2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* linux/kernel/exit.c
|
|
|
|
*
|
|
|
|
* Copyright (C) 1991, 1992 Linus Torvalds
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/mm.h>
|
|
|
|
#include <linux/slab.h>
|
|
|
|
#include <linux/interrupt.h>
|
|
|
|
#include <linux/module.h>
|
2006-01-11 20:17:46 +00:00
|
|
|
#include <linux/capability.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/completion.h>
|
|
|
|
#include <linux/personality.h>
|
|
|
|
#include <linux/tty.h>
|
2006-12-08 10:37:56 +00:00
|
|
|
#include <linux/mnt_namespace.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/key.h>
|
|
|
|
#include <linux/security.h>
|
|
|
|
#include <linux/cpu.h>
|
|
|
|
#include <linux/acct.h>
|
2006-10-01 06:28:59 +00:00
|
|
|
#include <linux/tsacct_kern.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/file.h>
|
|
|
|
#include <linux/binfmts.h>
|
2006-10-02 09:18:06 +00:00
|
|
|
#include <linux/nsproxy.h>
|
2006-12-08 10:38:01 +00:00
|
|
|
#include <linux/pid_namespace.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/ptrace.h>
|
|
|
|
#include <linux/profile.h>
|
|
|
|
#include <linux/mount.h>
|
|
|
|
#include <linux/proc_fs.h>
|
2007-05-09 09:34:33 +00:00
|
|
|
#include <linux/kthread.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/mempolicy.h>
|
2006-07-14 07:24:40 +00:00
|
|
|
#include <linux/taskstats_kern.h>
|
2006-07-14 07:24:36 +00:00
|
|
|
#include <linux/delayacct.h>
|
2007-07-17 11:03:35 +00:00
|
|
|
#include <linux/freezer.h>
|
2007-10-19 06:39:33 +00:00
|
|
|
#include <linux/cgroup.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/syscalls.h>
|
2005-05-01 15:59:14 +00:00
|
|
|
#include <linux/signal.h>
|
2006-03-29 00:11:18 +00:00
|
|
|
#include <linux/posix-timers.h>
|
2005-11-07 08:59:16 +00:00
|
|
|
#include <linux/cn_proc.h>
|
2006-01-09 23:59:21 +00:00
|
|
|
#include <linux/mutex.h>
|
2006-03-27 09:16:22 +00:00
|
|
|
#include <linux/futex.h>
|
2006-03-27 09:16:24 +00:00
|
|
|
#include <linux/compat.h>
|
2006-04-11 11:52:07 +00:00
|
|
|
#include <linux/pipe_fs_i.h>
|
2006-03-30 01:30:19 +00:00
|
|
|
#include <linux/audit.h> /* for audit_free() */
|
2006-06-25 12:47:41 +00:00
|
|
|
#include <linux/resource.h>
|
2006-08-29 18:05:56 +00:00
|
|
|
#include <linux/blkdev.h>
|
2007-05-11 05:22:37 +00:00
|
|
|
#include <linux/task_io_accounting_ops.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
#include <asm/uaccess.h>
|
|
|
|
#include <asm/unistd.h>
|
|
|
|
#include <asm/pgtable.h>
|
|
|
|
#include <asm/mmu_context.h>
|
|
|
|
|
|
|
|
extern void sem_exit (void);
|
|
|
|
|
2005-05-01 15:59:29 +00:00
|
|
|
static void exit_mm(struct task_struct * tsk);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static void __unhash_process(struct task_struct *p)
|
|
|
|
{
|
|
|
|
nr_threads--;
|
|
|
|
detach_pid(p, PIDTYPE_PID);
|
|
|
|
if (thread_group_leader(p)) {
|
|
|
|
detach_pid(p, PIDTYPE_PGID);
|
|
|
|
detach_pid(p, PIDTYPE_SID);
|
2006-03-29 00:11:06 +00:00
|
|
|
|
2006-04-19 05:20:16 +00:00
|
|
|
list_del_rcu(&p->tasks);
|
2006-03-29 00:11:07 +00:00
|
|
|
__get_cpu_var(process_counts)--;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2006-03-29 00:11:25 +00:00
|
|
|
list_del_rcu(&p->thread_group);
|
2006-03-29 00:11:06 +00:00
|
|
|
remove_parent(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2006-03-29 00:11:18 +00:00
|
|
|
/*
|
|
|
|
* This function expects the tasklist_lock write-locked.
