signal.c (35626B)
1/* 2 * Emulation of Linux signals 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, see <http://www.gnu.org/licenses/>. 18 */ 19#include "qemu/osdep.h" 20#include "qemu/bitops.h" 21#include "exec/gdbstub.h" 22 23#include <sys/ucontext.h> 24#include <sys/resource.h> 25 26#include "qemu.h" 27#include "user-internals.h" 28#include "strace.h" 29#include "loader.h" 30#include "trace.h" 31#include "signal-common.h" 32 33static struct target_sigaction sigact_table[TARGET_NSIG]; 34 35static void host_signal_handler(int host_signum, siginfo_t *info, 36 void *puc); 37 38/* Fallback addresses into sigtramp page. */ 39abi_ulong default_sigreturn; 40abi_ulong default_rt_sigreturn; 41 42/* 43 * System includes define _NSIG as SIGRTMAX + 1, 44 * but qemu (like the kernel) defines TARGET_NSIG as TARGET_SIGRTMAX 45 * and the first signal is SIGHUP defined as 1 46 * Signal number 0 is reserved for use as kill(pid, 0), to test whether 47 * a process exists without sending it a signal. 48 */ 49#ifdef __SIGRTMAX 50QEMU_BUILD_BUG_ON(__SIGRTMAX + 1 != _NSIG); 51#endif 52static uint8_t host_to_target_signal_table[_NSIG] = { 53 [SIGHUP] = TARGET_SIGHUP, 54 [SIGINT] = TARGET_SIGINT, 55 [SIGQUIT] = TARGET_SIGQUIT, 56 [SIGILL] = TARGET_SIGILL, 57 [SIGTRAP] = TARGET_SIGTRAP, 58 [SIGABRT] = TARGET_SIGABRT, 59/* [SIGIOT] = TARGET_SIGIOT,*/ 60 [SIGBUS] = TARGET_SIGBUS, 61 [SIGFPE] = TARGET_SIGFPE, 62 [SIGKILL] = TARGET_SIGKILL, 63 [SIGUSR1] = TARGET_SIGUSR1, 64 [SIGSEGV] = TARGET_SIGSEGV, 65 [SIGUSR2] = TARGET_SIGUSR2, 66 [SIGPIPE] = TARGET_SIGPIPE, 67 [SIGALRM] = TARGET_SIGALRM, 68 [SIGTERM] = TARGET_SIGTERM, 69#ifdef SIGSTKFLT 70 [SIGSTKFLT] = TARGET_SIGSTKFLT, 71#endif 72 [SIGCHLD] = TARGET_SIGCHLD, 73 [SIGCONT] = TARGET_SIGCONT, 74 [SIGSTOP] = TARGET_SIGSTOP, 75 [SIGTSTP] = TARGET_SIGTSTP, 76 [SIGTTIN] = TARGET_SIGTTIN, 77 [SIGTTOU] = TARGET_SIGTTOU, 78 [SIGURG] = TARGET_SIGURG, 79 [SIGXCPU] = TARGET_SIGXCPU, 80 [SIGXFSZ] = TARGET_SIGXFSZ, 81 [SIGVTALRM] = TARGET_SIGVTALRM, 82 [SIGPROF] = TARGET_SIGPROF, 83 [SIGWINCH] = TARGET_SIGWINCH, 84 [SIGIO] = TARGET_SIGIO, 85 [SIGPWR] = TARGET_SIGPWR, 86 [SIGSYS] = TARGET_SIGSYS, 87 /* next signals stay the same */ 88}; 89 90static uint8_t target_to_host_signal_table[TARGET_NSIG + 1]; 91 92/* valid sig is between 1 and _NSIG - 1 */ 93int host_to_target_signal(int sig) 94{ 95 if (sig < 1 || sig >= _NSIG) { 96 return sig; 97 } 98 return host_to_target_signal_table[sig]; 99} 100 101/* valid sig is between 1 and TARGET_NSIG */ 102int target_to_host_signal(int sig) 103{ 104 if (sig < 1 || sig > TARGET_NSIG) { 105 return sig; 106 } 107 return target_to_host_signal_table[sig]; 108} 109 110static inline void target_sigaddset(target_sigset_t *set, int signum) 111{ 112 signum--; 113 abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW); 114 set->sig[signum / TARGET_NSIG_BPW] |= mask; 115} 116 117static inline int target_sigismember(const target_sigset_t *set, int signum) 118{ 119 signum--; 120 abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW); 121 return ((set->sig[signum / TARGET_NSIG_BPW] & mask) != 0); 122} 123 124void host_to_target_sigset_internal(target_sigset_t *d, 125 const sigset_t *s) 126{ 127 int host_sig, target_sig; 128 target_sigemptyset(d); 129 for (host_sig = 1; host_sig < _NSIG; host_sig++) { 130 target_sig = host_to_target_signal(host_sig); 131 if (target_sig < 1 || target_sig > TARGET_NSIG) { 132 continue; 133 } 134 if (sigismember(s, host_sig)) { 135 target_sigaddset(d, target_sig); 136 } 137 } 138} 139 140void host_to_target_sigset(target_sigset_t *d, const sigset_t *s) 141{ 142 target_sigset_t d1; 143 int i; 144 145 host_to_target_sigset_internal(&d1, s); 146 for(i = 0;i < TARGET_NSIG_WORDS; i++) 147 d->sig[i] = tswapal(d1.sig[i]); 148} 149 150void target_to_host_sigset_internal(sigset_t *d, 151 const target_sigset_t *s) 152{ 153 int host_sig, target_sig; 154 sigemptyset(d); 155 for (target_sig = 1; target_sig <= TARGET_NSIG; target_sig++) { 156 host_sig = target_to_host_signal(target_sig); 157 if (host_sig < 1 || host_sig >= _NSIG) { 158 continue; 159 } 160 if (target_sigismember(s, target_sig)) { 161 sigaddset(d, host_sig); 162 } 163 } 164} 165 166void target_to_host_sigset(sigset_t *d, const target_sigset_t *s) 167{ 168 target_sigset_t s1; 169 int i; 170 171 for(i = 0;i < TARGET_NSIG_WORDS; i++) 172 s1.sig[i] = tswapal(s->sig[i]); 173 target_to_host_sigset_internal(d, &s1); 174} 175 176void host_to_target_old_sigset(abi_ulong *old_sigset, 177 const sigset_t *sigset) 178{ 179 target_sigset_t d; 180 host_to_target_sigset(&d, sigset); 181 *old_sigset = d.sig[0]; 182} 183 184void target_to_host_old_sigset(sigset_t *sigset, 185 const abi_ulong *old_sigset) 186{ 187 target_sigset_t d; 188 int i; 189 190 d.sig[0] = *old_sigset; 191 for(i = 1;i < TARGET_NSIG_WORDS; i++) 192 d.sig[i] = 0; 193 target_to_host_sigset(sigset, &d); 194} 195 196int block_signals(void) 197{ 198 TaskState *ts = (TaskState *)thread_cpu->opaque; 199 sigset_t set; 200 201 /* It's OK to block everything including SIGSEGV, because we won't 202 * run any further guest code before unblocking signals in 203 * process_pending_signals(). 204 */ 205 sigfillset(&set); 206 sigprocmask(SIG_SETMASK, &set, 0); 207 208 return qatomic_xchg(&ts->signal_pending, 1); 209} 210 211/* Wrapper for sigprocmask function 212 * Emulates a sigprocmask in a safe way for the guest. Note that set and oldset 213 * are host signal set, not guest ones. Returns -TARGET_ERESTARTSYS if 214 * a signal was already pending and the syscall must be restarted, or 215 * 0 on success. 216 * If set is NULL, this is guaranteed not to fail. 217 */ 218int do_sigprocmask(int how, const sigset_t *set, sigset_t *oldset) 219{ 220 TaskState *ts = (TaskState *)thread_cpu->opaque; 221 222 if (oldset) { 223 *oldset = ts->signal_mask; 224 } 225 226 if (set) { 227 int i; 228 229 if (block_signals()) { 230 return -TARGET_ERESTARTSYS; 231 } 232 233 switch (how) { 234 case SIG_BLOCK: 235 sigorset(&ts->signal_mask, &ts->signal_mask, set); 236 break; 237 case SIG_UNBLOCK: 238 for (i = 1; i <= NSIG; ++i) { 239 if (sigismember(set, i)) { 240 sigdelset(&ts->signal_mask, i); 241 } 242 } 243 break; 244 case SIG_SETMASK: 245 ts->signal_mask = *set; 246 break; 247 default: 248 g_assert_not_reached(); 249 } 250 251 /* Silently ignore attempts to change blocking status of KILL or STOP */ 252 sigdelset(&ts->signal_mask, SIGKILL); 253 sigdelset(&ts->signal_mask, SIGSTOP); 254 } 255 return 0; 256} 257 258#if !defined(TARGET_NIOS2) 259/* Just set the guest's signal mask to the specified value; the 260 * caller is assumed to have called block_signals() already. 261 */ 262void set_sigmask(const sigset_t *set) 263{ 264 TaskState *ts = (TaskState *)thread_cpu->opaque; 265 266 ts->signal_mask = *set; 267} 268#endif 269 270/* sigaltstack management */ 271 272int on_sig_stack(unsigned long sp) 273{ 274 TaskState *ts = (TaskState *)thread_cpu->opaque; 275 276 return (sp - ts->sigaltstack_used.ss_sp 277 < ts->sigaltstack_used.ss_size); 278} 279 280int sas_ss_flags(unsigned long sp) 281{ 282 TaskState *ts = (TaskState *)thread_cpu->opaque; 283 284 return (ts->sigaltstack_used.ss_size == 0 ? SS_DISABLE 285 : on_sig_stack(sp) ? SS_ONSTACK : 0); 286} 287 288abi_ulong target_sigsp(abi_ulong sp, struct target_sigaction *ka) 289{ 290 /* 291 * This is the X/Open sanctioned signal stack switching. 292 */ 293 TaskState *ts = (TaskState *)thread_cpu->opaque; 294 295 if ((ka->sa_flags & TARGET_SA_ONSTACK) && !sas_ss_flags(sp)) { 296 return ts->sigaltstack_used.ss_sp + ts->sigaltstack_used.ss_size; 297 } 298 return sp; 299} 300 301void target_save_altstack(target_stack_t *uss, CPUArchState *env) 302{ 303 TaskState *ts = (TaskState *)thread_cpu->opaque; 304 305 __put_user(ts->sigaltstack_used.ss_sp, &uss->ss_sp); 306 __put_user(sas_ss_flags(get_sp_from_cpustate(env)), &uss->ss_flags); 307 __put_user(ts->sigaltstack_used.ss_size, &uss->ss_size); 308} 309 310abi_long target_restore_altstack(target_stack_t *uss, CPUArchState *env) 311{ 312 TaskState *ts = (TaskState *)thread_cpu->opaque; 313 size_t minstacksize = TARGET_MINSIGSTKSZ; 314 target_stack_t ss; 315 316#if defined(TARGET_PPC64) 317 /* ELF V2 for PPC64 has a 4K minimum stack size for signal handlers */ 318 struct image_info *image = ts->info; 319 if (get_ppc64_abi(image) > 1) { 320 minstacksize = 4096; 321 } 322#endif 323 324 __get_user(ss.ss_sp, &uss->ss_sp); 325 __get_user(ss.ss_size, &uss->ss_size); 326 __get_user(ss.ss_flags, &uss->ss_flags); 327 328 if (on_sig_stack(get_sp_from_cpustate(env))) { 329 return -TARGET_EPERM; 330 } 331 332 switch (ss.ss_flags) { 333 default: 334 return -TARGET_EINVAL; 335 336 case TARGET_SS_DISABLE: 337 ss.ss_size = 0; 338 ss.ss_sp = 0; 339 break; 340 341 case TARGET_SS_ONSTACK: 342 case 0: 343 if (ss.ss_size < minstacksize) { 344 return -TARGET_ENOMEM; 345 } 346 break; 347 } 348 349 ts->sigaltstack_used.ss_sp = ss.ss_sp; 350 ts->sigaltstack_used.ss_size = ss.ss_size; 351 return 0; 352} 353 354/* siginfo conversion */ 355 356static inline void host_to_target_siginfo_noswap(target_siginfo_t *tinfo, 357 const siginfo_t *info) 358{ 359 int sig = host_to_target_signal(info->si_signo); 360 int si_code = info->si_code; 361 int si_type; 362 tinfo->si_signo = sig; 363 tinfo->si_errno = 0; 364 tinfo->si_code = info->si_code; 365 366 /* This memset serves two purposes: 367 * (1) ensure we don't leak random junk to the guest later 368 * (2) placate false positives from gcc about fields 369 * being used uninitialized if it chooses to inline both this 370 * function and tswap_siginfo() into host_to_target_siginfo(). 371 */ 372 memset(tinfo->_sifields._pad, 0, sizeof(tinfo->_sifields._pad)); 373 374 /* This is awkward, because we have to use a combination of 375 * the si_code and si_signo to figure out which of the union's 376 * members are valid. (Within the host kernel it is always possible 377 * to tell, but the kernel carefully avoids giving userspace the 378 * high 16 bits of si_code, so we don't have the information to 379 * do this the easy way...) We therefore make our best guess, 380 * bearing in mind that a guest can spoof most of the si_codes 381 * via rt_sigqueueinfo() if it likes. 382 * 383 * Once we have made our guess, we record it in the top 16 bits of 384 * the si_code, so that tswap_siginfo() later can use it. 385 * tswap_siginfo() will strip these top bits out before writing 386 * si_code to the guest (sign-extending the lower bits). 387 */ 388 389 switch (si_code) { 390 case SI_USER: 391 case SI_TKILL: 392 case SI_KERNEL: 393 /* Sent via kill(), tkill() or tgkill(), or direct from the kernel. 394 * These are the only unspoofable si_code values. 395 */ 396 tinfo->_sifields._kill._pid = info->si_pid; 397 tinfo->_sifields._kill._uid = info->si_uid; 398 si_type = QEMU_SI_KILL; 399 break; 400 default: 401 /* Everything else is spoofable. Make best guess based on signal */ 402 switch (sig) { 403 case TARGET_SIGCHLD: 404 tinfo->_sifields._sigchld._pid = info->si_pid; 405 tinfo->_sifields._sigchld._uid = info->si_uid; 406 tinfo->_sifields._sigchld._status = info->si_status; 407 tinfo->_sifields._sigchld._utime = info->si_utime; 408 tinfo->_sifields._sigchld._stime = info->si_stime; 409 si_type = QEMU_SI_CHLD; 410 break; 411 case TARGET_SIGIO: 412 tinfo->_sifields._sigpoll._band = info->si_band; 413 tinfo->_sifields._sigpoll._fd = info->si_fd; 414 si_type = QEMU_SI_POLL; 415 break; 416 default: 417 /* Assume a sigqueue()/mq_notify()/rt_sigqueueinfo() source. */ 418 tinfo->_sifields._rt._pid = info->si_pid; 419 tinfo->_sifields._rt._uid = info->si_uid; 420 /* XXX: potential problem if 64 bit */ 421 tinfo->_sifields._rt._sigval.sival_ptr 422 = (abi_ulong)(unsigned long)info->si_value.sival_ptr; 423 si_type = QEMU_SI_RT; 424 break; 425 } 426 break; 427 } 428 429 tinfo->si_code = deposit32(si_code, 16, 16, si_type); 430} 431 432void tswap_siginfo(target_siginfo_t *tinfo, 433 const target_siginfo_t *info) 434{ 435 int si_type = extract32(info->si_code, 16, 16); 436 int si_code = sextract32(info->si_code, 0, 16); 437 438 __put_user(info->si_signo, &tinfo->si_signo); 439 __put_user(info->si_errno, &tinfo->si_errno); 440 __put_user(si_code, &tinfo->si_code); 441 442 /* We can use our internal marker of which fields in the structure 443 * are valid, rather than duplicating the guesswork of 444 * host_to_target_siginfo_noswap() here. 445 */ 446 switch (si_type) { 447 case QEMU_SI_KILL: 448 __put_user(info->_sifields._kill._pid, &tinfo->_sifields._kill._pid); 449 __put_user(info->_sifields._kill._uid, &tinfo->_sifields._kill._uid); 450 break; 451 case QEMU_SI_TIMER: 452 __put_user(info->_sifields._timer._timer1, 453 &tinfo->_sifields._timer._timer1); 454 __put_user(info->_sifields._timer._timer2, 455 &tinfo->_sifields._timer._timer2); 456 break; 457 case QEMU_SI_POLL: 458 __put_user(info->_sifields._sigpoll._band, 459 &tinfo->_sifields._sigpoll._band); 460 __put_user(info->_sifields._sigpoll._fd, 461 &tinfo->_sifields._sigpoll._fd); 462 break; 463 case QEMU_SI_FAULT: 464 __put_user(info->_sifields._sigfault._addr, 465 &tinfo->_sifields._sigfault._addr); 466 break; 467 case QEMU_SI_CHLD: 468 __put_user(info->_sifields._sigchld._pid, 469 &tinfo->_sifields._sigchld._pid); 470 __put_user(info->_sifields._sigchld._uid, 471 &tinfo->_sifields._sigchld._uid); 472 __put_user(info->_sifields._sigchld._status, 473 &tinfo->_sifields._sigchld._status); 474 __put_user(info->_sifields._sigchld._utime, 475 &tinfo->_sifields._sigchld._utime); 476 __put_user(info->_sifields._sigchld._stime, 477 &tinfo->_sifields._sigchld._stime); 478 break; 479 case QEMU_SI_RT: 480 __put_user(info->_sifields._rt._pid, &tinfo->_sifields._rt._pid); 481 __put_user(info->_sifields._rt._uid, &tinfo->_sifields._rt._uid); 482 __put_user(info->_sifields._rt._sigval.sival_ptr, 483 &tinfo->_sifields._rt._sigval.sival_ptr); 484 break; 485 default: 486 g_assert_not_reached(); 487 } 488} 489 490void host_to_target_siginfo(target_siginfo_t *tinfo, const siginfo_t *info) 491{ 492 target_siginfo_t tgt_tmp; 493 host_to_target_siginfo_noswap(&tgt_tmp, info); 494 tswap_siginfo(tinfo, &tgt_tmp); 495} 496 497/* XXX: we support only POSIX RT signals are used. */ 498/* XXX: find a solution for 64 bit (additional malloced data is needed) */ 499void target_to_host_siginfo(siginfo_t *info, const target_siginfo_t *tinfo) 500{ 501 /* This conversion is used only for the rt_sigqueueinfo syscall, 502 * and so we know that the _rt fields are the valid ones. 503 */ 504 abi_ulong sival_ptr; 505 506 __get_user(info->si_signo, &tinfo->si_signo); 507 __get_user(info->si_errno, &tinfo->si_errno); 508 __get_user(info->si_code, &tinfo->si_code); 509 __get_user(info->si_pid, &tinfo->_sifields._rt._pid); 510 __get_user(info->si_uid, &tinfo->_sifields._rt._uid); 511 __get_user(sival_ptr, &tinfo->_sifields._rt._sigval.sival_ptr); 512 info->si_value.sival_ptr = (void *)(long)sival_ptr; 513} 514 515static int fatal_signal (int sig) 516{ 517 switch (sig) { 518 case TARGET_SIGCHLD: 519 case TARGET_SIGURG: 520 case TARGET_SIGWINCH: 521 /* Ignored by default. */ 522 return 0; 523 case TARGET_SIGCONT: 524 case TARGET_SIGSTOP: 525 case TARGET_SIGTSTP: 526 case TARGET_SIGTTIN: 527 case TARGET_SIGTTOU: 528 /* Job control signals. */ 529 return 0; 530 default: 531 return 1; 532 } 533} 534 535/* returns 1 if given signal should dump core if not handled */ 536static int core_dump_signal(int sig) 537{ 538 switch (sig) { 539 case TARGET_SIGABRT: 540 case TARGET_SIGFPE: 541 case TARGET_SIGILL: 542 case TARGET_SIGQUIT: 543 case TARGET_SIGSEGV: 544 case TARGET_SIGTRAP: 545 case TARGET_SIGBUS: 546 return (1); 547 default: 548 return (0); 549 } 550} 551 552static void signal_table_init(void) 553{ 554 int host_sig, target_sig, count; 555 556 /* 557 * Signals are supported starting from TARGET_SIGRTMIN and going up 558 * until we run out of host realtime signals. 559 * glibc at least uses only the lower 2 rt signals and probably 560 * nobody's using the upper ones. 561 * it's why SIGRTMIN (34) is generally greater than __SIGRTMIN (32) 562 * To fix this properly we need to do manual signal delivery multiplexed 563 * over a single host signal. 564 * Attempts for configure "missing" signals via sigaction will be 565 * silently ignored. 566 */ 567 for (host_sig = SIGRTMIN; host_sig <= SIGRTMAX; host_sig++) { 568 target_sig = host_sig - SIGRTMIN + TARGET_SIGRTMIN; 569 if (target_sig <= TARGET_NSIG) { 570 host_to_target_signal_table[host_sig] = target_sig; 571 } 572 } 573 574 /* generate signal conversion tables */ 575 for (target_sig = 1; target_sig <= TARGET_NSIG; target_sig++) { 576 target_to_host_signal_table[target_sig] = _NSIG; /* poison */ 577 } 578 for (host_sig = 1; host_sig < _NSIG; host_sig++) { 579 if (host_to_target_signal_table[host_sig] == 0) { 580 host_to_target_signal_table[host_sig] = host_sig; 581 } 582 target_sig = host_to_target_signal_table[host_sig]; 583 if (target_sig <= TARGET_NSIG) { 584 target_to_host_signal_table[target_sig] = host_sig; 585 } 586 } 587 588 if (trace_event_get_state_backends(TRACE_SIGNAL_TABLE_INIT)) { 589 for (target_sig = 1, count = 0; target_sig <= TARGET_NSIG; target_sig++) { 590 if (target_to_host_signal_table[target_sig] == _NSIG) { 591 count++; 592 } 593 } 594 trace_signal_table_init(count); 595 } 596} 597 598void signal_init(void) 599{ 600 TaskState *ts = (TaskState *)thread_cpu->opaque; 601 struct sigaction act; 602 struct sigaction oact; 603 int i; 604 int host_sig; 605 606 /* initialize signal conversion tables */ 607 signal_table_init(); 608 609 /* Set the signal mask from the host mask. */ 610 sigprocmask(0, 0, &ts->signal_mask); 611 612 sigfillset(&act.sa_mask); 613 act.sa_flags = SA_SIGINFO; 614 act.sa_sigaction = host_signal_handler; 615 for(i = 1; i <= TARGET_NSIG; i++) { 616#ifdef CONFIG_GPROF 617 if (i == TARGET_SIGPROF) { 618 continue; 619 } 620#endif 621 host_sig = target_to_host_signal(i); 622 sigaction(host_sig, NULL, &oact); 623 if (oact.sa_sigaction == (void *)SIG_IGN) { 624 sigact_table[i - 1]._sa_handler = TARGET_SIG_IGN; 625 } else if (oact.sa_sigaction == (void *)SIG_DFL) { 626 sigact_table[i - 1]._sa_handler = TARGET_SIG_DFL; 627 } 628 /* If there's already a handler installed then something has 629 gone horribly wrong, so don't even try to handle that case. */ 630 /* Install some handlers for our own use. We need at least 631 SIGSEGV and SIGBUS, to detect exceptions. We can not just 632 trap all signals because it affects syscall interrupt 633 behavior. But do trap all default-fatal signals. */ 634 if (fatal_signal (i)) 635 sigaction(host_sig, &act, NULL); 636 } 637} 638 639/* Force a synchronously taken signal. The kernel force_sig() function 640 * also forces the signal to "not blocked, not ignored", but for QEMU 641 * that work is done in process_pending_signals(). 642 */ 643void force_sig(int sig) 644{ 645 CPUState *cpu = thread_cpu; 646 CPUArchState *env = cpu->env_ptr; 647 target_siginfo_t info = {}; 648 649 info.si_signo = sig; 650 info.si_errno = 0; 651 info.si_code = TARGET_SI_KERNEL; 652 info._sifields._kill._pid = 0; 653 info._sifields._kill._uid = 0; 654 queue_signal(env, info.si_signo, QEMU_SI_KILL, &info); 655} 656 657/* 658 * Force a synchronously taken QEMU_SI_FAULT signal. For QEMU the 659 * 'force' part is handled in process_pending_signals(). 660 */ 661void force_sig_fault(int sig, int code, abi_ulong addr) 662{ 663 CPUState *cpu = thread_cpu; 664 CPUArchState *env = cpu->env_ptr; 665 target_siginfo_t info = {}; 666 667 info.si_signo = sig; 668 info.si_errno = 0; 669 info.si_code = code; 670 info._sifields._sigfault._addr = addr; 671 queue_signal(env, sig, QEMU_SI_FAULT, &info); 672} 673 674/* Force a SIGSEGV if we couldn't write to memory trying to set 675 * up the signal frame. oldsig is the signal we were trying to handle 676 * at the point of failure. 677 */ 678#if !defined(TARGET_RISCV) 679void force_sigsegv(int oldsig) 680{ 681 if (oldsig == SIGSEGV) { 682 /* Make sure we don't try to deliver the signal again; this will 683 * end up with handle_pending_signal() calling dump_core_and_abort(). 684 */ 685 sigact_table[oldsig - 1]._sa_handler = TARGET_SIG_DFL; 686 } 687 force_sig(TARGET_SIGSEGV); 688} 689 690#endif 691 692/* abort execution with signal */ 693static void QEMU_NORETURN dump_core_and_abort(int target_sig) 694{ 695 CPUState *cpu = thread_cpu; 696 CPUArchState *env = cpu->env_ptr; 697 TaskState *ts = (TaskState *)cpu->opaque; 698 int host_sig, core_dumped = 0; 699 struct sigaction act; 700 701 host_sig = target_to_host_signal(target_sig); 702 trace_user_force_sig(env, target_sig, host_sig); 703 gdb_signalled(env, target_sig); 704 705 /* dump core if supported by target binary format */ 706 if (core_dump_signal(target_sig) && (ts->bprm->core_dump != NULL)) { 707 stop_all_tasks(); 708 core_dumped = 709 ((*ts->bprm->core_dump)(target_sig, env) == 0); 710 } 711 if (core_dumped) { 712 /* we already dumped the core of target process, we don't want 713 * a coredump of qemu itself */ 714 struct rlimit nodump; 715 getrlimit(RLIMIT_CORE, &nodump); 716 nodump.rlim_cur=0; 717 setrlimit(RLIMIT_CORE, &nodump); 718 (void) fprintf(stderr, "qemu: uncaught target signal %d (%s) - %s\n", 719 target_sig, strsignal(host_sig), "core dumped" ); 720 } 721 722 /* The proper exit code for dying from an uncaught signal is 723 * -<signal>. The kernel doesn't allow exit() or _exit() to pass 724 * a negative value. To get the proper exit code we need to 725 * actually die from an uncaught signal. Here the default signal 726 * handler is installed, we send ourself a signal and we wait for 727 * it to arrive. */ 728 sigfillset(&act.sa_mask); 729 act.sa_handler = SIG_DFL; 730 act.sa_flags = 0; 731 sigaction(host_sig, &act, NULL); 732 733 /* For some reason raise(host_sig) doesn't send the signal when 734 * statically linked on x86-64. */ 735 kill(getpid(), host_sig); 736 737 /* Make sure the signal isn't masked (just reuse the mask inside 738 of act) */ 739 sigdelset(&act.sa_mask, host_sig); 740 sigsuspend(&act.sa_mask); 741 742 /* unreachable */ 743 abort(); 744} 745 746/* queue a signal so that it will be send to the virtual CPU as soon 747 as possible */ 748int queue_signal(CPUArchState *env, int sig, int si_type, 749 target_siginfo_t *info) 750{ 751 CPUState *cpu = env_cpu(env); 752 TaskState *ts = cpu->opaque; 753 754 trace_user_queue_signal(env, sig); 755 756 info->si_code = deposit32(info->si_code, 16, 16, si_type); 757 758 ts->sync_signal.info = *info; 759 ts->sync_signal.pending = sig; 760 /* signal that a new signal is pending */ 761 qatomic_set(&ts->signal_pending, 1); 762 return 1; /* indicates that the signal was queued */ 763} 764 765#ifndef HAVE_SAFE_SYSCALL 766static inline void rewind_if_in_safe_syscall(void *puc) 767{ 768 /* Default version: never rewind */ 769} 770#endif 771 772static void host_signal_handler(int host_signum, siginfo_t *info, 773 void *puc) 774{ 775 CPUArchState *env = thread_cpu->env_ptr; 776 CPUState *cpu = env_cpu(env); 777 TaskState *ts = cpu->opaque; 778 779 int sig; 780 target_siginfo_t tinfo; 781 ucontext_t *uc = puc; 782 struct emulated_sigtable *k; 783 784 /* the CPU emulator uses some host signals to detect exceptions, 785 we forward to it some signals */ 786 if ((host_signum == SIGSEGV || host_signum == SIGBUS) 787 && info->si_code > 0) { 788 if (cpu_signal_handler(host_signum, info, puc)) 789 return; 790 } 791 792 /* get target signal number */ 793 sig = host_to_target_signal(host_signum); 794 if (sig < 1 || sig > TARGET_NSIG) 795 return; 796 trace_user_host_signal(env, host_signum, sig); 797 798 rewind_if_in_safe_syscall(puc); 799 800 host_to_target_siginfo_noswap(&tinfo, info); 801 k = &ts->sigtab[sig - 1]; 802 k->info = tinfo; 803 k->pending = sig; 804 ts->signal_pending = 1; 805 806 /* Block host signals until target signal handler entered. We 807 * can't block SIGSEGV or SIGBUS while we're executing guest 808 * code in case the guest code provokes one in the window between 809 * now and it getting out to the main loop. Signals will be 810 * unblocked again in process_pending_signals(). 811 * 812 * WARNING: we cannot use sigfillset() here because the uc_sigmask 813 * field is a kernel sigset_t, which is much smaller than the 814 * libc sigset_t which sigfillset() operates on. Using sigfillset() 815 * would write 0xff bytes off the end of the structure and trash 816 * data on the struct. 817 * We can't use sizeof(uc->uc_sigmask) either, because the libc 818 * headers define the struct field with the wrong (too large) type. 819 */ 820 memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE); 821 sigdelset(&uc->uc_sigmask, SIGSEGV); 822 sigdelset(&uc->uc_sigmask, SIGBUS); 823 824 /* interrupt the virtual CPU as soon as possible */ 825 cpu_exit(thread_cpu); 826} 827 828/* do_sigaltstack() returns target values and errnos. */ 829/* compare linux/kernel/signal.c:do_sigaltstack() */ 830abi_long do_sigaltstack(abi_ulong uss_addr, abi_ulong uoss_addr, 831 CPUArchState *env) 832{ 833 target_stack_t oss, *uoss = NULL; 834 abi_long ret = -TARGET_EFAULT; 835 836 if (uoss_addr) { 837 /* Verify writability now, but do not alter user memory yet. */ 838 if (!lock_user_struct(VERIFY_WRITE, uoss, uoss_addr, 0)) { 839 goto out; 840 } 841 target_save_altstack(&oss, env); 842 } 843 844 if (uss_addr) { 845 target_stack_t *uss; 846 847 if (!lock_user_struct(VERIFY_READ, uss, uss_addr, 1)) { 848 goto out; 849 } 850 ret = target_restore_altstack(uss, env); 851 if (ret) { 852 goto out; 853 } 854 } 855 856 if (uoss_addr) { 857 memcpy(uoss, &oss, sizeof(oss)); 858 unlock_user_struct(uoss, uoss_addr, 1); 859 uoss = NULL; 860 } 861 ret = 0; 862 863 out: 864 if (uoss) { 865 unlock_user_struct(uoss, uoss_addr, 0); 866 } 867 return ret; 868} 869 870/* do_sigaction() return target values and host errnos */ 871int do_sigaction(int sig, const struct target_sigaction *act, 872 struct target_sigaction *oact, abi_ulong ka_restorer) 873{ 874 struct target_sigaction *k; 875 struct sigaction act1; 876 int host_sig; 877 int ret = 0; 878 879 trace_signal_do_sigaction_guest(sig, TARGET_NSIG); 880 881 if (sig < 1 || sig > TARGET_NSIG) { 882 return -TARGET_EINVAL; 883 } 884 885 if (act && (sig == TARGET_SIGKILL || sig == TARGET_SIGSTOP)) { 886 return -TARGET_EINVAL; 887 } 888 889 if (block_signals()) { 890 return -TARGET_ERESTARTSYS; 891 } 892 893 k = &sigact_table[sig - 1]; 894 if (oact) { 895 __put_user(k->_sa_handler, &oact->_sa_handler); 896 __put_user(k->sa_flags, &oact->sa_flags); 897#ifdef TARGET_ARCH_HAS_SA_RESTORER 898 __put_user(k->sa_restorer, &oact->sa_restorer); 899#endif 900 /* Not swapped. */ 901 oact->sa_mask = k->sa_mask; 902 } 903 if (act) { 904 /* FIXME: This is not threadsafe. */ 905 __get_user(k->_sa_handler, &act->_sa_handler); 906 __get_user(k->sa_flags, &act->sa_flags); 907#ifdef TARGET_ARCH_HAS_SA_RESTORER 908 __get_user(k->sa_restorer, &act->sa_restorer); 909#endif 910#ifdef TARGET_ARCH_HAS_KA_RESTORER 911 k->ka_restorer = ka_restorer; 912#endif 913 /* To be swapped in target_to_host_sigset. */ 914 k->sa_mask = act->sa_mask; 915 916 /* we update the host linux signal state */ 917 host_sig = target_to_host_signal(sig); 918 trace_signal_do_sigaction_host(host_sig, TARGET_NSIG); 919 if (host_sig > SIGRTMAX) { 920 /* we don't have enough host signals to map all target signals */ 921 qemu_log_mask(LOG_UNIMP, "Unsupported target signal #%d, ignored\n", 922 sig); 923 /* 924 * we don't return an error here because some programs try to 925 * register an handler for all possible rt signals even if they 926 * don't need it. 927 * An error here can abort them whereas there can be no problem 928 * to not have the signal available later. 929 * This is the case for golang, 930 * See https://github.com/golang/go/issues/33746 931 * So we silently ignore the error. 932 */ 933 return 0; 934 } 935 if (host_sig != SIGSEGV && host_sig != SIGBUS) { 936 sigfillset(&act1.sa_mask); 937 act1.sa_flags = SA_SIGINFO; 938 if (k->sa_flags & TARGET_SA_RESTART) 939 act1.sa_flags |= SA_RESTART; 940 /* NOTE: it is important to update the host kernel signal 941 ignore state to avoid getting unexpected interrupted 942 syscalls */ 943 if (k->_sa_handler == TARGET_SIG_IGN) { 944 act1.sa_sigaction = (void *)SIG_IGN; 945 } else if (k->_sa_handler == TARGET_SIG_DFL) { 946 if (fatal_signal (sig)) 947 act1.sa_sigaction = host_signal_handler; 948 else 949 act1.sa_sigaction = (void *)SIG_DFL; 950 } else { 951 act1.sa_sigaction = host_signal_handler; 952 } 953 ret = sigaction(host_sig, &act1, NULL); 954 } 955 } 956 return ret; 957} 958 959static void handle_pending_signal(CPUArchState *cpu_env, int sig, 960 struct emulated_sigtable *k) 961{ 962 CPUState *cpu = env_cpu(cpu_env); 963 abi_ulong handler; 964 sigset_t set; 965 target_sigset_t target_old_set; 966 struct target_sigaction *sa; 967 TaskState *ts = cpu->opaque; 968 969 trace_user_handle_signal(cpu_env, sig); 970 /* dequeue signal */ 971 k->pending = 0; 972 973 sig = gdb_handlesig(cpu, sig); 974 if (!sig) { 975 sa = NULL; 976 handler = TARGET_SIG_IGN; 977 } else { 978 sa = &sigact_table[sig - 1]; 979 handler = sa->_sa_handler; 980 } 981 982 if (unlikely(qemu_loglevel_mask(LOG_STRACE))) { 983 print_taken_signal(sig, &k->info); 984 } 985 986 if (handler == TARGET_SIG_DFL) { 