From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)
To: Oleg Nesterov <oleg-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
Cc: Linux Containers
<containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Pavel Emelyanov <xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
Subject: Re: [PATCH 9/9] signal: Ignore signals sent to the pid namespace init
Date: Tue, 18 Dec 2007 01:37:40 -0700 [thread overview]
Message-ID: <m18x3sbdpn.fsf@ebiederm.dsl.xmission.com> (raw)
In-Reply-To: <m13au6savt.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org> (Eric W. Biederman's message of "Thu, 13 Dec 2007 11:33:10 -0700")
ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman) writes:
> ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman) writes:
>>
>> Yes. If we are not in process context (in_interrupt) we do infer
>> the sender incorrectly. Duh. I saw something in earlier patches
>> people had posted didn't understand it, and didn't get an answer
>> when I asked about it.
>
> Grr. Rather I didn't see a reply when I asked about it. I just
> spotted Suka's old reply telling me it was to attempt to prevent
> init from getting sigio. Clearly I have a big fat blind spot
> here you could drive a truck through.
>
> Kernel generated signals are a pain because they are neither fish nor
> fowl. They are sent privileged, but we don't necessarily want to give
> them all curtsies and deliver them. Grr.
I solved this in my thinking earlier but I should really mention it.
There are two kinds of kernel generated signals.
- Services like timers, SIGIO, etc where the kernel is doing something
on behalf of the process.
- Process management where we send SIGKILL to make a process go away.
For services we clearly want to ignore the signal.
For the kernel flexing's it's muscle we want to accept the signal,
and let init die and accept the consequences. Unfortunately we
don't do that today.
Since most signals are services and since we want to preserve today
semantics we want to drop kernel generated signals.
For those cases where it matters we can have the kernel send a signal
by a different path, that doesn't give init the option of ignoring
the signal.
Eric
next prev parent reply other threads:[~2007-12-18 8:37 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-12 12:38 [PATCH 0/9] Core pid namespace enhancements Eric W. Biederman
[not found] ` <m13au8ytos.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:40 ` [PATCH 1/9] sig: Fix mqueue pid Eric W. Biederman
[not found] ` <m1y7c0xezt.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:42 ` [PATCH 2/9] sig: Fix SI_USER si_pid Eric W. Biederman
[not found] ` <m1tzmoxexb.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:44 ` [PATCH 3/9] pid: Implement ns_of_pid Eric W. Biederman
[not found] ` <m1prxcxeum.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:46 ` [PATCH 4/9] pid: Generalize task_active_pid_ns Eric W. Biederman
[not found] ` <m1lk80xeps.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:48 ` [PATCH 5/9] pid: Update pid_vnr to use task_active_pid_ns Eric W. Biederman
[not found] ` <m1hcioxenh.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:49 ` [PATCH 6/9] pid: Implement pid_in_pid_ns Eric W. Biederman
[not found] ` <m1d4tcxelu.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:52 ` [PATCH 7/9] sig: Handle pid namespace crossing when sending signals Eric W. Biederman
[not found] ` <m18x40xeg6.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:57 ` [PATCH 8/9] signal: Drop signals before sending them to init Eric W. Biederman
[not found] ` <m13au8xe8m.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 12:58 ` [PATCH 9/9] signal: Ignore signals sent to the pid namespace init Eric W. Biederman
[not found] ` <m1y7c0vzm4.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:09 ` [PATCH 0/4] pid namespace infrastructure cleanups Eric W. Biederman
[not found] ` <m1odcwvz3d.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:27 ` [PATCH 1/4] pidns: Remove the child_reaper special case from de_thread Eric W. Biederman
[not found] ` <m1ir34vyaj.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:30 ` [PATCH 2/4] proc: Simplify proc_get_sb Eric W. Biederman
[not found] ` <m1ejdsvy54.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:31 ` [PATCH 3/4] proc: Remove the unnecessary global proc_mnt Eric W. Biederman
[not found] ` <m1abogvy39.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:33 ` [PATCH 4/4] pid: Move all of the pid_namespace logic into copy_pid_ns Eric W. Biederman
