Re: [PATCH] tty: fix leakage of -ERESTARTSYS to userland

From: Satoru Takeuchi
Date: Wed May 30 2007 - 20:48:27 EST

Next message: john stultz: "[BUG] futex_unlock_pi() hurts my brain and may cause applicationdeadlock"
Previous message: Neil Brown: "Re: [RFD] BIO_RW_BARRIER - what it means for devices, filesystems, and dm/md."
In reply to: Oleg Nesterov: "Re: [PATCH] tty: fix leakage of -ERESTARTSYS to userland"
Next in thread: Roland McGrath: "Re: [PATCH] tty: fix leakage of -ERESTARTSYS to userland"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At Wed, 30 May 2007 23:18:49 +0400,
Oleg Nesterov wrote:
>
> On 05/30, Andrew Morton wrote:
> > On Tue, 29 May 2007 22:44:35 +0400
> > Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> >
> > > --- t/drivers/char/n_tty.c~ 2007-04-05 12:18:26.000000000 +0400
> > > +++ t/drivers/char/n_tty.c 2007-05-28 10:57:58.000000000 +0400
> > > @@ -1191,6 +1191,7 @@ static int job_control(struct tty_struct
> > > is_current_pgrp_orphaned())
> > > return -EIO;
> > > kill_pgrp(task_pgrp(current), SIGTTIN, 1);
> > > + set_thread_flag(TIF_SIGPENDING);
> > > return -ERESTARTSYS;
> > > }
> > > }
> >
> > Are there other callers of kill_pgrp() which have the same problem?
>
> Hopefully no.
>
> > Perhaps we should have a kill_pgrp_self() which takes care of doing
> > this, rather than open-coding it. Something with a comment which
> > explains what's going on ;)
>
> This set_thread_flag(TIF_SIGPENDING) is "connected" to "return -ERESTARTSYS",
> not to kill_pgrp(), imho the new helper is not so suitable.
>
> Perhaps it makes sense to add the comment into include/linux/errno.h, to
> explain that -ERESTART... codes are only valid when signal_pending() == true.

Like this?

Satoru

---
Add comment for errnos related to restart syscall to avoid the leakage of
kernel only errnos.

Signed-off-by: Satoru Takeuchi <takeuchi_satoru@xxxxxxxxxxxxxx>
Cc: Oleg Nesterov <oleg@xxxxxxxxxx>

Index: linux-2.6.22-rc3/include/linux/errno.h
===================================================================
--- linux-2.6.22-rc3.orig/include/linux/errno.h 2007-04-26 12:08:32.000000000 +0900
+++ linux-2.6.22-rc3/include/linux/errno.h 2007-05-31 09:44:27.000000000 +0900
@@ -5,7 +5,11 @@

#ifdef __KERNEL__

-/* Should never be seen by user programs */
+/*
+ * Should never be seen by user programs. Please note that returing
+ * `ERESTART*' errnos when `!signal_pending()' incurs the leakage of these
+ * errnos to user space.
+ */
#define ERESTARTSYS 512
#define ERESTARTNOINTR 513
#define ERESTARTNOHAND 514 /* restart if no handler.. */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: john stultz: "[BUG] futex_unlock_pi() hurts my brain and may cause applicationdeadlock"
Previous message: Neil Brown: "Re: [RFD] BIO_RW_BARRIER - what it means for devices, filesystems, and dm/md."
In reply to: Oleg Nesterov: "Re: [PATCH] tty: fix leakage of -ERESTARTSYS to userland"
Next in thread: Roland McGrath: "Re: [PATCH] tty: fix leakage of -ERESTARTSYS to userland"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]