From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out03.mta.xmission.com (out03.mta.xmission.com [166.70.13.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD57C259C80 for ; Fri, 3 Jul 2026 21:38:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=166.70.13.233 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783114685; cv=none; b=ROr/reN0gGwdgUy3iVxGg7vN57OY4wpUZla6yeJU6HP+q8vYHzi1GKsMXX0b+IydXU8jT49bFuNcTa5FpLXQ2l6zt2BAHUzlXpT5QbjycTRfD1u6Zi5Bs10mOyKzG5em08NADpzJmmV7d20E5EHAaobfUGwSLv3hmfsGhx6ReY0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783114685; c=relaxed/simple; bh=XyehEEUbUbVRMTRRY2GESpUnG52b1MD1RZ6G4v2T0hQ=; h=From:To:Cc:In-Reply-To:References:Date:Message-ID:MIME-Version: Content-Type:Subject; b=AA2ncuzPHO0yP29eSHi/bfqYHUqHB69ElSFDX8C+CFk58BMzxPYdJfNuzbfRX5TFJaUtPQm08MRP0MFA5doQqtqNOyZUwa2f31u9NOsBjzB04rEKEnxMsLV+a+CrqNsvU9taU0FC1NOTaPbHx0l3GdFOHXxVam7SlmHbt78wdjo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=xmission.com; spf=pass smtp.mailfrom=xmission.com; dkim=pass (1024-bit key) header.d=xmission.com header.i=@xmission.com header.b=nUWe6U4l; arc=none smtp.client-ip=166.70.13.233 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=xmission.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xmission.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=xmission.com header.i=@xmission.com header.b="nUWe6U4l" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=simple/simple; d=xmission.com; s=xmission; h=Subject:Content-Type:MIME-Version:Message-ID:Date:References: In-Reply-To:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=XyehEEUbUbVRMTRRY2GESpUnG52b1MD1RZ6G4v2T0hQ=; b=nUWe6U4lqYfAXSnwKcJR0Grgb4 qBgoWTWgQ6pDMlqGWQEPhFquC9bN+WntCz4C9NLV1SDNWGUK/im3K7O4pk7cq100yht7D9op9yjz7 CyySa/mVR5xQlnJK7vtcbLjMPCEG6uSg3JfYS9nxFkOYftS6uGVgnHKisy00JY2RcXI8=; Received: from in01.mta.xmission.com ([166.70.13.51]:46176) by out03.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1wfla8-00HZCa-P2; Fri, 03 Jul 2026 15:37:56 -0600 Received: from ip72-198-198-28.om.om.cox.net ([72.198.198.28]:55750 helo=email.froward.int.ebiederm.org.xmission.com) by in01.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1wfla7-00Dm7m-Pd; Fri, 03 Jul 2026 15:37:56 -0600 From: "Eric W. Biederman" To: Oleg Nesterov Cc: Andrew Morton , Andy Lutomirski , Kees Cook , Kusaram Devineni , Peter Zijlstra , Thomas Gleixner , Will Drewry , linux-kernel@vger.kernel.org, Linus Torvalds , Christian Brauner In-Reply-To: <877bnb4uyw.fsf_-_@email.froward.int.ebiederm.org> (Eric W. Biederman's message of "Fri, 03 Jul 2026 16:35:51 -0500") References: <87o6gx9rc4.fsf@email.froward.int.ebiederm.org> <877bnh7tnf.fsf@email.froward.int.ebiederm.org> <877bnb4uyw.fsf_-_@email.froward.int.ebiederm.org> Date: Fri, 03 Jul 2026 16:37:50 -0500 Message-ID: <87pl133gb5.fsf_-_@email.froward.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1wfla7-00Dm7m-Pd;;;mid=<87pl133gb5.fsf_-_@email.froward.int.ebiederm.org>;;;hst=in01.mta.xmission.com;;;ip=72.198.198.28;;;frm=ebiederm@xmission.com;;;sPfnum=0;;;sPf=pass X-XM-AID: U2FsdGVkX1+IVlXb4rEY3Os2tP+8ysT+zXTrFNMLzR0= X-Spam-Level: * X-Spam-Virus: No X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.1 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4996] * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.7 XMSubLong Long Subject * 0.5 XMGappySubj_01 Very gappy subject * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa03 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa03 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *;Oleg Nesterov X-Spam-Relay-Country: X-Spam-Timing: total 541 ms - load_scoreonly_sql: 0.05 (0.0%), signal_user_changed: 4.4 (0.8%), b_tie_ro: 2.9 (0.5%), parse: 1.33 (0.2%), extract_message_metadata: 12 (2.1%), get_uri_detail_list: 2.8 (0.5%), tests_pri_-2000: 10 (1.8%), tests_pri_-1000: 2.1 (0.4%), tests_pri_-950: 0.98 (0.2%), tests_pri_-900: 0.80 (0.1%), tests_pri_-90: 63 (11.6%), check_bayes: 61 (11.3%), b_tokenize: 8 (1.4%), b_tok_get_all: 8 (1.5%), b_comp_prob: 1.74 (0.3%), b_tok_touch_all: 41 (7.6%), b_finish: 0.71 (0.1%), tests_pri_0: 434 (80.1%), check_dkim_signature: 0.43 (0.1%), check_dkim_adsp: 2.7 (0.5%), poll_dns_idle: 1.49 (0.3%), tests_pri_10: 2.8 (0.5%), tests_pri_500: 8 (1.5%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH 03/14] signal: More accurate ignoring of signals based on sig_can_short_circuit X-SA-Exim-Connect-IP: 166.70.13.51 X-SA-Exim-Rcpt-To: brauner@kernel.org, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, wad@chromium.org, tglx@kernel.org, peterz@infradead.org, kusaram@devineni.in, kees@kernel.org, luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com X-SA-Exim-Mail-From: ebiederm@xmission.com X-SA-Exim-Scanned: No (on out03.mta.xmission.com); SAEximRunCond expanded to false For a signal to be ignored two things need to happen: - The conditions need to be present to ignore calling the signal handler. - The signal needs to be deliverable to at least one thread of the process In rare cases the like unblocked signals on a dead thread the current code will ignore signals that are blocked by all living threads. Opportunities to ignore signals are missed when another thread has the signal unblocked. Implement sig_can_short_circuit to properly detect that short circuiting is possible. Rename sig_task_ignored to sig_ingored. Signed-off-by: "Eric W. Biederman" --- kernel/signal.c | 59 ++++++++++++++++++++++++++++++++++++------------- 1 file changed, 44 insertions(+), 15 deletions(-) diff --git a/kernel/signal.c b/kernel/signal.c index 1a8183606dc0..4429d3ec6776 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -81,7 +81,7 @@ static inline bool sig_handler_ignored(void __user *handler, int sig) (handler == SIG_DFL && sig_kernel_ignore(sig)); } -static bool sig_task_ignored(struct task_struct *t, int sig, bool force) +static bool sig_ignored(struct task_struct *t, int sig, bool force) { void __user *handler; @@ -122,25 +122,49 @@ static bool sig_blocked(struct task_struct *t, int sig) sigismember(&t->real_blocked, sig); } -static bool sig_ignored(struct task_struct *t, int sig, bool force) +static bool sig_can_short_circuit_to_thread(struct task_struct *thread, int sig) { + /* Only a living thread can receive a short circuit signal */ + if (__fatal_signal_pending(thread) || (thread->flags & PF_EXITING)) + return false; + /* - * Blocked signals are never ignored, since the - * signal handler may change by the time it is - * unblocked. + * If the signal handler is blocked then short circuit + * delivery may not happen because the signal handler may + * change by the time it is unblocked. */ - if (sig_blocked(t, sig)) + if (sig_blocked(thread, sig)) return false; /* - * Tracers may want to know about even ignored signal unless it - * is SIGKILL which can't be reported anyway but can be ignored - * by SIGNAL_UNKILLABLE task. + * Tracers are allowed to see and modify all signals. + * SIGKILL and the SA_IMMUTABLE signals are an exception. */ - if (t->ptrace && sig != SIGKILL) + if (thread->ptrace && + (sig != SIGKILL) && + !(thread->sighand->action[sig - 1].sa.sa_flags & SA_IMMUTABLE)) return false; - return sig_task_ignored(t, sig, force); + return true; +} + +static bool sig_can_short_circuit(struct task_struct *p, enum pid_type type, int sig) +{ + /* + * Is there at least one thread where the short circuit + * delivery is valid? + */ + struct task_struct *thread; + + if (type == PIDTYPE_PID) + return sig_can_short_circuit_to_thread(p, sig); + + for_each_thread(p, thread) { + if (sig_can_short_circuit_to_thread(thread, sig)) + return true; + } + + return false; } /* @@ -887,7 +911,8 @@ static void ptrace_trap_notify(struct task_struct *t) * Returns true if the signal should be actually delivered, otherwise * it should be dropped. */ -static bool prepare_signal(int sig, struct task_struct *p, bool force) +static bool prepare_signal(int sig, struct task_struct *p, + enum pid_type type, bool force) { struct signal_struct *signal = p->signal; struct task_struct *t; @@ -951,7 +976,11 @@ static bool prepare_signal(int sig, struct task_struct *p, bool force) } } - return !sig_ignored(p, sig, force); + /* Stop process the signal if nothing more needs to be done */ + if (sig_ignored(p, sig, force) && sig_can_short_circuit(p, type, sig)) + return false; + + return true; } /* @@ -1082,7 +1111,7 @@ static int __send_signal_locked(int sig, struct kernel_siginfo *info, lockdep_assert_held(&t->sighand->siglock); result = TRACE_SIGNAL_IGNORED; - if (!prepare_signal(sig, t, force)) + if (!prepare_signal(sig, t, type, force)) goto ret; pending = (type != PIDTYPE_PID) ? &t->signal->shared_pending : &t->pending; @@ -2020,7 +2049,7 @@ void posixtimer_send_sigqueue(struct k_itimer *tmr) */ tmr->it_sig_periodic = tmr->it_status == POSIX_TIMER_REQUEUE_PENDING; - if (!prepare_signal(sig, t, false)) { + if (!prepare_signal(sig, t, tmr->it_pid_type, false)) { result = TRACE_SIGNAL_IGNORED; if (!list_empty(&q->list)) { -- 2.41.0