Commit de553438 authored by Heiko Carstens's avatar Heiko Carstens

[S390] Protect against sigaltstack wraparound.

This is just a port of 83bd0102
"x86: protect against sigaltstack wraparound".
Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
parent 08a8a0c5
...@@ -428,6 +428,10 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs * regs, size_t frame_size) ...@@ -428,6 +428,10 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs * regs, size_t frame_size)
/* Default to using normal stack */ /* Default to using normal stack */
sp = (unsigned long) A(regs->gprs[15]); sp = (unsigned long) A(regs->gprs[15]);
/* Overflow on alternate signal stack gives SIGSEGV. */
if (on_sig_stack(sp) && !on_sig_stack((sp - frame_size) & -8UL))
return (void __user *) -1UL;
/* This is the X/Open sanctioned signal stack switching. */ /* This is the X/Open sanctioned signal stack switching. */
if (ka->sa.sa_flags & SA_ONSTACK) { if (ka->sa.sa_flags & SA_ONSTACK) {
if (! sas_ss_flags(sp)) if (! sas_ss_flags(sp))
...@@ -461,6 +465,9 @@ static int setup_frame32(int sig, struct k_sigaction *ka, ...@@ -461,6 +465,9 @@ static int setup_frame32(int sig, struct k_sigaction *ka,
if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe32))) if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe32)))
goto give_sigsegv; goto give_sigsegv;
if (frame == (void __user *) -1UL)
goto give_sigsegv;
if (__copy_to_user(&frame->sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE32)) if (__copy_to_user(&frame->sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE32))
goto give_sigsegv; goto give_sigsegv;
...@@ -514,6 +521,9 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info, ...@@ -514,6 +521,9 @@ static int setup_rt_frame32(int sig, struct k_sigaction *ka, siginfo_t *info,
if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe32))) if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe32)))
goto give_sigsegv; goto give_sigsegv;
if (frame == (void __user *) -1UL)
goto give_sigsegv;
if (copy_siginfo_to_user32(&frame->info, info)) if (copy_siginfo_to_user32(&frame->info, info))
goto give_sigsegv; goto give_sigsegv;
......
...@@ -235,6 +235,10 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs * regs, size_t frame_size) ...@@ -235,6 +235,10 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs * regs, size_t frame_size)
/* Default to using normal stack */ /* Default to using normal stack */
sp = regs->gprs[15]; sp = regs->gprs[15];
/* Overflow on alternate signal stack gives SIGSEGV. */
if (on_sig_stack(sp) && !on_sig_stack((sp - frame_size) & -8UL))
return (void __user *) -1UL;
/* This is the X/Open sanctioned signal stack switching. */ /* This is the X/Open sanctioned signal stack switching. */
if (ka->sa.sa_flags & SA_ONSTACK) { if (ka->sa.sa_flags & SA_ONSTACK) {
if (! sas_ss_flags(sp)) if (! sas_ss_flags(sp))
...@@ -270,6 +274,9 @@ static int setup_frame(int sig, struct k_sigaction *ka, ...@@ -270,6 +274,9 @@ static int setup_frame(int sig, struct k_sigaction *ka,
if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe))) if (!access_ok(VERIFY_WRITE, frame, sizeof(sigframe)))
goto give_sigsegv; goto give_sigsegv;
if (frame == (void __user *) -1UL)
goto give_sigsegv;
if (__copy_to_user(&frame->sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE)) if (__copy_to_user(&frame->sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE))
goto give_sigsegv; goto give_sigsegv;
...@@ -327,6 +334,9 @@ static int setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info, ...@@ -327,6 +334,9 @@ static int setup_rt_frame(int sig, struct k_sigaction *ka, siginfo_t *info,
if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe))) if (!access_ok(VERIFY_WRITE, frame, sizeof(rt_sigframe)))
goto give_sigsegv; goto give_sigsegv;
if (frame == (void __user *) -1UL)
goto give_sigsegv;
if (copy_siginfo_to_user(&frame->info, info)) if (copy_siginfo_to_user(&frame->info, info))
goto give_sigsegv; goto give_sigsegv;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment