From: Thomas Gleixner tglx@linutronix.de
stable inclusion from stable-v4.19.323 commit 0f9c27fbb8a52c50ff7d2659386f1f43e7fbddee category: bugfix bugzilla: 1233 CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
[ Upstream commit 7f8af7bac5380f2d95a63a6f19964e22437166e1 ]
These really can be handled gracefully without killing the machine.
Signed-off-by: Thomas Gleixner tglx@linutronix.de Signed-off-by: Frederic Weisbecker frederic@kernel.org Reviewed-by: Oleg Nesterov oleg@redhat.com Acked-by: Peter Zijlstra (Intel) peterz@infradead.org Signed-off-by: Sasha Levin sashal@kernel.org Signed-off-by: Zheng Zucheng zhengzucheng@huawei.com --- kernel/signal.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/kernel/signal.c b/kernel/signal.c index 4166d22645f8..9e8474dfd251 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -1744,10 +1744,11 @@ struct sigqueue *sigqueue_alloc(void)
void sigqueue_free(struct sigqueue *q) { - unsigned long flags; spinlock_t *lock = ¤t->sighand->siglock; + unsigned long flags;
- BUG_ON(!(q->flags & SIGQUEUE_PREALLOC)); + if (WARN_ON_ONCE(!(q->flags & SIGQUEUE_PREALLOC))) + return; /* * We must hold ->siglock while testing q->list * to serialize with collect_signal() or with @@ -1775,7 +1776,10 @@ int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type) unsigned long flags; int ret, result;
- BUG_ON(!(q->flags & SIGQUEUE_PREALLOC)); + if (WARN_ON_ONCE(!(q->flags & SIGQUEUE_PREALLOC))) + return 0; + if (WARN_ON_ONCE(q->info.si_code != SI_TIMER)) + return 0;
ret = -1; rcu_read_lock(); @@ -1794,7 +1798,6 @@ int send_sigqueue(struct sigqueue *q, struct pid *pid, enum pid_type type) * If an SI_TIMER entry is already queue just increment * the overrun count. */ - BUG_ON(q->info.si_code != SI_TIMER); q->info.si_overrun++; result = TRACE_SIGNAL_ALREADY_PENDING; goto out;