Hello. After some consideration, I've decided to utilise Oleg's proposal[1] "(args.exit_signal & ~((u64)CSIGNAL))" as a check. I still don't like it, as it mixes argument copy check (I'm not sure if it's ever needed, however, as I'm not sure if there's a reason for exit_signal field of struct kernel_clone_args to have int type) with argument sanity check; moreover, it covers only clone3 case, and the code in copy_process is still error-prone in the long run. Ideally, the check should be somewhere in the one place, but as of now this one place is likely _do_fork, but it's kinda weir to have argument check there as of now.
Changes since v1[2]: - Check changed to comparison against negated CSIGNAL to address the bug reported by Oleg[3]. - Added a comment to _do_fork that exit_signal has to be checked by the caller. [1] https://lkml.org/lkml/2019/9/10/581 [2] https://lkml.org/lkml/2019/9/10/411 [3] https://lkml.org/lkml/2019/9/10/467 Eugene Syromiatnikov (1): fork: check exit_signal passed in clone3() call kernel/fork.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) -- 2.1.4
