linux/arch
Rabin Vincent 0f72e5c0df CRISv32: prevent bogus restarts on sigreturn
Al Viro noted that CRIS is vulnerable to bogus restarts on sigreturn.

The fixes CRISv32 by using regs->exs as an additional indicator to
whether we should attempt to restart the syscall or not.  EXS is only
used in the sigtrap handling, and in that path we already have r9 (the
other indicator, which indicates if we're in a syscall or not) cleared.

Test case, a port of Al's ARM version from 653d48b221 ("arm: fix
really nasty sigreturn bug"):

  #include <unistd.h>
  #include <signal.h>
  #include <stdlib.h>
  #include <sys/time.h>
  #include <errno.h>

  void f(int n)
  {
  	register int r10 asm ("r10") = n;

          __asm__ __volatile__(
  		"ba	1f	\n"
  		"nop		\n"
  		"break	8	\n"
  		"1: ba	.	\n"
  		"nop		\n"
  		:
  		: "r" (r10)
  		: "memory");
  }

  void handler1(int sig) { }
  void handler2(int sig) { raise(1); }
  void handler3(int sig) { exit(0); }

  int main(int argc, char *argv[])
  {
          struct sigaction s = {.sa_handler = handler2};
          struct itimerval t1 = { .it_value = {1} };
          struct itimerval t2 = { .it_value = {2} };

          signal(1, handler1);

          sigemptyset(&s.sa_mask);
          sigaddset(&s.sa_mask, 1);
          sigaction(SIGALRM, &s, NULL);

          signal(SIGVTALRM, handler3);

          setitimer(ITIMER_REAL, &t1, NULL);
          setitimer(ITIMER_VIRTUAL, &t2, NULL);

          f(-513); /* -ERESTARTNOINTR */

          return 0;
  }

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Link: http://lkml.kernel.org/r/20121208074429.GC4939@ZenIV.linux.org.uk
Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Jesper Nilsson <jespern@axis.com>
2015-03-25 10:51:53 +01:00
..
alpha asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
arc ARC: Fix thread_saved_pc() 2015-02-27 10:59:34 +05:30
arm Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm 2015-03-21 10:03:22 -07:00
arm64 arm64 fixes: 2015-03-21 10:24:10 -07:00
avr32 asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
blackfin Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2015-02-21 12:59:04 -08:00
c6x arch/c6x/include/asm/pgtable.h: define dummy pgprot_writecombine for !MMU 2015-03-12 18:46:08 -07:00
cris CRISv32: prevent bogus restarts on sigreturn 2015-03-25 10:51:53 +01:00
frv mm: add missing __PAGETABLE_{PUD,PMD}_FOLDED defines 2015-02-28 09:57:51 -08:00
hexagon all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
ia64 asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
m32r mm: add missing __PAGETABLE_{PUD,PMD}_FOLDED defines 2015-02-28 09:57:51 -08:00
m68k mm: add missing __PAGETABLE_{PUD,PMD}_FOLDED defines 2015-02-28 09:57:51 -08:00
metag metag: Fix KSTK_EIP() and KSTK_ESP() macros 2015-02-24 12:54:21 +00:00
microblaze microblaze: Fix syscall error recovery for invalid syscall IDs 2015-03-04 15:12:27 +01:00
mips KVM: MIPS: Enable after disabling interrupt 2015-03-02 19:18:12 -03:00
mn10300 mm: add missing __PAGETABLE_{PUD,PMD}_FOLDED defines 2015-02-28 09:57:51 -08:00
nios2 nios2: mm: do not invoke OOM killer on kernel fault OOM 2015-03-16 15:35:25 +08:00
openrisc asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
parisc mm: add missing __PAGETABLE_{PUD,PMD}_FOLDED defines 2015-02-28 09:57:51 -08:00
powerpc powerpc/iommu: Remove IOMMU device references via bus notifier 2015-03-04 13:19:33 +11:00
s390 kvm: move advertising of KVM_CAP_IRQFD to common code 2015-03-10 21:18:59 -03:00
score all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
sh asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
sparc sparc64: Fix several bugs in memmove(). 2015-03-23 09:22:10 -07:00
tile tile: use %*pb[l] to print bitmaps including cpumasks and nodemasks 2015-02-13 21:21:37 -08:00
um all arches, signal: move restart_block to struct task_struct 2015-02-12 18:54:12 -08:00
unicore32 mm: vmalloc: pass additional vm_flags to __vmalloc_node_range() 2015-02-13 21:21:42 -08:00
x86 Power management and ACPI fixes for v4.0-rc5 2015-03-21 12:51:36 -07:00
xtensa asm-generic: uaccess.h cleanup 2015-02-18 10:02:24 -08:00
.gitignore
Kconfig