<html><head><meta name="color-scheme" content="light dark"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;">
From: Paul Mackerras &lt;paulus@samba.org&gt;

Compile-tested, but not boot-tested since I am still travelling.

Signed-off-by: Paul Mackerras &lt;paulus@samba.org&gt;
Signed-off-by: Andrew Morton &lt;akpm@osdl.org&gt;
---

 25-akpm/arch/ppc64/kernel/signal.c   |   45 +++++++++++++++++------------------
 25-akpm/arch/ppc64/kernel/signal32.c |   38 +++++++++++++----------------
 2 files changed, 39 insertions(+), 44 deletions(-)

diff -puN arch/ppc64/kernel/signal32.c~signal-race-fixes-ppc64 arch/ppc64/kernel/signal32.c
--- 25/arch/ppc64/kernel/signal32.c~signal-race-fixes-ppc64	2004-07-31 16:52:48.922562280 -0700
+++ 25-akpm/arch/ppc64/kernel/signal32.c	2004-07-31 16:52:48.929561216 -0700
@@ -641,7 +641,7 @@ int sys32_sigaltstack(u32 __new, u32 __o
  * Set up a signal frame for a "real-time" signal handler
  * (one which gets siginfo).
  */
-static void handle_rt_signal32(unsigned long sig, struct k_sigaction *ka,
+static void handle_rt_signal32(unsigned long sig, struct k_sigaction *ka_copy,
 			       siginfo_t *info, sigset_t *oldset,
 			       struct pt_regs * regs, unsigned long newsp)
 {
@@ -687,7 +687,7 @@ static void handle_rt_signal32(unsigned 
 	regs-&gt;gpr[4] = (unsigned long) &amp;rt_sf-&gt;info;
 	regs-&gt;gpr[5] = (unsigned long) &amp;rt_sf-&gt;uc;
 	regs-&gt;gpr[6] = (unsigned long) rt_sf;
-	regs-&gt;nip = (unsigned long) ka-&gt;sa.sa_handler;
+	regs-&gt;nip = (unsigned long) ka_copy-&gt;sa.sa_handler;
 	regs-&gt;link = (unsigned long) frame-&gt;tramp;
 	regs-&gt;trap = 0;
 	regs-&gt;result = 0;
@@ -700,7 +700,7 @@ badframe:
 	       regs, frame, newsp);
 #endif
 	if (sig == SIGSEGV)
-		ka-&gt;sa.sa_handler = SIG_DFL;
+		current-&gt;sighand-&gt;action[SIGSEGV-1].sa.sa_handler = SIG_DFL;
 	force_sig(SIGSEGV, current);
 }
 
@@ -812,7 +812,7 @@ long sys32_rt_sigreturn(int r3, int r4, 
 /*
  * OK, we're invoking a handler
  */
-static void handle_signal32(unsigned long sig, struct k_sigaction *ka,
+static void handle_signal32(unsigned long sig, struct k_sigaction *ka_copy,
 			    siginfo_t *info, sigset_t *oldset,
 			    struct pt_regs * regs, unsigned long newsp)
 {
@@ -837,7 +837,7 @@ static void handle_signal32(unsigned lon
 #if _NSIG != 64
 #error "Please adjust handle_signal32()"
 #endif
-	if (__put_user((u32)(u64)ka-&gt;sa.sa_handler, &amp;sc-&gt;handler)
+	if (__put_user((u32)(u64)ka_copy-&gt;sa.sa_handler, &amp;sc-&gt;handler)
 	    || __put_user(oldset-&gt;sig[0], &amp;sc-&gt;oldmask)
 	    || __put_user((oldset-&gt;sig[0] &gt;&gt; 32), &amp;sc-&gt;_unused[3])
 	    || __put_user((u32)(u64)frame, &amp;sc-&gt;regs)
@@ -852,7 +852,7 @@ static void handle_signal32(unsigned lon
 	regs-&gt;gpr[1] = (unsigned long) newsp;
 	regs-&gt;gpr[3] = sig;
 	regs-&gt;gpr[4] = (unsigned long) sc;
-	regs-&gt;nip = (unsigned long) ka-&gt;sa.sa_handler;
+	regs-&gt;nip = (unsigned long) ka_copy-&gt;sa.sa_handler;
 	regs-&gt;link = (unsigned long) frame-&gt;mctx.tramp;
 	regs-&gt;trap = 0;
 	regs-&gt;result = 0;
@@ -865,7 +865,7 @@ badframe:
 	       regs, frame, *newspp);
 #endif
 	if (sig == SIGSEGV)
-		ka-&gt;sa.sa_handler = SIG_DFL;
+		current-&gt;sighand-&gt;action[SIGSEGV-1].sa.sa_handler = SIG_DFL;
 	force_sig(SIGSEGV, current);
 }
 
