Commit 0deae8c4 authored by Oleg Nesterov's avatar Oleg Nesterov Committed by james toy

No changes in compiled code. The patch adds the new helper, si_fromuser()

and changes check_kill_permission() to use this helper.

The real effect of this patch is that from now we "officially" consider
SEND_SIG_NOINFO signal as "from user-space" signals. This is already true
if we look at the code which uses SEND_SIG_NOINFO, except __send_signal()
has another opinion - see the next patch.

The naming of these special SEND_SIG_XXX siginfo's is really bad
imho.  From __send_signal()'s pov they mean

	SEND_SIG_NOINFO		from user
	SEND_SIG_PRIV		from kernel
	SEND_SIG_FORCED		no info
Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
Cc: Roland McGrath <roland@redhat.com>
Reviewed-by: default avatarSukadev Bhattiprolu <sukadev@us.ibm.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent e9fb74f5
...@@ -2093,11 +2093,6 @@ static inline int kill_cad_pid(int sig, int priv) ...@@ -2093,11 +2093,6 @@ static inline int kill_cad_pid(int sig, int priv)
#define SEND_SIG_PRIV ((struct siginfo *) 1) #define SEND_SIG_PRIV ((struct siginfo *) 1)
#define SEND_SIG_FORCED ((struct siginfo *) 2) #define SEND_SIG_FORCED ((struct siginfo *) 2)
static inline int is_si_special(const struct siginfo *info)
{
return info <= SEND_SIG_FORCED;
}
/* /*
* True if we are on the alternate signal stack. * True if we are on the alternate signal stack.
*/ */
......
...@@ -606,6 +606,17 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s) ...@@ -606,6 +606,17 @@ static int rm_from_queue(unsigned long mask, struct sigpending *s)
return 1; return 1;
} }
static inline int is_si_special(const struct siginfo *info)
{
return info <= SEND_SIG_FORCED;
}
static inline bool si_fromuser(const struct siginfo *info)
{
return info == SEND_SIG_NOINFO ||
(!is_si_special(info) && SI_FROMUSER(info));
}
/* /*
* Bad permissions for sending the signal * Bad permissions for sending the signal
* - the caller must hold at least the RCU read lock * - the caller must hold at least the RCU read lock
...@@ -620,7 +631,7 @@ static int check_kill_permission(int sig, struct siginfo *info, ...@@ -620,7 +631,7 @@ static int check_kill_permission(int sig, struct siginfo *info,
if (!valid_signal(sig)) if (!valid_signal(sig))
return -EINVAL; return -EINVAL;
if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info))) if (!si_fromuser(info))
return 0; return 0;
error = audit_signal_info(sig, t); /* Let audit system see the signal */ error = audit_signal_info(sig, t); /* Let audit system see the signal */
...@@ -1176,8 +1187,7 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid, ...@@ -1176,8 +1187,7 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
goto out_unlock; goto out_unlock;
} }
pcred = __task_cred(p); pcred = __task_cred(p);
if ((info == SEND_SIG_NOINFO || if (si_fromuser(info) &&
(!is_si_special(info) && SI_FROMUSER(info))) &&
euid != pcred->suid && euid != pcred->uid && euid != pcred->suid && euid != pcred->uid &&
uid != pcred->suid && uid != pcred->uid) { uid != pcred->suid && uid != pcred->uid) {
ret = -EPERM; ret = -EPERM;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment