29 ++--- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index 31a689b67be3..f31c0ddee278 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kern

[REVIEW][PATCH 06/20] signal/x86: Move mpx siginfo generation into do_bounds

This separates the logic of generating the signal from the logic of gathering the information about the bounds violation. Signed-off-by: "Eric W. Biederman" --- arch/x86/include/asm/mpx.h | 13 ++--- arch/x86/kernel/traps.c| 19 ++- arch/x86/mm/mpx.c

[REVIEW][PATCH 09/20] signal/x86/traps: Use force_sig_bnderr

Instead of generating the siginfo in x86 specific code use the new helper function force_sig_bnderr to separate the concerns of collecting the information and generating a proper siginfo. Making the code easier to understand and maintain. Signed-off-by: "Eric W. Biederman" --- arch/

[REVIEW][PATCH 08/20] signal/x86/traps: Move setting error_code and trap_nr into do_trap_no_signal

-by: "Eric W. Biederman" --- arch/x86/kernel/traps.c | 29 ++--- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c index 31a689b67be3..f31c0ddee278 100644 --- a/arch/x86/kernel/traps.c +++ b/arch/x86/kern

[REVIEW][PATCH 06/20] signal/x86: Move mpx siginfo generation into do_bounds

This separates the logic of generating the signal from the logic of gathering the information about the bounds violation. Signed-off-by: "Eric W. Biederman" --- arch/x86/include/asm/mpx.h | 13 ++--- arch/x86/kernel/traps.c| 19 ++- arch/x86/mm/mpx.c

[REVIEW][PATCH 10/20] signal/x86/traps: Use force_sig instead of open coding it.

The function "force_sig(sig, tsk)" is equivalent to " force_sig_info(sig, SEND_SIG_PRIV, tsk)". Using the siginfo variants can be error prone so use the simpler old fashioned force_sig variant, and with luck the force_sig_info variant can go away. Signed-off-by: "Eric

[REVIEW][PATCH 10/20] signal/x86/traps: Use force_sig instead of open coding it.

The function "force_sig(sig, tsk)" is equivalent to " force_sig_info(sig, SEND_SIG_PRIV, tsk)". Using the siginfo variants can be error prone so use the simpler old fashioned force_sig variant, and with luck the force_sig_info variant can go away. Signed-off-by: "Eric

[REVIEW][PATCH 07/20] signal/x86/traps: Factor out show_signal

The code for conditionally printing unhanded signals is duplicated twice in arch/x86/kernel/traps.c. Factor it out into it's own subroutine called show_signal to make the code clearer and easier to maintain. Signed-off-by: "Eric W. Biederman" --- arch/x86/kernel/tr

[REVIEW][PATCH 07/20] signal/x86/traps: Factor out show_signal

The code for conditionally printing unhanded signals is duplicated twice in arch/x86/kernel/traps.c. Factor it out into it's own subroutine called show_signal to make the code clearer and easier to maintain. Signed-off-by: "Eric W. Biederman" --- arch/x86/kernel/tr

[REVIEW][PATCH 05/20] signal/x86: In trace_mpx_bounds_register_exception add __user annotations

but sparse was complaining when testing test branch so fix this now. Signed-off-by: "Eric W. Biederman" --- arch/x86/include/asm/trace/mpx.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/trace/mpx.h b/arch/x86/include/asm/trace/mpx.h index 7b

[REVIEW][PATCH 05/20] signal/x86: In trace_mpx_bounds_register_exception add __user annotations

but sparse was complaining when testing test branch so fix this now. Signed-off-by: "Eric W. Biederman" --- arch/x86/include/asm/trace/mpx.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/trace/mpx.h b/arch/x86/include/asm/trace/mpx.h index 7b

[REVIEW][PATCH 04/20] signal/x86: Use send_sig_mceerr as apropriate

This simplifies the code making it clearer what is going on. Signed-off-by: "Eric W. Biederman" --- arch/x86/kvm/mmu.c | 11 +-- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index a282321329b5..95349bfe3b59 100644 ---

[REVIEW][PATCH 04/20] signal/x86: Use send_sig_mceerr as apropriate

This simplifies the code making it clearer what is going on. Signed-off-by: "Eric W. Biederman" --- arch/x86/kvm/mmu.c | 11 +-- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index a282321329b5..95349bfe3b59 100644 ---

[REVIEW][PATCH 03/20] signal/x86: Move MCE error reporting out of force_sig_info_fault

to force_sig_info_fault from do_sigbus. This makes the code in arch/x86/mm/fault.c easier to follower and simpler to maintain. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 23 +++ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/arch/x86/

[REVIEW][PATCH 02/20] signal/x86: Inline fill_sigtrap_info in it's only caller send_sigtrap

The function fill_sigtrap_info now only has one caller so remove it and put it's contents in it's caller. Signed-off-by: "Eric W. Biederman" --- arch/x86/kernel/ptrace.c | 22 +++--- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/arch/x86/kernel/ptrac

[REVIEW][PATCH 01/20] signal: Simplify tracehook_report_syscall_exit

to maintain. Ref: 85ec7fd9f8e5 ("ptrace: introduce user_single_step_siginfo() helper") Signed-off-by: "Eric W. Biederman" --- arch/powerpc/include/asm/ptrace.h | 2 +- arch/powerpc/kernel/traps.c | 7 ++- arch/x86/include/asm/ptrace.h | 2 +- arch/x86/kernel/pt

[REVIEW][PATCH 03/20] signal/x86: Move MCE error reporting out of force_sig_info_fault

to force_sig_info_fault from do_sigbus. This makes the code in arch/x86/mm/fault.c easier to follower and simpler to maintain. Signed-off-by: "Eric W. Biederman" --- arch/x86/mm/fault.c | 23 +++ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/arch/x86/

[REVIEW][PATCH 02/20] signal/x86: Inline fill_sigtrap_info in it's only caller send_sigtrap

The function fill_sigtrap_info now only has one caller so remove it and put it's contents in it's caller. Signed-off-by: "Eric W. Biederman" --- arch/x86/kernel/ptrace.c | 22 +++--- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/arch/x86/kernel/ptrac

[REVIEW][PATCH 01/20] signal: Simplify tracehook_report_syscall_exit

to maintain. Ref: 85ec7fd9f8e5 ("ptrace: introduce user_single_step_siginfo() helper") Signed-off-by: "Eric W. Biederman" --- arch/powerpc/include/asm/ptrace.h | 2 +- arch/powerpc/kernel/traps.c | 7 ++- arch/x86/include/asm/ptrace.h | 2 +- arch/x86/kernel/pt

[REVIEW][PATCH 00/20] siginfo cleanups for x86

siginfo tree. At this point I believe all of the prerequisite patches are merged so it should not make a difference. Eric W. Biederman (20): signal: Simplify tracehook_report_syscall_exit signal/x86: Inline fill_sigtrap_info in it's only caller send_sigtrap signal/x86: Move MCE

[REVIEW][PATCH 00/20] siginfo cleanups for x86

siginfo tree. At this point I believe all of the prerequisite patches are merged so it should not make a difference. Eric W. Biederman (20): signal: Simplify tracehook_report_syscall_exit signal/x86: Inline fill_sigtrap_info in it's only caller send_sigtrap signal/x86: Move MCE

Re: [PATCH v3 1/3] exec: separate thread_count for files_struct

Oleg Nesterov writes: > On 09/16, Eric W. Biederman wrote: >> >> Oleg Nesterov writes: >> >> > As for binder.c, in this case we probably actually want to unshare ->files >> > on exec so we can ignore it? >> >> Looking at the binder c

Re: [PATCH v3 1/3] exec: separate thread_count for files_struct

Oleg Nesterov writes: > On 09/16, Eric W. Biederman wrote: >> >> Oleg Nesterov writes: >> >> > As for binder.c, in this case we probably actually want to unshare ->files >> > on exec so we can ignore it? >> >> Looking at the binder c

Re: [RFC][PATCH 2/3] exec: Simplify unshare_files

Oleg Nesterov writes: > absolutely off-topic question, > > On 09/16, Eric W. Biederman wrote: >> >> @@ -747,11 +746,9 @@ void do_coredump(const siginfo_t *siginfo) >> } >> >> /* get us an unshared descriptor table; almost always a

Re: [RFC][PATCH 2/3] exec: Simplify unshare_files

Oleg Nesterov writes: > absolutely off-topic question, > > On 09/16, Eric W. Biederman wrote: >> >> @@ -747,11 +746,9 @@ void do_coredump(const siginfo_t *siginfo) >> } >> >> /* get us an unshared descriptor table; almost always a

[PATCH 4/4] signal: Pair exports with their functions

For readability and consistency with the other exports in kernel/signal.c pair the exports of signal sending functions with their functions, instead of having the exports in one big clump. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 15 +++ 1 file

[PATCH 4/4] signal: Pair exports with their functions

For readability and consistency with the other exports in kernel/signal.c pair the exports of signal sending functions with their functions, instead of having the exports in one big clump. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 15 +++ 1 file

[PATCH 3/4] signal: Remove specific_send_sig_info

specific_send_sig_info to make the code easier to read. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/kernel/signal.c b/kernel/signal.c index ec136fda457a..99e91163c9a3 100644 --- a/kernel/signal.c +++ b/kerne

[PATCH 3/4] signal: Remove specific_send_sig_info

specific_send_sig_info to make the code easier to read. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/kernel/signal.c b/kernel/signal.c index ec136fda457a..99e91163c9a3 100644 --- a/kernel/signal.c +++ b/kerne

[PATCH 2/4] signal: Use group_send_sig_info to kill all processes in a pid namespace

. This is needed for fork to detect when signals are sent to a group of processes. Admittedly fork has another case to catch SIGKILL but the principle remains that it is desirable to know when a group of processes is being signaled. Signed-off-by: "Eric W. Biederman" --- kernel/pid_namespace.c

[PATCH 2/4] signal: Use group_send_sig_info to kill all processes in a pid namespace

. This is needed for fork to detect when signals are sent to a group of processes. Admittedly fork has another case to catch SIGKILL but the principle remains that it is desirable to know when a group of processes is being signaled. Signed-off-by: "Eric W. Biederman" --- kernel/pid_namespace.c

[PATCH 0/4] signal: Cleanups

for exceptions that send siginfo. I have just a few architectures left and I just need to double check that I didn't do anything stupid and post those changes for review. If anyone sees any issues with these patches let me know. Otherwise I am going to merge them into my siginfo tree. Eric W. Biederman

[PATCH 1/4] tty_io: Use group_send_sig_info in __do_SACK to note it is a session being killed

. group_send_sig_info also contains a permission check that force_sig and send_sig do not. However the presence of SEND_SIG_PRIV makes the permission check a noop. So the permission check does not result in any behavioral differences. Signed-off-by: "Eric W. Biederman" --- drivers/tt

[PATCH 0/4] signal: Cleanups

for exceptions that send siginfo. I have just a few architectures left and I just need to double check that I didn't do anything stupid and post those changes for review. If anyone sees any issues with these patches let me know. Otherwise I am going to merge them into my siginfo tree. Eric W. Biederman

[PATCH 1/4] tty_io: Use group_send_sig_info in __do_SACK to note it is a session being killed

. group_send_sig_info also contains a permission check that force_sig and send_sig do not. However the presence of SEND_SIG_PRIV makes the permission check a noop. So the permission check does not result in any behavioral differences. Signed-off-by: "Eric W. Biederman" --- drivers/tt

[RFC][PATCH 2/3] exec: Simplify unshare_files

Now that exec calls unshare_files after the point of no return there is no reason to return displaced. Signed-off-by: "Eric W. Biederman" --- fs/coredump.c | 5 + fs/exec.c | 5 + include/linux/fdtable.h | 2 +- kernel/fork.c | 12 +

[RFC][PATCH 2/3] exec: Simplify unshare_files

Now that exec calls unshare_files after the point of no return there is no reason to return displaced. Signed-off-by: "Eric W. Biederman" --- fs/coredump.c | 5 + fs/exec.c | 5 + include/linux/fdtable.h | 2 +- kernel/fork.c | 12 +

[RFC][PATCH 3/3] exec: Remove reset_files_struct

Now that unshare_files is called after the point of no return there are no more callers of reset_files_struct so remove it. Signed-off-by: "Eric W. Biederman" --- fs/file.c | 12 include/linux/fdtable.h | 1 - 2 files changed, 13 deletions(-) diff

[RFC][PATCH 3/3] exec: Remove reset_files_struct

Now that unshare_files is called after the point of no return there are no more callers of reset_files_struct so remove it. Signed-off-by: "Eric W. Biederman" --- fs/file.c | 12 include/linux/fdtable.h | 1 - 2 files changed, 13 deletions(-) diff

[RFC][PATCH 1/3] exec: Move unshare_files down to avoid locks being dropped on exec.

Signed-off-by: "Eric W. Biederman" --- fs/exec.c | 19 --- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 1ebf6e5a521d..6f6167ec08eb 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1252,6 +1252,7 @@ void __set_task_comm(struct t

[RFC][PATCH 1/3] exec: Move unshare_files down to avoid locks being dropped on exec.

Signed-off-by: "Eric W. Biederman" --- fs/exec.c | 19 --- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 1ebf6e5a521d..6f6167ec08eb 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1252,6 +1252,7 @@ void __set_task_comm(struct t

[RFC][PATCH 0/3] exec: Moving unshare_files_struct

hat are the races in fs/exec.c with respect to accessing files. Semantically I don't think we care but we do need to be certain the implementation of exec is still robust. These patches are still rough and ready and only compile tested but I believe they demonstrate what is possible. Eric W. Bieder

[RFC][PATCH 0/3] exec: Moving unshare_files_struct

hat are the races in fs/exec.c with respect to accessing files. Semantically I don't think we care but we do need to be certain the implementation of exec is still robust. These patches are still rough and ready and only compile tested but I believe they demonstrate what is possible. Eric W. Bieder

Re: [PATCH v3 3/3] exec: do unshare_files after de_thread

ck > up to __do_execve_file. This is done via a new displaced_files field > inside the linux_binprm. Actually because unshare_files happens after de_thread (the point of no return) we don't need to do anything with displaced files. A failing exec will clear brpm->mm, and search_binary_handl

Re: [PATCH v3 3/3] exec: do unshare_files after de_thread

ck > up to __do_execve_file. This is done via a new displaced_files field > inside the linux_binprm. Actually because unshare_files happens after de_thread (the point of no return) we don't need to do anything with displaced files. A failing exec will clear brpm->mm, and search_binary_handl

Re: [PATCH v3 3/3] exec: do unshare_files after de_thread

Oleg Nesterov writes: > On 09/14, Jeff Layton wrote: >> >> POSIX mandates that open fds and their associated file locks should be >> preserved across an execve. This works, unless the process is >> multithreaded at the time that execve is called. >> >> In that case, we'll end up unsharing the

Re: [PATCH v3 3/3] exec: do unshare_files after de_thread

Oleg Nesterov writes: > On 09/14, Jeff Layton wrote: >> >> POSIX mandates that open fds and their associated file locks should be >> preserved across an execve. This works, unless the process is >> multithreaded at the time that execve is called. >> >> In that case, we'll end up unsharing the

