From: Sukadev Bhattiprolu <sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
To: oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org,
roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org,
gregkh-l3A5Bk7waGM@public.gmane.org
Cc: daniel-nym3zxDgnZcAvxtiuMwx3w@public.gmane.org,
xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org,
containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [RFC][PATCH] SI_ASYNCIO: should be a kernel signal ?
Date: Mon, 22 Dec 2008 14:15:22 -0800 [thread overview]
Message-ID: <20081222221522.GC10183@us.ibm.com> (raw)
In-Reply-To: <20081221010414.GA5284-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Sukadev Bhattiprolu [sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org] wrote:
|
| From: Sukadev Bhattiprolu <sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
| Date: Fri, 19 Dec 2008 20:45:49 -0800
| Subject: [RFC][PATCH] SI_ASYNCIO: should be a kernel signal ?
|
| SI_ASYNCIO is currently defined as -4 in the kernel. This makes it appear
| like a "user" signal (i.e SI_FROMUSER() is true). SI_ASYNCIO is generated
| by the kernel for async events like SI_MESGQ and SI_POLL, but unlike
| SI_ASYNCIO, SI_MESGQ and SI_POLL are "kernel" signals (i.e SI_FROMKERNEL()
| is true).
|
| Shouldn't SI_ASYNCIO be a "kernel" signal too ? It is currently generated
| from USB core code.
|
| This quick/untested RFC patch changes the in-kernel value of SI_ASYNCIO
| as follows so that it becomes a "kernel" signal.
|
| (7 << 16)|(-4 & 0xffff) = 0x7fffc which is SI_FROMKERNEL().
|
| The user-space value of SI_ASYNCIO continues to be -4.
|
| Known side-effects:
|
| Is this required to be SI_FROMUSER() to enable the uid checks in
| kill_pid_info_as_uid() ? Also, changing to "kernel" signal would skip
| the permission checks in check_kill_permission(). Would that be a
| problem ?
|
| Why bother now ? (Sigh. Condensed long story)
|
| Besides the consistency with SI_POLL and SI_MESGQ this could simplify
| implementation of special signal semantics for container-init. When a
| signal is sent to container-init from user-space, we need to check the
| pid namespace of the sender in send_signal(). But since send_signal()
| can also be called from interrupt context, we have no way of knowing
| if it is safe to check the pid namespace of the caller.
|
| If SI_ASYNCIO signal appears as a kernel signal, we could possibly use
| SI_FROMUSER() to check if it safe to reference the pid namespace of
| the sender.
|
| If this change has no other side-effects/breakage we will explore this
| path further for the signal semantics for container-init. (There could
| be other hurdles along the way...)
|
| See also http://lkml.org/lkml/2008/12/20/183
|
| Appreciate any comments on this.
|
| TODO:
| If this makes sense, make corresponding change to the SI_ASYNCIO
| in arch/mips/siginfo.h.
Grr. Importantly, we would also need to update the copy_siginfo*() and
friends for this to be complete.
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
To: oleg@redhat.com, ebiederm@xmission.com, roland@redhat.com,
bastian@waldi.eu.org, gregkh@suse.de
Cc: daniel@hozac.com, xemul@openvz.org, containers@lists.osdl.org,
linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org
Subject: Re: [RFC][PATCH] SI_ASYNCIO: should be a kernel signal ?
Date: Mon, 22 Dec 2008 14:15:22 -0800 [thread overview]
Message-ID: <20081222221522.GC10183@us.ibm.com> (raw)
In-Reply-To: <20081221010414.GA5284@us.ibm.com>
Sukadev Bhattiprolu [sukadev@linux.vnet.ibm.com] wrote:
|
| From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
| Date: Fri, 19 Dec 2008 20:45:49 -0800
| Subject: [RFC][PATCH] SI_ASYNCIO: should be a kernel signal ?
|
| SI_ASYNCIO is currently defined as -4 in the kernel. This makes it appear
| like a "user" signal (i.e SI_FROMUSER() is true). SI_ASYNCIO is generated
| by the kernel for async events like SI_MESGQ and SI_POLL, but unlike
| SI_ASYNCIO, SI_MESGQ and SI_POLL are "kernel" signals (i.e SI_FROMKERNEL()
| is true).
|
| Shouldn't SI_ASYNCIO be a "kernel" signal too ? It is currently generated
| from USB core code.
|
| This quick/untested RFC patch changes the in-kernel value of SI_ASYNCIO
| as follows so that it becomes a "kernel" signal.
|
| (7 << 16)|(-4 & 0xffff) = 0x7fffc which is SI_FROMKERNEL().
|
| The user-space value of SI_ASYNCIO continues to be -4.
|
| Known side-effects:
|
| Is this required to be SI_FROMUSER() to enable the uid checks in
| kill_pid_info_as_uid() ? Also, changing to "kernel" signal would skip
| the permission checks in check_kill_permission(). Would that be a
| problem ?
|
| Why bother now ? (Sigh. Condensed long story)
|
| Besides the consistency with SI_POLL and SI_MESGQ this could simplify
| implementation of special signal semantics for container-init. When a
| signal is sent to container-init from user-space, we need to check the
| pid namespace of the sender in send_signal(). But since send_signal()
| can also be called from interrupt context, we have no way of knowing
| if it is safe to check the pid namespace of the caller.
|
| If SI_ASYNCIO signal appears as a kernel signal, we could possibly use
| SI_FROMUSER() to check if it safe to reference the pid namespace of
| the sender.
|
| If this change has no other side-effects/breakage we will explore this
| path further for the signal semantics for container-init. (There could
| be other hurdles along the way...)
|
| See also http://lkml.org/lkml/2008/12/20/183
|
| Appreciate any comments on this.
|
| TODO:
| If this makes sense, make corresponding change to the SI_ASYNCIO
| in arch/mips/siginfo.h.
Grr. Importantly, we would also need to update the copy_siginfo*() and
friends for this to be complete.
next prev parent reply other threads:[~2008-12-22 22:15 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-21 1:04 [RFC][PATCH] SI_ASYNCIO: should be a kernel signal ? Sukadev Bhattiprolu
2008-12-21 1:04 ` Sukadev Bhattiprolu
[not found] ` <20081221010414.GA5284-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-12-22 22:15 ` Sukadev Bhattiprolu [this message]
2008-12-22 22:15 ` Sukadev Bhattiprolu
2008-12-30 23:53 ` Roland McGrath
2008-12-30 23:53 ` Roland McGrath
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081222221522.GC10183@us.ibm.com \
--to=sukadev-23vcf4htsmix0ybbhkvfkdbpr1lh4cv8@public.gmane.org \
--cc=bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=daniel-nym3zxDgnZcAvxtiuMwx3w@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=gregkh-l3A5Bk7waGM@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-usb-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.