From: Mark Wielaard <mark@klomp.org>
Date: Mon, 14 Jul 2025 21:23:23 +0000 (+0200)
Subject: Reject any attempt to set the handler for SIGKILL/STOP
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=806abab0557a53546d9498926f699fd679b9f0f1;p=thirdparty%2Fvalgrind.git

Reject any attempt to set the handler for SIGKILL/STOP

Even though resetting SIGKILL or SIGSTOP to SIG_DFL would be a noop it
isn't allowed. Just always return EINVAL if an attempt is made to set
the signal handler for SIGKILL or SIGSTOP. There is an LTP test for
this signal01.

https://bugs.kde.org/show_bug.cgi?id=506930
---

diff --git a/NEWS b/NEWS
index 73488cbc1..49403da01 100644
--- a/NEWS
+++ b/NEWS
@@ -54,6 +54,7 @@ are not entered into bugzilla tend to get forgotten about or ignored.
 502968  Wrap linux specific syscalls 457 (listmount) and 458 (statmount)
 506499  Unhandled syscall 592 (exterrctl - FreeBSD
 506795  Better report which clone flags are problematic
+506930  valgrind allows SIGKILL being reset to SIG_DFL
 
 To see details of a given bug, visit
   https://bugs.kde.org/show_bug.cgi?id=XXXXXX
diff --git a/coregrind/m_signals.c b/coregrind/m_signals.c
index f0e6b8e7c..cccbb5683 100644
--- a/coregrind/m_signals.c
+++ b/coregrind/m_signals.c
@@ -1317,10 +1317,8 @@ SysRes VG_(do_sys_sigaction) ( Int signo,
              || new_act->ksa_handler == VKI_SIG_IGN) )
       goto bad_signo_reserved;
 
-   /* Reject attempts to set a handler (or set ignore) for SIGKILL. */
-   if ( (signo == VKI_SIGKILL || signo == VKI_SIGSTOP)
-       && new_act
-       && new_act->ksa_handler != VKI_SIG_DFL)
+   /* Reject any attempt to set the handler for SIGKILL/STOP. */
+   if ( (signo == VKI_SIGKILL || signo == VKI_SIGSTOP) && new_act )
       goto bad_sigkill_or_sigstop;
 
    /* If the client supplied non-NULL old_act, copy the relevant SCSS