git.baikalelectronics.ru Git - kernel.git/commit

author	Eric W. Biederman <ebiederm@xmission.com>
	Thu, 18 Nov 2021 17:11:13 +0000 (11:11 -0600)
committer	Eric W. Biederman <ebiederm@xmission.com>
	Fri, 19 Nov 2021 15:11:43 +0000 (09:11 -0600)
commit	f9037089bf4f47a003049fc2eba1fd4de3837db9
tree	ee95aa6a34c30c44a1ac148a9eddacd4843717a6	tree \| snapshot
parent	bad68f6c0c96b209be688acd1511fc590315093b	commit \| diff

signal: Don't always set SA_IMMUTABLE for forced signals

Recently to prevent issues with SECCOMP_RET_KILL and similar signals
being changed before they are delivered SA_IMMUTABLE was added.

Unfortunately this broke debuggers[1][2] which reasonably expect to be
able to trap synchronous SIGTRAP and SIGSEGV even when the target
process is not configured to handle those signals.

Update force_sig_to_task to support both the case when we can allow
the debugger to intercept and possibly ignore the signal and the case
when it is not safe to let userspace know about the signal until the
process has exited.

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: Kyle Huey <me@kylehuey.com>
Reported-by: kernel test robot <oliver.sang@intel.com>
Cc: stable@vger.kernel.org
[1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw@mail.gmail.com
[2] https://lkml.kernel.org/r/20211117150258.GB5403@xsang-OptiPlex-9020
Fixes: a2a2dd8f85de ("signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed")
Link: https://lkml.kernel.org/r/877dd5qfw5.fsf_-_@email.froward.int.ebiederm.org
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Kees Cook <keescook@chromium.org>
Tested-by: Kyle Huey <khuey@kylehuey.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>