From: "Eric W. Biederman" <ebiederm@xmission.com>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>, Kees Cook <kees@kernel.org>,
Kusaram Devineni <kusaram@devineni.in>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@kernel.org>,
Will Drewry <wad@chromium.org>,
linux-kernel@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
Christian Brauner <brauner@kernel.org>
Subject: [PATCH 03/14] signal: More accurate ignoring of signals based on sig_can_short_circuit
Date: Fri, 03 Jul 2026 16:37:50 -0500 [thread overview]
Message-ID: <87pl133gb5.fsf_-_@email.froward.int.ebiederm.org> (raw)
In-Reply-To: <877bnb4uyw.fsf_-_@email.froward.int.ebiederm.org> (Eric W. Biederman's message of "Fri, 03 Jul 2026 16:35:51 -0500")
For a signal to be ignored two things need to happen:
- The conditions need to be present to ignore calling the signal handler.
- The signal needs to be deliverable to at least one thread of the process
In rare cases the like unblocked signals on a dead thread the current
code will ignore signals that are blocked by all living threads.
Opportunities to ignore signals are missed when another thread has the
signal unblocked.
Implement sig_can_short_circuit to properly detect that short
circuiting is possible.
Rename sig_task_ignored to sig_ingored.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
---
kernel/signal.c | 59 ++++++++++++++++++++++++++++++++++++-------------
1 file changed, 44 insertions(+), 15 deletions(-)
diff --git a/kernel/signal.c b/kernel/signal.c
index 1a8183606dc0..4429d3ec6776 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -81,7 +81,7 @@ static inline bool sig_handler_ignored(void __user *handler, int sig)
(handler == SIG_DFL && sig_kernel_ignore(sig));
}
-static bool sig_task_ignored(struct task_struct *t, int sig, bool force)
+static bool sig_ignored(struct task_struct *t, int sig, bool force)
{
void __user *handler;
@@ -122,25 +122,49 @@ static bool sig_blocked(struct task_struct *t, int sig)
sigismember(&t->real_blocked, sig);
}
-static bool sig_ignored(struct task_struct *t, int sig, bool force)
+static bool sig_can_short_circuit_to_thread(struct task_struct *thread, int sig)
{
+ /* Only a living thread can receive a short circuit signal */
+ if (__fatal_signal_pending(thread) || (thread->flags & PF_EXITING))
+ return false;
+
/*
- * Blocked signals are never ignored, since the
- * signal handler may change by the time it is
- * unblocked.
+ * If the signal handler is blocked then short circuit
+ * delivery may not happen because the signal handler may
+ * change by the time it is unblocked.
*/
- if (sig_blocked(t, sig))
+ if (sig_blocked(thread, sig))
return false;
/*
- * Tracers may want to know about even ignored signal unless it
- * is SIGKILL which can't be reported anyway but can be ignored
- * by SIGNAL_UNKILLABLE task.
+ * Tracers are allowed to see and modify all signals.
+ * SIGKILL and the SA_IMMUTABLE signals are an exception.
*/
- if (t->ptrace && sig != SIGKILL)
+ if (thread->ptrace &&
+ (sig != SIGKILL) &&
+ !(thread->sighand->action[sig - 1].sa.sa_flags & SA_IMMUTABLE))
return false;
- return sig_task_ignored(t, sig, force);
+ return true;
+}
+
+static bool sig_can_short_circuit(struct task_struct *p, enum pid_type type, int sig)
+{
+ /*
+ * Is there at least one thread where the short circuit
+ * delivery is valid?
+ */
+ struct task_struct *thread;
+
+ if (type == PIDTYPE_PID)
+ return sig_can_short_circuit_to_thread(p, sig);
+
+ for_each_thread(p, thread) {
+ if (sig_can_short_circuit_to_thread(thread, sig))
+ return true;
+ }
+
+ return false;
}
/*
@@ -887,7 +911,8 @@ static void ptrace_trap_notify(struct task_struct *t)
* Returns true if the signal should be actually delivered, otherwise
* it should be dropped.
