From: Florian Weimer <fweimer@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org,
luto@kernel.org, arnd@arndb.de, ebiederm@xmission.com,
serge@hallyn.com, jannh@google.com, akpm@linux-foundation.org,
oleg@redhat.com, cyphar@cyphar.com, viro@zeniv.linux.org.uk,
linux-fsdevel@vger.kernel.org, dancol@google.com,
timmurray@google.com, linux-man@vger.kernel.org,
keescook@chromium.org, tglx@linutronix.de, x86@kernel.org
Subject: Re: [PATCH v4] signal: add taskfd_send_signal() syscall
Date: Thu, 06 Dec 2018 14:17:09 +0100 [thread overview]
Message-ID: <87lg526bhm.fsf@oldenburg2.str.redhat.com> (raw)
In-Reply-To: <20181206125354.ef3zlg3o75w32ymx@brauner.io> (Christian Brauner's message of "Thu, 6 Dec 2018 13:53:57 +0100")
* Christian Brauner:
> On Thu, Dec 06, 2018 at 01:30:19PM +0100, Florian Weimer wrote:
>> * Christian Brauner:
>>
>> > /* zombies */
>> > Zombies can be signaled just as any other process. No special error will be
>> > reported since a zombie state is an unreliable state (cf. [3]).
>>
>> I still disagree with this analysis. If I know that the target process
>> is still alive, and it is not, this is a persistent error condition
>> which can be reliably reported. Given that someone might send SIGKILL
>> to the process behind my back, detecting this error condition could be
>> useful.
>
> Apart from my objection that this is not actually a reliable state
> because of timing issues between e.g. calling wait and a process
> exiting
The point is that if you are in an error state, the error state does not
go away, *especially* if you do not expect the process to terminate and
have not arranged for something calling waitpid on the PID.
> I have two more concerns and one helpful suggestion.
> First, this is hooking pretty deep into kernel internals. So far
> EXIT_ZOMBIE is only exposed in kernel/exit.c and I don't see enough
> value to drag all of this into kernel/signal.c
> Second, all other signal syscalls don't do report errors when signaling
> to zombies as well.
They cannot do this reliably because the error state is not persistent:
the PID can be reused. So for the legacy interface, a difference in
error signaling would just have encouraged a bad programming model.
> It would be odd if this one suddenly did.
I don't think so. My point is that the FD-based mechanism finally
allows to cope with this in a reasonable way.
> Third, if this really becomes such a big issue for userspace in the
> future that we want to do that work then we can add a flag like
> TASKFD_DETECT_ZOMBIE (or some such name) that will allow userspace to
> get an error back when signaling a zombie.
I can live with that.
Thanks,
Florian
next prev parent reply other threads:[~2018-12-06 13:17 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-06 12:18 [PATCH v4] signal: add taskfd_send_signal() syscall Christian Brauner
2018-12-06 12:30 ` Florian Weimer
2018-12-06 12:45 ` Jürg Billeter
2018-12-06 13:12 ` Florian Weimer
2018-12-06 13:18 ` Jürg Billeter
2018-12-06 13:20 ` Florian Weimer
2018-12-06 13:40 ` Eric W. Biederman
2018-12-06 13:44 ` Florian Weimer
2018-12-06 13:44 ` Florian Weimer
2018-12-06 14:27 ` Aleksa Sarai
2018-12-06 14:46 ` Eric W. Biederman
2018-12-06 12:53 ` Christian Brauner
2018-12-06 13:17 ` Florian Weimer [this message]
2018-12-06 15:01 ` Eric W. Biederman
2018-12-06 16:17 ` Daniel Colascione
2018-12-06 17:24 ` Eric W. Biederman
2018-12-06 17:41 ` Christian Brauner
2018-12-06 18:30 ` Kees Cook
2018-12-06 22:27 ` Serge E. Hallyn
2018-12-06 17:14 ` Christian Brauner
2018-12-06 19:17 ` Eric W. Biederman
2018-12-06 19:30 ` Christian Brauner
2018-12-06 20:29 ` Eric W. Biederman
2018-12-06 20:37 ` Daniel Colascione
2018-12-06 22:22 ` Eric W. Biederman
2018-12-06 22:43 ` Daniel Colascione
2018-12-06 21:31 ` Christian Brauner
2018-12-06 21:46 ` Eric W. Biederman
2018-12-06 22:01 ` Daniel Colascione
2018-12-06 22:39 ` Christian Brauner
2018-12-06 23:17 ` Christian Brauner
2018-12-07 0:31 ` Serge E. Hallyn
2018-12-07 0:34 ` Daniel Colascione
2018-12-07 0:59 ` Serge E. Hallyn
2018-12-07 1:39 ` Daniel Colascione
2018-12-07 1:54 ` Christian Brauner
2018-12-07 16:49 ` Serge E. Hallyn
2018-12-07 16:47 ` Serge E. Hallyn
2018-12-08 21:46 ` kbuild test robot
2018-12-08 21:46 ` kbuild test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lg526bhm.fsf@oldenburg2.str.redhat.com \
--to=fweimer@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=christian@brauner.io \
--cc=cyphar@cyphar.com \
--cc=dancol@google.com \
--cc=ebiederm@xmission.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-man@vger.kernel.org \
--cc=luto@kernel.org \
--cc=oleg@redhat.com \
--cc=serge@hallyn.com \
--cc=tglx@linutronix.de \
--cc=timmurray@google.com \
--cc=viro@zeniv.linux.org.uk \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.