don't trust siginfo in rsyscall handler

for some inexplicable reason, linux allows the sender of realtime
signals to spoof its identity. permission checks for sending signals
should limit the impact to same-user processes, but just to be safe,
we avoid trusting the siginfo structure and instead simply examine the
program state to see if we're in the middle of a legitimate rsyscall.

src/thread/pthread_create.c

@@ -80,8 +80,7 @@ static void rsyscall_handler(int sig, siginfo_t *si, void *ctx)
 {
 	struct pthread *self = __pthread_self();
 
-	if (si->si_code > 0 || si->si_pid != self->pid ||
-		rs.cnt == libc.threads_minus_1) return;
+	if (!rs.hold || rs.cnt == libc.threads_minus_1) return;
 
 	/* Threads which have already decremented themselves from the
 	 * thread count must not increment rs.cnt or otherwise act. */
@@ -118,9 +117,9 @@ static int rsyscall(int nr, long a, long b, long c, long d, long e, long f)
 	rs.arg[0] = a; rs.arg[1] = b;
 	rs.arg[2] = c; rs.arg[3] = d;
 	rs.arg[4] = d; rs.arg[5] = f;
-	rs.hold = 1;
 	rs.err = 0;
 	rs.cnt = 0;
+	rs.hold = 1;
 
 	/* Dispatch signals until all threads respond */
 	for (i=libc.threads_minus_1; i; i--)