|
|
|
|
*/
|
|
|
|
static void __exit_signal(struct task_struct *tsk)
|
|
|
|
{
|
|
|
|
struct signal_struct *sig = tsk->signal;
|
|
|
|
struct sighand_struct *sighand;
|
|
|
|
|
|
|
|
BUG_ON(!sig);
|
|
|
|
BUG_ON(!atomic_read(&sig->count));
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
sighand = rcu_dereference(tsk->sighand);
|
|
|
|
spin_lock(&sighand->siglock);
|
|
|
|
|
|
|
|
posix_cpu_timers_exit(tsk);
|
|
|
|
if (atomic_dec_and_test(&sig->count))
|
|
|
|
posix_cpu_timers_exit_group(tsk);
|
|
|
|
else {
|
|
|
|
/*
|
|
|
|
* If there is any task waiting for the group exit
|
|
|
|
* then notify it:
|
|
|
|
*/
|
2007-10-17 06:27:23 +00:00
|
|
|
if (sig->group_exit_task && atomic_read(&sig->count) == sig->notify_count)
|
2006-03-29 00:11:18 +00:00
|
|
|
wake_up_process(sig->group_exit_task);
|
2007-10-17 06:27:23 +00:00
|
|
|
|
2006-03-29 00:11:18 +00:00
|
|
|
if (tsk == sig->curr_target)
|
|
|
|
sig->curr_target = next_thread(tsk);
|
|
|
|
/*
|
|
|
|
* Accumulate here the counters for all threads but the
|
|
|
|
* group leader as they die, so they can be added into
|
|
|
|
* the process-wide totals when those are taken.
|
|
|
|
* The group leader stays around as a zombie as long
|
|
|
|
* as there are other threads. When it gets reaped,
|
|
|
|
* the exit.c code will add its counts into these totals.
|
|
|
|
* We won't ever get here for the group leader, since it
|
|
|
|
* will have been the last reference on the signal_struct.
|
|
|
|
*/
|
|
|
|
sig->utime = cputime_add(sig->utime, tsk->utime);
|
|
|
|
sig->stime = cputime_add(sig->stime, tsk->stime);
|
2007-10-15 15:00:19 +00:00
|
|
|
sig->gtime = cputime_add(sig->gtime, tsk->gtime);
|
2006-03-29 00:11:18 +00:00
|
|
|
sig->min_flt += tsk->min_flt;
|
|
|
|
sig->maj_flt += tsk->maj_flt;
|
|
|
|
sig->nvcsw += tsk->nvcsw;
|
|
|
|
sig->nivcsw += tsk->nivcsw;
|
2007-05-11 05:22:37 +00:00
|
|
|
sig->inblock += task_io_get_inblock(tsk);
|
|
|
|
sig->oublock += task_io_get_oublock(tsk);
|
2007-07-09 16:52:00 +00:00
|
|
|
sig->sum_sched_runtime += tsk->se.sum_exec_runtime;
|
2006-03-29 00:11:18 +00:00
|
|
|
sig = NULL; /* Marker for below. */
|
|
|
|
}
|
|
|
|
|
2006-03-29 00:11:20 +00:00
|
|
|
__unhash_process(tsk);
|
|
|
|
|
2006-03-29 00:11:18 +00:00
|
|
|
tsk->signal = NULL;
|
2006-03-29 00:11:27 +00:00
|
|
|
tsk->sighand = NULL;
|
2006-03-29 00:11:18 +00:00
|
|
|
spin_unlock(&sighand->siglock);
|
|
|
|
rcu_read_unlock();
|
|
|
|
|
2006-03-29 00:11:27 +00:00
|
|
|
__cleanup_sighand(sighand);
|
2006-03-29 00:11:18 +00:00
|
|
|
clear_tsk_thread_flag(tsk,TIF_SIGPENDING);
|
|
|
|
flush_sigqueue(&tsk->pending);
|
|
|
|
if (sig) {
|
|
|
|
flush_sigqueue(&sig->shared_pending);
|
2006-10-28 17:38:51 +00:00
|
|
|
taskstats_tgid_free(sig);
|
2006-03-29 00:11:18 +00:00
|
|
|
__cleanup_signal(sig);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-03-31 10:31:37 +00:00
|
|
|
static void delayed_put_task_struct(struct rcu_head *rhp)
|
|
|
|
{
|
|
|
|
put_task_struct(container_of(rhp, struct task_struct, rcu));
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
void release_task(struct task_struct * p)
|
|
|
|
{
|
2006-07-03 07:25:41 +00:00
|
|
|
struct task_struct *leader;
|
2005-04-16 22:20:36 +00:00
|
|
|
int zap_leader;
|
2006-03-29 00:11:11 +00:00
|
|
|
repeat:
|
2005-04-16 22:20:36 +00:00
|
|
|
atomic_dec(&p->user->processes);
|
2007-10-19 06:40:03 +00:00
|
|
|
proc_flush_task(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
write_lock_irq(&tasklist_lock);
|
2006-03-29 00:11:11 +00:00
|
|
|
ptrace_unlink(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
BUG_ON(!list_empty(&p->ptrace_list) || !list_empty(&p->ptrace_children));
|
|
|
|
__exit_signal(p);
|
2006-03-29 00:11:19 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* If we are the last non-leader member of the thread
|
|
|
|
* group, and the leader is zombie, then notify the
|
|
|
|
* group leader's parent process. (if it wants notification.)
