Re: [PATCH] signals: work around random wakeups in sigsuspend()
From: Oleg Nesterov
Date: Tue Jan 26 2016 - 10:05:28 EST
On 01/26, Ingo Molnar wrote:
>
> * Sasha Levin <sasha.levin@xxxxxxxxxx> wrote:
>
> > A random wakeup can get us out of sigsuspend() without TIF_SIGPENDING
> > being set.
> >
> > Avoid that by making sure we were signaled, like sys_pause() does.
> >
> > Signed-off-by: Sasha Levin <sasha.levin@xxxxxxxxxx>
> > ---
> > kernel/signal.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/signal.c b/kernel/signal.c
> > index 5da9180..3256c7e 100644
> > --- a/kernel/signal.c
> > +++ b/kernel/signal.c
> > @@ -3528,8 +3528,10 @@ static int sigsuspend(sigset_t *set)
> > current->saved_sigmask = current->blocked;
> > set_current_blocked(set);
> >
> > - __set_current_state(TASK_INTERRUPTIBLE);
> > - schedule();
> > + while (!signal_pending(current)) {
> > + __set_current_state(TASK_INTERRUPTIBLE);
> > + schedule();
> > + }
> > set_restore_sigmask();
> > return -ERESTARTNOHAND;
> > }
>
> So this does not appear to be anything new, right?
>
> I agree with the fix, but I'm somewhat worried about the potential ABI impact:
> does anything exist out there that has learned to rely on spurious returns from
> SyS_sigsuspend() or SyS_rt_sigsuspend() system calls?
Unlikely. We can even forget about set_restore_sigmask/TIF_RESTORE_SIGMASK and
WARN_ON(). We are going to return -ERESTARTNOHAND, this assumes that TIF_SIGPENDING
must be set and thus do_signal() will be called, userspace should never see this
error code. This is even documented in errno.h.
Oleg.