[PATCH 2/2] sigaltstack: remove EPERM check to make swapcontext() usable

From: Stas Sergeev
Date: Fri Jan 08 2016 - 20:18:55 EST

Next message: Mans Rullgard: "[PATCH 1/2] mmc: atmel-mci: restore dma on AVR32"
Previous message: Stas Sergeev: "[PATCH 1/2] selftests: Add test for sigaltstack(SS_DISABLE) inside sighandler"
In reply to: Stas Sergeev: "[PATCH 1/2] selftests: Add test for sigaltstack(SS_DISABLE) inside sighandler"
Next in thread: Andy Lutomirski: "Re: [PATCH 2/2] sigaltstack: remove EPERM check to make swapcontext() usable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

linux implements the sigaltstack() in a way that makes it impossible to
use with swapcontext(). Per the man page, sigaltstack is allowed to return
EPERM if the process is altering its sigaltstack while running on
sigaltstack.
This is likely needed to consistently return oss->ss_flags, that indicates
whether the process is being on sigaltstack or not.
Unfortunately, linux takes that permission to return EPERM too literally:
it returns EPERM even if you don't want to change to another sigaltstack,
but only want to disable sigaltstack with SS_DISABLE.
You can't use swapcontext() without disabling sigaltstack first, or the
stack will be re-used and overwritten by a subsequent signal.

With this patch, disabling sigaltstack inside a signal handler became
possible, and the swapcontext() can then be used safely. The oss->ss_flags
will then return SS_DISABLE, which doesn't seem to contradict the
(very ambiguous) man page wording, namely:
SS_ONSTACK
The process is currently executing on the alternate signal
stack. (Note that it is not possible to change the alternate
signal stack if the process is currently executing on it.)

SS_DISABLE
The alternate signal stack is currently disabled.

It seems both the above cases apply when executing on sigaltstack with
sigaltstack being currently disabled, so hope no one really cares.

CC: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
CC: Oleg Nesterov <oleg@xxxxxxxxxx>
CC: "Amanieu d'Antras" <amanieu@xxxxxxxxx>
CC: Richard Weinberger <richard@xxxxxx>
CC: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
CC: Palmer Dabbelt <palmer@xxxxxxxxxxx>
CC: Vladimir Davydov <vdavydov@xxxxxxxxxxxxx>
CC: linux-kernel@xxxxxxxxxxxxxxx
CC: linux-api@xxxxxxxxxxxxxxx

Signed-off-by: Stas Sergeev <stsp@xxxxxxxxxxxxxxxxxxxxx>
---
kernel/signal.c | 15 +++++----------
1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/kernel/signal.c b/kernel/signal.c
index f3f1f7a..0a6af54 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -3111,18 +3111,13 @@ do_sigaltstack (const stack_t __user *uss, stack_t __user *uoss, unsigned long s
if (error)
goto out;

- error = -EPERM;
- if (on_sig_stack(sp))
- goto out;
-
- error = -EINVAL;
/*
- * Note - this code used to test ss_flags incorrectly:
- * old code may have been written using ss_flags==0
- * to mean ss_flags==SS_ONSTACK (as this was the only
- * way that worked) - this fix preserves that older
- * mechanism.
+ * Note - this code used to test on_sig_stack(sp) and
+ * return -EPERM. But we need at least SS_DISABLE to
+ * work while on sigaltstack, so the check was removed.
*/
+
+ error = -EINVAL;
if (ss_flags != SS_DISABLE && ss_flags != SS_ONSTACK && ss_flags != 0)
goto out;

--
2.4.3

Next message: Mans Rullgard: "[PATCH 1/2] mmc: atmel-mci: restore dma on AVR32"
Previous message: Stas Sergeev: "[PATCH 1/2] selftests: Add test for sigaltstack(SS_DISABLE) inside sighandler"
In reply to: Stas Sergeev: "[PATCH 1/2] selftests: Add test for sigaltstack(SS_DISABLE) inside sighandler"
Next in thread: Andy Lutomirski: "Re: [PATCH 2/2] sigaltstack: remove EPERM check to make swapcontext() usable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]