*/
-static bool prepare_signal(int sig, struct task_struct *p, bool force)
+static bool prepare_signal(int sig, struct task_struct *p,
+ enum pid_type type, bool force)
{
struct signal_struct *signal = p->signal;
struct task_struct *t;
@@ -951,7 +976,11 @@ static bool prepare_signal(int sig, struct task_struct *p, bool force)
}
}
- return !sig_ignored(p, sig, force);
+ /* Stop process the signal if nothing more needs to be done */
+ if (sig_ignored(p, sig, force) && sig_can_short_circuit(p, type, sig))
+ return false;
+
+ return true;
}
/*
@@ -1082,7 +1111,7 @@ static int __send_signal_locked(int sig, struct kernel_siginfo *info,
lockdep_assert_held(&t->sighand->siglock);
result = TRACE_SIGNAL_IGNORED;
- if (!prepare_signal(sig, t, force))
+ if (!prepare_signal(sig, t, type, force))
goto ret;
pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending;
@@ -2020,7 +2049,7 @@ void posixtimer_send_sigqueue(struct k_itimer *tmr)
*/
tmr->it_sig_periodic = tmr->it_status == POSIX_TIMER_REQUEUE_PENDING;
- if (!prepare_signal(sig, t, false)) {
+ if (!prepare_signal(sig, t, tmr->it_pid_type, false)) {
result = TRACE_SIGNAL_IGNORED;
if (!list_empty(&q->list)) {
--
2.41.0
next prev parent reply other threads:[~2026-07-03 21:38 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-19 13:27 [PATCH v2 1/3] signal: change force_sig_info_to_task() to call __send_signal_locked() Oleg Nesterov
2026-06-19 13:27 ` [PATCH v2 2/3] signal: turn the "bool force" arg of __send_signal_locked() into "int flags" Oleg Nesterov
2026-06-19 13:28 ` [PATCH v2 3/3] signal: fix evasion of SA_IMMUTABLE signals Oleg Nesterov
2026-06-26 16:52 ` [PATCH 0/11] Short circuit delivery for coredump signals Eric W. Biederman
2026-06-26 16:54 ` [PATCH 01/11] signal: Compute the exit_code in get_signal Eric W. Biederman
2026-06-26 16:54 ` [PATCH 02/11] signal: In get_signal call do_exit when it is unnecessary to shoot down threads Eric W. Biederman
2026-06-26 16:55 ` [PATCH 03/11] signal: Bring down all threads when handling a non-coredump fatal signal Eric W. Biederman
2026-06-26 16:55 ` [PATCH 04/11] signal: Move stopping for the coredump from do_exit into get_signal Eric W. Biederman
2026-06-26 16:56 ` [PATCH 05/11] signal: Move audit_core_dumps from do_coredump " Eric W. Biederman
2026-06-26 16:57 ` [PATCH 06/11] coredump: In zap_threads complete startup if there is no need to wait Eric W. Biederman
2026-06-26 16:57 ` [PATCH 07/11] signal: Use the thread killing in get_signal for coredumps Eric W. Biederman
2026-06-26 16:58 ` [PATCH 08/11] exit: Make do_group_exit static Eric W. Biederman
2026-06-26 16:59 ` [PATCH 09/11] signal: Dequeue fatal signals Eric W. Biederman
2026-06-26 16:59 ` [PATCH 10/11] signal: Short circuit deliver coredump signals Eric W. Biederman
2026-06-26 17:00 ` [PATCH 11/11] signal: Remove SA_IMMUTABLE Eric W. Biederman
2026-06-28 14:29 ` [PATCH 0/11] Short circuit delivery for coredump signals Oleg Nesterov
2026-06-29 6:22 ` Eric W. Biederman
2026-06-29 17:45 ` Eric W. Biederman
2026-07-02 10:36 ` Oleg Nesterov
2026-07-03 20:16 ` Eric W. Biederman
2026-07-03 21:35 ` [PATCH v2 00/14] " Eric W. Biederman
2026-07-03 21:36 ` [PATCH 01/14] signal: Generalize posixtimer_queue_sigqueue into enqueue_signal Eric W. Biederman
2026-07-03 21:37 ` [PATCH 02/14] signal: Factor out sig_blocked from sig_ignored Eric W. Biederman
2026-07-03 21:37 ` Eric W. Biederman [this message]
2026-07-03 21:38 ` [PATCH 04/14] signal: Use sig_can_short_circuit to improve fatal signal delivery Eric W. Biederman
2026-07-03 21:39 ` [PATCH 05/14] signal: Compute the exit_code in get_signal Eric W. Biederman
2026-07-03 21:39 ` Eric W. Biederman
2026-07-03 21:40 ` [PATCH 06/14] signal: In get_signal call do_exit when it is unnecessary to shoot down threads Eric W. Biederman
2026-07-03 21:40 ` [PATCH 07/14] signal: Bring down all threads when handling a non-coredump fatal signal Eric W. Biederman
2026-07-03 21:41 ` [PATCH 08/14] signal: Move stopping for the coredump from do_exit into get_signal Eric W. Biederman
2026-07-03 21:41 ` [PATCH 09/14] signal: Move audit_core_dumps from do_coredump " Eric W. Biederman
2026-07-03 21:42 ` [PATCH 10/14] coredump: In zap_threads complete startup if there is no need to wait Eric W. Biederman
2026-07-03 21:43 ` [PATCH 11/14] signal: Use the thread killing in get_signal for coredumps Eric W. Biederman
2026-07-03 21:43 ` [PATCH 12/14] exit: Make do_group_exit static Eric W. Biederman
2026-07-03 21:44 ` [PATCH 13/14] signal: Dequeue fatal signals Eric W. Biederman
2026-07-03 21:44 ` [PATCH 14/14] signal: Short circuit deliver coredump signals Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pl133gb5.fsf_-_@email.froward.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=akpm@linux-foundation.org \
--cc=brauner@kernel.org \
--cc=kees@kernel.org \
--cc=kusaram@devineni.in \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox