[PATCH] fork: fix race in setting child's pgrp and tty

From: Oren Laadan
Date: Thu Dec 08 2005 - 21:14:09 EST

Next message: Jonathan Woithe: "Re: 2.6.14-rt21: slow-running clock"
Previous message: Venkatesh Pallipadi: "[RFC][PATCH 0/3]i386,x86-64 Handle missing local APIC timer interrupts on C3 state"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[PATCH] fork: fix race in setting child's pgrp and tty

In fork, child should recopy parent's pgrp/tty after it has tasklist_lock.
Otherwise following a setpgid() on the parent, *after* copy_signal(), the
child will own a stale pgrp (which may be reused); (eg. if copy_mm() sleeps a long while due to memory pressure). Similar issue for the tty.

Signed-off-by: Oren Laadan <orenl@xxxxxxxxxxxxxxx>
---

diff --git a/kernel/fork.c b/kernel/fork.c
index fb8572a..059e71f 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1055,6 +1055,15 @@ static task_t *copy_process(unsigned lon
!cpu_online(task_cpu(p))))
set_task_cpu(p, smp_processor_id());

+ /* + * signal->{prgp,tty} may have changed since we had copied them;
+ * pgrp may have been freed -- and reused -- since then [orenl]
+ */
+ if (p->signal != current->signal) {
+ p->signal->tty = current->signal->tty;
+ p->signal->pgrp = process_group(current);
+ }
+
/*
* Check for pending SIGKILL! The new thread should not be allowed
* to slip out of an OOM kill. (or normal SIGKILL.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jonathan Woithe: "Re: 2.6.14-rt21: slow-running clock"
Previous message: Venkatesh Pallipadi: "[RFC][PATCH 0/3]i386,x86-64 Handle missing local APIC timer interrupts on C3 state"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]