From patchwork Mon Feb 25 12:40:07 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ryan Harkin <ryan.harkin@linaro.org>
X-Patchwork-Id: 15064
Return-Path: <patch+caf_=linaro-patchwork=canonical.com@linaro.org>
X-Original-To: patchwork@peony.canonical.com
Delivered-To: patchwork@peony.canonical.com
Received: from fiordland.canonical.com (fiordland.canonical.com
 [91.189.94.145])
 by peony.canonical.com (Postfix) with ESMTP id 68A0123E1F
 for <patchwork@peony.canonical.com>;
 Mon, 25 Feb 2013 12:40:36 +0000 (UTC)
Received: from mail-ve0-f176.google.com (mail-ve0-f176.google.com
 [209.85.128.176])
 by fiordland.canonical.com (Postfix) with ESMTP id 13106A186AB
 for <linaro-patchwork@canonical.com>;
 Mon, 25 Feb 2013 12:40:35 +0000 (UTC)
Received: by mail-ve0-f176.google.com with SMTP id cz10so2114251veb.35
 for <linaro-patchwork@canonical.com>;
 Mon, 25 Feb 2013 04:40:35 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=x-received:x-forwarded-to:x-forwarded-for:delivered-to:x-received
 :received-spf:x-received:from:to:subject:date:message-id:x-mailer
 :x-gm-message-state;
 bh=SFxI5FprZ47nODNqfJRVDiZzeMUZi5OoKwJQUqSgPWU=;
 b=UoE32Dan3FrEZn6vFM1Z+T/JjtMeHrgs8E4AgeHirClYvj8hffYme5E+qNc97uhFWO
 4xkbh/4ixo28vn38KX/BjC+qPmhsZ5PimfebJJuL+79tc9ZzblWMpNVEZAXmOeFtmQn5
 eEaOYFPOcz5qt4Dtbz6biGPA/eTGI/TUn9Zq0flC3pS9ynGC6eMEHhB19HcfwZ6Mf6gE
 NN/Bp/vkzHbJpPoFImZ7Mzuo34YdqNw6qOQk6nICld2NzcagBUEmsbFQ/wSh2U4Kbvyt
 b9rp+V1KoPc+1+lxx/yDtrzUDJvdwYcEWZUVsLZNov99+e1e0th2xBIdf9HjpHGSygnA
 q0FQ==
X-Received: by 10.220.214.6 with SMTP id gy6mr9655238vcb.8.1361796035434;
 Mon, 25 Feb 2013 04:40:35 -0800 (PST)
X-Forwarded-To: linaro-patchwork@canonical.com
X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com
Delivered-To: patches@linaro.org
Received: by 10.58.145.101 with SMTP id st5csp56445veb;
 Mon, 25 Feb 2013 04:40:34 -0800 (PST)
X-Received: by 10.194.123.130 with SMTP id ma2mr18581245wjb.46.1361796032751; 
 Mon, 25 Feb 2013 04:40:32 -0800 (PST)
Received: from mail-we0-x232.google.com ([2a00:1450:400c:c03::232])
 by mx.google.com with ESMTPS id f4si3329603wiw.99.2013.02.25.04.40.32
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Mon, 25 Feb 2013 04:40:32 -0800 (PST)
Received-SPF: neutral (google.com: 2a00:1450:400c:c03::232 is neither
 permitted nor denied by best guess record for domain of
 ryan.harkin@linaro.org) client-ip=2a00:1450:400c:c03::232; 
Authentication-Results: mx.google.com;
 spf=neutral (google.com: 2a00:1450:400c:c03::232 is neither permitted
 nor denied by best guess record for domain of
 ryan.harkin@linaro.org) smtp.mail=ryan.harkin@linaro.org
Received: by mail-we0-f178.google.com with SMTP id x48so2387897wey.37
 for <patches@linaro.org>; Mon, 25 Feb 2013 04:40:32 -0800 (PST)
X-Received: by 10.194.242.163 with SMTP id wr3mr2034699wjc.35.1361796027134; 
 Mon, 25 Feb 2013 04:40:27 -0800 (PST)
Received: from qpc.config (46-65-80-248.zone16.bethere.co.uk. [46.65.80.248])
 by mx.google.com with ESMTPS id o8sm14663746wix.7.2013.02.25.04.40.26
 (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Mon, 25 Feb 2013 04:40:26 -0800 (PST)
From: Ryan Harkin <ryan.harkin@linaro.org>
To: linux-arm-kernel@lists.infradead.org,
 Catalin Marinas <catalin.marinas@arm.com>,
 Will Deacon <will.deacon@arm.com>, Tixy <tixy@linaro.org>,
 patches@linaro.org
Subject: [PATCH] arm64: compat_sys_sigsuspend: init local blocked mask not
 current process mask
Date: Mon, 25 Feb 2013 12:40:07 +0000
Message-Id: <1361796007-20143-1-git-send-email-ryan.harkin@linaro.org>
X-Mailer: git-send-email 1.7.9.5
X-Gm-Message-State: ALoCoQlht9mcGAnayPLHPHrYKQ4CWc63TeHnlOOfc7UCMapPE1AsAkgKJCbMVVmkE+Q22s6F7+Rh

The original version changed the signal mask in the current process, and then passed an unitialized variable to sigsuspend, which in turn, besides the other work, sets current->blocked.

The value of mask, passed from a process, was effectively overwritten by some random value.  If the random value was zero, all signals were blocked and pipes no longer work.

Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>
---
 arch/arm64/kernel/signal32.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c
index a4db3d2..0bc9461 100644
--- a/arch/arm64/kernel/signal32.c
+++ b/arch/arm64/kernel/signal32.c
@@ -347,7 +347,7 @@ asmlinkage int compat_sys_sigsuspend(int restart, compat_ulong_t oldmask,
 {
 	sigset_t blocked;
 
-	siginitset(&current->blocked, mask);
+	siginitset(&blocked, mask);
 	return sigsuspend(&blocked);
 }