signal: define the SA_UNSUPPORTED bit in sa_flags

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Define a sa_flags bit, SA_UNSUPPORTED, which will never be supported
in the uapi. The purpose of this flag bit is to allow userspace to
distinguish an old kernel that does not clear unknown sa_flags bits
from a kernel that supports every flag bit.

In other words, if userspace does something like:

act.sa_flags |= SA_UNSUPPORTED;
sigaction(SIGSEGV, &act, 0);
sigaction(SIGSEGV, 0, &oldact);

and finds that SA_UNSUPPORTED remains set in oldact.sa_flags, it means
that the kernel cannot be trusted to have cleared unknown flag bits
from sa_flags, so no assumptions about flag bit support can be made.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Reviewed-by: Dave Martin <Dave.Martin@arm.com>
Link: https://linux-review.googlesource.com/id/Ic2501ad150a3a79c1cf27fb8c99be342e9dffbcb
Link: https://lkml.kernel.org/r/bda7ddff8895a9bc4ffc5f3cf3d4d37a32118077.1605582887.git.pcc@google.com
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

authored by

Peter Collingbourne and committed by

Eric W. Biederman 5 years ago a54f0dfd 7da5082a

+13

2 changed files

expand all

include

uapi

asm-generic

signal-defs.h

kernel

signal.c

include/uapi/asm-generic/signal-defs.h

··· 14 14 * SA_RESTART flag to get restarting signals (which were the default long ago) 15 15 * SA_NODEFER prevents the current signal from being masked in the handler. 16 16 * SA_RESETHAND clears the handler when the signal is delivered. 17 + * SA_UNSUPPORTED is a flag bit that will never be supported. Kernels from 18 + * before the introduction of SA_UNSUPPORTED did not clear unknown bits from 19 + * sa_flags when read using the oldact argument to sigaction and rt_sigaction, 20 + * so this bit allows flag bit support to be detected from userspace while 21 + * allowing an old kernel to be distinguished from a kernel that supports every 22 + * flag bit. 17 23 * 18 24 * SA_ONESHOT and SA_NOMASK are the historical Linux names for the Single 19 25 * Unix names RESETHAND and NODEFER respectively. ··· 40 34 /* 0x00000080 used on parisc */ 41 35 /* 0x00000100 used on sparc */ 42 36 /* 0x00000200 used on sparc */ 37 + #define SA_UNSUPPORTED 0x00000400 43 38 /* 0x00010000 used on mips */ 44 39 /* 0x01000000 used on x86 */ 45 40 /* 0x02000000 used on x86 */

kernel/signal.c

··· 3986 3986 *oact = *k; 3987 3987 3988 3988 /* 3989 + * Make sure that we never accidentally claim to support SA_UNSUPPORTED, 3990 + * e.g. by having an architecture use the bit in their uapi. 3991 + */ 3992 + BUILD_BUG_ON(UAPI_SA_FLAGS & SA_UNSUPPORTED); 3993 + 3994 + /* 3989 3995 * Clear unknown flag bits in order to allow userspace to detect missing 3990 3996 * support for flag bits and to allow the kernel to use non-uapi bits 3991 3997 * internally.