user/sven/linux.git/kernel/exit.c, branch v2.6.30.1Linux Kernel
https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v2.6.30.12009-04-07T21:07:52ZMerge branch 'irq/threaded' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip2009-04-07T21:07:52ZLinus Torvaldstorvalds@linux-foundation.org2009-04-07T21:07:52Zurn:sha1:c61b79b6ef266890954213a701d8f6021d8c1289
* 'irq/threaded' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
genirq: fix devres.o build for GENERIC_HARDIRQS=n
genirq: provide old request_irq() for CONFIG_GENERIC_HARDIRQ=n
genirq: threaded irq handlers review fixups
genirq: add support for threaded interrupts to devres
genirq: add threaded interrupt handler support
exit_notify: kill the wrong capable(CAP_KILL) check2009-04-06T21:57:23ZOleg Nesterovoleg@redhat.com2009-04-06T14:16:02Zurn:sha1:432870dab85a2f69dc417022646cb9a70acf7f94
The CAP_KILL check in exit_notify() looks just wrong, kill it.
Whatever logic we have to reset ->exit_signal, the malicious user
can bypass it if it execs the setuid application before exiting.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge branch 'linus' into irq/threaded2009-04-05T23:41:22ZIngo Molnarmingo@elte.hu2009-04-05T23:41:22Zurn:sha1:9efe21cb82b5dbe3b0b2ae4de4eccc64ecb94e95
Conflicts:
include/linux/irq.h
kernel/irq/handle.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.62009-04-03T04:09:10ZLinus Torvaldstorvalds@linux-foundation.org2009-04-03T04:09:10Zurn:sha1:8fe74cf053de7ad2124a894996f84fa890a81093
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
Remove two unneeded exports and make two symbols static in fs/mpage.c
Cleanup after commit 585d3bc06f4ca57f975a5a1f698f65a45ea66225
Trim includes of fdtable.h
Don't crap into descriptor table in binfmt_som
Trim includes in binfmt_elf
Don't mess with descriptor table in load_elf_binary()
Get rid of indirect include of fs_struct.h
New helper - current_umask()
check_unsafe_exec() doesn't care about signal handlers sharing
New locking/refcounting for fs_struct
Take fs_struct handling to new file (fs/fs_struct.c)
Get rid of bumping fs_struct refcount in pivot_root(2)
Kill unsharing fs_struct in __set_personality()
pids: kill signal_struct-> __pgrp/__session and friends2009-04-03T02:05:02ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:39Zurn:sha1:1b0f7ffd0ea27cd3a0b9ca04e3df9522048c32a3
We are wasting 2 words in signal_struct without any reason to implement
task_pgrp_nr() and task_session_nr().
task_session_nr() has no callers since
2e2ba22ea4fd4bb85f0fa37c521066db6775cbef, we can remove it.
task_pgrp_nr() is still (I believe wrongly) used in fs/autofsX and
fs/coda.
This patch reimplements task_pgrp_nr() via task_pgrp_nr_ns(), and kills
__pgrp/__session and the related helpers.
The change in drivers/char/tty_io.c is cosmetic, but hopefully makes sense
anyway.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Alan Cox <number6@the-village.bc.nu> [tty parts]
Cc: Cedric Le Goater <clg@fr.ibm.com>
Cc: Dave Hansen <haveblue@us.ibm.com>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: Serge Hallyn <serue@us.ibm.com>
Cc: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
pids: improve get_task_pid() to fix the unsafe sys_wait4()->task_pgrp()2009-04-03T02:05:02ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:36Zurn:sha1:2ae448efc87df6d328f5835969076c7f9fce59c3
sys_wait4() does get_pid(task_pgrp(current)), this is not safe. We can
add rcu lock/unlock around, but we already have get_task_pid() which can
be improved to handle the special pids in more reliable manner.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Louis Rilling <Louis.Rilling@kerlabs.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
forget_original_parent: do not abuse child->ptrace_entry2009-04-03T02:05:00ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:19Zurn:sha1:5dfc80be73dd0c212d2e6dd8dbf5afa07e680bbe
By discussion with Roland.
- Use ->sibling instead of ->ptrace_entry to chain the need to be
release_task'd childs. Nobody else can use ->sibling, this task
is EXIT_DEAD and nobody can find it on its own list.
- rename ptrace_dead to dead_childs.
- Now that we don't have the "parallel" untrace code, change back
reparent_thread() to return void, pass dead_childs as an argument.
Actually, I don't understand why do we notify /sbin/init when we
reparent a zombie, probably it is better to reap it unconditionally.
[akpm@linux-foundation.org: s/childs/children/]
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Metzger, Markus T" <markus.t.metzger@intel.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
forget_original_parent: split out the un-ptrace part2009-04-03T02:05:00ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:18Zurn:sha1:39c626ae47c469abdfd30c6e42eff884931380d6
By discussion with Roland.
- Rename ptrace_exit() to exit_ptrace(), and change it to do all the
necessary work with ->ptraced list by its own.
- Move this code from exit.c to ptrace.c
- Update the comment in ptrace_detach() to explain the rechecking of
the child->ptrace.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Metzger, Markus T" <markus.t.metzger@intel.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
reparent_thread: fix a zombie leak if /sbin/init ignores SIGCHLD2009-04-03T02:04:59ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:17Zurn:sha1:7f5d3652d469cdf9eb2365dfea7ce3fb9e1409cc
If /sbin/init ignores SIGCHLD and we re-parent a zombie, it is leaked.
reparent_thread() does do_notify_parent() which sets ->exit_signal = -1 in
this case. This means that nobody except us can reap it, the detached
task is not visible to do_wait().
Change reparent_thread() to return a boolean (like __pthread_detach) to
indicate that the thread is dead and must be released. Also change
forget_original_parent() to add the child to ptrace_dead list in this
case.
The naming becomes insane, the next patch does the cleanup.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
reparent_thread: fix the "is it traced" check2009-04-03T02:04:59ZOleg Nesterovoleg@redhat.com2009-04-02T23:58:16Zurn:sha1:b1442b055c154699a6a2c436f3352f71b6beede3
reparent_thread() uses ptrace_reparented() to check whether this thread is
ptraced, in that case we should not notify the new parent.
But ptrace_reparented() is not exactly correct when the reparented thread
is traced by /sbin/init, because forget_original_parent() has already
changed ->real_parent.
Currently, the only problem is the false notification. But with the next
patch the kernel crash in this (yes, pathological) case.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>