"Eric W. Biederman" <ebied...@xmission.com> writes:
> diff --git a/include/linux/sched/signal.h b/include/linux/sched/signal.h
> index 3c8b34876744..1947c85aa9d9 100644
> --- a/include/linux/sched/signal.h
> +++ b/include/linux/sched/signal.h
> @@ -437,7 +437,8 @@ extern void signal_wake_up_state(struct task_struct *t,
> unsigned int state);
>
> static inline void signal_wake_up(struct task_struct *t, bool resume)
> {
> - signal_wake_up_state(t, resume ? TASK_WAKEKILL : 0);
> + bool wakekill = resume && !(t->jobctl & JOBCTL_DELAY_WAKEKILL);
> + signal_wake_up_state(t, wakekill ? TASK_WAKEKILL : 0);
> }
> static inline void ptrace_signal_wake_up(struct task_struct *t, bool resume)
> {
Grrr. While looking through everything today I have realized that there
is a bug.
Suppose we have 3 processes: TRACER, TRACEE, KILLER.
Meanwhile TRACEE is in the middle of ptrace_stop, just after siglock has
been dropped.
The TRACER process has performed ptrace_attach on TRACEE and is in the
middle of a ptrace operation and has just set JOBCTL_DELAY_WAKEKILL.
Then comes in the KILLER process and sends the TRACEE a SIGKILL.
The TRACEE __state remains TASK_TRACED, as designed.
The bug appears when the TRACEE makes it to schedule(). Inside
schedule there is a call to signal_pending_state() which notices
a SIGKILL is pending and refuses to sleep.
I could avoid setting TIF_SIGPENDING in signal_wake_up but that
is insufficient as another signal may be pending.
I could avoid marking the task as __fatal_signal_pending but then
where would the information that the task needs to become
__fatal_signal_pending go.
Hmm.
This looks like I need my other pending cleanup which introduces a
helper to get this idea to work.
Eric
_______________________________________________
linux-um mailing list
linux-um@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-um