@@ -928,18 +928,16 @@ badframe:
 int do_signal32(sigset_t *oldset, struct pt_regs *regs)
 {
 	siginfo_t info;
-	struct k_sigaction *ka;
 	unsigned int frame, newsp;
 	int signr, ret;
+	struct k_sigaction ka_copy;
 
 	if (!oldset)
 		oldset = &amp;current-&gt;blocked;
 
 	newsp = frame = 0;
 
-	signr = get_signal_to_deliver(&amp;info, regs, NULL);
-
-	ka = (signr == 0)? NULL: &amp;current-&gt;sighand-&gt;action[signr-1];
+	signr = get_signal_to_deliver(&amp;info, &amp;ka_copy, regs, NULL);
 
 	if (TRAP(regs) == 0x0C00		/* System Call! */
 	    &amp;&amp; regs-&gt;ccr &amp; 0x10000000		/* error signalled */
@@ -950,7 +948,7 @@ int do_signal32(sigset_t *oldset, struct
 		if (signr &gt; 0
 		    &amp;&amp; (ret == ERESTARTNOHAND || ret == ERESTART_RESTARTBLOCK
 			|| (ret == ERESTARTSYS
-			    &amp;&amp; !(ka-&gt;sa.sa_flags &amp; SA_RESTART)))) {
+			    &amp;&amp; !(ka_copy.sa.sa_flags &amp; SA_RESTART)))) {
 			/* make the system call return an EINTR error */
 			regs-&gt;result = -EINTR;
 			regs-&gt;gpr[3] = EINTR;
@@ -969,7 +967,7 @@ int do_signal32(sigset_t *oldset, struct
 	if (signr == 0)
 		return 0;		/* no signals delivered */
 
-	if ((ka-&gt;sa.sa_flags &amp; SA_ONSTACK) &amp;&amp; current-&gt;sas_ss_size
+	if ((ka_copy.sa.sa_flags &amp; SA_ONSTACK) &amp;&amp; current-&gt;sas_ss_size
 	    &amp;&amp; (!on_sig_stack(regs-&gt;gpr[1])))
 		newsp = (current-&gt;sas_ss_sp + current-&gt;sas_ss_size);
 	else
@@ -977,17 +975,15 @@ int do_signal32(sigset_t *oldset, struct
 	newsp &amp;= ~0xfUL;
 
 	/* Whee!  Actually deliver the signal.  */
-	if (ka-&gt;sa.sa_flags &amp; SA_SIGINFO)
-		handle_rt_signal32(signr, ka, &amp;info, oldset, regs, newsp);
+	if (ka_copy.sa.sa_flags &amp; SA_SIGINFO)
+		handle_rt_signal32(signr, &amp;ka_copy, &amp;info, oldset, regs, newsp);
 	else
-		handle_signal32(signr, ka, &amp;info, oldset, regs, newsp);
-
-	if (ka-&gt;sa.sa_flags &amp; SA_ONESHOT)
-		ka-&gt;sa.sa_handler = SIG_DFL;
+		handle_signal32(signr, &amp;ka_copy, &amp;info, oldset, regs, newsp);
 