|
|
|
|
*/
|
|
|
|
zap_leader = 0;
|
|
|
|
leader = p->group_leader;
|
|
|
|
if (leader != p && thread_group_empty(leader) && leader->exit_state == EXIT_ZOMBIE) {
|
|
|
|
BUG_ON(leader->exit_signal == -1);
|
|
|
|
do_notify_parent(leader, leader->exit_signal);
|
|
|
|
/*
|
|
|
|
* If we were the last child thread and the leader has
|
|
|
|
* exited already, and the leader's parent ignores SIGCHLD,
|
|
|
|
* then we are the one who should release the leader.
|
|
|
|
*
|
|
|
|
* do_notify_parent() will have marked it self-reaping in
|
|
|
|
* that case.
|
|
|
|
*/
|
|
|
|
zap_leader = (leader->exit_signal == -1);
|
|
|
|
}
|
|
|
|
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
release_thread(p);
|
2006-03-31 10:31:37 +00:00
|
|
|
call_rcu(&p->rcu, delayed_put_task_struct);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
p = leader;
|
|
|
|
if (unlikely(zap_leader))
|
|
|
|
goto repeat;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This checks not only the pgrp, but falls back on the pid if no
|
|
|
|
* satisfactory pgrp is found. I dunno - gdb doesn't work correctly
|
|
|
|
* without this...
|
2007-02-12 08:52:56 +00:00
|
|
|
*
|
|
|
|
* The caller must hold rcu lock or the tasklist lock.
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
2007-02-12 08:52:56 +00:00
|
|
|
struct pid *session_of_pgrp(struct pid *pgrp)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct task_struct *p;
|
2007-02-12 08:52:56 +00:00
|
|
|
struct pid *sid = NULL;
|
2006-12-08 10:38:03 +00:00
|
|
|
|
2007-02-12 08:52:56 +00:00
|
|
|
p = pid_task(pgrp, PIDTYPE_PGID);
|
2006-12-08 10:38:03 +00:00
|
|
|
if (p == NULL)
|
2007-02-12 08:52:56 +00:00
|
|
|
p = pid_task(pgrp, PIDTYPE_PID);
|
2006-12-08 10:38:03 +00:00
|
|
|
if (p != NULL)
|
2007-02-12 08:52:56 +00:00
|
|
|
sid = task_session(p);
|
2006-12-08 10:38:03 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return sid;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Determine if a process group is "orphaned", according to the POSIX
|
|
|
|
* definition in 2.2.2.52. Orphaned process groups are not to be affected
|
|
|
|
* by terminal-generated stop signals. Newly orphaned process groups are
|
|
|
|
* to receive a SIGHUP and a SIGCONT.
|
|
|
|
*
|
|
|
|
* "I ask you, have you ever known what it is to be an orphan?"
