The Linux Kernel Mailing List
 help / color / mirror / Atom feed
From: Oleg Nesterov <oleg@redhat.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Andy Lutomirski <luto@kernel.org>, Kees Cook <kees@kernel.org>,
	Kusaram Devineni <kusaram@devineni.in>,
	Peter Zijlstra <peterz@infradead.org>,
	Thomas Gleixner <tglx@kernel.org>, Will Drewry <wad@chromium.org>,
	linux-kernel@vger.kernel.org,
	Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH 0/11] Short circuit delivery for coredump signals
Date: Thu, 2 Jul 2026 12:36:31 +0200	[thread overview]
Message-ID: <akY_L6uDZnbO_5Jh@redhat.com> (raw)
In-Reply-To: <875x315jh0.fsf@email.froward.int.ebiederm.org>

On 06/29, Eric W. Biederman wrote:
>
> "Eric W. Biederman" <ebiederm@xmission.com> writes:
>
> > Oleg Nesterov <oleg@redhat.com> writes:
> >
> >> 	if (signal->flags & SIGNAL_GROUP_EXIT) {
> >> 		if (signal->core_state)
> >> 			return sig == SIGKILL;
> >> 		/*
> >> 		 * The process is in the middle of dying, drop the signal.
> >> 		 */
> >> 		return false;
> >>
> >> This means that if SIGKILL comes before coredump_begin() sets signal->core_state,
> >> it will be lost.
> >
> > I will reexamine that.  I used to have something to deal with this case
> > but somehow convinced myself it didn't matter.
>
> I was thinking of another related problem.
>
> In this case loosing SIGKILL before coredump_begin seems fine.  The process
> is already dying of a signal.

Hmm. I disagree...

> The only point of supporting SIGKILL at all during a coredump is because
> writing the coredump out can be slow.  So SIGKILL in that case just
> aborts the coredump.

Yes, the coredumping process is not dead. Yet. It can do a lot of activity
and use a lot of resources.

> Do you know of something where userspace actually depends upon
> killing a coredump before it even starts?

Well. I think a user has all rights to assume that SIGKILL must always
terminate the process asap, the process killed by SIGKILL must not start
the coredumping.

> There is another corner case I just noticed.
>
> When force_sig_info_to_task is passed HANDLER_EXIT today get_signal
> skips ptrace stops when SA_IMMUTABLE is set.  My change did not short
> circuit deliver those signals when the process was ptraced so my last
> change removing SA_IMMUTABLE was premature.

Yes... and do_sigacttion() between send and delivery...

Oleg.


      reply	other threads:[~2026-07-02 10:36 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-19 13:27 [PATCH v2 1/3] signal: change force_sig_info_to_task() to call __send_signal_locked() Oleg Nesterov
2026-06-19 13:27 ` [PATCH v2 2/3] signal: turn the "bool force" arg of __send_signal_locked() into "int flags" Oleg Nesterov
2026-06-19 13:28 ` [PATCH v2 3/3] signal: fix evasion of SA_IMMUTABLE signals Oleg Nesterov
2026-06-26 16:52 ` [PATCH 0/11] Short circuit delivery for coredump signals Eric W. Biederman
2026-06-26 16:54   ` [PATCH 01/11] signal: Compute the exit_code in get_signal Eric W. Biederman
2026-06-26 16:54   ` [PATCH 02/11] signal: In get_signal call do_exit when it is unnecessary to shoot down threads Eric W. Biederman
2026-06-26 16:55   ` [PATCH 03/11] signal: Bring down all threads when handling a non-coredump fatal signal Eric W. Biederman
2026-06-26 16:55   ` [PATCH 04/11] signal: Move stopping for the coredump from do_exit into get_signal Eric W. Biederman
2026-06-26 16:56   ` [PATCH 05/11] signal: Move audit_core_dumps from do_coredump " Eric W. Biederman
2026-06-26 16:57   ` [PATCH 06/11] coredump: In zap_threads complete startup if there is no need to wait Eric W. Biederman
2026-06-26 16:57   ` [PATCH 07/11] signal: Use the thread killing in get_signal for coredumps Eric W. Biederman
2026-06-26 16:58   ` [PATCH 08/11] exit: Make do_group_exit static Eric W. Biederman
2026-06-26 16:59   ` [PATCH 09/11] signal: Dequeue fatal signals Eric W. Biederman
2026-06-26 16:59   ` [PATCH 10/11] signal: Short circuit deliver coredump signals Eric W. Biederman
2026-06-26 17:00   ` [PATCH 11/11] signal: Remove SA_IMMUTABLE Eric W. Biederman
2026-06-28 14:29   ` [PATCH 0/11] Short circuit delivery for coredump signals Oleg Nesterov
2026-06-29  6:22     ` Eric W. Biederman
2026-06-29 17:45       ` Eric W. Biederman
2026-07-02 10:36         ` Oleg Nesterov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=akY_L6uDZnbO_5Jh@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=ebiederm@xmission.com \
    --cc=kees@kernel.org \
    --cc=kusaram@devineni.in \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=peterz@infradead.org \
    --cc=tglx@kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=wad@chromium.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox