xref: /openbmc/qemu/linux-user/signal.c (revision 74781c08)
1 /*
2  *  Emulation of Linux signals
3  *
4  *  Copyright (c) 2003 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 #include "qemu/osdep.h"
20 #include "qemu/bitops.h"
21 #include "gdbstub/user.h"
22 #include "exec/page-protection.h"
23 #include "hw/core/tcg-cpu-ops.h"
24 
25 #include <sys/ucontext.h>
26 #include <sys/resource.h>
27 
28 #include "qemu.h"
29 #include "user-internals.h"
30 #include "strace.h"
31 #include "loader.h"
32 #include "trace.h"
33 #include "signal-common.h"
34 #include "host-signal.h"
35 #include "user/safe-syscall.h"
36 #include "tcg/tcg.h"
37 
38 /* target_siginfo_t must fit in gdbstub's siginfo save area. */
39 QEMU_BUILD_BUG_ON(sizeof(target_siginfo_t) > MAX_SIGINFO_LENGTH);
40 
41 static struct target_sigaction sigact_table[TARGET_NSIG];
42 
43 static void host_signal_handler(int host_signum, siginfo_t *info,
44                                 void *puc);
45 
46 /* Fallback addresses into sigtramp page. */
47 abi_ulong default_sigreturn;
48 abi_ulong default_rt_sigreturn;
49 
50 /*
51  * System includes define _NSIG as SIGRTMAX + 1, but qemu (like the kernel)
52  * defines TARGET_NSIG as TARGET_SIGRTMAX and the first signal is 1.
53  * Signal number 0 is reserved for use as kill(pid, 0), to test whether
54  * a process exists without sending it a signal.
55  */
56 #ifdef __SIGRTMAX
57 QEMU_BUILD_BUG_ON(__SIGRTMAX + 1 != _NSIG);
58 #endif
59 static uint8_t host_to_target_signal_table[_NSIG] = {
60 #define MAKE_SIG_ENTRY(sig)     [sig] = TARGET_##sig,
61         MAKE_SIGNAL_LIST
62 #undef MAKE_SIG_ENTRY
63 };
64 
65 static uint8_t target_to_host_signal_table[TARGET_NSIG + 1];
66 
67 /* valid sig is between 1 and _NSIG - 1 */
host_to_target_signal(int sig)68 int host_to_target_signal(int sig)
69 {
70     if (sig < 1) {
71         return sig;
72     }
73     if (sig >= _NSIG) {
74         return TARGET_NSIG + 1;
75     }
76     return host_to_target_signal_table[sig];
77 }
78 
79 /* valid sig is between 1 and TARGET_NSIG */
target_to_host_signal(int sig)80 int target_to_host_signal(int sig)
81 {
82     if (sig < 1) {
83         return sig;
84     }
85     if (sig > TARGET_NSIG) {
86         return _NSIG;
87     }
88     return target_to_host_signal_table[sig];
89 }
90 
target_sigaddset(target_sigset_t * set,int signum)91 static inline void target_sigaddset(target_sigset_t *set, int signum)
92 {
93     signum--;
94     abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW);
95     set->sig[signum / TARGET_NSIG_BPW] |= mask;
96 }
97 
target_sigismember(const target_sigset_t * set,int signum)98 static inline int target_sigismember(const target_sigset_t *set, int signum)
99 {
100     signum--;
101     abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW);
102     return ((set->sig[signum / TARGET_NSIG_BPW] & mask) != 0);
103 }
104 
host_to_target_sigset_internal(target_sigset_t * d,const sigset_t * s)105 void host_to_target_sigset_internal(target_sigset_t *d,
106                                     const sigset_t *s)
107 {
108     int host_sig, target_sig;
109     target_sigemptyset(d);
110     for (host_sig = 1; host_sig < _NSIG; host_sig++) {
111         target_sig = host_to_target_signal(host_sig);
112         if (target_sig < 1 || target_sig > TARGET_NSIG) {
113             continue;
114         }
115         if (sigismember(s, host_sig)) {
116             target_sigaddset(d, target_sig);
117         }
118     }
119 }
120 
host_to_target_sigset(target_sigset_t * d,const sigset_t * s)121 void host_to_target_sigset(target_sigset_t *d, const sigset_t *s)
122 {
123     target_sigset_t d1;
124     int i;
125 
126     host_to_target_sigset_internal(&d1, s);
127     for(i = 0;i < TARGET_NSIG_WORDS; i++)
128         d->sig[i] = tswapal(d1.sig[i]);
129 }
130 
target_to_host_sigset_internal(sigset_t * d,const target_sigset_t * s)131 void target_to_host_sigset_internal(sigset_t *d,
132                                     const target_sigset_t *s)
133 {
134     int host_sig, target_sig;
135     sigemptyset(d);
136     for (target_sig = 1; target_sig <= TARGET_NSIG; target_sig++) {
137         host_sig = target_to_host_signal(target_sig);
138         if (host_sig < 1 || host_sig >= _NSIG) {
139             continue;
140         }
141         if (target_sigismember(s, target_sig)) {
142             sigaddset(d, host_sig);
143         }
144     }
145 }
146 
target_to_host_sigset(sigset_t * d,const target_sigset_t * s)147 void target_to_host_sigset(sigset_t *d, const target_sigset_t *s)
148 {
149     target_sigset_t s1;
150     int i;
151 
152     for(i = 0;i < TARGET_NSIG_WORDS; i++)
153         s1.sig[i] = tswapal(s->sig[i]);
154     target_to_host_sigset_internal(d, &s1);
155 }
156 
host_to_target_old_sigset(abi_ulong * old_sigset,const sigset_t * sigset)157 void host_to_target_old_sigset(abi_ulong *old_sigset,
158                                const sigset_t *sigset)
159 {
160     target_sigset_t d;
161     host_to_target_sigset(&d, sigset);
162     *old_sigset = d.sig[0];
163 }
164 
target_to_host_old_sigset(sigset_t * sigset,const abi_ulong * old_sigset)165 void target_to_host_old_sigset(sigset_t *sigset,
166                                const abi_ulong *old_sigset)
167 {
168     target_sigset_t d;
169     int i;
170 
171     d.sig[0] = *old_sigset;
172     for(i = 1;i < TARGET_NSIG_WORDS; i++)
173         d.sig[i] = 0;
174     target_to_host_sigset(sigset, &d);
175 }
176 
block_signals(void)177 int block_signals(void)
178 {
179     TaskState *ts = get_task_state(thread_cpu);
180     sigset_t set;
181 
182     /* It's OK to block everything including SIGSEGV, because we won't
183      * run any further guest code before unblocking signals in
184      * process_pending_signals().