|
|
|
|
*/
|
2007-02-12 08:52:57 +00:00
|
|
|
static int will_become_orphaned_pgrp(struct pid *pgrp, struct task_struct *ignored_task)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct task_struct *p;
|
|
|
|
int ret = 1;
|
|
|
|
|
2007-02-12 08:52:57 +00:00
|
|
|
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (p == ignored_task
|
|
|
|
|| p->exit_state
|
2007-10-19 06:39:52 +00:00
|
|
|
|| is_global_init(p->real_parent))
|
2005-04-16 22:20:36 +00:00
|
|
|
continue;
|
2007-02-12 08:52:57 +00:00
|
|
|
if (task_pgrp(p->real_parent) != pgrp &&
|
|
|
|
task_session(p->real_parent) == task_session(p)) {
|
2005-04-16 22:20:36 +00:00
|
|
|
ret = 0;
|
|
|
|
break;
|
|
|
|
}
|
2007-02-12 08:52:57 +00:00
|
|
|
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
|
2005-04-16 22:20:36 +00:00
|
|
|
return ret; /* (sighing) "Often!" */
|
|
|
|
}
|
|
|
|
|
2007-02-12 08:52:58 +00:00
|
|
|
int is_current_pgrp_orphaned(void)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
int retval;
|
|
|
|
|
|
|
|
read_lock(&tasklist_lock);
|
2007-02-12 08:52:58 +00:00
|
|
|
retval = will_become_orphaned_pgrp(task_pgrp(current), NULL);
|
2005-04-16 22:20:36 +00:00
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
2007-02-12 08:52:57 +00:00
|
|
|
static int has_stopped_jobs(struct pid *pgrp)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
int retval = 0;
|
|
|
|
struct task_struct *p;
|
|
|
|
|
2007-02-12 08:52:57 +00:00
|
|
|
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (p->state != TASK_STOPPED)
|
|
|
|
continue;
|
|
|
|
retval = 1;
|
|
|
|
break;
|
2007-02-12 08:52:57 +00:00
|
|
|
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
|
2005-04-16 22:20:36 +00:00
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2007-05-09 09:34:33 +00:00
|
|
|
* reparent_to_kthreadd - Reparent the calling kernel thread to kthreadd
|
2005-04-16 22:20:36 +00:00
|
|
|
*
|
|
|
|
* If a kernel thread is launched as a result of a system call, or if
|
2007-05-09 09:34:33 +00:00
|
|
|
* it ever exits, it should generally reparent itself to kthreadd so it
|
|
|
|
* isn't in the way of other processes and is correctly cleaned up on exit.
|
2005-04-16 22:20:36 +00:00
|
|
|
*
|
|
|
|
* The various task state such as scheduling policy and priority may have
|
|
|
|
* been inherited from a user process, so we reset them to sane values here.
|
|
|
|
*
|
2007-05-09 09:34:33 +00:00
|
|
|
* NOTE that reparent_to_kthreadd() gives the caller full capabilities.
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
2007-05-09 09:34:33 +00:00
|
|
|
static void reparent_to_kthreadd(void)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
write_lock_irq(&tasklist_lock);
|
|
|
|
|
|
|
|
ptrace_unlink(current);
|
|
|
|
/* Reparent to init */
|
2006-03-29 00:11:05 +00:00
|
|
|
remove_parent(current);
|
2007-05-09 09:34:33 +00:00
|
|
|
current->real_parent = current->parent = kthreadd_task;
|
2006-03-29 00:11:05 +00:00
|
|
|
add_parent(current);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
/* Set the exit signal to SIGCHLD so we signal init on exit */
|
|
|
|
current->exit_signal = SIGCHLD;
|
|
|
|
|
2007-07-09 16:51:59 +00:00
|
|
|
if (task_nice(current) < 0)
|
2005-04-16 22:20:36 +00:00
|
|
|
set_user_nice(current, 0);
|
|
|
|
/* cpus_allowed? */
|
|
|
|
/* rt_priority? */
|
|
|
|
/* signals? */
|
|
|
|
security_task_reparent_to_init(current);
|
|
|
|
memcpy(current->signal->rlim, init_task.signal->rlim,
|
|
|
|
sizeof(current->signal->rlim));
|
|
|
|
atomic_inc(&(INIT_USER->__count));
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
switch_uid(INIT_USER);
|
|
|
|
}
|
|
|
|
|
|
|
|
void __set_special_pids(pid_t session, pid_t pgrp)
|
|
|
|
{
|
2006-01-08 09:03:58 +00:00
|
|
|
struct task_struct *curr = current->group_leader;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2007-10-19 06:39:46 +00:00
|
|
|
if (task_session_nr(curr) != session) {
|
2005-04-16 22:20:36 +00:00
|
|
|
detach_pid(curr, PIDTYPE_SID);
|
2007-10-19 06:39:46 +00:00
|
|
|
set_task_session(curr, session);
|
2007-05-11 05:22:58 +00:00
|
|
|
attach_pid(curr, PIDTYPE_SID, find_pid(session));
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
2007-10-19 06:39:46 +00:00
|
|
|
if (task_pgrp_nr(curr) != pgrp) {
|
2005-04-16 22:20:36 +00:00
|
|
|
detach_pid(curr, PIDTYPE_PGID);
|
2007-10-19 06:40:39 +00:00
|
|
|
set_task_pgrp(curr, pgrp);
|
2007-05-11 05:22:58 +00:00
|
|
|
attach_pid(curr, PIDTYPE_PGID, find_pid(pgrp));
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-12-08 10:36:08 +00:00
|
|
|
static void set_special_pids(pid_t session, pid_t pgrp)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
write_lock_irq(&tasklist_lock);
|
|
|
|
__set_special_pids(session, pgrp);
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Let kernel threads use this to say that they
|
|
|
|
* allow a certain signal (since daemonize() will
|
|
|
|
* have disabled all of them by default).
|
|
|
|
*/
|
|
|
|
int allow_signal(int sig)
|
|
|
|
{
|
2005-05-01 15:59:14 +00:00
|
|
|
if (!valid_signal(sig) || sig < 1)
|
2005-04-16 22:20:36 +00:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
spin_lock_irq(¤t->sighand->siglock);
|
|
|
|
sigdelset(¤t->blocked, sig);
|
|
|
|
if (!current->mm) {
|
|
|
|
/* Kernel threads handle their own signals.
|
|
|
|
Let the signal code know it'll be handled, so
|
|
|
|
that they don't get converted to SIGKILL or
|
|
|
|
just silently dropped */
|
|
|
|
current->sighand->action[(sig)-1].sa.sa_handler = (void __user *)2;
|
|
|
|
}
|
|
|
|
recalc_sigpending();
|
|
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL(allow_signal);
|
|
|
|
|
|
|
|
int disallow_signal(int sig)
|
|
|
|
{
|
2005-05-01 15:59:14 +00:00
|
|
|
if (!valid_signal(sig) || sig < 1)
|
2005-04-16 22:20:36 +00:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
spin_lock_irq(¤t->sighand->siglock);
|
2007-05-09 09:34:37 +00:00
|
|
|
current->sighand->action[(sig)-1].sa.sa_handler = SIG_IGN;
|
2005-04-16 22:20:36 +00:00
|
|
|
recalc_sigpending();
|
|
|
|
spin_unlock_irq(¤t->sighand->siglock);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL(disallow_signal);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Put all the gunge required to become a kernel thread without
|
|
|
|
* attached user resources in one place where it belongs.
|
|
|
|
*/
|
|
|
|
|
|
|
|
void daemonize(const char *name, ...)
|
|
|
|
{
|
|
|
|
va_list args;
|
|
|
|
struct fs_struct *fs;
|
|
|
|
sigset_t blocked;
|
|
|
|
|
|
|
|
va_start(args, name);
|
|
|
|
vsnprintf(current->comm, sizeof(current->comm), name, args);
|
|
|
|
va_end(args);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If we were started as result of loading a module, close all of the
|
|
|
|
* user space pages. We don't need them, and if we didn't close them
|
|
|
|
* they would be locked into memory.
|
|
|
|
*/
|
|
|
|
exit_mm(current);
|
2007-07-17 11:03:35 +00:00
|
|
|
/*
|
|
|
|
* We don't want to have TIF_FREEZE set if the system-wide hibernation
|
|
|
|
* or suspend transition begins right now.
