From: Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Sukadev Bhattiprolu
<sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Linux Containers
<containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Daniel Lezcano <dlezcano-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>,
roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
Subject: Re: [PATCH 2/4] signals: send_signal: use si_fromuser() to detect from_ancestor_ns
Date: Mon, 5 Oct 2009 21:44:15 +0200 [thread overview]
Message-ID: <20091005194415.GA4560@redhat.com> (raw)
In-Reply-To: <20091005193738.GF30442-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
On 10/05, Sukadev Bhattiprolu wrote:
>
> Oleg Nesterov [oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org] wrote:
> | On 10/05, Sukadev Bhattiprolu wrote:
> | >
> | > Oleg Nesterov [oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org] wrote:
> | > |
> | > | --- TTT_32/kernel/signal.c~FU_2_SEND_SIGNAL 2009-10-04 02:21:55.000000000 +0200
> | > | +++ TTT_32/kernel/signal.c 2009-10-04 03:09:44.000000000 +0200
> | > | @@ -928,9 +928,8 @@ static int send_signal(int sig, struct s
> | > | int from_ancestor_ns = 0;
> | > |
> | > | #ifdef CONFIG_PID_NS
> | > | - if (!is_si_special(info) && SI_FROMUSER(info) &&
> | > | - task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)
> | > | - from_ancestor_ns = 1;
> | > | + from_ancestor_ns = si_fromuser(info) &&
> | > | + !task_pid_nr_ns(current, task_active_pid_ns(t));
> | >
> | > Makes sense. And we had mentioned earlier that container-init is immune
> | > to suicide but should we add a check for 'current == t' above to cover the
> | >
> | > send_sig(SIGKILL, current, 0);
> | >
> | > in load_aout_binary() and friends
> | >
> | > from_ancestor_ns = si_fromuser(info) && (current == t ||
> | > !task_pid_nr_ns(current, task_active_pid_ns(t)));
> |
> | I don't think so.
> |
> | First of all, this is just ugly. If we need this check we should change
> | the callers, not send_signal().
>
> Well, all I am saying is that the check
>
> !task_pid_nr_ns(current, task_active_pid_ns(t)))
>
> excludes container-init sending signal to itself - task_pid_nr_ns() above
> would return 1 for container-init and 'from_ancestor_ns' would be 0.
Ah, I misunderstood you, and I misread the "current == t" check above.
I wrongly thought that you suggest to suppress "si_fromuser()" when
the task sends a signal to itself.
Sorry for confusion.
> But sure, we could use force_sig_info() in caller.
Yes, because this makes the code more explicit imho. And we can avoid
the further complicatiions in send_signal() path.
> | So, imho this patch also fixes this case by accident,
>
> This part I am not sure. But as mentioned above, from_ancestor_ns is 0
> and the SIGKILL will not queued right ?
Yes, you are right, see above.
I meant, it fixes the from-user logic, not from_ancestor_ns logic.
Oleg.
WARNING: multiple messages have this Message-ID (diff)
From: Oleg Nesterov <oleg@redhat.com>
To: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Daniel Lezcano <dlezcano@fr.ibm.com>,
Sukadev Bhattiprolu <sukadev@us.ibm.com>,
Linux Containers <containers@lists.osdl.org>,
roland@redhat.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/4] signals: send_signal: use si_fromuser() to detect from_ancestor_ns
Date: Mon, 5 Oct 2009 21:44:15 +0200 [thread overview]
Message-ID: <20091005194415.GA4560@redhat.com> (raw)
In-Reply-To: <20091005193738.GF30442@us.ibm.com>
On 10/05, Sukadev Bhattiprolu wrote:
>
> Oleg Nesterov [oleg@redhat.com] wrote:
> | On 10/05, Sukadev Bhattiprolu wrote:
> | >
> | > Oleg Nesterov [oleg@redhat.com] wrote:
> | > |
> | > | --- TTT_32/kernel/signal.c~FU_2_SEND_SIGNAL 2009-10-04 02:21:55.000000000 +0200
> | > | +++ TTT_32/kernel/signal.c 2009-10-04 03:09:44.000000000 +0200
> | > | @@ -928,9 +928,8 @@ static int send_signal(int sig, struct s
> | > | int from_ancestor_ns = 0;
> | > |
> | > | #ifdef CONFIG_PID_NS
> | > | - if (!is_si_special(info) && SI_FROMUSER(info) &&
> | > | - task_pid_nr_ns(current, task_active_pid_ns(t)) <= 0)
> | > | - from_ancestor_ns = 1;
> | > | + from_ancestor_ns = si_fromuser(info) &&
> | > | + !task_pid_nr_ns(current, task_active_pid_ns(t));
> | >
> | > Makes sense. And we had mentioned earlier that container-init is immune
> | > to suicide but should we add a check for 'current == t' above to cover the
> | >
> | > send_sig(SIGKILL, current, 0);
> | >
> | > in load_aout_binary() and friends
> | >
> | > from_ancestor_ns = si_fromuser(info) && (current == t ||
> | > !task_pid_nr_ns(current, task_active_pid_ns(t)));
> |
> | I don't think so.
> |
> | First of all, this is just ugly. If we need this check we should change
> | the callers, not send_signal().
>
> Well, all I am saying is that the check
>
> !task_pid_nr_ns(current, task_active_pid_ns(t)))
>
> excludes container-init sending signal to itself - task_pid_nr_ns() above
> would return 1 for container-init and 'from_ancestor_ns' would be 0.
Ah, I misunderstood you, and I misread the "current == t" check above.
I wrongly thought that you suggest to suppress "si_fromuser()" when
the task sends a signal to itself.
Sorry for confusion.
> But sure, we could use force_sig_info() in caller.
Yes, because this makes the code more explicit imho. And we can avoid
the further complicatiions in send_signal() path.
> | So, imho this patch also fixes this case by accident,
>
> This part I am not sure. But as mentioned above, from_ancestor_ns is 0
> and the SIGKILL will not queued right ?
Yes, you are right, see above.
I meant, it fixes the from-user logic, not from_ancestor_ns logic.
Oleg.
next prev parent reply other threads:[~2009-10-05 19:44 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-02 14:05 pidns : PR_SET_PDEATHSIG + SIGKILL regression Daniel Lezcano
[not found] ` <4AC608BE.9020805-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org>
2009-10-02 15:47 ` Serge E. Hallyn
[not found] ` <20091002154702.GB26864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-03 0:39 ` Sukadev Bhattiprolu
[not found] ` <20091003003929.GA20034-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-03 2:52 ` Oleg Nesterov
2009-10-03 17:10 ` Sukadev Bhattiprolu
2009-10-03 17:10 ` Sukadev Bhattiprolu
[not found] ` <20091003171029.GA30442-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-04 2:18 ` [PATCH 0/4] Was: " Oleg Nesterov
2009-10-04 2:18 ` Oleg Nesterov
[not found] ` <20091004021844.GA21006-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-04 2:19 ` [PATCH 1/4] signals: SEND_SIG_NOINFO should be considered as SI_FROMUSER() Oleg Nesterov
2009-10-04 2:19 ` Oleg Nesterov
[not found] ` <20091004021918.GB21006-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-04 2:25 ` Oleg Nesterov
2009-10-04 2:25 ` Oleg Nesterov
2009-10-05 17:58 ` Sukadev Bhattiprolu
2009-10-05 17:58 ` Sukadev Bhattiprolu
[not found] ` <20091005175855.GB30442-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-05 18:39 ` Oleg Nesterov
2009-10-05 18:39 ` Oleg Nesterov
2009-10-06 0:09 ` Sukadev Bhattiprolu
2009-10-06 0:09 ` Sukadev Bhattiprolu
2009-10-06 7:31 ` Roland McGrath
2009-10-06 7:31 ` Roland McGrath
[not found] ` <20091006073100.4184128-nL1rrgvulkc2UH6IwYuUx0EOCMrvLtNR@public.gmane.org>
2009-10-06 13:37 ` Oleg Nesterov
2009-10-06 13:37 ` Oleg Nesterov
[not found] ` <20091006133732.GB8628-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-06 17:57 ` Roland McGrath
2009-10-06 17:57 ` Roland McGrath
[not found] ` <20091006175705.6547A22-nL1rrgvulkc2UH6IwYuUx0EOCMrvLtNR@public.gmane.org>
2009-10-07 11:30 ` Oleg Nesterov
2009-10-07 11:30 ` Oleg Nesterov
[not found] ` <20091007113049.GA3421-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-08 1:57 ` Roland McGrath
2009-10-08 1:57 ` Roland McGrath
2009-10-04 2:19 ` [PATCH 2/4] signals: send_signal: use si_fromuser() to detect from_ancestor_ns Oleg Nesterov
2009-10-04 2:19 ` Oleg Nesterov
[not found] ` <20091004021954.GC21006-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-05 18:12 ` Sukadev Bhattiprolu
2009-10-05 18:12 ` Sukadev Bhattiprolu
[not found] ` <20091005181255.GE30442-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-05 18:25 ` Oleg Nesterov
2009-10-05 18:25 ` Oleg Nesterov
[not found] ` <20091005182536.GA943-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-05 19:37 ` Sukadev Bhattiprolu
2009-10-05 19:37 ` Sukadev Bhattiprolu
[not found] ` <20091005193738.GF30442-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-05 19:44 ` Oleg Nesterov [this message]
2009-10-05 19:44 ` Oleg Nesterov
[not found] ` <20091005194415.GA4560-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-05 19:55 ` Oleg Nesterov
2009-10-05 19:55 ` Oleg Nesterov
2009-10-06 0:06 ` Sukadev Bhattiprolu
2009-10-06 0:06 ` Sukadev Bhattiprolu
[not found] ` <20091006000631.GA4390-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-06 1:09 ` Oleg Nesterov
2009-10-06 1:09 ` Oleg Nesterov
[not found] ` <20091006010956.GA28233-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-06 2:34 ` Sukadev Bhattiprolu
2009-10-06 2:34 ` Sukadev Bhattiprolu
[not found] ` <20091006023401.GA10132-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-06 13:18 ` Oleg Nesterov
2009-10-06 13:18 ` Oleg Nesterov
[not found] ` <20091006131821.GA8628-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-06 18:01 ` Roland McGrath
2009-10-06 18:01 ` Roland McGrath
2009-10-06 0:16 ` Sukadev Bhattiprolu
2009-10-06 0:16 ` Sukadev Bhattiprolu
2009-10-04 2:20 ` [PATCH 3/4] signals: cosmetic, collect_signal: use SI_USER Oleg Nesterov
2009-10-04 2:20 ` Oleg Nesterov
[not found] ` <20091004022021.GD21006-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-05 18:03 ` Sukadev Bhattiprolu
2009-10-05 18:03 ` Sukadev Bhattiprolu
2009-10-04 2:20 ` [PATCH 4/4] signals: kill force_sig_specific() Oleg Nesterov
2009-10-04 2:20 ` Oleg Nesterov
[not found] ` <20091004022050.GE21006-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-05 18:04 ` Sukadev Bhattiprolu
2009-10-05 18:04 ` Sukadev Bhattiprolu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091005194415.GA4560@redhat.com \
--to=oleg-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=dlezcano-NmTC/0ZBporQT0dZR+AlfA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.