signal: don't silently convert SI_USER signals to non-current pidfd
authorJann Horn <jannh@google.com>
Sat, 30 Mar 2019 02:12:32 +0000 (03:12 +0100)
committerChristian Brauner <christian@brauner.io>
Mon, 1 Apr 2019 21:03:18 +0000 (23:03 +0200)
commit556a888a14afe27164191955618990fb3ccc9aad
treef9071112a0fe3618bdb437b5b0fa18c6c066719f
parent79a3aaa7b82e3106be97842dedfd8429248896e6
signal: don't silently convert SI_USER signals to non-current pidfd

The current sys_pidfd_send_signal() silently turns signals with explicit
SI_USER context that are sent to non-current tasks into signals with
kernel-generated siginfo.
This is unlike do_rt_sigqueueinfo(), which returns -EPERM in this case.
If a user actually wants to send a signal with kernel-provided siginfo,
they can do that with pidfd_send_signal(pidfd, sig, NULL, 0); so allowing
this case is unnecessary.

Instead of silently replacing the siginfo, just bail out with an error;
this is consistent with other interfaces and avoids special-casing behavior
based on security checks.

Fixes: 3eb39f47934f ("signal: add pidfd_send_signal() syscall")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Christian Brauner <christian@brauner.io>
kernel/signal.c