Re: [PATCH] kthread: Enhance kthread_stop to abort interruptible sleeps

[Oleg Nesterov <oleg@tv-sign.ru>]

On 04/14, Eric W. Biederman wrote:
>
> Oleg Nesterov <oleg@tv-sign.ru> writes:
> 
> > On 04/13, Eric W. Biederman wrote:
> >>
> >> +static inline int __kthread_should_stop(struct task_struct *tsk)
> >> +{
> >> +	return test_tsk_thread_flag(tsk, TIF_KTHREAD_STOP);
> >> +}
> >
> > Am I blind? Where does copy_process/dup_task_struct clears unwanted
> > flags in thread_info->flags ?
> 
> Good question.  It is only a real problem if someone forks a kernel
> thread after we ask it to die but, it does appear to be an issue.
> With this usage and the same usage by the process freezer.
> 
> We do have these lines in copy_process...
> 
> 	clear_tsk_thread_flag(p, TIF_SIGPENDING);
> 	init_sigpending(&p->pending);
> 
> I don't know what we want to do about TIF_KTHREAD_STOP and TIF_FREEZE.

Perhaps we need _TIF_CLEAR_ON_FORK_MASK. Probably doesn't matter right
now, but still it is not imho safe in general.

> Right now we will go allow our merry way until we hit:
> 
> 	recalc_sigpending();
> 	if (signal_pending(current)) {
> 		spin_unlock(&current->sighand->siglock);
> 		write_unlock_irq(&tasklist_lock);
> 		retval = -ERESTARTNOINTR;
> 		goto bad_fork_cleanup_namespaces;
> 	}
> 
> And copy_process will fail.  Since that is an expected failure point
> that actually seems like reasonable behavior in this case if you
> are being frozen or are being told to die you can't fork.
> 
> It does ensure that these additional kernel flags won't make it
> onto new instances of struct task_struct.  Which is the important
> thing from a correctness standpoint.

Note that we set TIF_FREEZE and TIF_KTHREAD_STOP outside of ->siglock,
so both flags can leak onto the child. Again, not a problem right now.
TIF_KTHREAD_STOP doesn't matter unless process was created vi kthread_create(),
but in that case it can't inherit TIF_KTHREAD_STOP.

Oleg.