/** * @file kernel/sys/signal.c * @brief Signal handling. * * Provides signal entry and delivery; also handles suspending * and resuming jobs (SIGTSTP, SIGCONT). * * As of Misaka 2.1, signal delivery has been largely rewritten: * - Signals can only be delivered a times when we would be * normally returning to userspace. This matches behavior in * a number of other kernels. * - Signals should cause kernel sleeps to return with an error * state, ending any blocking system calls and allowing them * to either gracefully return or bubble up -ERESTARTSYS to * be restarted. * - Userspace signal handlers now push context on the userspace * stack. This is arch-specific behavior. * - Signal handler returns work the same as previously, injecting * a special "magic" return address that should fault. * * @copyright * This file is part of ToaruOS and is released under the terms * of the NCSA / University of Illinois License - see LICENSE.md * Copyright (C) 2012-2022 K. Lange */ #include #include #include #include #include #include #include #include #include #include #include static spin_lock_t sig_lock; #define SIG_DISP_Ign 0 #define SIG_DISP_Term 1 #define SIG_DISP_Core 2 #define SIG_DISP_Stop 3 #define SIG_DISP_Cont 4 static char sig_defaults[] = { 0, /* 0? */ [SIGHUP ] = SIG_DISP_Term, [SIGINT ] = SIG_DISP_Term, [SIGQUIT ] = SIG_DISP_Core, [SIGILL ] = SIG_DISP_Core, [SIGTRAP ] = SIG_DISP_Core, [SIGABRT ] = SIG_DISP_Core, [SIGEMT ] = SIG_DISP_Core, [SIGFPE ] = SIG_DISP_Core, [SIGKILL ] = SIG_DISP_Term, [SIGBUS ] = SIG_DISP_Core, [SIGSEGV ] = SIG_DISP_Core, [SIGSYS ] = SIG_DISP_Core, [SIGPIPE ] = SIG_DISP_Term, [SIGALRM ] = SIG_DISP_Term, [SIGTERM ] = SIG_DISP_Term, [SIGUSR1 ] = SIG_DISP_Term, [SIGUSR2 ] = SIG_DISP_Term, [SIGCHLD ] = SIG_DISP_Ign, [SIGPWR ] = SIG_DISP_Ign, [SIGWINCH ] = SIG_DISP_Ign, [SIGURG ] = SIG_DISP_Ign, [SIGPOLL ] = SIG_DISP_Ign, [SIGSTOP ] = SIG_DISP_Stop, [SIGTSTP ] = SIG_DISP_Stop, [SIGCONT ] = SIG_DISP_Cont, [SIGTTIN ] = SIG_DISP_Stop, [SIGTTOUT ] = SIG_DISP_Stop, [SIGVTALRM ] = SIG_DISP_Term, [SIGPROF ] = SIG_DISP_Term, [SIGXCPU ] = SIG_DISP_Core, [SIGXFSZ ] = SIG_DISP_Core, [SIGWAITING ] = SIG_DISP_Ign, [SIGDIAF ] = SIG_DISP_Term, [SIGHATE ] = SIG_DISP_Ign, [SIGWINEVENT] = SIG_DISP_Ign, [SIGCAT ] = SIG_DISP_Ign, }; /** * @brief If a system call returned -ERESTARTSYS, restart it. * * Called by both @c handle_signal and @c return_from_signal_handler depending * on how the signal was handled. * * @param r Registers after restoration from signal return. */ static void maybe_restart_system_call(struct regs * r, int signum) { if (this_core->current_process->interrupted_system_call && arch_syscall_number(r) == -ERESTARTSYS) { if (sig_defaults[signum] == SIG_DISP_Cont || (this_core->current_process->signals[signum].flags & SA_RESTART)) { arch_syscall_return(r, this_core->current_process->interrupted_system_call); this_core->current_process->interrupted_system_call = 0; syscall_handler(r); } else { this_core->current_process->interrupted_system_call = 0; arch_syscall_return(r, -EINTR); } } } /** * @brief Examine the pending signal and perform an appropriate action. * * This is called by @c process_check_signals below. It should not be called * directly by other parts of the kernel. Previously, it was called through * process switching... * * When a signal handler is called, this does not return. The userspace * process is resumed in the signal handler context, and any future calls * into the kernel are "from scratch". * * @param proc should be the current active process, which should generally * always be this_core->current_process. * @param sig is the signal node from the pending queue. Currently, this * just contains the signal number and nothing else. It used to * also contain the handler to call, but that led to TOCTOU bugs. * @param r Userspace registers at time of signal entry. This gets passed * forward to @c arch_enter_signal_handler * @returns 0 if another signal needs to be handled, 1 otherwise. */ int handle_signal(process_t * proc, int signum, struct regs *r) { struct signal_config config = proc->signals[signum]; /* Are we being traced? */ if (this_core->current_process->flags & PROC_FLAG_TRACE_SIGNALS) { signum = ptrace_signal(signum, 0); } if (proc->flags & PROC_FLAG_FINISHED) { return 1; } if (signum == 0 || signum >= NUMSIGNALS) { goto _ignore_signal; } if (!config.handler) { char dowhat = sig_defaults[signum]; if (dowhat == SIG_DISP_Term || dowhat == SIG_DISP_Core) { task_exit(((128 + signum) << 8) | signum); __builtin_unreachable(); } else if (dowhat == SIG_DISP_Stop) { __sync_or_and_fetch(&this_core->current_process->flags, PROC_FLAG_SUSPENDED); this_core->current_process->status = 0x7F; process_t * parent = process_get_parent((process_t *)this_core->current_process); if (parent && !(parent->flags & PROC_FLAG_FINISHED)) { wakeup_queue(parent->wait_queue); } do { switch_task(0); } while (!(this_core->current_process->pending_signals & ~this_core->current_process->blocked_signals)); return 0; /* Return and handle another */ } else if (dowhat == SIG_DISP_Cont) { /* Continue doesn't actually do anything different at this stage. */ goto _ignore_signal; } goto _ignore_signal; } /* If the handler value is 1 we treat it as IGN. */ if (config.handler == 1) goto _ignore_signal; if (config.flags & SA_RESETHAND) { proc->signals[signum].handler = 0; } arch_enter_signal_handler(config.handler, signum, r); return 1; /* Should not be reachable */ _ignore_signal: /* we still need to check if we need to restart something */ maybe_restart_system_call(r, signum); return !(this_core->current_process->pending_signals & ~this_core->current_process->blocked_signals); } /** * @brief Deliver a signal to another process. * * Called by both system calls like @c kill as well as by some things * that want to trigger SIGSEGV, SIGPIPE, and so on. * * @param process PID to deliver to. Must be a single PID, not a group specifier. * @param signal Signal number to deliver. * @param force_root If the current process isn't root, it can't send signals to * processes owned by other users, which means we can't send soft * signals as part operations like SIGPIPE or SIGCHLD. Kernel callers * can use this parameter to skip this check. * @returns General status, should be suitable for sys_kill return value. */ int send_signal(pid_t process, int signal, int force_root) { process_t * receiver = process_from_pid(process); if (!receiver) { /* Invalid pid */ return -ESRCH; } if (!force_root && receiver->user != this_core->current_process->user && this_core->current_process->user != USER_ROOT_UID) { if (!(signal == SIGCONT && receiver->session == this_core->current_process->session)) { return -EPERM; } } if (receiver->flags & PROC_FLAG_IS_TASKLET) { /* Can not send signals to kernel tasklets */ return -EINVAL; } if (signal > NUMSIGNALS) { /* Invalid signal */ return -EINVAL; } if (receiver->flags & PROC_FLAG_FINISHED) { /* Can't send signals to finished processes */ return -EINVAL; } if (!receiver->signals[signal].handler && !sig_defaults[signal]) { /* If there is no handler for a signal and its default disposition is IGNORE, * we don't even bother sending it, to avoid having to interrupt + restart system calls. */ return 0; } if (receiver->blocked_signals & (1 << signal)) { spin_lock(sig_lock); receiver->pending_signals |= (1 << signal); spin_unlock(sig_lock); return 0; } if (sig_defaults[signal] == SIG_DISP_Cont) { /* XXX: I'm not sure this check is necessary? And the SUSPEND flag flip probably * should be on the receiving end. */ if (!(receiver->flags & PROC_FLAG_SUSPENDED)) { return -EINVAL; } else { __sync_and_and_fetch(&receiver->flags, ~(PROC_FLAG_SUSPENDED)); receiver->status = 0; } } /* Append signal to list */ spin_lock(sig_lock); receiver->pending_signals |= (1 << signal); spin_unlock(sig_lock); /* Informs any blocking events that the process has been interrupted * by a signal, which should trigger those blocking events to complete * and potentially return -EINTR or -ERESTARTSYS */ process_awaken_signal(receiver); /* Schedule processes awoken by signals to be run. Unless they're us, we'll * jump to the signal handler as part of returning from this call. */ if (receiver != this_core->current_process && !process_is_ready(receiver)) { make_process_ready(receiver); } return 0; } /** * @brief Send a signal to multiple processes. * * Similar to @c send_signal but for when a negative PID needs to be used. * * @param group The group process ID. Positive PID, not negative. * @param signal Signal number to deliver. * @param force_root See explanation in @c send_signal * @returns 1 if something was signalled, 0 if there were no valid recipients. */ int group_send_signal(pid_t group, int signal, int force_root) { int kill_self = 0; int killed_something = 0; foreach(node, process_list) { process_t * proc = node->value; if (proc->group == proc->id && proc->job == group) { /* Only thread group leaders */ if (proc->group == this_core->current_process->group) { kill_self = 1; } else { if (send_signal(proc->group, signal, force_root) == 0) { killed_something = 1; } } } } if (kill_self) { if (send_signal(this_core->current_process->group, signal, force_root) == 0) { killed_something = 1; } } return !!killed_something; } /** * @brief Examine the signal delivery queue of the current process, and handle signals. * * Should be called before a userspace return would happen. If a signal handler is to be * run in userspace, then process_check_signals will not return, similar to exec. * * @param r Userspace registers before signal entry. */ void process_check_signals(struct regs * r) { spin_lock(sig_lock); if (this_core->current_process && !(this_core->current_process->flags & PROC_FLAG_FINISHED)) { /* Set an pending signals that were previously blocked */ sigset_t active_signals = this_core->current_process->pending_signals & ~this_core->current_process->blocked_signals; int signal = 0; while (active_signals && signal <= NUMSIGNALS) { if (active_signals & 1) { this_core->current_process->pending_signals &= ~(1 << signal); spin_unlock(sig_lock); if (handle_signal((process_t*)this_core->current_process, signal, r)) return; spin_lock(sig_lock); } active_signals >>= 1; signal++; } } spin_unlock(sig_lock); } /** * @brief Restore pre-signal context and possibly restart system calls. * * To be called by the platform's fault handler when it determines that * a signal handler return has been triggered. Calls platform code to restore * the previous userspace context (before the signal) from the userspace stack * and restarts an interrupted system call if there was one. * * @param r Registers at fault, passed to platform code for restoration and * then to @c maybe_restart_system_call to handle system call restarts. */ void return_from_signal_handler(struct regs *r) { int signum = arch_return_from_signal_handler(r); if (this_core->current_process->pending_signals & ~this_core->current_process->blocked_signals) { process_check_signals(r); } maybe_restart_system_call(r,signum); }