Re: [PATCH 01/17] signal: Make SIGKILL during coredumps an explicit special case

[Eric W. Biederman]

Oleg Nesterov <oleg@xxxxxxxxxx> writes:

> Hi Eric,
>
> I'll _try_ to read this (nontrivial) changes this week. To be honest,
> right now I don't really understand your goals after the quick glance...
>
> So far I have only looked at this simple 1/17 and it doesn't look right
> to me.

It might be worth applying them all on a branch and just looking at the
end result.

The interactions between all of the ways a process can exit wind up
being different, but being clean.

> On 06/18, Eric W. Biederman wrote:
>>
>> --- a/kernel/signal.c
>> +++ b/kernel/signal.c
>> @@ -907,8 +907,12 @@ static bool prepare_signal(int sig, struct task_struct *p, bool force)
>>  	sigset_t flush;
>>  
>>  	if (signal->flags & SIGNAL_GROUP_EXIT) {
>> -		if (signal->core_state)
>> -			return sig == SIGKILL;
>> +		if (signal->core_state && (sig == SIGKILL)) {
>> +			struct task_struct *dumper =
>> +				signal->core_state->dumper.task;
>> +			sigaddset(&dumper->pending.signal, SIGKILL);
>> +			signal_wake_up(dumper, 1);
>> +		}
>
> and after that it returns false so __send_signal_locked/send_sigqueue simply
> return. This means:
>
> 	- the caller will wrongly report TRACE_SIGNAL_IGNORED

Fair.

>
> 	- complete_signal() won't be called, so signal->group_exit_code
> 	  won't be updated.
>
> 	  coredump_finish() won't change it too so the process will exit
> 	  with group_exit_code == signr /* coredumping signal */.
>
> 	  Yes, the fix is obvious and trivial...

The signal handling from the coredump is arguably correct.  The process
has already exited, and gotten an exit code.

But I really don't care about the exit_code either way.  I just want to
make ``killing'' a dead process while it core dumps independent of
complete_signal.

That ``killing'' of a dead process is a completely special case.

Eric