Commit Graph

41 Commits

Author SHA1 Message Date
Andy Lutomirski f56141e3e2 all arches, signal: move restart_block to struct task_struct
If an attacker can cause a controlled kernel stack overflow, overwriting
the restart block is a very juicy exploit target.  This is because the
restart_block is held in the same memory allocation as the kernel stack.

Moving the restart block to struct task_struct prevents this exploit by
making the restart_block harder to locate.

Note that there are other fields in thread_info that are also easy
targets, at least on some architectures.

It's also a decent simplification, since the restart code is more or less
identical on all architectures.

[james.hogan@imgtec.com: metag: align thread_info::supervisor_stack]
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: David Miller <davem@davemloft.net>
Acked-by: Richard Weinberger <richard@nod.at>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Steven Miao <realmz6@gmail.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Richard Kuo <rkuo@codeaurora.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Chen Liqin <liqin.linux@gmail.com>
Cc: Lennox Wu <lennox.wu@gmail.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Chris Zankel <chris@zankel.net>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-12 18:54:12 -08:00
Michal Simek ed4602e13f microblaze: Fix variable types to remove W=1 warning
This patch removes this warning:
arch/microblaze/kernel/signal.c: In function 'setup_rt_frame':
arch/microblaze/kernel/signal.c:177:3: warning: signed and unsigned type
in conditional expression [-Wsign-compare]

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2015-01-08 08:37:21 +01:00
Richard Weinberger c001cd21c9 microblaze: Use sigsp()
Use sigsp() instead of the open coded variant.

Signed-off-by: Richard Weinberger <richard@nod.at>
2014-08-06 13:04:11 +02:00
Richard Weinberger 9c53c7ec14 microblaze: Use get_signal() signal_setup_done()
Use the more generic functions get_signal() signal_setup_done()
for signal delivery.

Signed-off-by: Richard Weinberger <richard@nod.at>
2014-08-06 13:02:16 +02:00
Michal Simek a66a626538 microblaze: Use asm-generic/io.h
Using generic io.h will narrow down code duplication
in architecture io.h.

- define PCI_IOBASE
- remove non existing pci_io_base extern

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2014-04-07 14:25:53 +02:00
Linus Torvalds 2b37e9a28a Merge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze
Pull microblaze update from Michal Simek:
 "Microblaze changes.

  After my discussion with Arnd I have also added there asm-generic io
  patch which is Acked by him and Geert."

* 'next' of git://git.monstr.eu/linux-2.6-microblaze:
  asm-generic: io: Fix ioread16/32be and iowrite16/32be
  microblaze: Do not use module.h in files which are not modules
  microblaze: Fix coding style issues
  microblaze: Add missing return from debugfs_tlb
  microblaze: Makefile clean
  microblaze: Add .gitignore entries for auto-generated files
  microblaze: Fix strncpy_from_user macro
2013-02-26 19:50:22 -08:00
Michal Simek 6bd55f0bba microblaze: Fix coding style issues
Fix coding style issues reported by checkpatch.pl.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2013-02-12 11:24:45 +01:00
Al Viro c886a9fc1f microblaze: evict the check for kernel_mode(regs) from do_notify_resume()
Only one caller hasn't done it in assembler - work_pending on !MMU.
Everything else can't reach do_notify_resume() if we are returning
to kernel mode, so move that check to that sole caller and make
do_notify_resume() reachable only when returning to userland.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-03 18:16:01 -05:00
Al Viro 4a9d32d377 microblaze: switch to generic sigaltstack
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-02-03 18:16:01 -05:00
Michal Simek 4378bb6956 microblaze: signal: Declare do_notify_resume
Fix sparse warning by declaration do_notify_resume function
called from entry.S.
Warning:
arch/microblaze/kernel/signal.c:357:6: warning: symbol
'do_notify_resume' was not declared. Should it be static?

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2012-12-13 18:15:39 +01:00
Al Viro 02232f8d2b microblaze: rt_sigreturn is too trigger-happy about sigaltstack errors
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-11-28 21:46:12 -05:00
Linus Torvalds 8213a2f3ee Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal
Pull pile 2 of execve and kernel_thread unification work from Al Viro:
 "Stuff in there: kernel_thread/kernel_execve/sys_execve conversions for
  several more architectures plus assorted signal fixes and cleanups.

  There'll be more (in particular, real fixes for the alpha
  do_notify_resume() irq mess)..."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal: (43 commits)
  alpha: don't open-code trace_report_syscall_{enter,exit}
  Uninclude linux/freezer.h
  m32r: trim masks
  avr32: trim masks
  tile: don't bother with SIGTRAP in setup_frame
  microblaze: don't bother with SIGTRAP in setup_rt_frame()
  mn10300: don't bother with SIGTRAP in setup_frame()
  frv: no need to raise SIGTRAP in setup_frame()
  x86: get rid of duplicate code in case of CONFIG_VM86
  unicore32: remove pointless test
  h8300: trim _TIF_WORK_MASK
  parisc: decide whether to go to slow path (tracesys) based on thread flags
  parisc: don't bother looping in do_signal()
  parisc: fix double restarts
  bury the rest of TIF_IRET
  sanitize tsk_is_polling()
  bury _TIF_RESTORE_SIGMASK
  unicore32: unobfuscate _TIF_WORK_MASK
  mips: NOTIFY_RESUME is not needed in TIF masks
  mips: merge the identical "return from syscall" per-ABI code
  ...

