Merge tag 'for-linus-2020-04-18' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux (774acb2a) · Commits · 戴 / test

kernel/fork.c

+10 −1

Original line number	Diff line number	Diff line
		@@ -2605,6 +2605,14 @@ noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs,
		struct clone_args args;
		pid_t *kset_tid = kargs->set_tid;

		BUILD_BUG_ON(offsetofend(struct clone_args, tls) !=
		CLONE_ARGS_SIZE_VER0);
		BUILD_BUG_ON(offsetofend(struct clone_args, set_tid_size) !=
		CLONE_ARGS_SIZE_VER1);
		BUILD_BUG_ON(offsetofend(struct clone_args, cgroup) !=
		CLONE_ARGS_SIZE_VER2);
		BUILD_BUG_ON(sizeof(struct clone_args) != CLONE_ARGS_SIZE_VER2);

		if (unlikely(usize > PAGE_SIZE))
		return -E2BIG;
		if (unlikely(usize < CLONE_ARGS_SIZE_VER0))
		@@ -2631,7 +2639,8 @@ noinline static int copy_clone_args_from_user(struct kernel_clone_args *kargs,
		!valid_signal(args.exit_signal)))
		return -EINVAL;

		if ((args.flags & CLONE_INTO_CGROUP) && args.cgroup < 0)
		if ((args.flags & CLONE_INTO_CGROUP) &&
		(args.cgroup > INT_MAX \|\| usize < CLONE_ARGS_SIZE_VER2))
		return -EINVAL;

		*kargs = (struct kernel_clone_args){

+5 −9

Original line number	Diff line number	Diff line
		@@ -1510,15 +1510,15 @@ int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
		unsigned long flags;
		int ret = -EINVAL;

		if (!valid_signal(sig))
		return ret;

		clear_siginfo(&info);
		info.si_signo = sig;
		info.si_errno = errno;
		info.si_code = SI_ASYNCIO;
		((sigval_t )&info.si_pid) = addr;

		if (!valid_signal(sig))
		return ret;

		rcu_read_lock();
		p = pid_task(pid, PIDTYPE_PID);
		if (!p) {
		@@ -1557,12 +1557,8 @@ static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
		{
		int ret;

		if (pid > 0) {
		rcu_read_lock();
		ret = kill_pid_info(sig, info, find_vpid(pid));
		rcu_read_unlock();
		return ret;
		}
		if (pid > 0)
		return kill_proc_info(sig, info, pid);

		/* -INT_MIN is undefined. Exclude this case to avoid a UBSAN warning */
		if (pid == INT_MIN)