|
|
|
|
*/
|
|
|
|
current->flags |= PF_NOFREEZE;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
set_special_pids(1, 1);
|
2006-12-08 10:36:04 +00:00
|
|
|
proc_clear_tty(current);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
/* Block and flush all signals */
|
|
|
|
sigfillset(&blocked);
|
|
|
|
sigprocmask(SIG_BLOCK, &blocked, NULL);
|
|
|
|
flush_signals(current);
|
|
|
|
|
|
|
|
/* Become as one with the init task */
|
|
|
|
|
|
|
|
exit_fs(current); /* current->fs->count--; */
|
|
|
|
fs = init_task.fs;
|
|
|
|
current->fs = fs;
|
|
|
|
atomic_inc(&fs->count);
|
2006-10-02 09:18:06 +00:00
|
|
|
|
2007-10-19 06:39:54 +00:00
|
|
|
if (current->nsproxy != init_task.nsproxy) {
|
|
|
|
get_nsproxy(init_task.nsproxy);
|
|
|
|
switch_task_namespaces(current, init_task.nsproxy);
|
|
|
|
}
|
2006-10-02 09:18:06 +00:00
|
|
|
|
2007-10-19 06:39:59 +00:00
|
|
|
exit_files(current);
|
2005-04-16 22:20:36 +00:00
|
|
|
current->files = init_task.files;
|
|
|
|
atomic_inc(¤t->files->count);
|
|
|
|
|
2007-05-09 09:34:33 +00:00
|
|
|
reparent_to_kthreadd();
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL(daemonize);
|
|
|
|
|
2006-01-14 21:20:43 +00:00
|
|
|
static void close_files(struct files_struct * files)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
int i, j;
|
2005-09-09 20:04:10 +00:00
|
|
|
struct fdtable *fdt;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
j = 0;
|
2005-09-17 02:28:13 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* It is safe to dereference the fd table without RCU or
|
|
|
|
* ->file_lock because this is the last reference to the
|
|
|
|
* files structure.
|
|
|
|
*/
|
2005-09-09 20:04:10 +00:00
|
|
|
fdt = files_fdtable(files);
|
2005-04-16 22:20:36 +00:00
|
|
|
for (;;) {
|
|
|
|
unsigned long set;
|
|
|
|
i = j * __NFDBITS;
|
2006-12-10 10:21:12 +00:00
|
|
|
if (i >= fdt->max_fds)
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
2005-09-09 20:04:10 +00:00
|
|
|
set = fdt->open_fds->fds_bits[j++];
|
2005-04-16 22:20:36 +00:00
|
|
|
while (set) {
|
|
|
|
if (set & 1) {
|
2005-09-09 20:04:10 +00:00
|
|
|
struct file * file = xchg(&fdt->fd[i], NULL);
|
2007-02-12 08:52:26 +00:00
|
|
|
if (file) {
|
2005-04-16 22:20:36 +00:00
|
|
|
filp_close(file, files);
|
2007-02-12 08:52:26 +00:00
|
|
|
cond_resched();
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
i++;
|
|
|
|
set >>= 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
struct files_struct *get_files_struct(struct task_struct *task)
|
|
|
|
{
|
|
|
|
struct files_struct *files;
|
|
|
|
|
|
|
|
task_lock(task);
|
|
|
|
files = task->files;
|
|
|
|
if (files)
|
|
|
|
atomic_inc(&files->count);
|
|
|
|
task_unlock(task);
|
|
|
|
|
|
|
|
return files;
|
|
|
|
}
|
|
|
|
|
|
|
|
void fastcall put_files_struct(struct files_struct *files)
|
|
|
|
{
|
2005-09-09 20:04:10 +00:00
|
|
|
struct fdtable *fdt;
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
if (atomic_dec_and_test(&files->count)) {
|
|
|
|
close_files(files);
|
|
|
|
/*
|
|
|
|
* Free the fd and fdset arrays if we expanded them.
|
2005-09-09 20:04:13 +00:00
|
|
|
* If the fdtable was embedded, pass files for freeing
|
|
|
|
* at the end of the RCU grace period. Otherwise,
|
|
|
|
* you can free files immediately.