-	if (!(ka-&gt;sa.sa_flags &amp; SA_NODEFER)) {
+	if (!(ka_copy.sa.sa_flags &amp; SA_NODEFER)) {
 		spin_lock_irq(&amp;current-&gt;sighand-&gt;siglock);
-		sigorsets(&amp;current-&gt;blocked,&amp;current-&gt;blocked,&amp;ka-&gt;sa.sa_mask);
+		sigorsets(&amp;current-&gt;blocked, &amp;current-&gt;blocked,
+			  &amp;ka_copy.sa.sa_mask);
 		sigaddset(&amp;current-&gt;blocked, signr);
 		recalc_sigpending();
 		spin_unlock_irq(&amp;current-&gt;sighand-&gt;siglock);
diff -puN arch/ppc64/kernel/signal.c~signal-race-fixes-ppc64 arch/ppc64/kernel/signal.c
--- 25/arch/ppc64/kernel/signal.c~signal-race-fixes-ppc64	2004-07-31 16:52:48.923562128 -0700
+++ 25-akpm/arch/ppc64/kernel/signal.c	2004-07-31 16:52:48.927561520 -0700
@@ -374,8 +374,8 @@ badframe:
 	do_exit(SIGSEGV);
 }
 
-static void setup_rt_frame(int signr, struct k_sigaction *ka, siginfo_t *info,
-		sigset_t *set, struct pt_regs *regs)
+static void setup_rt_frame(int signr, struct k_sigaction *ka_copy,
+		siginfo_t *info, sigset_t *set, struct pt_regs *regs)
 {
 	/* Handler is *really* a pointer to the function descriptor for
 	 * the signal routine.  The first entry in the function
@@ -387,7 +387,7 @@ static void setup_rt_frame(int signr, st
 	unsigned long newsp = 0;
 	long err = 0;
 
-	frame = get_sigframe(ka, regs, sizeof(*frame));
+	frame = get_sigframe(ka_copy, regs, sizeof(*frame));
 
 	if (verify_area(VERIFY_WRITE, frame, sizeof(*frame)))
 		goto badframe;
@@ -406,7 +406,7 @@ static void setup_rt_frame(int signr, st
 			  &amp;frame-&gt;uc.uc_stack.ss_flags);
 	err |= __put_user(current-&gt;sas_ss_size, &amp;frame-&gt;uc.uc_stack.ss_size);
 	err |= setup_sigcontext(&amp;frame-&gt;uc.uc_mcontext, regs, signr, NULL,
-				(unsigned long)ka-&gt;sa.sa_handler);
+				(unsigned long)ka_copy-&gt;sa.sa_handler);
 	err |= __copy_to_user(&amp;frame-&gt;uc.uc_sigmask, set, sizeof(*set));
 	if (err)
 		goto badframe;
@@ -416,7 +416,7 @@ static void setup_rt_frame(int signr, st
 	if (err)
 		goto badframe;
 
-	funct_desc_ptr = (func_descr_t __user *) ka-&gt;sa.sa_handler;
+	funct_desc_ptr = (func_descr_t __user *) ka_copy-&gt;sa.sa_handler;
 
 	/* Allocate a dummy caller frame for the signal handler. */
 	newsp = (unsigned long)frame - __SIGNAL_FRAMESIZE;
@@ -429,7 +429,7 @@ static void setup_rt_frame(int signr, st
 	err |= get_user(regs-&gt;gpr[2], &amp;funct_desc_ptr-&gt;toc);
 	regs-&gt;gpr[3] = signr;
 	regs-&gt;result = 0;
-	if (ka-&gt;sa.sa_flags &amp; SA_SIGINFO) {
+	if (ka_copy-&gt;sa.sa_flags &amp; SA_SIGINFO) {
 		err |= get_user(regs-&gt;gpr[4], (unsigned long __user *)&amp;frame-&gt;pinfo);
 		err |= get_user(regs-&gt;gpr[5], (unsigned long __user *)&amp;frame-&gt;puc);
 		regs-&gt;gpr[6] = (unsigned long) frame;
@@ -446,33 +446,33 @@ badframe:
 	printk("badframe in setup_rt_frame, regs=%p frame=%p newsp=%lx\n",
 	       regs, frame, newsp);
 #endif
-	do_exit(SIGSEGV);
+	if (signr == SIGSEGV)
+		current-&gt;sighand-&gt;action[SIGSEGV-1].sa.sa_handler = SIG_DFL;
+	force_sig(SIGSEGV, current);
 }
 
 
 /*
  * OK, we're invoking a handler
  */
-static void handle_signal(unsigned long sig, struct k_sigaction *ka,
-			  siginfo_t *info, sigset_t *oldset, struct pt_regs *regs)
+static void handle_signal(unsigned long sig, struct k_sigaction *ka_copy,
+		siginfo_t *info, sigset_t *oldset, struct pt_regs *regs)
 {
 	/* Set up Signal Frame */
-	setup_rt_frame(sig, ka, info, oldset, regs);
-
-	if (ka-&gt;sa.sa_flags &amp; SA_ONESHOT)
-		ka-&gt;sa.sa_handler = SIG_DFL;
+	setup_rt_frame(sig, ka_copy, info, oldset, regs);
 
-	if (!(ka-&gt;sa.sa_flags &amp; SA_NODEFER)) {
+	if (!(ka_copy-&gt;sa.sa_flags &amp; SA_NODEFER)) {
 		spin_lock_irq(&amp;current-&gt;sighand-&gt;siglock);
-		sigorsets(&amp;current-&gt;blocked,&amp;current-&gt;blocked,&amp;ka-&gt;sa.sa_mask);
+		sigorsets(&amp;current-&gt;blocked, &amp;current-&gt;blocked,
+			  &amp;ka_copy-&gt;sa.sa_mask);
 		sigaddset(&amp;current-&gt;blocked,sig);
 		recalc_sigpending();
 		spin_unlock_irq(&amp;current-&gt;sighand-&gt;siglock);
 	}
-	return;
 }
 
-static inline void syscall_restart(struct pt_regs *regs, struct k_sigaction *ka)
+static inline void syscall_restart(struct pt_regs *regs,
+				   struct k_sigaction *ka_copy)
 {
 	switch ((int)regs-&gt;result) {
 	case -ERESTART_RESTARTBLOCK:
@@ -487,7 +487,7 @@ static inline void syscall_restart(struc
 		/* ERESTARTSYS means to restart the syscall if there is no
 		 * handler or the handler was registered with SA_RESTART
 		 */
-		if (!(ka-&gt;sa.sa_flags &amp; SA_RESTART)) {
+		if (!(ka_copy-&gt;sa.sa_flags &amp; SA_RESTART)) {
 			regs-&gt;result = -EINTR;
 			break;
 		}
@@ -512,6 +512,7 @@ int do_signal(sigset_t *oldset, struct p
 {
 	siginfo_t info;
 	int signr;
+	struct k_sigaction ka_copy;
 
 	/*
 	 * If the current thread is 32 bit - invoke the
@@ -523,14 +524,12 @@ int do_signal(sigset_t *oldset, struct p
 	if (!oldset)
 		oldset = &amp;current-&gt;blocked;
 
-	signr = get_signal_to_deliver(&amp;info, regs, NULL);
+	signr = get_signal_to_deliver(&amp;info, &amp;ka_copy, regs, NULL);
 	if (signr &gt; 0) {
-		struct k_sigaction *ka = &amp;current-&gt;sighand-&gt;action[signr-1];
-
 		/* Whee!  Actually deliver the signal.  */
 		if (TRAP(regs) == 0x0C00)
-			syscall_restart(regs, ka);
-		handle_signal(signr, ka, &amp;info, oldset, regs);
+			syscall_restart(regs, &amp;ka_copy);
+		handle_signal(signr, &amp;ka_copy, &amp;info, oldset, regs);
 		return 1;
 	}
 
_
</pre></body></html>