lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 21 Sep 2013 20:34:36 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	Peter Hurley <peter@...leysoftware.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jiri Slaby <jslaby@...e.cz>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	codonell <codonell@...hat.com>, Eduard Benes <ebenes@...hat.com>,
	Karel Srot <ksrot@...hat.com>,
	Matt Newsome <mnewsome@...hat.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] tty: disassociate_ctty() sends the extra SIGCONT

Peter, sorry for delay, I was sick.

On 09/17, Peter Hurley wrote:
>
> On 09/15/2013 11:50 AM, Oleg Nesterov wrote:
>
>> Put the "!on_exit" check back to restore the old behaviour.
>>
>> Cc: stable@...r.kernel.org # v3.10+
>> Signed-off-by: Oleg Nesterov <oleg@...hat.com>
>> Reported-by: Karel Srot <ksrot@...hat.com>
>
> Reviewed-by: Peter Hurley <peter@...leysoftware.com>

Thanks!

Can I ask the question? tty_signal_session_leader() is probably fine,
but it _looks_ buggy or at least confusing to me.

		do_each_pid_task(tty->session, PIDTYPE_SID, p) {
			spin_lock_irq(&p->sighand->siglock);
			if (p->signal->tty == tty) {
				p->signal->tty = NULL;
				/* We defer the dereferences outside fo
				   the tasklist lock */
				refs++;
			}
			if (!p->signal->leader) {
				spin_unlock_irq(&p->sighand->siglock);
				continue;
			}
			__group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
			__group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
			put_pid(p->signal->tty_old_pgrp);  /* A noop */
			spin_lock(&tty->ctrl_lock);
			tty_pgrp = get_pid(tty->pgrp);

I guess this can happen only once, so we could even add WARN_ON(tty_pgrp)
before get_pid(). But this look confusing, as if we can do get_pid()
multiple times and leak tty->pgrp.

			if (tty->pgrp)
				p->signal->tty_old_pgrp = get_pid(tty->pgrp);

else? We already did put_pid(tty_old_pgrp), we should clear it.

IOW, do you think the patch below makes sense or I missed something?
Just curious.

Oleg.

--- x/drivers/tty/tty_io.c
+++ x/drivers/tty/tty_io.c
@@ -548,7 +548,7 @@ static int tty_signal_session_leader(str
 {
 	struct task_struct *p;
 	int refs = 0;
-	struct pid *tty_pgrp = NULL;
+	struct pid *tty_pgrp = tty_get_pgrp(tty);
 
 	read_lock(&tasklist_lock);
 	if (tty->session) {
@@ -560,18 +560,12 @@ static int tty_signal_session_leader(str
 				   the tasklist lock */
 				refs++;
 			}
-			if (!p->signal->leader) {
-				spin_unlock_irq(&p->sighand->siglock);
-				continue;
+			if (p->signal->leader) {
+				__group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
+				__group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
+				put_pid(p->signal->tty_old_pgrp);  /* A noop */
+				p->signal->tty_old_pgrp = get_pid(tty_pgrp);
 			}
-			__group_send_sig_info(SIGHUP, SEND_SIG_PRIV, p);
-			__group_send_sig_info(SIGCONT, SEND_SIG_PRIV, p);
-			put_pid(p->signal->tty_old_pgrp);  /* A noop */
-			spin_lock(&tty->ctrl_lock);
-			tty_pgrp = get_pid(tty->pgrp);
-			if (tty->pgrp)
-				p->signal->tty_old_pgrp = get_pid(tty->pgrp);
-			spin_unlock(&tty->ctrl_lock);
 			spin_unlock_irq(&p->sighand->siglock);
 		} while_each_pid_task(tty->session, PIDTYPE_SID, p);
 	}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