Conflicts:
	arch/arm/include/asm/thread_info.h
2012-10-12 10:49:08 +09:00
Michal Simek 94fda49a94 Revert "microblaze_mmu_v2: Update signal returning address"
This reverts commit 8b28626a6b.

Offset -8 is wrong because when it is applied then one instruction
before brki r14, 8 is called again when we return.
Offset -4 is correct and brki instruction is called again.

This change came from ancient MMU kernel.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2012-10-04 18:56:39 +02:00
Al Viro 7f1c616825 microblaze: don't bother with SIGTRAP in setup_rt_frame()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-10-01 09:58:17 -04:00
Al Viro efee984c27 new helper: signal_delivered()
Does block_sigmask() + tracehook_signal_handler();  called when
sigframe has been successfully built.  All architectures converted
to it; block_sigmask() itself is gone now (merged into this one).

I'm still not too happy with the signature, but that's a separate
story (IMO we need a structure that would contain signal number +
siginfo + k_sigaction, so that get_signal_to_deliver() would fill one,
signal_delivered(), handle_signal() and probably setup...frame() -
take one).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-06-01 12:58:52 -04:00
Al Viro 77097ae503 most of set_current_blocked() callers want SIGKILL/SIGSTOP removed from set
Only 3 out of 63 do not.  Renamed the current variant to __set_current_blocked(),
added set_current_blocked() that will exclude unblockable signals, switched
open-coded instances to it.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-06-01 12:58:51 -04:00
Al Viro a610d6e672 pull clearing RESTORE_SIGMASK into block_sigmask()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-06-01 12:58:49 -04:00
Al Viro b7f9a11a6c new helper: sigmask_to_save()
replace boilerplate "should we use ->saved_sigmask or ->blocked?"
with calls of obvious inlined helper...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-06-01 12:58:48 -04:00
Al Viro 51a7b448d4 new helper: restore_saved_sigmask()
first fruits of ..._restore_sigmask() helpers: now we can take
boilerplate "signal didn't have a handler, clear RESTORE_SIGMASK
and restore the blocked mask from ->saved_mask" into a common
helper.  Open-coded instances switched...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-06-01 12:58:47 -04:00
Al Viro a42c6ded82 move key_repace_session_keyring() into tracehook_notify_resume()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-23 22:09:20 -04:00
Al Viro 8314019141 microblaze: drop 'oldset' argument of do_notify_resume()
never used...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:59:48 -04:00
Al Viro 969a961680 microblaze: handle TIF_NOTIFY_RESUME
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:59:47 -04:00
Al Viro 58e4257bc6 microblaze: ->restart_block.fn needs to be reset on rt_sigreturn
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:52:39 -04:00
Matt Fleming 60c597513e microblaze: use set_current_blocked() and block_sigmask()
As described in e6fa16ab ("signal: sigprocmask() should do
retarget_shared_pending()") the modification of current->blocked is
incorrect as we need to check whether the signal we're about to block is
pending in the shared queue.

Also, use the new helper function introduced in commit 5e6292c0f2
("signal: add block_sigmask() for adding sigmask to current->blocked")
which centralises the code for updating current->blocked after
successfully delivering a signal and reduces the amount of duplicate code
across architectures.  In the past some architectures got this code wrong,
so using this helper function should stop that from happening again.

Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:52:34 -04:00
Matt Fleming bcb8c8d0b7 microblaze: fix signal masking
There are a couple of problems with the current signal code,

1. If we failed to setup the signal stack frame then we should not be
   masking any signals.

2. ka->sa.sa_mask is only added to the current blocked signals list if
   SA_NODEFER is set in ka->sa.sa_flags.  If we successfully setup the
   signal frame and are going to run the handler then we must honour
   sa_mask.

Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:52:34 -04:00
Matt Fleming a12c3694ae microblaze: no need to reset handler if SA_ONESHOT
get_signal_to_deliver() already resets the signal handler if SA_ONESHOT is
set in ka->sa.sa_flags, there's no need to do it again in handle_signal().
 Furthermore, because we were modifying ka->sa.sa_handler (which is a copy
of sighand->action[]) instead of sighand->action[] the original code
actually had no effect on signal delivery.

Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:52:33 -04:00
Matt Fleming de8f2ddd69 microblaze: don't reimplement force_sigsegv()
Instead of open coding the sequence from force_sigsegv() just call it.
This also fixes a bug because we were modifying ka->sa.sa_handler (which
is a copy of sighand->action[]), whereas the intention of the code was to
modify sighand->action[] directly.

As the original code was working with a copy it had no effect on signal
delivery.

Acked-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Michal Simek <monstr@monstr.eu>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-05-21 23:52:33 -04:00
Michal Simek 2cfedb97d6 microblaze: Fix sparse warnings - signal.c
Warning log:
CHECK   arch/microblaze/kernel/signal.c
arch/microblaze/kernel/signal.c:200:9: warning: Using plain integer as NULL pointer
arch/microblaze/kernel/signal.c:201:9: warning: incorrect type in initializer (different address spaces)
arch/microblaze/kernel/signal.c:201:9:    expected void [noderef] *volatile __gu_val<asn:1>
arch/microblaze/kernel/signal.c:201:9:    got void *<noident>

Signed-off-by: Michal Simek <monstr@monstr.eu>
2011-03-09 08:09:59 +01:00
Michal Simek 6e83557c38 microblaze: Remove r0_ram pointer and PTO alignment
r0_ram pool was used for saving/restoring register
content if hw exception happen. This poll was replaced by
pt_pool_space with PT_SIZE size.
Based on this change SAVE_STATE_ARG_SPACE was removed which
caused that PTO offset is zero that's why is also removed.

r0_ram space was used as scratchpad by v850. In early
Microblaze Linux developing phase was this part of code
blindly copied.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2011-03-09 08:09:54 +01:00
Michal Simek 571202f50f microblaze: Remove rt_sigsuspend wrapper
Generic rt_sigsuspend syscalls doesn't need any asm wrapper.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-12-14 08:45:12 +01:00
Michal Simek 2ee2ff875a microblaze: Support for WB cache
Microblaze version 7.20.d is the first MB version which can be run
on MMU linux. Please do not used previous version because they contain
HW bug.
Based on WB support was necessary to redesign whole cache design.
Microblaze versions from 7.20.a don't need to disable IRQ and cache
before working with them that's why there are special structures for it.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-12-14 08:45:10 +01:00
Michal Simek a01523cdcd microblaze: Ptrace notifying from signal code
After the signal frame is set up on the userspace stack, ptrace() should
be given an opportunity to single-step into the signal handler

FRV, Blackfin, mn10300 and UM. Worth to look at that patches.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-12-14 08:44:58 +01:00
Alexey Dobriyan 405f55712d headers: smp_lock.h redux
* Remove smp_lock.h from files which don't need it (including some headers!)
* Add smp_lock.h to files which do need it
* Make smp_lock.h include conditional in hardirq.h
  It's needed only for one kernel_locked() usage which is under CONFIG_PREEMPT

  This will make hardirq.h inclusion cheaper for every PREEMPT=n config
  (which includes allmodconfig/allyesconfig, BTW)

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-07-12 12:22:34 -07:00
Arnd Bergmann e513588f75 microblaze: use generic syscalls.h
The prototypes in syscalls.h all make sense for
microblaze, but for some of them, the actual implementation
in sys_microblaze.c needs to be adapted.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-07-06 10:26:59 +02:00
Arnd Bergmann 3183e06863 microblaze: clean up signal handling
When legacy signal handling is disabled, the
arch/microblaze/kernel/signal.c implementation can
be much simpler, as most of it is handled generically
from kernel/signal.c.

This is also a prerequisite for using the generic
asm/unistd.h, which does not provide __NR_sigreturn,
because this macro is referenced by the current signal.c
implementation.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-07-06 10:26:57 +02:00
Michal Simek 8b28626a6b microblaze_mmu_v2: Update signal returning address
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-05-26 16:45:22 +02:00
Michal Simek a6029d1c8c microblaze: prepare signal handling for generic unistd.h
We need to define set_restore_sigmask() in order to
get pselect and ppoll. Also, the setup_frame function
can not be used when __NR_sigreturn is not defined.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-05-21 15:56:07 +02:00
Arnd Bergmann 353b431baf microblaze: fix __user annotations
The microblaze signal handling code gets some __user
pointers wrong, as shown by sparse.
This adds the annotations where appropriate and
change sys_rt_sigreturn to correctly pass a user
stack down to do_sigaltstack instead of a kernel
structure.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-05-21 15:56:05 +02:00
Michal Simek 2921e2bd67 microblaze: Add STATE_SAVE_ARG_SPACE for noMMU kernel too
For noMMU kernel this change nothing bring but this change
helps with MMU synchronization.

Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-04-23 16:27:33 +02:00
Huang Weiyi 00300d6746 microblaze: remove duplicated #include's
Remove duplicated #include's in
  arch/microblaze/include/asm/io.h
  arch/microblaze/kernel/prom.c
  arch/microblaze/kernel/ptrace.c
  arch/microblaze/kernel/signal.c
  arch/microblaze/kernel/sys_microblaze.c

Signed-off-by: Huang Weiyi <weiyi.huang@gmail.com>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-04-14 11:09:15 +02:00
Michal Simek 2148daa9c4 microblaze_v8: Signal support
Reviewed-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Stephen Neuendorffer <stephen.neuendorffer@xilinx.com>
Acked-by: John Linn <john.linn@xilinx.com>
Acked-by: John Williams <john.williams@petalogix.com>
Signed-off-by: Michal Simek <monstr@monstr.eu>
2009-03-27 14:25:14 +01:00