From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 44F71190462 for ; Sun, 28 Jun 2026 14:29:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782656956; cv=none; b=V8neA7TCbV7YsROrQwupHgUzsTuLy9k8VMGL4JCJyuMfouHXRNQKoPsmB4feu9s8cmRGugrYY0VLWgSzqntV1kaH8RIDtOI+vJdc0bIcjhel9TGaWr9+GFXW7/Y6jJ5wWwZKkx746wozjxbQPeIwoOKSi0pc5YpXRHlwV/466lo= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782656956; c=relaxed/simple; bh=TltOgxLc6h1NKUX5w0Y55vxXk55hCi4/M+gKbguff/Y=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=e8DFU12Anu+ymEjyQh8vVzmaY+LTyN77qJXgGYOH4vjybOCY5PQ4BqCFpMmKEILWbljp5BLKNLpk5D3FQktB31RxuKwepwKH7CK4pRgW012mMDTq2TSNaX0mIgQchYP7g3T//DsMXsybkw3+pe56kyKRY3eWyf2xo21D7XsKNDQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=OoZvZnrW; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="OoZvZnrW" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1782656954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sKzHZTdr9mm4iOugckm3O/JiWQM3tefLC9zoFA82XIs=; b=OoZvZnrWPZT3VkB3F79rSTz3UpA1D+fkxVFQOYGhkkr63d5tb4XHXlGVXbdlz2QAh19sMY 6r4CItw49YZUv/thlnOLumDGXzTG+BjEioIIo40Tq2we52wUvi8jior4BhHILqFN7+llim qNaqDt0fsL4mBNRnAdMbMLnByIb71N8= Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-292-cfB17_bNOEaMXjU0f515iw-1; Sun, 28 Jun 2026 10:29:10 -0400 X-MC-Unique: cfB17_bNOEaMXjU0f515iw-1 X-Mimecast-MFC-AGG-ID: cfB17_bNOEaMXjU0f515iw_1782656948 Received: from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 34A09180049F; Sun, 28 Jun 2026 14:29:08 +0000 (UTC) Received: from fedora (unknown [10.44.32.34]) by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with SMTP id 940A5180056E; Sun, 28 Jun 2026 14:29:03 +0000 (UTC) Received: by fedora (nbSMTP-1.00) for uid 1000 oleg@redhat.com; Sun, 28 Jun 2026 16:29:07 +0200 (CEST) Date: Sun, 28 Jun 2026 16:29:02 +0200 From: Oleg Nesterov To: "Eric W. Biederman" Cc: Andrew Morton , Andy Lutomirski , Kees Cook , Kusaram Devineni , Peter Zijlstra , Thomas Gleixner , Will Drewry , linux-kernel@vger.kernel.org, Linus Torvalds Subject: Re: [PATCH 0/11] Short circuit delivery for coredump signals Message-ID: References: <87o6gx9rc4.fsf@email.froward.int.ebiederm.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87o6gx9rc4.fsf@email.froward.int.ebiederm.org> X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.93 Eric, Please rebase on top of Linus's tree, git am fails at 7/11. So far I didnt' try to read the individual patches, I've applied the whole series on top of 25fe708bbc59 to avoid the conflicts, and after the very quick glance I seem to see some problems. Please correct me. ------------------------------------------------------------------------- complete_signal() does: if (sig_fatal(p, sig) && !sigismember(&t->real_blocked, sig) && (sig == SIGKILL || !p->ptrace)) { /* * This signal will be fatal to the whole group. * * Start a group exit and wake everybody up. * This way we don't have other threads * running and doing things after a slower * thread has the fatal signal pending. */ signal->flags = SIGNAL_GROUP_EXIT | SIGNAL_EXIT_DEQUEUE; signal->group_exit_code = sig; ... kill the thread group ... However, prepare_signal() still does: if (signal->flags & SIGNAL_GROUP_EXIT) { if (signal->core_state) return sig == SIGKILL; /* * The process is in the middle of dying, drop the signal. */ return false; This means that if SIGKILL comes before coredump_begin() sets signal->core_state, it will be lost. ------------------------------------------------------------------------- dequeue_exit_signal: if (signal->flags & SIGNAL_EXIT_DEQUEUE) { struct sigpending *pending = NULL; struct sigqueue *timer_sigq; int signr = exit_code; signal->flags &= ~SIGNAL_EXIT_DEQUEUE; pending = sigismember(&tsk->pending.signal, signr) ? &tsk->pending : &signal->shared_pending; collect_signal(signr, pending, info, &timer_sigq); This looks obviously wrong. 2 threads, T1 and T2. SIGSEGV is sent to T1. T2 calls get_signal(), clears SIGNAL_EXIT_DEQUEUE and returns SIGSEGV. But collect_signal() won't find SIGSEGV, *info will be bogus. T2 calls coredump_begin() and initiates the coredump. The core dump will be written with wrong dumper thread, bogus siginfo (si_addr/etc are lost). Even the filename is wrong if core_pattern includes "%i". Oleg. On 06/26, Eric W. Biederman wrote: > > Oleg's recent patchset tweaking how force_sig_info works has inspired me > to finally push through and update the signal handling to have proper > short circuit deliver for coredump signals. Everything is just simpler > when coredumps are not such a large special case. > > What makes this tricky is coredumps have had their own process > shoot-down logic similar to but separate and different from everything > else in the kernel. The bulk of this set of changes is merging the > process shoot-down logic that is used for signals and the logic for > coredumps. So the same process shoot-down logic can be shared. > > With the shoot-down logic sorted the rest is quite straight forward. > > Who should pick up these changes? Historically I would put it in my own > tree but unfortunately I just have a little bit of time here and there, > and I can't predict when I will have time to work on things. > > Eric W. Biederman (11): > signal: Compute the exit_code in get_signal > signal: In get_signal call do_exit when it is unnecessary to shoot down threads > signal: Bring down all threads when handling a non-coredump fatal signal > signal: Move stopping for the coredump from do_exit into get_signal > signal: Move audit_core_dumps from do_coredump into get_signal > coredump: In zap_threads complete startup if there is no need to wait > signal: Use the thread killing in get_signal for coredumps > exit: Make do_group_exit static > signal: Dequeue fatal signals > signal: Short circuit deliver coredump signals > signal: Remove SA_IMMUTABLE > > fs/coredump.c | 161 +++++++++++++++++---------------- > include/linux/coredump.h | 4 + > include/linux/sched/signal.h | 2 + > include/linux/sched/task.h | 1 - > include/linux/signal_types.h | 3 - > include/uapi/asm-generic/signal-defs.h | 1 - > kernel/exit.c | 41 ++------- > kernel/signal.c | 119 +++++++++++++++--------- > mm/oom_kill.c | 2 +- > 9 files changed, 171 insertions(+), 163 deletions(-) >