Re: TASK_WAKEKILL && /sbin/init (was: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race)

---

• From: Oleg Nesterov <oleg@xxxxxxxxxx>
• Date: Thu, 5 Jun 2008 20:04:50 +0400

---

On 06/05, Matthew Wilcox wrote:

On Thu, Jun 05, 2008 at 07:23:16PM +0400, Oleg Nesterov wrote:

If lock_page_killable() fails because the task was killed by SIGKILL or
another fatal signal, do_generic_file_read() returns -EIO.

This seems to be OK, because in fact the userspace won't see this error, the
task will dequeue SIGKILL and exit.

However, /sbin/init is different, it will dequeue SIGKILL, ignore it, and be
confused by this bogus -EIO. Please note that while this bug is not likely,
it is _not_ theoretical. It does happen that user-space sends the unhandled
fatal signals to init.

Have you actually tested this?

No I didn't. And I would be happy to be wrong. But,

I thought it was handled by:

/*
* Global init gets no signals it doesn't want.
*/
if (unlikely(signal->flags & SIGNAL_UNKILLABLE) &&
!signal_group_exit(signal))
continue;

in get_signal_to_deliver().

This is what I am talking about. The SIGNAL_UNKILLABLE task (init) dequeues
the pending SIGKILL and just ignores it. Then it returns to the user space
with -EIO.

But when we send SIGKILL, the sender wakes up the TASK_KILLABLE task, and
after that fatal_signal_pending() is true. Once again, it is not hard to
fix this problem in kernel/signal.c, but _perhaps_ the change in filemap.c
makes sense anyway.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

---

• References:
  • [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race
    • From: Oleg Nesterov
  • Re: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race
    • From: Matthew Wilcox
  • TASK_WAKEKILL && /sbin/init (was: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race)
    • From: Oleg Nesterov
  • Re: TASK_WAKEKILL && /sbin/init (was: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race)
    • From: Matthew Wilcox

• Prev by Date: Re: [crash, bisected] Re: [PATCH 3/4] x86_64: Fold pda into per cpu area
• Next by Date: Re: [PATCH 2/5] pagemap: Change kpagecount to return the map count, not the reference count, of a page.
• Previous by thread: Re: TASK_WAKEKILL && /sbin/init (was: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race)
• Next by thread: Re: TASK_WAKEKILL && /sbin/init (was: [PATCH 1/2] schedule: fix TASK_WAKEKILL vs SIGKILL race)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: [PATCH] kill_something_info: dont take tasklist_lock for pid==-1 case ... SIGKILL) can miss the task forked by init. ... I think this problem can happen without my patch. ... because the writer cannot take the tasklist lock when a lot of readers ... (Linux-Kernel) Re: Delivering SIGKILL to init ... SIGKILL to init. ... the delivery of SIGKILL to init. ... (and a variety of other signals) ... (freebsd-hackers) Delivering SIGKILL to init ... SIGKILL to init. ... If I ktrace kill, I can see "kill" which ... the delivery of SIGKILL to init. ... (freebsd-hackers) [PATCH 0/3] TASK_WAKEKILL fixes ... The second patch is just an example of how the new helper can be used outside ... > fatal signals to init. ... init doesn't read files that often. ... I doubt user-space can send SIGKILL to init. ... (Linux-Kernel) Can init process ignore SIGKILL ? ... But going through the article description of SIGKILL in wikipedia, ... "init is a special process: it does not get signals that it does not ... (comp.unix.programmer)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > Kernel  > 2008-06