kernel/signal.c: avoid undefined behaviour in kill_something_info

When running kill(72057458746458112, 0) in userspace I hit the following
issue.

  UBSAN: Undefined behaviour in kernel/signal.c:1462:11
  negation of -2147483648 cannot be represented in type 'int':
  CPU: 226 PID: 9849 Comm: test Tainted: G    B          ---- -------   3.10.0-327.53.58.70.x86_64_ubsan+ #116
  Hardware name: Huawei Technologies Co., Ltd. RH8100 V3/BC61PBIA, BIOS BLHSV028 11/11/2014
  Call Trace:
    dump_stack+0x19/0x1b
    ubsan_epilogue+0xd/0x50
    __ubsan_handle_negate_overflow+0x109/0x14e
    SYSC_kill+0x43e/0x4d0
    SyS_kill+0xe/0x10
    system_call_fastpath+0x16/0x1b

Add code to avoid the UBSAN detection.

[akpm@linux-foundation.org: tweak comment]
Link: http://lkml.kernel.org/r/1496670008-59084-1-git-send-email-zhongjiang@huawei.com
Signed-off-by: zhongjiang <zhongjiang@huawei.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Xishi Qiu <qiuxishi@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(Cherry-picked from commit 4ea77014af0d)

Orabug: 28078687
CVE: CVE-2018-10124

Signed-off-by: mridula shastry <mridula.c.shastry@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>

diff --git a/kernel/signal.c b/kernel/signal.c
index a89a57e114cf45d234a37d90843806cefff7772c..d222546a420b901721680f4148fb90c6feffcb45 100644 (file)
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -1440,7 +1440,11 @@ static int kill_something_info(int sig, struct siginfo *info, pid_t pid)
                rcu_read_unlock();
                return ret;
        }
-
+ 
+       /* -INT_MIN is undefined.  Exclude this case to avoid a UBSAN warning */
+       if (pid == INT_MIN)
+               return -ESRCH;
+ 
        read_lock(&tasklist_lock);
        if (pid != -1) {
                ret = __kill_pgrp_info(sig, info,