[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20081226160652.GA14825@redhat.com>
Date: Fri, 26 Dec 2008 17:06:52 +0100
From: Oleg Nesterov <oleg@...hat.com>
To: Américo Wang <xiyou.wangcong@...il.com>
Cc: Ingo Molnar <mingo@...e.hu>, LKML <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...l.org>
Subject: Re: [Patch] signal: let valid_signal() check more
On 12/26, Américo Wang wrote:
>
> On Fri, Dec 26, 2008 at 09:56:54AM +0100, Ingo Molnar wrote:
> >
> >* Américo Wang <xiyou.wangcong@...il.com> wrote:
> >
> >> >> @@ -727,7 +727,7 @@ int vt_ioctl(struct tty_struct *tty, struct file * file,
> >> >> {
> >> >> if (!perm || !capable(CAP_KILL))
> >> >> goto eperm;
> >> >> - if (!valid_signal(arg) || arg < 1 || arg == SIGKILL)
> >> >> + if (!valid_signal((int)arg) || arg == SIGKILL)
> >> > ^^^^^
> >> >
> >> >The patch adds a lot of unnecessary typecasts like this.
> >>
> >> because it's inline?
> >
> >Why does your patch add a lot of seemingly unnecessary typecasts? [if your
> >short reply was supposed to be an answer to that question then please
> >explain it in more detail.]
>
> Hi, Ingo.
>
> because I also changed the type of valid_signal():
>
> -static inline int valid_signal(unsigned long sig)
> +static inline int valid_signal(int sig)
and please note that this change itself is a bit dangerous. Suppose that
a bad user does sys_prctl(PR_SET_PDEATHSIG, LONG_MIN | SIGCHLD), and now
valid_signal(arg2) (or valid_signal((int)arg2)) returns T.
(nothing really bad happens because ->pdeath_signal is "int", but still).
Note also that it is correct to do prctl(PR_SET_PDEATHSIG, 0), so the
patch was doubly wrong here.
So, please check very carefully every change you are going to do. Make
sure you don't change the behaviour, unless you think the current code
is buggy. In that case please document the fix.
OTOH, I don't understand why sys_mq_notify() accepts sigev_signo == 0,
perhaps this is oversight. good_sigevent() looks correct, but should
use the helper.
> I noticed that gcc put this kind of warning into
> -Wtraditional-conversion recently, but it is still useful to use
> explicit cast, isn't it?
I'd say explicit casts should be avoided as much as possible.
As for this particular case. Note that valid_signa((int)long_arg)
only helps to hide the problem.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists