acrn-kernel/arch/m68k
Eric W. Biederman fcb116bc43 signal: Replace force_fatal_sig with force_exit_sig when in doubt
Recently to prevent issues with SECCOMP_RET_KILL and similar signals
being changed before they are delivered SA_IMMUTABLE was added.

Unfortunately this broke debuggers[1][2] which reasonably expect
to be able to trap synchronous SIGTRAP and SIGSEGV even when
the target process is not configured to handle those signals.

Add force_exit_sig and use it instead of force_fatal_sig where
historically the code has directly called do_exit.  This has the
implementation benefits of going through the signal exit path
(including generating core dumps) without the danger of allowing
userspace to ignore or change these signals.

This avoids userspace regressions as older kernels exited with do_exit
which debuggers also can not intercept.

In the future is should be possible to improve the quality of
implementation of the kernel by changing some of these force_exit_sig
calls to force_fatal_sig.  That can be done where it matters on
a case-by-case basis with careful analysis.

Reported-by: Kyle Huey <me@kylehuey.com>
Reported-by: kernel test robot <oliver.sang@intel.com>
[1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw@mail.gmail.com
[2] https://lkml.kernel.org/r/20211117150258.GB5403@xsang-OptiPlex-9020
Fixes: 00b06da29c ("signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed")
Fixes: a3616a3c02 ("signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die")
Fixes: 83a1f27ad7 ("signal/powerpc: On swapcontext failure force SIGSEGV")
Fixes: 9bc508cf07 ("signal/s390: Use force_sigsegv in default_trap_handler")
Fixes: 086ec444f8 ("signal/sparc32: In setup_rt_frame and setup_fram use force_fatal_sig")
Fixes: c317d306d5 ("signal/sparc32: Exit with a fatal signal when try_to_clear_window_buffer fails")
Fixes: 695dd0d634 ("signal/x86: In emulate_vsyscall force a signal instead of calling do_exit")
Fixes: 1fbd60df8a ("signal/vm86_32: Properly send SIGSEGV when the vm86 state cannot be saved.")
Fixes: 941edc5bf1 ("exit/syscall_user_dispatch: Send ordinary signals on failure")
Link: https://lkml.kernel.org/r/871r3dqfv8.fsf_-_@email.froward.int.ebiederm.org
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Kees Cook <keescook@chromium.org>
Tested-by: Kyle Huey <khuey@kylehuey.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2021-11-19 09:15:58 -06:00
..
68000 m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
amiga asm-generic: cross-architecture timer cleanup 2020-12-16 00:07:17 -08:00
apollo asm-generic: cross-architecture timer cleanup 2020-12-16 00:07:17 -08:00
atari m68k/q40: Replace q40ide driver with pata_falcon and falconide 2021-06-10 16:30:12 -06:00
bvme6000 asm-generic: cross-architecture timer cleanup 2020-12-16 00:07:17 -08:00
coldfire m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
configs m68k: defconfig: Update defconfigs for v5.15-rc1 2021-10-11 10:34:52 +02:00
emu Core: 2021-11-02 06:20:58 -07:00
fpsp040 signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die 2021-08-26 09:59:15 -05:00
hp300 asm-generic: cross-architecture timer cleanup 2020-12-16 00:07:17 -08:00
ifpsp060 m68k: fpsp040,ifpsp060: Remove meaningless EXTRA_LDFLAGS 2021-04-06 09:33:20 +02:00
include Fixes include: 2021-11-11 14:22:05 -08:00
kernel signal: Replace force_fatal_sig with force_exit_sig when in doubt 2021-11-19 09:15:58 -06:00
lib m68k: muldi3: Use semicolon instead of comma 2021-09-24 13:35:23 +02:00
mac m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
math-emu
mm memblock: allow to specify flags with memblock_add_node() 2021-11-06 13:30:42 -07:00
mvme16x m68k: mvme: Remove overdue #warnings in RTC handling 2021-09-13 11:19:05 +02:00
mvme147 m68k: mvme: Remove overdue #warnings in RTC handling 2021-09-13 11:19:05 +02:00
q40 m68k/q40: Replace q40ide driver with pata_falcon and falconide 2021-06-10 16:30:12 -06:00
sun3 m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
sun3x m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
tools/amiga m68k: tools: Replace zero-length array with flexible-array member 2020-05-25 10:55:56 +02:00
Kbuild m68k: sun3: Descend to prom from arch/m68k/sun3 2020-07-13 11:39:12 +02:00
Kconfig m68k: Remove set_fs() 2021-09-24 13:35:07 +02:00
Kconfig.bus m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch 2021-08-23 08:40:05 +10:00
Kconfig.cpu m68knommu: Remove MCPU32 config symbol 2021-10-26 08:46:27 +10:00
Kconfig.debug
Kconfig.devices treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Kconfig.machine m68k: set a default value for MEMORY_RESERVE 2021-10-26 08:46:27 +10:00
Makefile kbuild: use more subdir- for visiting subdirectories while cleaning 2021-10-24 13:49:46 +09:00
install.sh