1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (C) 1991, 1992 Linus Torvalds
4 *
5 * 1997-11-28 Modified for POSIX.1b signals by Richard Henderson
6 * 2000-06-20 Pentium III FXSR, SSE support by Gareth Hughes
7 * 2000-12-* x86-64 compatibility mode signal handling by Andi Kleen
8 */
9
10#include <linux/sched.h>
11#include <linux/sched/task_stack.h>
12#include <linux/mm.h>
13#include <linux/smp.h>
14#include <linux/kernel.h>
15#include <linux/errno.h>
16#include <linux/wait.h>
17#include <linux/unistd.h>
18#include <linux/stddef.h>
19#include <linux/personality.h>
20#include <linux/compat.h>
21#include <linux/binfmts.h>
22#include <linux/syscalls.h>
23#include <asm/ucontext.h>
24#include <linux/uaccess.h>
25#include <asm/fpu/signal.h>
26#include <asm/ptrace.h>
27#include <asm/user32.h>
28#include <uapi/asm/sigcontext.h>
29#include <asm/proto.h>
30#include <asm/vdso.h>
31#include <asm/sigframe.h>
32#include <asm/sighandling.h>
33#include <asm/smap.h>
34#include <asm/gsseg.h>
35
36#ifdef CONFIG_IA32_EMULATION
37#include <asm/ia32_unistd.h>
38
39static inline void reload_segments(struct sigcontext_32 *sc)
40{
41 unsigned int cur;
42
43 savesegment(gs, cur);
44 if ((sc->gs | 0x03) != cur)
45 load_gs_index(gs: sc->gs | 0x03);
46 savesegment(fs, cur);
47 if ((sc->fs | 0x03) != cur)
48 loadsegment(fs, sc->fs | 0x03);
49 savesegment(ds, cur);
50 if ((sc->ds | 0x03) != cur)
51 loadsegment(ds, sc->ds | 0x03);
52 savesegment(es, cur);
53 if ((sc->es | 0x03) != cur)
54 loadsegment(es, sc->es | 0x03);
55}
56
57#define sigset32_t compat_sigset_t
58#define siginfo32_t compat_siginfo_t
59#define restore_altstack32 compat_restore_altstack
60#define unsafe_save_altstack32 unsafe_compat_save_altstack
61
62#else
63
64#define sigset32_t sigset_t
65#define siginfo32_t siginfo_t
66#define __NR_ia32_sigreturn __NR_sigreturn
67#define __NR_ia32_rt_sigreturn __NR_rt_sigreturn
68#define restore_altstack32 restore_altstack
69#define unsafe_save_altstack32 unsafe_save_altstack
70#define __copy_siginfo_to_user32 copy_siginfo_to_user
71
72#endif
73
74/*
75 * Do a signal return; undo the signal stack.
76 */
77static bool ia32_restore_sigcontext(struct pt_regs *regs,
78 struct sigcontext_32 __user *usc)
79{
80 struct sigcontext_32 sc;
81
82 /* Always make any pending restarted system calls return -EINTR */
83 current->restart_block.fn = do_no_restart_syscall;
84
85 if (unlikely(copy_from_user(&sc, usc, sizeof(sc))))
86 return false;
87
88 /* Get only the ia32 registers. */
89 regs->bx = sc.bx;
90 regs->cx = sc.cx;
91 regs->dx = sc.dx;
92 regs->si = sc.si;
93 regs->di = sc.di;
94 regs->bp = sc.bp;
95 regs->ax = sc.ax;
96 regs->sp = sc.sp;
97 regs->ip = sc.ip;
98
99 /* Get CS/SS and force CPL3 */
100 regs->cs = sc.cs | 0x03;
101 regs->ss = sc.ss | 0x03;
102
103 regs->flags = (regs->flags & ~FIX_EFLAGS) | (sc.flags & FIX_EFLAGS);
104 /* disable syscall checks */
105 regs->orig_ax = -1;
106
107#ifdef CONFIG_IA32_EMULATION
108 /*
109 * Reload fs and gs if they have changed in the signal
110 * handler. This does not handle long fs/gs base changes in
111 * the handler, but does not clobber them at least in the
112 * normal case.