[not found] ` <m163z4vxzs.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:46 ` [PATCH 0/4] Properly handle talking to all processes in a pid namespace Eric W. Biederman
[not found] ` <m11w9svxeb.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:49 ` [PATCH 1/4] signal: Introduce kill_pid_ns_info Eric W. Biederman
[not found] ` <m1ve74uio4.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:50 ` [PATCH 2/4] pid: Make next_pidmap static again Eric W. Biederman
[not found] ` <m1r6hsuime.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:52 ` [PATCH 3/4] Fix the indentation in cap_set_all to use tabs Eric W. Biederman
[not found] ` <m1mysguijx.fsf_-_-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-12 13:56 ` [PATCH 4/4] pid: Limit cap_set_all to the current pid namespace Eric W. Biederman
2007-12-12 16:09 ` [PATCH 1/4] signal: Introduce kill_pid_ns_info Pavel Emelyanov
2007-12-12 13:42 ` [PATCH 2/4] proc: Simplify proc_get_sb Pavel Emelyanov
[not found] ` <475FE53D.6050408-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2007-12-12 14:06 ` Eric W. Biederman
2007-12-13 16:28 ` [PATCH 9/9] signal: Ignore signals sent to the pid namespace init Oleg Nesterov
[not found] ` <20071213162811.GC219-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-13 18:16 ` Eric W. Biederman
[not found] ` <m1aboesbnu.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-13 18:33 ` Eric W. Biederman
[not found] ` <m13au6savt.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-18 8:37 ` Eric W. Biederman [this message]
2007-12-12 19:00 ` [PATCH 8/9] signal: Drop signals before sending them to init Serge E. Hallyn
[not found] ` <20071212190042.GA22469-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2007-12-12 19:33 ` Eric W. Biederman
2007-12-13 16:25 ` Oleg Nesterov
[not found] ` <20071213162502.GB219-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-13 17:50 ` Eric W. Biederman
[not found] ` <m1bq8uscu4.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-13 18:18 ` Oleg Nesterov
[not found] ` <20071213181802.GA486-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-13 18:50 ` Eric W. Biederman
[not found] ` <m1y7byqvj2.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-16 15:52 ` Oleg Nesterov
[not found] ` <20071216155244.GA216-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-18 4:06 ` Eric W. Biederman
[not found] ` <m1ir2wd4tf.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-18 12:22 ` Oleg Nesterov
[not found] ` <20071218122241.GA307-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-18 13:36 ` Eric W. Biederman
[not found] ` <m1prx49lag.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-18 15:30 ` Oleg Nesterov
[not found] ` <20071218153007.GA437-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-18 21:34 ` Eric W. Biederman
[not found] ` <m18x3radr1.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-19 13:42 ` Oleg Nesterov
2007-12-12 13:33 ` [PATCH 6/9] pid: Implement pid_in_pid_ns Pavel Emelyanov
2007-12-12 13:28 ` [PATCH 5/9] pid: Update pid_vnr to use task_active_pid_ns Pavel Emelyanov
[not found] ` <475FE201.7060104-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2007-12-12 14:20 ` Eric W. Biederman
2007-12-13 16:01 ` [PATCH 4/9] pid: Generalize task_active_pid_ns Oleg Nesterov
[not found] ` <20071213160128.GA219-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org>
2007-12-13 16:22 ` Eric W. Biederman
[not found] ` <m1mysesgxc.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-13 17:07 ` Oleg Nesterov
2007-12-13 0:59 ` [PATCH 3/9] pid: Implement ns_of_pid sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20071213005945.GB27896-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2007-12-13 1:25 ` Eric W. Biederman
[not found] ` <m1ve73s7vr.fsf-T1Yj925okcoyDheHMi7gv2pdwda3JcWeAL8bYrjMMd8@public.gmane.org>
2007-12-13 3:28 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20071213032827.GA1433-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2007-12-15 0:35 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2007-12-12 13:24 ` [PATCH 1/9] sig: Fix mqueue pid Pavel Emelyanov
2007-12-18 0:52 ` [PATCH 0/9] Core pid namespace enhancements sukadev-r/Jw6+rmf7HQT0dZR+AlfA
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m18x3sbdpn.fsf@ebiederm.dsl.xmission.com \
--to=ebiederm-as9lmozglivwk0htik3j/w@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=oleg-6lXkIZvqkOAvJsYlp49lxw@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox