diff options
| author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-03-27 08:42:50 +0000 |
|---|---|---|
| committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2018-03-27 08:42:50 +0000 |
| commit | fd49705ee7d05211eb99ed835e7e6c25def25554 (patch) | |
| tree | 515b37b5d4fda1f67c704456f44d03c2d0372912 | |
| parent | fefc9a1fda9d3eb539e7bd74d437fdf3c1c6c0de (diff) | |
Make sure that programs violating a pledge(2) promise or some memory
protection cannot block the final SIGABRT.
While here apply the same logic to ddb(4)'s kill command.
From semarie@, ok deraadt@
| -rw-r--r-- | sys/kern/kern_pledge.c | 4 | ||||
| -rw-r--r-- | sys/kern/kern_proc.c | 3 | ||||
| -rw-r--r-- | sys/uvm/uvm_mmap.c | 16 |
3 files changed, 11 insertions, 12 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index af56c42095d..d0886473414 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.228 2018/01/09 15:14:23 mpi Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.229 2018/03/27 08:42:49 mpi Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -526,10 +526,12 @@ pledge_fail(struct proc *p, int error, uint64_t code) log(LOG_ERR, "%s[%d]: pledge \"%s\", syscall %d\n", p->p_p->ps_comm, p->p_p->ps_pid, codes, p->p_pledge_syscall); p->p_p->ps_acflag |= APLEDGE; + /* Send uncatchable SIGABRT for coredump */ memset(&sa, 0, sizeof sa); sa.sa_handler = SIG_DFL; setsigvec(p, SIGABRT, &sa); + atomic_clearbits_int(&p->p_sigmask, sigmask(SIGABRT)); psignal(p, SIGABRT); p->p_p->ps_pledge = 0; /* Disable all PLEDGE_ flags */ diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 45e84d8462d..def3f768d89 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_proc.c,v 1.82 2018/02/26 13:43:51 mpi Exp $ */ +/* $OpenBSD: kern_proc.c,v 1.83 2018/03/27 08:42:49 mpi Exp $ */ /* $NetBSD: kern_proc.c,v 1.14 1996/02/09 18:59:41 christos Exp $ */ /* @@ -507,6 +507,7 @@ db_kill_cmd(db_expr_t addr, int have_addr, db_expr_t count, char *modif) memset(&sa, 0, sizeof sa); sa.sa_handler = SIG_DFL; setsigvec(p, SIGABRT, &sa); + atomic_clearbits_int(&p->p_sigmask, sigmask(SIGABRT)); psignal(p, SIGABRT); } diff --git a/sys/uvm/uvm_mmap.c b/sys/uvm/uvm_mmap.c index 809c6a10cb6..464ee703beb 100644 --- a/sys/uvm/uvm_mmap.c +++ b/sys/uvm/uvm_mmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_mmap.c,v 1.147 2018/02/19 08:59:53 mpi Exp $ */ +/* $OpenBSD: uvm_mmap.c,v 1.148 2018/03/27 08:42:49 mpi Exp $ */ /* $NetBSD: uvm_mmap.c,v 1.49 2001/02/18 21:19:08 chs Exp $ */ /* @@ -326,15 +326,11 @@ uvm_wxcheck(struct proc *p, char *call) if (pr->ps_wxcounter++ == 0) log(LOG_NOTICE, "%s(%d): %s W^X violation\n", pr->ps_comm, pr->ps_pid, call); - if (uvm_wxabort) { - struct sigaction sa; - - /* Send uncatchable SIGABRT for coredump */ - memset(&sa, 0, sizeof sa); - sa.sa_handler = SIG_DFL; - setsigvec(p, SIGABRT, &sa); - psignal(p, SIGABRT); - } + + /* Send uncatchable SIGABRT for coredump */ + if (uvm_wxabort) + sigexit(p, SIGABRT); + return (ENOTSUP); } |