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
2005-09-09 20:04:10 +00:00
|
|
|
fdt = files_fdtable(files);
|
2006-12-10 10:21:17 +00:00
|
|
|
if (fdt != &files->fdtab)
|
2005-09-09 20:04:13 +00:00
|
|
|
kmem_cache_free(files_cachep, files);
|
2006-12-22 09:10:43 +00:00
|
|
|
free_fdtable(fdt);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL(put_files_struct);
|
|
|
|
|
2006-09-29 09:00:05 +00:00
|
|
|
void reset_files_struct(struct task_struct *tsk, struct files_struct *files)
|
|
|
|
{
|
|
|
|
struct files_struct *old;
|
|
|
|
|
|
|
|
old = tsk->files;
|
|
|
|
task_lock(tsk);
|
|
|
|
tsk->files = files;
|
|
|
|
task_unlock(tsk);
|
|
|
|
put_files_struct(old);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(reset_files_struct);
|
|
|
|
|
2007-10-19 06:41:10 +00:00
|
|
|
static void __exit_files(struct task_struct *tsk)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct files_struct * files = tsk->files;
|
|
|
|
|
|
|
|
if (files) {
|
|
|
|
task_lock(tsk);
|
|
|
|
tsk->files = NULL;
|
|
|
|
task_unlock(tsk);
|
|
|
|
put_files_struct(files);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void exit_files(struct task_struct *tsk)
|
|
|
|
{
|
|
|
|
__exit_files(tsk);
|
|
|
|
}
|
|
|
|
|
2007-10-19 06:41:10 +00:00
|
|
|
static void __put_fs_struct(struct fs_struct *fs)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
/* No need to hold fs->lock if we are killing it */
|
|
|
|
if (atomic_dec_and_test(&fs->count)) {
|
|
|
|
dput(fs->root);
|
|
|
|
mntput(fs->rootmnt);
|
|
|
|
dput(fs->pwd);
|
|
|
|
mntput(fs->pwdmnt);
|
|
|
|
if (fs->altroot) {
|
|
|
|
dput(fs->altroot);
|
|
|
|
mntput(fs->altrootmnt);
|
|
|
|
}
|
|
|
|
kmem_cache_free(fs_cachep, fs);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void put_fs_struct(struct fs_struct *fs)
|
|
|
|
{
|
|
|
|
__put_fs_struct(fs);
|
|
|
|
}
|
|
|
|
|
2007-10-19 06:41:10 +00:00
|
|
|
static void __exit_fs(struct task_struct *tsk)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct fs_struct * fs = tsk->fs;
|
|
|
|
|
|
|
|
if (fs) {
|
|
|
|
task_lock(tsk);
|
|
|
|
tsk->fs = NULL;
|
|
|
|
task_unlock(tsk);
|
|
|
|
__put_fs_struct(fs);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void exit_fs(struct task_struct *tsk)
|
|
|
|
{
|
|
|
|
__exit_fs(tsk);
|
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL_GPL(exit_fs);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Turn us into a lazy TLB process if we
|
|
|
|
* aren't already..
|
|
|
|
*/
|
2005-05-01 15:59:29 +00:00
|
|
|
static void exit_mm(struct task_struct * tsk)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
|
|
|
struct mm_struct *mm = tsk->mm;
|
|
|
|
|
|
|
|
mm_release(tsk, mm);
|
|
|
|
if (!mm)
|
|
|
|
return;
|
|
|
|
/*
|
|
|
|
* Serialize with any possible pending coredump.
|
|
|
|
* We must hold mmap_sem around checking core_waiters
|
|
|
|
* and clearing tsk->mm. The core-inducing thread
|
|
|
|
* will increment core_waiters for each thread in the
|
|
|
|
* group with ->mm != NULL.
|
|
|
|
*/
|
|
|
|
down_read(&mm->mmap_sem);
|
|
|
|
if (mm->core_waiters) {
|
|
|
|
up_read(&mm->mmap_sem);
|
|
|
|
down_write(&mm->mmap_sem);
|
|
|
|
if (!--mm->core_waiters)
|
|
|
|
complete(mm->core_startup_done);
|
|
|
|
up_write(&mm->mmap_sem);
|
|
|
|
|
|
|
|
wait_for_completion(&mm->core_done);
|
|
|
|
down_read(&mm->mmap_sem);
|
|
|
|
}
|
|
|
|
atomic_inc(&mm->mm_count);
|
2006-06-23 09:06:06 +00:00
|
|
|
BUG_ON(mm != tsk->active_mm);
|
2005-04-16 22:20:36 +00:00
|
|
|
/* more a memory barrier than a real lock */
|
|
|
|
task_lock(tsk);
|
|
|
|
tsk->mm = NULL;
|
|
|
|
up_read(&mm->mmap_sem);
|
|
|
|
enter_lazy_tlb(mm, current);
|
2007-07-19 08:47:33 +00:00
|
|
|
/* We don't want this task to be frozen prematurely */
|
|
|
|
clear_freeze_flag(tsk);
|
2005-04-16 22:20:36 +00:00
|
|
|
task_unlock(tsk);
|
|
|
|
mmput(mm);
|
|
|
|
}
|
|
|
|
|
2006-07-03 07:25:41 +00:00
|
|
|
static void
|
|
|
|
reparent_thread(struct task_struct *p, struct task_struct *father, int traced)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-12-24 20:30:44 +00:00
|
|
|
if (p->pdeath_signal)
|
|
|
|
/* We already hold the tasklist_lock here. */
|
|
|
|
group_send_sig_info(p->pdeath_signal, SEND_SIG_NOINFO, p);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* Move the child from its dying parent to the new one. */
|
|
|
|
if (unlikely(traced)) {
|
|
|
|
/* Preserve ptrace links if someone else is tracing this child. */
|
|
|
|
list_del_init(&p->ptrace_list);
|
|
|
|
if (p->parent != p->real_parent)
|
|
|
|
list_add(&p->ptrace_list, &p->real_parent->ptrace_children);
|
|
|
|
} else {
|
|
|
|
/* If this child is being traced, then we're the one tracing it
|
|
|
|
* anyway, so let go of it.