185      */
186     sigfillset(&set);
187     sigprocmask(SIG_SETMASK, &set, 0);
188 
189     return qatomic_xchg(&ts->signal_pending, 1);
190 }
191 
192 /* Wrapper for sigprocmask function
193  * Emulates a sigprocmask in a safe way for the guest. Note that set and oldset
194  * are host signal set, not guest ones. Returns -QEMU_ERESTARTSYS if
195  * a signal was already pending and the syscall must be restarted, or
196  * 0 on success.
197  * If set is NULL, this is guaranteed not to fail.
198  */
do_sigprocmask(int how,const sigset_t * set,sigset_t * oldset)199 int do_sigprocmask(int how, const sigset_t *set, sigset_t *oldset)
200 {
201     TaskState *ts = get_task_state(thread_cpu);
202 
203     if (oldset) {
204         *oldset = ts->signal_mask;
205     }
206 
207     if (set) {
208         int i;
209 
210         if (block_signals()) {
211             return -QEMU_ERESTARTSYS;
212         }
213 
214         switch (how) {
215         case SIG_BLOCK:
216             sigorset(&ts->signal_mask, &ts->signal_mask, set);
217             break;
218         case SIG_UNBLOCK:
219             for (i = 1; i <= NSIG; ++i) {
220                 if (sigismember(set, i)) {
221                     sigdelset(&ts->signal_mask, i);
222                 }
223             }
224             break;
225         case SIG_SETMASK:
226             ts->signal_mask = *set;
227             break;
228         default:
229             g_assert_not_reached();
230         }
231 
232         /* Silently ignore attempts to change blocking status of KILL or STOP */
233         sigdelset(&ts->signal_mask, SIGKILL);
234         sigdelset(&ts->signal_mask, SIGSTOP);
235     }
236     return 0;
237 }
238 
239 /* Just set the guest's signal mask to the specified value; the
240  * caller is assumed to have called block_signals() already.
241  */
set_sigmask(const sigset_t * set)242 void set_sigmask(const sigset_t *set)
243 {
244     TaskState *ts = get_task_state(thread_cpu);
245 
246     ts->signal_mask = *set;
247 }
248 
249 /* sigaltstack management */
250 
on_sig_stack(unsigned long sp)251 int on_sig_stack(unsigned long sp)
252 {
253     TaskState *ts = get_task_state(thread_cpu);
254 
255     return (sp - ts->sigaltstack_used.ss_sp
256             < ts->sigaltstack_used.ss_size);
257 }
258 
sas_ss_flags(unsigned long sp)259 int sas_ss_flags(unsigned long sp)
260 {
261     TaskState *ts = get_task_state(thread_cpu);
262 
263     return (ts->sigaltstack_used.ss_size == 0 ? SS_DISABLE
264             : on_sig_stack(sp) ? SS_ONSTACK : 0);
265 }
266 
target_sigsp(abi_ulong sp,struct target_sigaction * ka)267 abi_ulong target_sigsp(abi_ulong sp, struct target_sigaction *ka)
268 {
269     /*
270      * This is the X/Open sanctioned signal stack switching.
271      */
272     TaskState *ts = get_task_state(thread_cpu);
273 
274     if ((ka->sa_flags & TARGET_SA_ONSTACK) && !sas_ss_flags(sp)) {
275         return ts->sigaltstack_used.ss_sp + ts->sigaltstack_used.ss_size;
276     }
277     return sp;
278 }
279 
target_save_altstack(target_stack_t * uss,CPUArchState * env)280 void target_save_altstack(target_stack_t *uss, CPUArchState *env)
281 {
282     TaskState *ts = get_task_state(thread_cpu);
283 
284     __put_user(ts->sigaltstack_used.ss_sp, &uss->ss_sp);
285     __put_user(sas_ss_flags(get_sp_from_cpustate(env)), &uss->ss_flags);
286     __put_user(ts->sigaltstack_used.ss_size, &uss->ss_size);
287 }
288 
target_restore_altstack(target_stack_t * uss,CPUArchState * env)289 abi_long target_restore_altstack(target_stack_t *uss, CPUArchState *env)
290 {
291     TaskState *ts = get_task_state(thread_cpu);
292     size_t minstacksize = TARGET_MINSIGSTKSZ;
293     target_stack_t ss;
294 
295 #if defined(TARGET_PPC64)
296     /* ELF V2 for PPC64 has a 4K minimum stack size for signal handlers */
297     struct image_info *image = ts->info;
298     if (get_ppc64_abi(image) > 1) {
299         minstacksize = 4096;
300     }
301 #endif
302 
303     __get_user(ss.ss_sp, &uss->ss_sp);
304     __get_user(ss.ss_size, &uss->ss_size);
305     __get_user(ss.ss_flags, &uss->ss_flags);
306 
307     if (on_sig_stack(get_sp_from_cpustate(env))) {
308         return -TARGET_EPERM;
309     }
310 
311     switch (ss.ss_flags) {
312     default:
313         return -TARGET_EINVAL;
314 
315     case TARGET_SS_DISABLE:
316         ss.ss_size = 0;
317         ss.ss_sp = 0;
318         break;
319 
320     case TARGET_SS_ONSTACK:
321     case 0:
322         if (ss.ss_size < minstacksize) {
323             return -TARGET_ENOMEM;
324         }
325         break;
326     }
327 
328     ts->sigaltstack_used.ss_sp = ss.ss_sp;
329     ts->sigaltstack_used.ss_size = ss.ss_size;
330     return 0;
331 }
332 
333 /* siginfo conversion */
334 
host_to_target_siginfo_noswap(target_siginfo_t * tinfo,const siginfo_t * info)335 static inline void host_to_target_siginfo_noswap(target_siginfo_t *tinfo,
336                                                  const siginfo_t *info)
337 {
338     int sig = host_to_target_signal(info->si_signo);
339     int si_code = info->si_code;
340     int si_type;
341     tinfo->si_signo = sig;
342     tinfo->si_errno = 0;
343     tinfo->si_code = info->si_code;
344 
345     /* This memset serves two purposes:
346      * (1) ensure we don't leak random junk to the guest later
347      * (2) placate false positives from gcc about fields
348      *     being used uninitialized if it chooses to inline both this
349      *     function and tswap_siginfo() into host_to_target_siginfo().
350      */
351     memset(tinfo->_sifields._pad, 0, sizeof(tinfo->_sifields._pad));
352 
353     /* This is awkward, because we have to use a combination of
354      * the si_code and si_signo to figure out which of the union's
355      * members are valid. (Within the host kernel it is always possible
356      * to tell, but the kernel carefully avoids giving userspace the
357      * high 16 bits of si_code, so we don't have the information to
358      * do this the easy way...) We therefore make our best guess,
359      * bearing in mind that a guest can spoof most of the si_codes
360      * via rt_sigqueueinfo() if it likes.
361      *
362      * Once we have made our guess, we record it in the top 16 bits of
363      * the si_code, so that tswap_siginfo() later can use it.
364      * tswap_siginfo() will strip these top bits out before writing
365      * si_code to the guest (sign-extending the lower bits).
366      */
367 
368     switch (si_code) {
369     case SI_USER:
370     case SI_TKILL:
371     case SI_KERNEL:
372         /* Sent via kill(), tkill() or tgkill(), or direct from the kernel.
373          * These are the only unspoofable si_code values.
374          */
375         tinfo->_sifields._kill._pid = info->si_pid;
376         tinfo->_sifields._kill._uid = info->si_uid;
377         si_type = QEMU_SI_KILL;
378         break;
379     default:
380         /* Everything else is spoofable. Make best guess based on signal */
381         switch (sig) {
382         case TARGET_SIGCHLD:
383             tinfo->_sifields._sigchld._pid = info->si_pid;
384             tinfo->_sifields._sigchld._uid = info->si_uid;
385             if (si_code == CLD_EXITED)
386                 tinfo->_sifields._sigchld._status = info->si_status;
387             else
388                 tinfo->_sifields._sigchld._status
389                     = host_to_target_signal(info->si_status & 0x7f)
390                         | (info->si_status & ~0x7f);
391             tinfo->_sifields._sigchld._utime = info->si_utime;
392             tinfo->_sifields._sigchld._stime = info->si_stime;
393             si_type = QEMU_SI_CHLD;
394             break;
395         case TARGET_SIGIO:
396             tinfo->_sifields._sigpoll._band = info->si_band;
397             tinfo->_sifields._sigpoll._fd = info->si_fd;
398             si_type = QEMU_SI_POLL;
399             break;
400         default:
401             /* Assume a sigqueue()/mq_notify()/rt_sigqueueinfo() source. */
402             tinfo->_sifields._rt._pid = info->si_pid;
403             tinfo->_sifields._rt._uid = info->si_uid;
404             /* XXX: potential problem if 64 bit */
405             tinfo->_sifields._rt._sigval.sival_ptr
406                 = (abi_ulong)(unsigned long)info->si_value.sival_ptr;
407             si_type = QEMU_SI_RT;
408             break;
409         }
410         break;
411     }
412 
413     tinfo->si_code = deposit32(si_code, 16, 16, si_type);
414 }
415 
tswap_siginfo(target_siginfo_t * tinfo,const target_siginfo_t * info)416 static void tswap_siginfo(target_siginfo_t *tinfo,
417                           const target_siginfo_t *info)
418 {
419     int si_type = extract32(info->si_code, 16, 16);
420     int si_code = sextract32(info->si_code, 0, 16);
421 
422     __put_user(info->si_signo, &tinfo->si_signo);
423     __put_user(info->si_errno, &tinfo->si_errno);
424     __put_user(si_code, &tinfo->si_code);
425 
426     /* We can use our internal marker of which fields in the structure
427      * are valid, rather than duplicating the guesswork of
428      * host_to_target_siginfo_noswap() here.
429      */
430     switch (si_type) {
431     case QEMU_SI_KILL:
432         __put_user(info->_sifields._kill._pid, &tinfo->_sifields._kill._pid);
433         __put_user(info->_sifields._kill._uid, &tinfo->_sifields._kill._uid);
434         break;
435     case QEMU_SI_TIMER:
436         __put_user(info->_sifields._timer._timer1,
437                    &tinfo->_sifields._timer._timer1);
438         __put_user(info->_sifields._timer._timer2,
439                    &tinfo->_sifields._timer._timer2);
440         break;
441     case QEMU_SI_POLL:
442         __put_user(info->_sifields._sigpoll._band,
443                    &tinfo->_sifields._sigpoll._band);
444         __put_user(info->_sifields._sigpoll._fd,
445                    &tinfo->_sifields._sigpoll._fd);
446         break;
447     case QEMU_SI_FAULT:
448         __put_user(info->_sifields._sigfault._addr,
449                    &tinfo->_sifields._sigfault._addr);
450         break;
451     case QEMU_SI_CHLD:
452         __put_user(info->_sifields._sigchld._pid,
453                    &tinfo->_sifields._sigchld._pid);
454         __put_user(info->_sifields._sigchld._uid,
455                    &tinfo->_sifields._sigchld._uid);
456         __put_user(info->_sifields._sigchld._status,
457                    &tinfo->_sifields._sigchld._status);
458         __put_user(info->_sifields._sigchld._utime,
459                    &tinfo->_sifields._sigchld._utime);
460         __put_user(info->_sifields._sigchld._stime,
461                    &tinfo->_sifields._sigchld._stime);
462         break;
463     case QEMU_SI_RT:
464         __put_user(info->_sifields._rt._pid, &tinfo->_sifields._rt._pid);
465         __put_user(info->_sifields._rt._uid, &tinfo->_sifields._rt._uid);
466         __put_user(info->_sifields._rt._sigval.sival_ptr,
467                    &tinfo->_sifields._rt._sigval.sival_ptr);
468         break;
469     default:
470         g_assert_not_reached();
471     }
472 }
473 
host_to_target_siginfo(target_siginfo_t * tinfo,const siginfo_t * info)474 void host_to_target_siginfo(target_siginfo_t *tinfo, const siginfo_t *info)
475 {
476     target_siginfo_t tgt_tmp;
477     host_to_target_siginfo_noswap(&tgt_tmp, info);
478     tswap_siginfo(tinfo, &tgt_tmp);
479 }
480 
481 /* XXX: we support only POSIX RT signals are used. */
482 /* XXX: find a solution for 64 bit (additional malloced data is needed) */
target_to_host_siginfo(siginfo_t * info,const target_siginfo_t * tinfo)483 void target_to_host_siginfo(siginfo_t *info, const target_siginfo_t *tinfo)
484 {
485     /* This conversion is used only for the rt_sigqueueinfo syscall,
486      * and so we know that the _rt fields are the valid ones.
487      */
488     abi_ulong sival_ptr;
489 
490     __get_user(info->si_signo, &tinfo->si_signo);
491     __get_user(info->si_errno, &tinfo->si_errno);
492     __get_user(info->si_code, &tinfo->si_code);
493     __get_user(info->si_pid, &tinfo->_sifields._rt._pid);
494     __get_user(info->si_uid, &tinfo->_sifields._rt._uid);
495     __get_user(sival_ptr, &tinfo->_sifields._rt._sigval.sival_ptr);
496     info->si_value.sival_ptr = (void *)(long)sival_ptr;
497 }
498 
499 /* returns 1 if given signal should dump core if not handled */
core_dump_signal(int sig)500 static int core_dump_signal(int sig)
501 {
502     switch (sig) {
503     case TARGET_SIGABRT:
504     case TARGET_SIGFPE:
505     case TARGET_SIGILL:
506     case TARGET_SIGQUIT:
507     case TARGET_SIGSEGV:
508     case TARGET_SIGTRAP:
509     case TARGET_SIGBUS:
510         return (1);
511     default:
512         return (0);
513     }
514 }
515 
signal_table_init(void)516 static void signal_table_init(void)
517 {
518     int hsig, tsig, count;
519 
520     /*
521      * Signals are supported starting from TARGET_SIGRTMIN and going up
522      * until we run out of host realtime signals.  Glibc uses the lower 2
523      * RT signals and (hopefully) nobody uses the upper ones.