113 */
114 reload_segments(sc: &sc);
115#else
116 loadsegment(gs, sc.gs);
117 regs->fs = sc.fs;
118 regs->es = sc.es;
119 regs->ds = sc.ds;
120#endif
121
122 return fpu__restore_sig(buf: compat_ptr(uptr: sc.fpstate), ia32_frame: 1);
123}
124
125SYSCALL32_DEFINE0(sigreturn)
126{
127 struct pt_regs *regs = current_pt_regs();
128 struct sigframe_ia32 __user *frame = (struct sigframe_ia32 __user *)(regs->sp-8);
129 sigset_t set;
130
131 if (!access_ok(frame, sizeof(*frame)))
132 goto badframe;
133 if (__get_user(set.sig[0], &frame->sc.oldmask)
134 || __get_user(((__u32 *)&set)[1], &frame->extramask[0]))
135 goto badframe;
136
137 set_current_blocked(&set);
138
139 if (!ia32_restore_sigcontext(regs, usc: &frame->sc))
140 goto badframe;
141 return regs->ax;
142
143badframe:
144 signal_fault(regs, frame, where: "32bit sigreturn");
145 return 0;
146}
147
148SYSCALL32_DEFINE0(rt_sigreturn)
149{
150 struct pt_regs *regs = current_pt_regs();
151 struct rt_sigframe_ia32 __user *frame;
152 sigset_t set;
153
154 frame = (struct rt_sigframe_ia32 __user *)(regs->sp - 4);
155
156 if (!access_ok(frame, sizeof(*frame)))
157 goto badframe;
158 if (__get_user(*(__u64 *)&set, (__u64 __user *)&frame->uc.uc_sigmask))
159 goto badframe;
160
161 set_current_blocked(&set);
162
163 if (!ia32_restore_sigcontext(regs, usc: &frame->uc.uc_mcontext))
164 goto badframe;
165
166 if (restore_altstack32(uss: &frame->uc.uc_stack))
167 goto badframe;
168
169 return regs->ax;
170
171badframe:
172 signal_fault(regs, frame, where: "32bit rt sigreturn");
173 return 0;
174}
175
176/*
177 * Set up a signal frame.
178 */
179
180#define get_user_seg(seg) ({ unsigned int v; savesegment(seg, v); v; })
181
182static __always_inline int
183__unsafe_setup_sigcontext32(struct sigcontext_32 __user *sc,
184 void __user *fpstate,
185 struct pt_regs *regs, unsigned int mask)
186{
187 unsafe_put_user(get_user_seg(gs), (unsigned int __user *)&sc->gs, Efault);
188#ifdef CONFIG_IA32_EMULATION
189 unsafe_put_user(get_user_seg(fs), (unsigned int __user *)&sc->fs, Efault);
190 unsafe_put_user(get_user_seg(ds), (unsigned int __user *)&sc->ds, Efault);
191 unsafe_put_user(get_user_seg(es), (unsigned int __user *)&sc->es, Efault);
192#else
193 unsafe_put_user(regs->fs, (unsigned int __user *)&sc->fs, Efault);
194 unsafe_put_user(regs->es, (unsigned int __user *)&sc->es, Efault);
195 unsafe_put_user(regs->ds, (unsigned int __user *)&sc->ds, Efault);
196#endif
197
198 unsafe_put_user(regs->di, &sc->di, Efault);
199 unsafe_put_user(regs->si, &sc->si, Efault);
200 unsafe_put_user(regs->bp, &sc->bp, Efault);
201 unsafe_put_user(regs->sp, &sc->sp, Efault);
202 unsafe_put_user(regs->bx, &sc->bx, Efault);
203 unsafe_put_user(regs->dx, &sc->dx, Efault);
204 unsafe_put_user(regs->cx, &sc->cx, Efault);
205 unsafe_put_user(regs->ax, &sc->ax, Efault);
206 unsafe_put_user(current->thread.trap_nr, &sc->trapno, Efault);
207 unsafe_put_user(current->thread.error_code, &sc->err, Efault);
208 unsafe_put_user(regs->ip, &sc->ip, Efault);
209 unsafe_put_user(regs->cs, (unsigned int __user *)&sc->cs, Efault);
210 unsafe_put_user(regs->flags, &sc->flags, Efault);
211 unsafe_put_user(regs->sp, &sc->sp_at_signal, Efault);
212 unsafe_put_user(regs->ss, (unsigned int __user *)&sc->ss, Efault);
213
214 unsafe_put_user(ptr_to_compat(fpstate), &sc->fpstate, Efault);
215
216 /* non-iBCS2 extensions.. */
217 unsafe_put_user(mask, &sc->oldmask, Efault);
218 unsafe_put_user(current->thread.cr2, &sc->cr2, Efault);
219 return 0;
220
221Efault:
222 return -EFAULT;
223}
224
225#define unsafe_put_sigcontext32(sc, fp, regs, set, label) \
226do { \
227 if (__unsafe_setup_sigcontext32(sc, fp, regs, set->sig[0])) \
228 goto label; \
229} while(0)
230
231int ia32_setup_frame(struct ksignal *ksig, struct pt_regs *regs)
232{
233 sigset32_t *set = (sigset32_t *) sigmask_to_save();
234 struct sigframe_ia32 __user *frame;
235 void __user *restorer;
236 void __user *fp = NULL;
237
238 /* copy_to_user optimizes that into a single 8 byte store */
239 static const struct {
240 u16 poplmovl;
241 u32 val;
242 u16 int80;
243 } __attribute__((packed)) code = {
244 0xb858, /* popl %eax ; movl $...,%eax */
245 __NR_ia32_sigreturn,
246 0x80cd, /* int $0x80 */
247 };
248
249 frame = get_sigframe(ksig, regs, frame_size: sizeof(*frame), fpstate: &fp);
250
251 if (ksig->ka.sa.sa_flags & SA_RESTORER) {
252 restorer = ksig->ka.sa.sa_restorer;
253 } else {
254 /* Return stub is in 32bit vsyscall page */
255 if (current->mm->context.vdso)
256 restorer = current->mm->context.vdso +
257 vdso_image_32.sym___kernel_sigreturn;
258 else
259 restorer = &frame->retcode;
260 }
261
262 if (!user_access_begin(frame, sizeof(*frame)))
263 return -EFAULT;
264
265 unsafe_put_user(ksig->sig, &frame->sig, Efault);
266 unsafe_put_sigcontext32(&frame->sc, fp, regs, set, Efault);
267 unsafe_put_user(set->sig[1], &frame->extramask[0], Efault);
268 unsafe_put_user(ptr_to_compat(restorer), &frame->pretcode, Efault);
269 /*
270 * These are actually not used anymore, but left because some
271 * gdb versions depend on them as a marker.
272 */
273 unsafe_put_user(*((u64 *)&code), (u64 __user *)frame->retcode, Efault);
274 user_access_end();
275
276 /* Set up registers for signal handler */
277 regs->sp = (unsigned long) frame;
278 regs->ip = (unsigned long) ksig->ka.sa.sa_handler;
279
280 /* Make -mregparm=3 work */
281 regs->ax = ksig->sig;
282 regs->dx = 0;
283 regs->cx = 0;
284
285#ifdef CONFIG_IA32_EMULATION
286 loadsegment(ds, __USER_DS);
287 loadsegment(es, __USER_DS);
288#else
289 regs->ds = __USER_DS;
290 regs->es = __USER_DS;
291#endif
292
293 regs->cs = __USER32_CS;
294 regs->ss = __USER_DS;
295
296 return 0;
297Efault:
298 user_access_end();
299 return -EFAULT;
300}
301
302int ia32_setup_rt_frame(struct ksignal *ksig, struct pt_regs *regs)
303{
304 sigset32_t *set = (sigset32_t *) sigmask_to_save();
305 struct rt_sigframe_ia32 __user *frame;
306 void __user *restorer;
307 void __user *fp = NULL;
308
309 /* unsafe_put_user optimizes that into a single 8 byte store */
310 static const struct {
311 u8 movl;
312 u32 val;
313 u16 int80;
314 u8 pad;
315 } __attribute__((packed)) code = {
316 0xb8,
317 __NR_ia32_rt_sigreturn,
318 0x80cd,
319 0,
320 };
321
322 frame = get_sigframe(ksig, regs, frame_size: sizeof(*frame), fpstate: &fp);
323
324 if (!user_access_begin(frame, sizeof(*frame)))
325 return -EFAULT;
326
327 unsafe_put_user(ksig->sig, &frame->sig, Efault);
328 unsafe_put_user(ptr_to_compat(&frame->info), &frame->pinfo, Efault);
329 unsafe_put_user(ptr_to_compat(&frame->uc), &frame->puc, Efault);
330
331 /* Create the ucontext. */
332 if (static_cpu_has(X86_FEATURE_XSAVE))
333 unsafe_put_user(UC_FP_XSTATE, &frame->uc.uc_flags, Efault);
334 else
335 unsafe_put_user(0, &frame->uc.uc_flags, Efault);
336 unsafe_put_user(0, &frame->uc.uc_link, Efault);
337 unsafe_save_altstack32(&frame->uc.uc_stack, regs->sp, Efault);
338
339 if (ksig->ka.sa.sa_flags & SA_RESTORER)
340 restorer = ksig->ka.sa.sa_restorer;
341 else
342 restorer = current->mm->context.vdso +
343 vdso_image_32.sym___kernel_rt_sigreturn;
344 unsafe_put_user(ptr_to_compat(restorer), &frame->pretcode, Efault);
345
346 /*
347 * Not actually used anymore, but left because some gdb
348 * versions need it.
349 */
350 unsafe_put_user(*((u64 *)&code), (u64 __user *)frame->retcode, Efault);
351 unsafe_put_sigcontext32(&frame->uc.uc_mcontext, fp, regs, set, Efault);
352 unsafe_put_user(*(__u64 *)set, (__u64 __user *)&frame->uc.uc_sigmask, Efault);
353 user_access_end();
354
355 if (__copy_siginfo_to_user32(to: &frame->info, from: &ksig->info))
356 return -EFAULT;
357
358 /* Set up registers for signal handler */
359 regs->sp = (unsigned long) frame;
360 regs->ip = (unsigned long) ksig->ka.sa.sa_handler;
361
362 /* Make -mregparm=3 work */
363 regs->ax = ksig->sig;
364 regs->dx = (unsigned long) &frame->info;
365 regs->cx = (unsigned long) &frame->uc;
366
367#ifdef CONFIG_IA32_EMULATION
368 loadsegment(ds, __USER_DS);
369 loadsegment(es, __USER_DS);
370#else
371 regs->ds = __USER_DS;
372 regs->es = __USER_DS;
373#endif
374
375 regs->cs = __USER32_CS;
376 regs->ss = __USER_DS;
377
378 return 0;
379Efault:
380 user_access_end();
381 return -EFAULT;
382}
383
384/*
385 * The siginfo_t structure and handing code is very easy
386 * to break in several ways. It must always be updated when new
387 * updates are made to the main siginfo_t, and
388 * copy_siginfo_to_user32() must be updated when the
389 * (arch-independent) copy_siginfo_to_user() is updated.
390 *
391 * It is also easy to put a new member in the siginfo_t
392 * which has implicit alignment which can move internal structure
393 * alignment around breaking the ABI. This can happen if you,
394 * for instance, put a plain 64-bit value in there.
395 */
396
397/*
398* If adding a new si_code, there is probably new data in
399* the siginfo. Make sure folks bumping the si_code
400* limits also have to look at this code. Make sure any
401* new fields are handled in copy_siginfo_to_user32()!
402*/
403static_assert(NSIGILL == 11);
404static_assert(NSIGFPE == 15);
405static_assert(NSIGSEGV == 10);
406static_assert(NSIGBUS == 5);
407static_assert(NSIGTRAP == 6);
408static_assert(NSIGCHLD == 6);
409static_assert(NSIGSYS == 2);
410
411/* This is part of the ABI and can never change in size: */
412static_assert(sizeof(siginfo32_t) == 128);
413
414/* This is a part of the ABI and can never change in alignment */
415static_assert(__alignof__(siginfo32_t) == 4);
416
417/*
418* The offsets of all the (unioned) si_fields are fixed
419* in the ABI, of course. Make sure none of them ever
420* move and are always at the beginning:
421*/
422static_assert(offsetof(siginfo32_t, _sifields) == 3 * sizeof(int));
423
424static_assert(offsetof(siginfo32_t, si_signo) == 0);
425static_assert(offsetof(siginfo32_t, si_errno) == 4);
426static_assert(offsetof(siginfo32_t, si_code) == 8);
427
428/*
429* Ensure that the size of each si_field never changes.
430* If it does, it is a sign that the
431* copy_siginfo_to_user32() code below needs to updated
432* along with the size in the CHECK_SI_SIZE().
433*
434* We repeat this check for both the generic and compat
435* siginfos.
436*
437* Note: it is OK for these to grow as long as the whole
438* structure stays within the padding size (checked
439* above).
440*/
441
442#define CHECK_SI_OFFSET(name) \
443 static_assert(offsetof(siginfo32_t, _sifields) == \
444 offsetof(siginfo32_t, _sifields.name))
445
446#define CHECK_SI_SIZE(name, size) \
447 static_assert(sizeof_field(siginfo32_t, _sifields.name) == size)
448
449CHECK_SI_OFFSET(_kill);
450CHECK_SI_SIZE (_kill, 2*sizeof(int));
451static_assert(offsetof(siginfo32_t, si_pid) == 0xC);
452static_assert(offsetof(siginfo32_t, si_uid) == 0x10);
453
454CHECK_SI_OFFSET(_timer);
455#ifdef CONFIG_COMPAT
456/* compat_siginfo_t doesn't have si_sys_private */
457CHECK_SI_SIZE (_timer, 3*sizeof(int));
458#else
459CHECK_SI_SIZE (_timer, 4*sizeof(int));
460#endif
461static_assert(offsetof(siginfo32_t, si_tid) == 0x0C);
462static_assert(offsetof(siginfo32_t, si_overrun) == 0x10);
463static_assert(offsetof(siginfo32_t, si_value) == 0x14);
464
465CHECK_SI_OFFSET(_rt);
466CHECK_SI_SIZE (_rt, 3*sizeof(int));
467static_assert(offsetof(siginfo32_t, si_pid) == 0x0C);
468static_assert(offsetof(siginfo32_t, si_uid) == 0x10);
469static_assert(offsetof(siginfo32_t, si_value) == 0x14);
470
471CHECK_SI_OFFSET(_sigchld);
472CHECK_SI_SIZE (_sigchld, 5*sizeof(int));
473static_assert(offsetof(siginfo32_t, si_pid) == 0x0C);
474static_assert(offsetof(siginfo32_t, si_uid) == 0x10);
475static_assert(offsetof(siginfo32_t, si_status) == 0x14);
476static_assert(offsetof(siginfo32_t, si_utime) == 0x18);
477static_assert(offsetof(siginfo32_t, si_stime) == 0x1C);
478
479CHECK_SI_OFFSET(_sigfault);
480CHECK_SI_SIZE (_sigfault, 4*sizeof(int));
481static_assert(offsetof(siginfo32_t, si_addr) == 0x0C);
482
483static_assert(offsetof(siginfo32_t, si_trapno) == 0x10);
484
485static_assert(offsetof(siginfo32_t, si_addr_lsb) == 0x10);
486
487static_assert(offsetof(siginfo32_t, si_lower) == 0x14);
488static_assert(offsetof(siginfo32_t, si_upper) == 0x18);
489
490static_assert(offsetof(siginfo32_t, si_pkey) == 0x14);
491
492static_assert(offsetof(siginfo32_t, si_perf_data) == 0x10);
493static_assert(offsetof(siginfo32_t, si_perf_type) == 0x14);
494static_assert(offsetof(siginfo32_t, si_perf_flags) == 0x18);
495
496CHECK_SI_OFFSET(_sigpoll);
497CHECK_SI_SIZE (_sigpoll, 2*sizeof(int));
498static_assert(offsetof(siginfo32_t, si_band) == 0x0C);
499static_assert(offsetof(siginfo32_t, si_fd) == 0x10);
500
501CHECK_SI_OFFSET(_sigsys);
502CHECK_SI_SIZE (_sigsys, 3*sizeof(int));
503static_assert(offsetof(siginfo32_t, si_call_addr) == 0x0C);
504static_assert(offsetof(siginfo32_t, si_syscall) == 0x10);
505static_assert(offsetof(siginfo32_t, si_arch) == 0x14);
506
507/* any new si_fields should be added here */
508

source code of linux/arch/x86/kernel/signal_32.c