From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S966502AbcAZPFW (ORCPT <rfc822;w@1wt.eu>);
	Tue, 26 Jan 2016 10:05:22 -0500
Received: from mx1.redhat.com ([209.132.183.28]:39181 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S965184AbcAZPFO (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 26 Jan 2016 10:05:14 -0500
Date: Tue, 26 Jan 2016 16:05:10 +0100
From: Oleg Nesterov <oleg@redhat.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: Sasha Levin <sasha.levin@oracle.com>, akpm@linux-foundation.org,
        linux-kernel@vger.kernel.org, peterz@infradead.org,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Peter Zijlstra <a.p.zijlstra@chello.nl>
Subject: Re: [PATCH] signals: work around random wakeups in sigsuspend()
Message-ID: <20160126150510.GA9831@redhat.com>
References: <1453735306-13519-1-git-send-email-sasha.levin@oracle.com>
 <20160126064425.GA5134@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20160126064425.GA5134@gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 01/26, Ingo Molnar wrote:
>
> * Sasha Levin <sasha.levin@oracle.com> wrote:
>
> > A random wakeup can get us out of sigsuspend() without TIF_SIGPENDING
> > being set.
> >
> > Avoid that by making sure we were signaled, like sys_pause() does.
> >
> > Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
> > ---
> >  kernel/signal.c |    6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/signal.c b/kernel/signal.c
> > index 5da9180..3256c7e 100644
> > --- a/kernel/signal.c
> > +++ b/kernel/signal.c
> > @@ -3528,8 +3528,10 @@ static int sigsuspend(sigset_t *set)
> >  	current->saved_sigmask = current->blocked;
> >  	set_current_blocked(set);
> >
> > -	__set_current_state(TASK_INTERRUPTIBLE);
> > -	schedule();
> > +	while (!signal_pending(current)) {
> > +		__set_current_state(TASK_INTERRUPTIBLE);
> > +		schedule();
> > +	}
> >  	set_restore_sigmask();
> >  	return -ERESTARTNOHAND;
> >  }
>
> So this does not appear to be anything new, right?
>
> I agree with the fix, but I'm somewhat worried about the potential ABI impact:
> does anything exist out there that has learned to rely on spurious returns from
> SyS_sigsuspend() or SyS_rt_sigsuspend() system calls?

Unlikely. We can even forget about set_restore_sigmask/TIF_RESTORE_SIGMASK and
WARN_ON(). We are going to return -ERESTARTNOHAND, this assumes that TIF_SIGPENDING
must be set and thus do_signal() will be called, userspace should never see this
error code. This is even documented in errno.h.

Oleg.