Re: [PATCH v3 1/3] exec: separate thread_count for files_struct

Oleg Nesterov writes: > On 09/14, Jeff Layton wrote: >> >> Currently, we have a single refcount variable inside the files_struct. >> When we go to unshare the files_struct, we check this counter and if >> it's elevated, then we allocate a new files_struct instead of just >> repurposing the old

Re: [PATCH v3 1/3] exec: separate thread_count for files_struct

Oleg Nesterov writes: > On 09/14, Jeff Layton wrote: >> >> Currently, we have a single refcount variable inside the files_struct. >> When we go to unshare the files_struct, we check this counter and if >> it's elevated, then we allocate a new files_struct instead of just >> repurposing the old

[PATCH 09/10] signal: Use SEND_SIG_PRIV not SEND_SIG_FORCED with SIGKILL and SIGSTOP

that are sending SIGKILL or SIGSTOP to use SEND_SIG_PRIV instead. This removes the last users of SEND_SIG_FORCED. Signed-off-by: "Eric W. Biederman" --- kernel/pid_namespace.c | 2 +- kernel/ptrace.c| 4 ++-- mm/oom_kill.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletion

[PATCH 08/10] signal: Never allocate siginfo for SIGKILL or SIGSTOP

The SIGKILL and SIGSTOP signals are never delivered to userspace so queued siginfo for these signals can never be observed. Therefore remove the chance of failure by never even attempting to allocate siginfo in those cases. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 7

[PATCH 09/10] signal: Use SEND_SIG_PRIV not SEND_SIG_FORCED with SIGKILL and SIGSTOP

that are sending SIGKILL or SIGSTOP to use SEND_SIG_PRIV instead. This removes the last users of SEND_SIG_FORCED. Signed-off-by: "Eric W. Biederman" --- kernel/pid_namespace.c | 2 +- kernel/ptrace.c| 4 ++-- mm/oom_kill.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletion

[PATCH 08/10] signal: Never allocate siginfo for SIGKILL or SIGSTOP

The SIGKILL and SIGSTOP signals are never delivered to userspace so queued siginfo for these signals can never be observed. Therefore remove the chance of failure by never even attempting to allocate siginfo in those cases. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 7

[PATCH 05/10] signal: send_sig_all no longer needs SEND_SIG_FORCED

that userspace when it receives a SIGTERM can tell that the kernel sent the signal and not some random userspace application. Fixes: b82c32872db2 ("sysrq: use SEND_SIG_FORCED instead of force_sig()") Signed-off-by: "Eric W. Biederman" --- drivers/tty/sysrq.c | 2 +- 1 file change

[PATCH 05/10] signal: send_sig_all no longer needs SEND_SIG_FORCED

that userspace when it receives a SIGTERM can tell that the kernel sent the signal and not some random userspace application. Fixes: b82c32872db2 ("sysrq: use SEND_SIG_FORCED instead of force_sig()") Signed-off-by: "Eric W. Biederman" --- drivers/tty/sysrq.c | 2 +- 1 file change

[PATCH 07/10] signal: Don't send siginfo to kthreads.

an unnecessary allocation when delivering signals to kthreads. Switch the mass storage driver from sending signals with SEND_SIG_FORCED to SEND_SIG_PRIV. As using SEND_SIG_FORCED is now unnecessary. Signed-off-by: "Eric W. Biederman" --- drivers/usb/gadget/function/f_mass_storage.c | 2

[PATCH 03/10] signal: Properly deliver SIGSEGV from x86 uprobes

or a more specific si_code as all exceptions deliver. Therefore replace force_sig_info(SIGSEGV, SEND_SIG_FORCE, current) with force_sig(SIG_SEGV, current) which gets this right and is shorter and easier to type. Fixes: 791eca10107f ("uretprobes/x86: Hijack return address") Signed-off-b

[PATCH 10/10] signal: Remove SEND_SIG_FORCED

simpler, easier to understand and use. Users of signal sending functions now no longer need to ask themselves do I need to use SEND_SIG_FORCED. Signed-off-by: "Eric W. Biederman" --- include/linux/sched/signal.h | 1 - include/trace/events/signal.h | 3 +-- kernel/signal.c

[PATCH 07/10] signal: Don't send siginfo to kthreads.

an unnecessary allocation when delivering signals to kthreads. Switch the mass storage driver from sending signals with SEND_SIG_FORCED to SEND_SIG_PRIV. As using SEND_SIG_FORCED is now unnecessary. Signed-off-by: "Eric W. Biederman" --- drivers/usb/gadget/function/f_mass_storage.c | 2

[PATCH 03/10] signal: Properly deliver SIGSEGV from x86 uprobes

or a more specific si_code as all exceptions deliver. Therefore replace force_sig_info(SIGSEGV, SEND_SIG_FORCE, current) with force_sig(SIG_SEGV, current) which gets this right and is shorter and easier to type. Fixes: 791eca10107f ("uretprobes/x86: Hijack return address") Signed-off-b

[PATCH 10/10] signal: Remove SEND_SIG_FORCED

simpler, easier to understand and use. Users of signal sending functions now no longer need to ask themselves do I need to use SEND_SIG_FORCED. Signed-off-by: "Eric W. Biederman" --- include/linux/sched/signal.h | 1 - include/trace/events/signal.h | 3 +-- kernel/signal.c

[PATCH 06/10] signal: Remove the siginfo paramater from kernel_dqueue_signal

None of the callers use the it so remove it. Signed-off-by: "Eric W. Biederman" --- drivers/usb/gadget/function/f_mass_storage.c | 2 +- fs/jffs2/background.c| 2 +- include/linux/sched/signal.h | 4 ++-- 3 files changed, 4 insertions(+), 4

[PATCH 04/10] signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init

to ignore signals sent from itself and children with SIG_DFL. Fixes: 921cf9f63089 ("signals: protect cinit from unblocked SIG_DFL signals") Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/signal

[PATCH 02/10] signal: Properly deliver SIGILL from uprobes

ot;) Fixes: 0b5256c7f173 ("uprobes: Send SIGILL if handle_trampoline() fails") Signed-off-by: "Eric W. Biederman" --- kernel/events/uprobes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 3207a4d26849..2b

[PATCH 04/10] signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init

to ignore signals sent from itself and children with SIG_DFL. Fixes: 921cf9f63089 ("signals: protect cinit from unblocked SIG_DFL signals") Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/signal

[PATCH 02/10] signal: Properly deliver SIGILL from uprobes

ot;) Fixes: 0b5256c7f173 ("uprobes: Send SIGILL if handle_trampoline() fails") Signed-off-by: "Eric W. Biederman" --- kernel/events/uprobes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index 3207a4d26849..2b

[PATCH 06/10] signal: Remove the siginfo paramater from kernel_dqueue_signal

None of the callers use the it so remove it. Signed-off-by: "Eric W. Biederman" --- drivers/usb/gadget/function/f_mass_storage.c | 2 +- fs/jffs2/background.c| 2 +- include/linux/sched/signal.h | 4 ++-- 3 files changed, 4 insertions(+), 4

[PATCH 01/10] signal: Always ignore SIGKILL and SIGSTOP sent to the global init

in a separate clause in sig_task_ignored as force_sig_info can clear SIG_UNKILLABLE and this protection should work even then. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 4 1 file changed, 4 insertions(+) diff --git a/kernel/signal.c b/kernel/signal.c index 5843c541fda9..b3

[PATCH 01/10] signal: Always ignore SIGKILL and SIGSTOP sent to the global init

in a separate clause in sig_task_ignored as force_sig_info can clear SIG_UNKILLABLE and this protection should work even then. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 4 1 file changed, 4 insertions(+) diff --git a/kernel/signal.c b/kernel/signal.c index 5843c541fda9..b3

[PATCH 00/10] Removing SEND_SIG_FORCED

urgency here. Please look read and send my your review. I will be out for about a week so I will address any comments when I get back. Eric W. Biederman (10): signal: Always ignore SIGKILL and SIGSTOP sent to the global init signal: Properly deliver SIGILL from uprobes signal

[PATCH 00/10] Removing SEND_SIG_FORCED

urgency here. Please look read and send my your review. I will be out for about a week so I will address any comments when I get back. Eric W. Biederman (10): signal: Always ignore SIGKILL and SIGSTOP sent to the global init signal: Properly deliver SIGILL from uprobes signal

[GIT PULL] namespace fixes for v4.19-rc1

Linus, Please pull the userns-linus branch from the git tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus HEAD: 82c9a927bc5df6e06b72d206d24a9d10cced4eb5 getxattr: use correct xattr length This is a set of 4 fairly obvious bug fixes. A switch

[GIT PULL] namespace fixes for v4.19-rc1

Linus, Please pull the userns-linus branch from the git tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus HEAD: 82c9a927bc5df6e06b72d206d24a9d10cced4eb5 getxattr: use correct xattr length This is a set of 4 fairly obvious bug fixes. A switch

namespace fixes for v4.19-rc1

Linus, Please pull the userns-linus branch from the git tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus HEAD: 82c9a927bc5df6e06b72d206d24a9d10cced4eb5 getxattr: use correct xattr length This is a set of 4 fairly obvious bug fixes. A

namespace fixes for v4.19-rc1

Linus, Please pull the userns-linus branch from the git tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus HEAD: 82c9a927bc5df6e06b72d206d24a9d10cced4eb5 getxattr: use correct xattr length This is a set of 4 fairly obvious bug fixes. A

[GIT PULL] signal work for v4.19-rc1

logically makes signals received while it is running appear to be received after the fork completes. Eric W. Biederman (22): pids: Initialize leader_pid in init_task pids: Move task_pid_type into sched/signal.h pids: Compute task_tgid using signal->leader_pid kvm: Don't open c

[GIT PULL] signal work for v4.19-rc1

logically makes signals received while it is running appear to be received after the fork completes. Eric W. Biederman (22): pids: Initialize leader_pid in init_task pids: Move task_pid_type into sched/signal.h pids: Compute task_tgid using signal->leader_pid kvm: Don't open c

Re: [PATCH] signal: Don't send signals to tasks that don't exist

Andrew Morton writes: > Dude, lighten up. This was in response to being asked by a the maintainers of a bot that has wasted copious quanties of my time to please not waste their time. To prevent the wasting of time it was requested that when syzbot would be enabled on linux-next again that it

Re: [PATCH] signal: Don't send signals to tasks that don't exist

Andrew Morton writes: > Dude, lighten up. This was in response to being asked by a the maintainers of a bot that has wasted copious quanties of my time to please not waste their time. To prevent the wasting of time it was requested that when syzbot would be enabled on linux-next again that it

Re: [PATCH] signal: Don't send signals to tasks that don't exist

Dmitry Vyukov writes: > On Wed, Aug 15, 2018 at 9:04 PM, Eric W. Biederman > wrote: >> >> Recently syzbot reported crashes in send_sigio_to_task and >> send_sigurg_to_task in linux-next. Despite finding a reproducer >> syzbot apparently did not bisecte

Re: [PATCH] signal: Don't send signals to tasks that don't exist

Dmitry Vyukov writes: > On Wed, Aug 15, 2018 at 9:04 PM, Eric W. Biederman > wrote: >> >> Recently syzbot reported crashes in send_sigio_to_task and >> send_sigurg_to_task in linux-next. Despite finding a reproducer >> syzbot apparently did not bisecte

<    6   7   8   9   10   11   12   13   14   15   >