| Message ID | 1361796007-20143-1-git-send-email-ryan.harkin@linaro.org |
|---|---|
| State | New |
| Headers | show |
On Mon, Feb 25, 2013 at 12:40:07PM +0000, Ryan Harkin wrote: > The original version changed the signal mask in the current process, > and then passed an unitialized variable to sigsuspend, which in turn, > besides the other work, sets current->blocked. > > The value of mask, passed from a process, was effectively overwritten > by some random value. If the random value was zero, all signals were > blocked and pipes no longer work. > > Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org> Thanks for the patch. It's a candidate for stable since mainline no longer has this function, removed by commit 84b9e9b40 (arm64: switch compat to generic old sigsuspend).
diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c index a4db3d2..0bc9461 100644 --- a/arch/arm64/kernel/signal32.c +++ b/arch/arm64/kernel/signal32.c @@ -347,7 +347,7 @@ asmlinkage int compat_sys_sigsuspend(int restart, compat_ulong_t oldmask, { sigset_t blocked; - siginitset(¤t->blocked, mask); + siginitset(&blocked, mask); return sigsuspend(&blocked); }
The original version changed the signal mask in the current process, and then passed an unitialized variable to sigsuspend, which in turn, besides the other work, sets current->blocked. The value of mask, passed from a process, was effectively overwritten by some random value. If the random value was zero, all signals were blocked and pipes no longer work. Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org> --- arch/arm64/kernel/signal32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)