Re: [PATCH] select: fix sys_select to not leak ERESTARTNOHAND to userspace
From: Neil Horman
Date: Mon Jan 22 2007 - 11:24:55 EST
On Mon, Jan 22, 2007 at 08:03:53AM -0800, Linus Torvalds wrote:
>
>
> On Mon, 22 Jan 2007, Neil Horman wrote:
>
> > On Mon, Jan 22, 2007 at 02:59:56PM +0100, Paolo Ornati wrote:
> > >
> > > the ERESTARTNOHAND thing is handled in arch specific signal code,
> >
> > In the signal handling path yes.
>
> Right.
>
> > Not always in the case of select, though. Check core_sys_select:
>
> No, even in the case of select().
>
> > if (!ret) {
> > ret = -ERESTARTNOHAND;
> > if (signal_pending(current))
> > goto out;
> > ret = 0;
>
> Since we have "signal_pending(current)" being true, we _know_ that the
> signal handling path will be triggered, so the ERESTARTNOHAND will be
> changed into the appropriate error return (or restart) by the signal
> handling code.
>
> > Its possible for core_sys_select to return ERESTARTNOHAND to sys_select, which
> > will in turn (as its currently written), return that value back to user space.
>
> No. Exactly because sys_select() will always return through the system
> call handling path, and that will turn the ERESTARTNOHAND into something
> else.
>
> NOTE! If you use "ptrace()", you may see the internal errors. But that's a
> ptrace-only thing, and may have fooled you into thinking that the actual
> _application_ sees those internal errors. It won't.
>
> Of course, we could have some signal-handling bug here, but if so, it
> would affect a lot more than just select(). Have you actually seen
> ERESTARTNOINTR in the app (not just ptrace?)
>
The error was reported to me second hand. I'm expecting a reproducer (although
to date, I'm still waiting for it, so I may have jumped the gun here). In fact,
I see what your saying now, down in the assembly glue for our arches (x86 in
this case) we jump to do_notify_resume since we have a pending signal, and
inside do_signal from there we fix up ERESTARTNOHAND to be something sane for
userspace. Ok, I withdraw this patch. I'll repost when/if I get my hands on
the reproducer and see that something is actually slipping through.
Neil
> Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/