OpenCloudOS-Kernel/drivers/misc
Eric W. Biederman 0ab93e9c99 signal/GenWQE: Fix sending of SIGKILL
The genweq_add_file and genwqe_del_file by caching current without
using reference counting embed the assumption that a file descriptor
will never be passed from one process to another.  It even embeds the
assumption that the the thread that opened the file will be in
existence when the process terminates.   Neither of which are
guaranteed to be true.

Therefore replace caching the task_struct of the opener with
pid of the openers thread group id.  All the knowledge of the
opener is used for is as the target of SIGKILL and a SIGKILL
will kill the entire process group.

Rename genwqe_force_sig to genwqe_terminate, remove it's unncessary
signal argument, update it's ownly caller, and use kill_pid
instead of force_sig.

The work force_sig does in changing signal handling state is not
relevant to SIGKILL sent as SEND_SIG_PRIV.  The exact same processess
will be killed just with less work, and less confusion.  The work done
by force_sig is really only needed for handling syncrhonous
exceptions.

It will still be possible to cause genwqe_device_remove to wait
8 seconds by passing a file descriptor to another process but
the possible user after free is fixed.

Fixes: eaf4722d46 ("GenWQE Character device and DDCB queue")
Cc: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Frank Haverkamp <haver@linux.vnet.ibm.com>
Cc: Joerg-Stephan Vogt <jsvogt@de.ibm.com>
Cc: Michael Jung <mijung@gmx.net>
Cc: Michael Ruettger <michael@ibmra.de>
Cc: Kleber Sacilotto de Souza <klebers@linux.vnet.ibm.com>
Cc: Sebastian Ott <sebott@linux.vnet.ibm.com>
Cc: Eberhard S. Amann <esa@linux.vnet.ibm.com>
Cc: Gabriel Krisman Bertazi <krisman@linux.vnet.ibm.com>
Cc: Guilherme G. Piccoli <gpiccoli@linux.vnet.ibm.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2018-09-15 16:07:19 +02:00
..
altera-stapl treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
c2port kmemcheck: remove annotations 2017-11-15 18:21:04 -08:00
cardreader misc: rtsx: make several functions static 2018-07-03 13:01:48 +02:00
cb710 cb710: Convert to new IDA API 2018-08-21 23:54:18 -04:00
cxl Merge branch 'akpm' (patches from Andrew) 2018-08-17 16:49:31 -07:00
echo misc: Remove Blackfin DSP echo support 2018-03-26 15:56:37 +02:00
eeprom Merge branch 'i2c/for-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-08-21 17:40:46 -07:00
genwqe signal/GenWQE: Fix sending of SIGKILL 2018-09-15 16:07:19 +02:00
ibmasm ibmasm: don't write out of bounds in read handler 2018-07-07 09:59:35 +02:00
lis3lv02d vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
lkdtm lkdtm: Add missing SPDX-License-Identifier line 2018-03-06 19:18:55 -08:00
mei mei: define dma ring buffer sizes for PCH12 HW and newer 2018-08-02 10:18:30 +02:00
mic mm, oom: distinguish blockable mode for mmu notifiers 2018-08-22 10:52:44 -07:00
ocxl Merge branch 'akpm' (patches from Andrew) 2018-08-17 16:49:31 -07:00
sgi-gru mm, oom: distinguish blockable mode for mmu notifiers 2018-08-22 10:52:44 -07:00
sgi-xp sgi-xp: xpc_partition: mark expected switch fall-throughs 2018-07-07 17:38:57 +02:00
ti-st misc: ti-st: Fix memory leak in the error path of probe() 2018-08-02 10:35:04 +02:00