987 /* default handler : ignore some signal. The other are job control or fatal */ 988 if (sig == TARGET_SIGTSTP || sig == TARGET_SIGTTIN || sig == TARGET_SIGTTOU) { 989 kill(getpid(),SIGSTOP); 990 } else if (sig != TARGET_SIGCHLD && 991 sig != TARGET_SIGURG && 992 sig != TARGET_SIGWINCH && 993 sig != TARGET_SIGCONT) { 994 dump_core_and_abort(sig); 995 } 996 } else if (handler == TARGET_SIG_IGN) { 997 /* ignore sig */ 998 } else if (handler == TARGET_SIG_ERR) { 999 dump_core_and_abort(sig); 1000 } else { 1001 /* compute the blocked signals during the handler execution */ 1002 sigset_t *blocked_set; 1003 1004 target_to_host_sigset(&set, &sa->sa_mask); 1005 /* SA_NODEFER indicates that the current signal should not be 1006 blocked during the handler */ 1007 if (!(sa->sa_flags & TARGET_SA_NODEFER)) 1008 sigaddset(&set, target_to_host_signal(sig)); 1009 1010 /* save the previous blocked signal state to restore it at the 1011 end of the signal execution (see do_sigreturn) */ 1012 host_to_target_sigset_internal(&target_old_set, &ts->signal_mask); 1013 1014 /* block signals in the handler */ 1015 blocked_set = ts->in_sigsuspend ? 1016 &ts->sigsuspend_mask : &ts->signal_mask; 1017 sigorset(&ts->signal_mask, blocked_set, &set); 1018 ts->in_sigsuspend = 0; 1019 1020 /* if the CPU is in VM86 mode, we restore the 32 bit values */ 1021#if defined(TARGET_I386) && !defined(TARGET_X86_64) 1022 { 1023 CPUX86State *env = cpu_env; 1024 if (env->eflags & VM_MASK) 1025 save_v86_state(env); 1026 } 1027#endif 1028 /* prepare the stack frame of the virtual CPU */ 1029#if defined(TARGET_ARCH_HAS_SETUP_FRAME) 1030 if (sa->sa_flags & TARGET_SA_SIGINFO) { 1031 setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env); 1032 } else { 1033 setup_frame(sig, sa, &target_old_set, cpu_env); 1034 } 1035#else 1036 /* These targets do not have traditional signals. */ 1037 setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env); 1038#endif 1039 if (sa->sa_flags & TARGET_SA_RESETHAND) { 1040 sa->_sa_handler = TARGET_SIG_DFL; 1041 } 1042 } 1043} 1044 1045void process_pending_signals(CPUArchState *cpu_env) 1046{ 1047 CPUState *cpu = env_cpu(cpu_env); 1048 int sig; 1049 TaskState *ts = cpu->opaque; 1050 sigset_t set; 1051 sigset_t *blocked_set; 1052 1053 while (qatomic_read(&ts->signal_pending)) { 1054 /* FIXME: This is not threadsafe. */ 1055 sigfillset(&set); 1056 sigprocmask(SIG_SETMASK, &set, 0); 1057 1058 restart_scan: 1059 sig = ts->sync_signal.pending; 1060 if (sig) { 1061 /* Synchronous signals are forced, 1062 * see force_sig_info() and callers in Linux 1063 * Note that not all of our queue_signal() calls in QEMU correspond 1064 * to force_sig_info() calls in Linux (some are send_sig_info()). 1065 * However it seems like a kernel bug to me to allow the process 1066 * to block a synchronous signal since it could then just end up 1067 * looping round and round indefinitely. 1068 */ 1069 if (sigismember(&ts->signal_mask, target_to_host_signal_table[sig]) 1070 || sigact_table[sig - 1]._sa_handler == TARGET_SIG_IGN) { 1071 sigdelset(&ts->signal_mask, target_to_host_signal_table[sig]); 1072 sigact_table[sig - 1]._sa_handler = TARGET_SIG_DFL; 1073 } 1074 1075 handle_pending_signal(cpu_env, sig, &ts->sync_signal); 1076 } 1077 1078 for (sig = 1; sig <= TARGET_NSIG; sig++) { 1079 blocked_set = ts->in_sigsuspend ? 1080 &ts->sigsuspend_mask : &ts->signal_mask; 1081 1082 if (ts->sigtab[sig - 1].pending && 1083 (!sigismember(blocked_set, 1084 target_to_host_signal_table[sig]))) { 1085 handle_pending_signal(cpu_env, sig, &ts->sigtab[sig - 1]); 1086 /* Restart scan from the beginning, as handle_pending_signal 1087 * might have resulted in a new synchronous signal (eg SIGSEGV). 1088 */ 1089 goto restart_scan; 1090 } 1091 } 1092 1093 /* if no signal is pending, unblock signals and recheck (the act 1094 * of unblocking might cause us to take another host signal which 1095 * will set signal_pending again). 1096 */ 1097 qatomic_set(&ts->signal_pending, 0); 1098 ts->in_sigsuspend = 0; 1099 set = ts->signal_mask; 1100 sigdelset(&set, SIGSEGV); 1101 sigdelset(&set, SIGBUS); 1102 sigprocmask(SIG_SETMASK, &set, 0); 1103 } 1104 ts->in_sigsuspend = 0; 1105}