[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090429115550.GA25368@redhat.com>
Date: Wed, 29 Apr 2009 13:55:50 +0200
From: Oleg Nesterov <oleg@...hat.com>
To: David Howells <dhowells@...hat.com>
Cc: James Morris <jmorris@...ei.org>,
Eric Paris <eparis@...isplace.org>,
Roland McGrath <roland@...hat.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
linux-kernel@...r.kernel.org
Subject: Re: Q: selinux_bprm_committed_creds() && signals/do_wait
On 04/29, David Howells wrote:
>
> Oleg Nesterov <oleg@...hat.com> wrote:
>
> > > I suspect we should pass SIGKILL
> >
> > Or we can fliter out SIGKILLs, yes.
>
> How about the attached patch?
Heh. I did the very similar patch. It wasn't sent because I'd like to
understand flush_signal_handlers + sigemptyset first.
But,
> @@ -2398,11 +2398,14 @@ static void selinux_bprm_committed_creds(struct linux_binprm *bprm)
> memset(&itimer, 0, sizeof itimer);
> for (i = 0; i < 3; i++)
> do_setitimer(i, &itimer, NULL);
> - flush_signals(current);
> spin_lock_irq(¤t->sighand->siglock);
> - flush_signal_handlers(current, 1);
> - sigemptyset(¤t->blocked);
> - recalc_sigpending();
> + if (!sigismember(¤t->pending.signal, SIGKILL) &&
> + !sigismember(¤t->signal->shared_pending.signal,
> + SIGKILL)) {
No, no. Just
if (!(current->signal->flags & SIGNAL_GROUP_EXIT))
__flush_signals();
is enough and more clean imho. The fact that we _really_ have the pending
SIGKILL is just the implementation detail (and perhaps this we be changed
eventually).
No need to check ->shared_pending + ->pending. We can't have SIGKILL
(shared or not) without SIGNAL_GROUP_EXIT.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists