From: ebiederm@xmission.com (Eric W. Biederman)
To: Atsushi TSUJI <a-tsuji@bk.jp.nec.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>,
linux-kernel@vger.kernel.org, Roland McGrath <roland@redhat.com>
Subject: Re: [PATCH] kill_something_info: don't take tasklist_lock for pid==-1 case
Date: Wed, 28 May 2008 08:03:08 -0700 [thread overview]
Message-ID: <m18wxua2tv.fsf@frodo.ebiederm.org> (raw)
In-Reply-To: <483A60DE.7080306@bk.jp.nec.com> (Atsushi TSUJI's message of "Mon, 26 May 2008 16:03:58 +0900")
Atsushi TSUJI <a-tsuji@bk.jp.nec.com> writes:
>> Call me paranoid but I don't think there is any guarantee without a lock
>> that we will hit the -ERESTARTNOITR check for new processes. I think we
>> have a slight race where the fork process may not have received the signal
>> (because it is near the tail of the list) but the new process would be
>> added to the list immediately after we read it's pointer.
>
> I know it might happen some races, but, as Oleg say, it is no problem
> on the user side. Users cannot realize whether the process forked
> during kill or after. We can pretend it was forked after kill
> finished. So I think the change to convert tasklist_lock to
> rcu_read_lock is reasonable way to avoid the local DOS for kill(-1,sig) case.
We can only pretend that if the parent lives. If the parent is killed
then we can not so pretend.
Which in a lot of ways is the problem. kill(-1,SIGKIL) should
kill everything except for init and the process that sent the
signal. If anything else survives we have a broken the shutdown
scripts.
Since the race would rarely hit it will take ages for someone
to trace back to a kernel change.
If I could convince myself that Oleg is correct and that what
Oleg is proposing will always work I don't have a problem.
Eric
next prev parent reply other threads:[~2008-05-28 15:11 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-25 4:27 [PATCH] kill_something_info: don't take tasklist_lock for pid==-1 case Atsushi Tsuji
2008-03-25 13:56 ` Oleg Nesterov
2008-05-21 1:48 ` Atsushi Tsuji
2008-05-21 2:53 ` Eric W. Biederman
2008-05-21 3:47 ` Eric W. Biederman
2008-05-26 7:03 ` Atsushi TSUJI
2008-05-28 15:03 ` Eric W. Biederman [this message]
2008-05-31 16:55 ` Oleg Nesterov
2008-05-31 23:55 ` Eric W. Biederman
2008-06-01 16:29 ` Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m18wxua2tv.fsf@frodo.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=a-tsuji@bk.jp.nec.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@tv-sign.ru \
--cc=roland@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.