524      * This is why SIGRTMIN (34) is generally greater than __SIGRTMIN (32).
525      * To fix this properly we would need to do manual signal delivery
526      * multiplexed over a single host signal.
527      * Attempts for configure "missing" signals via sigaction will be
528      * silently ignored.
529      *
530      * Remap the target SIGABRT, so that we can distinguish host abort
531      * from guest abort.  When the guest registers a signal handler or
532      * calls raise(SIGABRT), the host will raise SIG_RTn.  If the guest
533      * arrives at dump_core_and_abort(), we will map back to host SIGABRT
534      * so that the parent (native or emulated) sees the correct signal.
535      * Finally, also map host to guest SIGABRT so that the emulated
536      * parent sees the correct mapping from wait status.
537      */
538 
539     hsig = SIGRTMIN;
540     host_to_target_signal_table[SIGABRT] = 0;
541     host_to_target_signal_table[hsig++] = TARGET_SIGABRT;
542 
543     for (tsig = TARGET_SIGRTMIN;
544          hsig <= SIGRTMAX && tsig <= TARGET_NSIG;
545          hsig++, tsig++) {
546         host_to_target_signal_table[hsig] = tsig;
547     }
548 
549     /* Invert the mapping that has already been assigned. */
550     for (hsig = 1; hsig < _NSIG; hsig++) {
551         tsig = host_to_target_signal_table[hsig];
552         if (tsig) {
553             assert(target_to_host_signal_table[tsig] == 0);
554             target_to_host_signal_table[tsig] = hsig;
555         }
556     }
557 
558     host_to_target_signal_table[SIGABRT] = TARGET_SIGABRT;
559 
560     /* Map everything else out-of-bounds. */
561     for (hsig = 1; hsig < _NSIG; hsig++) {
562         if (host_to_target_signal_table[hsig] == 0) {
563             host_to_target_signal_table[hsig] = TARGET_NSIG + 1;
564         }
565     }
566     for (count = 0, tsig = 1; tsig <= TARGET_NSIG; tsig++) {
567         if (target_to_host_signal_table[tsig] == 0) {
568             target_to_host_signal_table[tsig] = _NSIG;
569             count++;
570         }
571     }
572 
573     trace_signal_table_init(count);
574 }
575 
signal_init(void)576 void signal_init(void)
577 {
578     TaskState *ts = get_task_state(thread_cpu);
579     struct sigaction act, oact;
580 
581     /* initialize signal conversion tables */
582     signal_table_init();
583 
584     /* Set the signal mask from the host mask. */
585     sigprocmask(0, 0, &ts->signal_mask);
586 
587     sigfillset(&act.sa_mask);
588     act.sa_flags = SA_SIGINFO;
589     act.sa_sigaction = host_signal_handler;
590 
591     /*
592      * A parent process may configure ignored signals, but all other
593      * signals are default.  For any target signals that have no host
594      * mapping, set to ignore.  For all core_dump_signal, install our
595      * host signal handler so that we may invoke dump_core_and_abort.
596      * This includes SIGSEGV and SIGBUS, which are also need our signal
597      * handler for paging and exceptions.
598      */
599     for (int tsig = 1; tsig <= TARGET_NSIG; tsig++) {
600         int hsig = target_to_host_signal(tsig);
601         abi_ptr thand = TARGET_SIG_IGN;
602 
603         if (hsig >= _NSIG) {
604             continue;
605         }
606 
607         /* As we force remap SIGABRT, cannot probe and install in one step. */
608         if (tsig == TARGET_SIGABRT) {
609             sigaction(SIGABRT, NULL, &oact);
610             sigaction(hsig, &act, NULL);
611         } else {
612             struct sigaction *iact = core_dump_signal(tsig) ? &act : NULL;
613             sigaction(hsig, iact, &oact);
614         }
615 
616         if (oact.sa_sigaction != (void *)SIG_IGN) {
617             thand = TARGET_SIG_DFL;
618         }
619         sigact_table[tsig - 1]._sa_handler = thand;
620     }
621 }
622 
623 /* Force a synchronously taken signal. The kernel force_sig() function
624  * also forces the signal to "not blocked, not ignored", but for QEMU
625  * that work is done in process_pending_signals().
626  */
force_sig(int sig)627 void force_sig(int sig)
628 {
629     CPUState *cpu = thread_cpu;
630     target_siginfo_t info = {};
631 
632     info.si_signo = sig;
633     info.si_errno = 0;
634     info.si_code = TARGET_SI_KERNEL;
635     info._sifields._kill._pid = 0;
636     info._sifields._kill._uid = 0;
637     queue_signal(cpu_env(cpu), info.si_signo, QEMU_SI_KILL, &info);
638 }
639 
640 /*
641  * Force a synchronously taken QEMU_SI_FAULT signal. For QEMU the
642  * 'force' part is handled in process_pending_signals().
643  */
force_sig_fault(int sig,int code,abi_ulong addr)644 void force_sig_fault(int sig, int code, abi_ulong addr)
645 {
646     CPUState *cpu = thread_cpu;
647     target_siginfo_t info = {};
648 
649     info.si_signo = sig;
650     info.si_errno = 0;
651     info.si_code = code;
652     info._sifields._sigfault._addr = addr;
653     queue_signal(cpu_env(cpu), sig, QEMU_SI_FAULT, &info);
654 }
655 
656 /* Force a SIGSEGV if we couldn't write to memory trying to set
657  * up the signal frame. oldsig is the signal we were trying to handle
658  * at the point of failure.
659  */
660 #if !defined(TARGET_RISCV)
force_sigsegv(int oldsig)661 void force_sigsegv(int oldsig)
662 {
663     if (oldsig == SIGSEGV) {
664         /* Make sure we don't try to deliver the signal again; this will
665          * end up with handle_pending_signal() calling dump_core_and_abort().
666          */
667         sigact_table[oldsig - 1]._sa_handler = TARGET_SIG_DFL;
668     }
669     force_sig(TARGET_SIGSEGV);
670 }
671 #endif
672 
cpu_loop_exit_sigsegv(CPUState * cpu,target_ulong addr,MMUAccessType access_type,bool maperr,uintptr_t ra)673 void cpu_loop_exit_sigsegv(CPUState *cpu, target_ulong addr,
674                            MMUAccessType access_type, bool maperr, uintptr_t ra)
675 {
676     const TCGCPUOps *tcg_ops = CPU_GET_CLASS(cpu)->tcg_ops;
677 
678     if (tcg_ops->record_sigsegv) {
679         tcg_ops->record_sigsegv(cpu, addr, access_type, maperr, ra);
680     }
681 
682     force_sig_fault(TARGET_SIGSEGV,
683                     maperr ? TARGET_SEGV_MAPERR : TARGET_SEGV_ACCERR,
684                     addr);
685     cpu->exception_index = EXCP_INTERRUPT;
686     cpu_loop_exit_restore(cpu, ra);
687 }
688 
cpu_loop_exit_sigbus(CPUState * cpu,target_ulong addr,MMUAccessType access_type,uintptr_t ra)689 void cpu_loop_exit_sigbus(CPUState *cpu, target_ulong addr,
690                           MMUAccessType access_type, uintptr_t ra)
691 {
692     const TCGCPUOps *tcg_ops = CPU_GET_CLASS(cpu)->tcg_ops;
693 
694     if (tcg_ops->record_sigbus) {
695         tcg_ops->record_sigbus(cpu, addr, access_type, ra);
696     }
697 
698     force_sig_fault(TARGET_SIGBUS, TARGET_BUS_ADRALN, addr);
699     cpu->exception_index = EXCP_INTERRUPT;
700     cpu_loop_exit_restore(cpu, ra);
701 }
702 
703 /* abort execution with signal */
704 static G_NORETURN
die_with_signal(int host_sig)705 void die_with_signal(int host_sig)
706 {
707     struct sigaction act = {
708         .sa_handler = SIG_DFL,
709     };
710 
711     /*
712      * The proper exit code for dying from an uncaught signal is -<signal>.
713      * The kernel doesn't allow exit() or _exit() to pass a negative value.
714      * To get the proper exit code we need to actually die from an uncaught
715      * signal.  Here the default signal handler is installed, we send
716      * the signal and we wait for it to arrive.
717      */
718     sigfillset(&act.sa_mask);
719     sigaction(host_sig, &act, NULL);
720 
721     kill(getpid(), host_sig);
722 
723     /* Make sure the signal isn't masked (reusing the mask inside of act). */
724     sigdelset(&act.sa_mask, host_sig);
725     sigsuspend(&act.sa_mask);
726 
727     /* unreachable */
728     _exit(EXIT_FAILURE);
729 }
730 
731 static G_NORETURN
dump_core_and_abort(CPUArchState * env,int target_sig)732 void dump_core_and_abort(CPUArchState *env, int target_sig)
733 {
734     CPUState *cpu = env_cpu(env);
735     TaskState *ts = get_task_state(cpu);
736     int host_sig, core_dumped = 0;
737 
738     /* On exit, undo the remapping of SIGABRT. */
739     if (target_sig == TARGET_SIGABRT) {
740         host_sig = SIGABRT;
741     } else {
742         host_sig = target_to_host_signal(target_sig);
743     }
744     trace_user_dump_core_and_abort(env, target_sig, host_sig);
745     gdb_signalled(env, target_sig);
746 
747     /* dump core if supported by target binary format */
748     if (core_dump_signal(target_sig) && (ts->bprm->core_dump != NULL)) {
749         stop_all_tasks();
750         core_dumped =
751             ((*ts->bprm->core_dump)(target_sig, env) == 0);
752     }
753     if (core_dumped) {
754         /* we already dumped the core of target process, we don't want
755          * a coredump of qemu itself */
756         struct rlimit nodump;
757         getrlimit(RLIMIT_CORE, &nodump);
758         nodump.rlim_cur=0;
759         setrlimit(RLIMIT_CORE, &nodump);
760         (void) fprintf(stderr, "qemu: uncaught target signal %d (%s) - %s\n",
761             target_sig, strsignal(host_sig), "core dumped" );
762     }
763 
764     preexit_cleanup(env, 128 + target_sig);
765     die_with_signal(host_sig);
766 }
767 
768 /* queue a signal so that it will be send to the virtual CPU as soon
769    as possible */
queue_signal(CPUArchState * env,int sig,int si_type,target_siginfo_t * info)770 void queue_signal(CPUArchState *env, int sig, int si_type,
771                   target_siginfo_t *info)
772 {
773     CPUState *cpu = env_cpu(env);
774     TaskState *ts = get_task_state(cpu);
775 
776     trace_user_queue_signal(env, sig);
777 
778     info->si_code = deposit32(info->si_code, 16, 16, si_type);
779 
780     ts->sync_signal.info = *info;
781     ts->sync_signal.pending = sig;
782     /* signal that a new signal is pending */
783     qatomic_set(&ts->signal_pending, 1);
784 }
785 
786 
787 /* Adjust the signal context to rewind out of safe-syscall if we're in it */
rewind_if_in_safe_syscall(void * puc)788 static inline void rewind_if_in_safe_syscall(void *puc)
789 {
790     host_sigcontext *uc = (host_sigcontext *)puc;
791     uintptr_t pcreg = host_signal_pc(uc);
792 
793     if (pcreg > (uintptr_t)safe_syscall_start
794         && pcreg < (uintptr_t)safe_syscall_end) {
795         host_signal_set_pc(uc, (uintptr_t)safe_syscall_start);
796     }
797 }
798 
799 static G_NORETURN
die_from_signal(siginfo_t * info)800 void die_from_signal(siginfo_t *info)
801 {
802     char sigbuf[4], codebuf[12];
803     const char *sig, *code = NULL;
804 
805     switch (info->si_signo) {
806     case SIGSEGV:
807         sig = "SEGV";
808         switch (info->si_code) {
809         case SEGV_MAPERR:
810             code = "MAPERR";
811             break;
812         case SEGV_ACCERR:
813             code = "ACCERR";
814             break;
815         }
816         break;
817     case SIGBUS:
818         sig = "BUS";
819         switch (info->si_code) {
820         case BUS_ADRALN:
821             code = "ADRALN";
822             break;
823         case BUS_ADRERR:
824             code = "ADRERR";
825             break;
826         }
827         break;
828     case SIGILL:
829         sig = "ILL";
830         switch (info->si_code) {
831         case ILL_ILLOPC:
832             code = "ILLOPC";
833             break;
834         case ILL_ILLOPN:
835             code = "ILLOPN";
836             break;
837         case ILL_ILLADR:
838             code = "ILLADR";
839             break;
840         case ILL_PRVOPC:
841             code = "PRVOPC";
842             break;
843         case ILL_PRVREG:
844             code = "PRVREG";
845             break;
846         case ILL_COPROC:
847             code = "COPROC";
848             break;
849         }
850         break;
851     case SIGFPE:
852         sig = "FPE";
853         switch (info->si_code) {
854         case FPE_INTDIV:
855             code = "INTDIV";
856             break;
857         case FPE_INTOVF:
858             code = "INTOVF";
859             break;
860         }
861         break;
862     case SIGTRAP:
863         sig = "TRAP";
864         break;
865     default:
866         snprintf(sigbuf, sizeof(sigbuf), "%d", info->si_signo);
867         sig = sigbuf;
868         break;
869     }
870     if (code == NULL) {
871         snprintf(codebuf, sizeof(sigbuf), "%d", info->si_code);
872         code = codebuf;
873     }
874 
875     error_report("QEMU internal SIG%s {code=%s, addr=%p}",
876                  sig, code, info->si_addr);
877     die_with_signal(info->si_signo);
878 }
879 
host_sigsegv_handler(CPUState * cpu,siginfo_t * info,host_sigcontext * uc)880 static void host_sigsegv_handler(CPUState *cpu, siginfo_t *info,
881                                  host_sigcontext *uc)
882 {
883     uintptr_t host_addr = (uintptr_t)info->si_addr;
884     /*
885      * Convert forcefully to guest address space: addresses outside
886      * reserved_va are still valid to report via SEGV_MAPERR.
887      */
888     bool is_valid = h2g_valid(host_addr);
889     abi_ptr guest_addr = h2g_nocheck(host_addr);
890     uintptr_t pc = host_signal_pc(uc);
891     bool is_write = host_signal_write(info, uc);
892     MMUAccessType access_type = adjust_signal_pc(&pc, is_write);
893     bool maperr;
894 
895     /* If this was a write to a TB protected page, restart. */
896     if (is_write
897         && is_valid
898         && info->si_code == SEGV_ACCERR
899         && handle_sigsegv_accerr_write(cpu, host_signal_mask(uc),
900                                        pc, guest_addr)) {
901         return;
902     }
903 
904     /*
905      * If the access was not on behalf of the guest, within the executable
906      * mapping of the generated code buffer, then it is a host bug.
907      */
908     if (access_type != MMU_INST_FETCH
909         && !in_code_gen_buffer((void *)(pc - tcg_splitwx_diff))) {
910         die_from_signal(info);
911     }
912 
913     maperr = true;
914     if (is_valid && info->si_code == SEGV_ACCERR) {
915         /*
916          * With reserved_va, the whole address space is PROT_NONE,
917          * which means that we may get ACCERR when we want MAPERR.
918          */
919         if (page_get_flags(guest_addr) & PAGE_VALID) {
920             maperr = false;
921         } else {
922             info->si_code = SEGV_MAPERR;
923         }
924     }
925 
926     sigprocmask(SIG_SETMASK, host_signal_mask(uc), NULL);
927     cpu_loop_exit_sigsegv(cpu, guest_addr, access_type, maperr, pc);
928 }
929 
host_sigbus_handler(CPUState * cpu,siginfo_t * info,host_sigcontext * uc)930 static uintptr_t host_sigbus_handler(CPUState *cpu, siginfo_t *info,
931                                 host_sigcontext *uc)
932 {
933     uintptr_t pc = host_signal_pc(uc);
934     bool is_write = host_signal_write(info, uc);
935     MMUAccessType access_type = adjust_signal_pc(&pc, is_write);
936 
937     /*
938      * If the access was not on behalf of the guest, within the executable
939      * mapping of the generated code buffer, then it is a host bug.
940      */
941     if (!in_code_gen_buffer((void *)(pc - tcg_splitwx_diff))) {
942         die_from_signal(info);
943     }
944 
945     if (info->si_code == BUS_ADRALN) {
946         uintptr_t host_addr = (uintptr_t)info->si_addr;
947         abi_ptr guest_addr = h2g_nocheck(host_addr);
948 
949         sigprocmask(SIG_SETMASK, host_signal_mask(uc), NULL);
950         cpu_loop_exit_sigbus(cpu, guest_addr, access_type, pc);
951     }
952     return pc;
953 }
954 
host_signal_handler(int host_sig,siginfo_t * info,void * puc)955 static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)
956 {
957     CPUState *cpu = thread_cpu;
958     CPUArchState *env = cpu_env(cpu);
959     TaskState *ts = get_task_state(cpu);
960     target_siginfo_t tinfo;
961     host_sigcontext *uc = puc;
962     struct emulated_sigtable *k;
963     int guest_sig;
964     uintptr_t pc = 0;
965     bool sync_sig = false;
966     void *sigmask;
967 
968     /*
969      * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special
970      * handling wrt signal blocking and unwinding.  Non-spoofed SIGILL,
971      * SIGFPE, SIGTRAP are always host bugs.
972      */
973     if (info->si_code > 0) {
974         switch (host_sig) {
975         case SIGSEGV:
976             /* Only returns on handle_sigsegv_accerr_write success. */
977             host_sigsegv_handler(cpu, info, uc);
978             return;
979         case SIGBUS:
980             pc = host_sigbus_handler(cpu, info, uc);
981             sync_sig = true;
982             break;
983         case SIGILL:
984         case SIGFPE:
985         case SIGTRAP:
986             die_from_signal(info);
987         }
988     }
989 
990     /* get target signal number */
991     guest_sig = host_to_target_signal(host_sig);
992     if (guest_sig < 1 || guest_sig > TARGET_NSIG) {
993         return;
994     }
995     trace_user_host_signal(env, host_sig, guest_sig);
996 
997     host_to_target_siginfo_noswap(&tinfo, info);
998     k = &ts->sigtab[guest_sig - 1];
999     k->info = tinfo;
1000     k->pending = guest_sig;
1001     ts->signal_pending = 1;
1002 
1003     /*
1004      * For synchronous signals, unwind the cpu state to the faulting
1005      * insn and then exit back to the main loop so that the signal
1006      * is delivered immediately.
1007      */
1008     if (sync_sig) {
1009         cpu->exception_index = EXCP_INTERRUPT;
1010         cpu_loop_exit_restore(cpu, pc);
1011     }
1012 
1013     rewind_if_in_safe_syscall(puc);
1014 
1015     /*
1016      * Block host signals until target signal handler entered. We
1017      * can't block SIGSEGV or SIGBUS while we're executing guest
1018      * code in case the guest code provokes one in the window between
1019      * now and it getting out to the main loop. Signals will be
1020      * unblocked again in process_pending_signals().
1021      *
1022      * WARNING: we cannot use sigfillset() here because the sigmask
1023      * field is a kernel sigset_t, which is much smaller than the
1024      * libc sigset_t which sigfillset() operates on. Using sigfillset()
1025      * would write 0xff bytes off the end of the structure and trash
1026      * data on the struct.
1027      */
1028     sigmask = host_signal_mask(uc);
1029     memset(sigmask, 0xff, SIGSET_T_SIZE);
1030     sigdelset(sigmask, SIGSEGV);
1031     sigdelset(sigmask, SIGBUS);
1032 
1033     /* interrupt the virtual CPU as soon as possible */
1034     cpu_exit(thread_cpu);
1035 }
1036 
1037 /* do_sigaltstack() returns target values and errnos. */
1038 /* compare linux/kernel/signal.c:do_sigaltstack() */
do_sigaltstack(abi_ulong uss_addr,abi_ulong uoss_addr,CPUArchState * env)1039 abi_long do_sigaltstack(abi_ulong uss_addr, abi_ulong uoss_addr,
1040                         CPUArchState *env)
1041 {
1042     target_stack_t oss, *uoss = NULL;
1043     abi_long ret = -TARGET_EFAULT;
1044 
1045     if (uoss_addr) {
1046         /* Verify writability now, but do not alter user memory yet. */
1047         if (!lock_user_struct(VERIFY_WRITE, uoss, uoss_addr, 0)) {
1048             goto out;
1049         }
1050         target_save_altstack(&oss, env);
1051     }
1052 
1053     if (uss_addr) {
1054         target_stack_t *uss;
1055 
1056         if (!lock_user_struct(VERIFY_READ, uss, uss_addr, 1)) {
1057             goto out;
1058         }
1059         ret = target_restore_altstack(uss, env);
1060         if (ret) {
1061             goto out;
1062         }
1063     }
1064 
1065     if (uoss_addr) {
1066         memcpy(uoss, &oss, sizeof(oss));
1067         unlock_user_struct(uoss, uoss_addr, 1);
1068         uoss = NULL;
1069     }
1070     ret = 0;
1071 
1072  out:
1073     if (uoss) {
1074         unlock_user_struct(uoss, uoss_addr, 0);
1075     }
1076     return ret;
1077 }
1078 
1079 /* do_sigaction() return target values and host errnos */
do_sigaction(int sig,const struct target_sigaction * act,struct target_sigaction * oact,abi_ulong ka_restorer)1080 int do_sigaction(int sig, const struct target_sigaction *act,
1081                  struct target_sigaction *oact, abi_ulong ka_restorer)
1082 {
1083     struct target_sigaction *k;
1084     int host_sig;
1085     int ret = 0;
1086 
1087     trace_signal_do_sigaction_guest(sig, TARGET_NSIG);
1088 
1089     if (sig < 1 || sig > TARGET_NSIG) {
1090         return -TARGET_EINVAL;
1091     }
1092 
1093     if (act && (sig == TARGET_SIGKILL || sig == TARGET_SIGSTOP)) {
1094         return -TARGET_EINVAL;
1095     }
1096 
1097     if (block_signals()) {
1098         return -QEMU_ERESTARTSYS;
1099     }
1100 
1101     k = &sigact_table[sig - 1];
1102     if (oact) {
1103         __put_user(k->_sa_handler, &oact->_sa_handler);
1104         __put_user(k->sa_flags, &oact->sa_flags);
1105 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1106         __put_user(k->sa_restorer, &oact->sa_restorer);
1107 #endif
1108         /* Not swapped.  */
1109         oact->sa_mask = k->sa_mask;
1110     }
1111     if (act) {
1112         __get_user(k->_sa_handler, &act->_sa_handler);
1113         __get_user(k->sa_flags, &act->sa_flags);
1114 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1115         __get_user(k->sa_restorer, &act->sa_restorer);
1116 #endif
1117 #ifdef TARGET_ARCH_HAS_KA_RESTORER
1118         k->ka_restorer = ka_restorer;
1119 #endif
1120         /* To be swapped in target_to_host_sigset.  */
1121         k->sa_mask = act->sa_mask;
1122 
1123         /* we update the host linux signal state */
1124         host_sig = target_to_host_signal(sig);
1125         trace_signal_do_sigaction_host(host_sig, TARGET_NSIG);
1126         if (host_sig > SIGRTMAX) {
1127             /* we don't have enough host signals to map all target signals */
1128             qemu_log_mask(LOG_UNIMP, "Unsupported target signal #%d, ignored\n",
1129                           sig);
1130             /*
1131              * we don't return an error here because some programs try to
1132              * register an handler for all possible rt signals even if they
1133              * don't need it.
1134              * An error here can abort them whereas there can be no problem
1135              * to not have the signal available later.
1136              * This is the case for golang,
1137              *   See https://github.com/golang/go/issues/33746
1138              * So we silently ignore the error.
1139              */
1140             return 0;
1141         }
1142         if (host_sig != SIGSEGV && host_sig != SIGBUS) {
1143             struct sigaction act1;
1144 
1145             sigfillset(&act1.sa_mask);
1146             act1.sa_flags = SA_SIGINFO;
1147             if (k->_sa_handler == TARGET_SIG_IGN) {
1148                 /*
1149                  * It is important to update the host kernel signal ignore
1150                  * state to avoid getting unexpected interrupted syscalls.
1151                  */
1152                 act1.sa_sigaction = (void *)SIG_IGN;
1153             } else if (k->_sa_handler == TARGET_SIG_DFL) {
1154                 if (core_dump_signal(sig)) {
1155                     act1.sa_sigaction = host_signal_handler;
1156                 } else {
1157                     act1.sa_sigaction = (void *)SIG_DFL;
1158                 }
1159             } else {
1160                 act1.sa_sigaction = host_signal_handler;
1161                 if (k->sa_flags & TARGET_SA_RESTART) {
1162                     act1.sa_flags |= SA_RESTART;
1163                 }
1164             }
1165             ret = sigaction(host_sig, &act1, NULL);
1166         }
1167     }
1168     return ret;
1169 }
1170 
handle_pending_signal(CPUArchState * cpu_env,int sig,struct emulated_sigtable * k)1171 static void handle_pending_signal(CPUArchState *cpu_env, int sig,
1172                                   struct emulated_sigtable *k)
1173 {
1174     CPUState *cpu = env_cpu(cpu_env);
1175     abi_ulong handler;
1176     sigset_t set;
1177     target_siginfo_t unswapped;
1178     target_sigset_t target_old_set;
1179     struct target_sigaction *sa;
1180     TaskState *ts = get_task_state(cpu);
1181 
1182     trace_user_handle_signal(cpu_env, sig);
1183     /* dequeue signal */
1184     k->pending = 0;
1185 
1186     /*
1187      * Writes out siginfo values byteswapped, accordingly to the target.
1188      * It also cleans the si_type from si_code making it correct for
1189      * the target.  We must hold on to the original unswapped copy for
1190      * strace below, because si_type is still required there.
1191      */
1192     if (unlikely(qemu_loglevel_mask(LOG_STRACE))) {
1193         unswapped = k->info;
1194     }
1195     tswap_siginfo(&k->info, &k->info);
1196 
1197     sig = gdb_handlesig(cpu, sig, NULL, &k->info, sizeof(k->info));
1198     if (!sig) {
1199         sa = NULL;
1200         handler = TARGET_SIG_IGN;
1201     } else {
1202         sa = &sigact_table[sig - 1];
1203         handler = sa->_sa_handler;
1204     }
1205 
1206     if (unlikely(qemu_loglevel_mask(LOG_STRACE))) {
1207         print_taken_signal(sig, &unswapped);
1208     }
1209 
1210     if (handler == TARGET_SIG_DFL) {
1211         /* default handler : ignore some signal. The other are job control or fatal */
1212         if (sig == TARGET_SIGTSTP || sig == TARGET_SIGTTIN || sig == TARGET_SIGTTOU) {
1213             kill(getpid(),SIGSTOP);
1214         } else if (sig != TARGET_SIGCHLD &&
1215                    sig != TARGET_SIGURG &&
1216                    sig != TARGET_SIGWINCH &&
1217                    sig != TARGET_SIGCONT) {
1218             dump_core_and_abort(cpu_env, sig);
1219         }
1220     } else if (handler == TARGET_SIG_IGN) {
1221         /* ignore sig */
1222     } else if (handler == TARGET_SIG_ERR) {
1223         dump_core_and_abort(cpu_env, sig);
1224     } else {
1225         /* compute the blocked signals during the handler execution */
1226         sigset_t *blocked_set;
1227 
1228         target_to_host_sigset(&set, &sa->sa_mask);
1229         /* SA_NODEFER indicates that the current signal should not be
1230            blocked during the handler */
1231         if (!(sa->sa_flags & TARGET_SA_NODEFER))
1232             sigaddset(&set, target_to_host_signal(sig));
1233 
1234         /* save the previous blocked signal state to restore it at the
1235            end of the signal execution (see do_sigreturn) */
1236         host_to_target_sigset_internal(&target_old_set, &ts->signal_mask);
1237 
1238         /* block signals in the handler */
1239         blocked_set = ts->in_sigsuspend ?
1240             &ts->sigsuspend_mask : &ts->signal_mask;
1241         sigorset(&ts->signal_mask, blocked_set, &set);
1242         ts->in_sigsuspend = 0;
1243 
1244         /* if the CPU is in VM86 mode, we restore the 32 bit values */
1245 #if defined(TARGET_I386) && !defined(TARGET_X86_64)
1246         {
1247             CPUX86State *env = cpu_env;
1248             if (env->eflags & VM_MASK)
1249                 save_v86_state(env);
1250         }
1251 #endif
1252         /* prepare the stack frame of the virtual CPU */
1253 #if defined(TARGET_ARCH_HAS_SETUP_FRAME)
1254         if (sa->sa_flags & TARGET_SA_SIGINFO) {
1255             setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env);
1256         } else {
1257             setup_frame(sig, sa, &target_old_set, cpu_env);
1258         }
1259 #else
1260         /* These targets do not have traditional signals.  */
1261         setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env);
1262 #endif
1263         if (sa->sa_flags & TARGET_SA_RESETHAND) {
1264             sa->_sa_handler = TARGET_SIG_DFL;
1265         }
1266     }
1267 }
1268 
process_pending_signals(CPUArchState * cpu_env)1269 void process_pending_signals(CPUArchState *cpu_env)
1270 {
1271     CPUState *cpu = env_cpu(cpu_env);
1272     int sig;
1273     TaskState *ts = get_task_state(cpu);
1274     sigset_t set;
1275     sigset_t *blocked_set;
1276 
1277     while (qatomic_read(&ts->signal_pending)) {
1278         sigfillset(&set);
1279         sigprocmask(SIG_SETMASK, &set, 0);
1280 
1281     restart_scan:
1282         sig = ts->sync_signal.pending;
1283         if (sig) {
1284             /* Synchronous signals are forced,
1285              * see force_sig_info() and callers in Linux
1286              * Note that not all of our queue_signal() calls in QEMU correspond
1287              * to force_sig_info() calls in Linux (some are send_sig_info()).
1288              * However it seems like a kernel bug to me to allow the process
1289              * to block a synchronous signal since it could then just end up
1290              * looping round and round indefinitely.
1291              */
1292             if (sigismember(&ts->signal_mask, target_to_host_signal_table[sig])
1293                 || sigact_table[sig - 1]._sa_handler == TARGET_SIG_IGN) {
1294                 sigdelset(&ts->signal_mask, target_to_host_signal_table[sig]);
1295                 sigact_table[sig - 1]._sa_handler = TARGET_SIG_DFL;
1296             }
1297 
1298             handle_pending_signal(cpu_env, sig, &ts->sync_signal);
1299         }
1300 
1301         for (sig = 1; sig <= TARGET_NSIG; sig++) {
1302             blocked_set = ts->in_sigsuspend ?
1303                 &ts->sigsuspend_mask : &ts->signal_mask;
1304 
1305             if (ts->sigtab[sig - 1].pending &&
1306                 (!sigismember(blocked_set,
1307                               target_to_host_signal_table[sig]))) {
1308                 handle_pending_signal(cpu_env, sig, &ts->sigtab[sig - 1]);
1309                 /* Restart scan from the beginning, as handle_pending_signal
1310                  * might have resulted in a new synchronous signal (eg SIGSEGV).
1311                  */
1312                 goto restart_scan;
1313             }
1314         }
1315 
1316         /* if no signal is pending, unblock signals and recheck (the act
1317          * of unblocking might cause us to take another host signal which
1318          * will set signal_pending again).
1319          */
1320         qatomic_set(&ts->signal_pending, 0);
1321         ts->in_sigsuspend = 0;
1322         set = ts->signal_mask;
1323         sigdelset(&set, SIGSEGV);
1324         sigdelset(&set, SIGBUS);
1325         sigprocmask(SIG_SETMASK, &set, 0);
1326     }
1327     ts->in_sigsuspend = 0;
1328 }
1329 
process_sigsuspend_mask(sigset_t ** pset,target_ulong sigset,target_ulong sigsize)1330 int process_sigsuspend_mask(sigset_t **pset, target_ulong sigset,
1331                             target_ulong sigsize)
1332 {
1333     TaskState *ts = get_task_state(thread_cpu);
1334     sigset_t *host_set = &ts->sigsuspend_mask;
1335     target_sigset_t *target_sigset;
1336 
1337     if (sigsize != sizeof(*target_sigset)) {
1338         /* Like the kernel, we enforce correct size sigsets */
1339         return -TARGET_EINVAL;
1340     }
1341 
1342     target_sigset = lock_user(VERIFY_READ, sigset, sigsize, 1);
1343     if (!target_sigset) {
1344         return -TARGET_EFAULT;
1345     }
1346     target_to_host_sigset(host_set, target_sigset);
1347     unlock_user(target_sigset, sigset, 0);
1348 
1349     *pset = host_set;
1350     return 0;
1351 }
1352