vmw_vmci vmci: type promotion bug in qp_host_get_user_memory() 2018-07-07 17:32:40 +02:00
Kconfig misc: IBM Virtual Management Channel Driver (VMC) 2018-05-14 16:35:42 +02:00
Makefile misc: IBM Virtual Management Channel Driver (VMC) 2018-05-14 16:35:42 +02:00
ad525x_dpot-i2c.c
ad525x_dpot-spi.c
ad525x_dpot.c misc: ad525x_dpot: macros should not use a trailing semicolon 2017-12-18 16:02:26 +01:00
ad525x_dpot.h misc: ad525x_dpot: Unnecessary space before function pointer arguments 2017-12-18 15:59:17 +01:00
apds990x.c misc: apds990x: Missing a blank line after declarations. 2017-12-18 16:02:26 +01:00
apds9802als.c misc: apds9802als: constify i2c_device_id 2017-08-28 16:55:49 +02:00
aspeed-lpc-ctrl.c misc: aspeed-lpc-ctrl: Enable FWH and A2H bridge cycles 2018-03-15 18:20:51 +01:00
aspeed-lpc-snoop.c drivers/misc: Aspeed LPC snoop output using misc chardev 2018-07-16 13:30:47 +02:00
atmel-ssc.c misc: atmel-ssc: register as sound DAI if #sound-dai-cells is present 2016-12-15 12:13:31 +00:00
atmel_tclib.c
bh1770glc.c misc: bh1770glc: constify attribute_group structures. 2017-08-28 16:55:48 +02:00
cs5535-mfgpt.c
ds1682.c misc: ds1682: Ignore update-in-progress ETC reads 2018-01-09 17:03:57 +01:00
dummy-irq.c Annotate hardware config module parameters in drivers/misc/ 2017-04-20 12:02:32 +01:00
enclosure.c misc: enclosure: Remove unnecessary error check 2017-12-07 18:45:31 +01:00
fsa9480.c misc: fsa9480: Add blank line after declarations. 2018-01-09 17:03:57 +01:00
hmc6352.c misc: hmc6352: constify i2c_device_id 2017-08-28 16:55:49 +02:00
hpilo.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
hpilo.h misc: hpilo: Use SPDX-License-Identifier 2017-12-07 18:45:31 +01:00
ibmvmc.c misc: ibmvmc: Use GFP_ATOMIC under spin lock 2018-07-07 17:35:00 +02:00
ibmvmc.h misc: IBM Virtual Management Channel Driver (VMC) 2018-05-14 16:35:42 +02:00
ics932s401.c misc: ics932s401: open brace should be on the previous line 2017-12-18 16:00:57 +01:00
ioc4.c misc: ioc4: constify pci_device_id. 2017-08-28 16:55:48 +02:00
isl29003.c misc: isl29003: Missing a blank line after declarations 2017-12-07 18:45:31 +01:00
isl29020.c misc: isl29020: constify i2c_device_id 2017-08-28 16:55:49 +02:00
kgdbts.c misc: kgdbts: Display progress of asynchronous tests 2018-01-25 08:40:17 -06:00
lattice-ecp3-config.c
pch_phub.c MISC: add const to bin_attribute structures 2017-08-28 16:55:48 +02:00
pci_endpoint_test.c pci_endpoint_test: Add 2 ioctl commands 2018-07-19 11:46:57 +01:00
phantom.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
pti.c drivers/misc/intel/pti: Rename the header file to free up the namespace 2017-12-17 12:52:34 +01:00
qcom-coincell.c
spear13xx_pcie_gadget.c
sram-exec.c misc: sram-exec: Use aligned fncpy instead of memcpy 2017-05-18 17:37:52 +02:00
sram.c misc: sram: enable clock before registering regions 2018-07-06 16:48:15 +02:00
sram.h misc: sram: Integrate protect-exec reserved sram area type 2017-01-25 11:48:03 +01:00
tifm_7xx1.c misc: tifm: Remove VLA 2018-04-23 13:31:27 +02:00
tifm_core.c
tsl2550.c tsl2550: fix lux1_input error in low light 2018-07-07 17:44:52 +02:00
vexpress-syscfg.c misc: vexpress/syscfg: Use devm_ioremap_resource() to map memory 2018-07-16 13:32:08 +02:00
vmw_balloon.c Merge 4.18-rc5 into char-misc-next 2018-07-16 09:04:54 +02:00