|
|
|
|
*/
|
|
|
|
p->ptrace = 0;
|
2006-03-29 00:11:09 +00:00
|
|
|
remove_parent(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
p->parent = p->real_parent;
|
2006-03-29 00:11:09 +00:00
|
|
|
add_parent(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2006-12-22 04:28:40 +00:00
|
|
|
if (p->state == TASK_TRACED) {
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* If it was at a trace stop, turn it into
|
|
|
|
* a normal stop since it's no longer being
|
|
|
|
* traced.
|
|
|
|
*/
|
|
|
|
ptrace_untrace(p);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-12-22 04:28:40 +00:00
|
|
|
/* If this is a threaded reparent there is no need to
|
|
|
|
* notify anyone anything has happened.
|
|
|
|
*/
|
|
|
|
if (p->real_parent->group_leader == father->group_leader)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/* We don't want people slaying init. */
|
|
|
|
if (p->exit_signal != -1)
|
|
|
|
p->exit_signal = SIGCHLD;
|
|
|
|
|
|
|
|
/* If we'd notified the old parent about this child's death,
|
|
|
|
* also notify the new parent.
|
|
|
|
*/
|
|
|
|
if (!traced && p->exit_state == EXIT_ZOMBIE &&
|
|
|
|
p->exit_signal != -1 && thread_group_empty(p))
|
|
|
|
do_notify_parent(p, p->exit_signal);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* process group orphan check
|
|
|
|
* Case ii: Our child is in a different pgrp
|
|
|
|
* than we are, and it was the only connection
|
|
|
|
* outside, so the child pgrp is now orphaned.
|
|
|
|
*/
|
2007-02-12 08:52:57 +00:00
|
|
|
if ((task_pgrp(p) != task_pgrp(father)) &&
|
|
|
|
(task_session(p) == task_session(father))) {
|
|
|
|
struct pid *pgrp = task_pgrp(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2006-12-08 10:37:54 +00:00
|
|
|
if (will_become_orphaned_pgrp(pgrp, NULL) &&
|
|
|
|
has_stopped_jobs(pgrp)) {
|
2007-02-12 08:52:57 +00:00
|
|
|
__kill_pgrp_info(SIGHUP, SEND_SIG_PRIV, pgrp);
|
|
|
|
__kill_pgrp_info(SIGCONT, SEND_SIG_PRIV, pgrp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* When we die, we re-parent all our children.
|
|
|
|
* Try to give them to another thread in our thread
|
|
|
|
* group, and if no such member exists, give it to
|
2006-12-08 10:38:01 +00:00
|
|
|
* the child reaper process (ie "init") in our pid
|
|
|
|
* space.
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
static void forget_original_parent(struct task_struct *father)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2007-10-19 06:39:57 +00:00
|
|
|
struct task_struct *p, *n, *reaper = father;
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
struct list_head ptrace_dead;
|
|
|
|
|
|
|
|
INIT_LIST_HEAD(&ptrace_dead);
|
|
|
|
|
|
|
|
write_lock_irq(&tasklist_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
do {
|
|
|
|
reaper = next_thread(reaper);
|
|
|
|
if (reaper == father) {
|
2007-10-19 06:39:50 +00:00
|
|
|
reaper = task_child_reaper(father);
|
2005-04-16 22:20:36 +00:00
|
|
|
break;
|
|
|
|
}
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
} while (reaper->flags & PF_EXITING);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* There are only two places where our children can be:
|
|
|
|
*
|
|
|
|
* - in our child list
|
|
|
|
* - in our ptraced child list
|
|
|
|
*
|
|
|
|
* Search them and reparent children.
|
|
|
|
*/
|
2007-10-19 06:39:57 +00:00
|
|
|
list_for_each_entry_safe(p, n, &father->children, sibling) {
|
2005-04-16 22:20:36 +00:00
|
|
|
int ptrace;
|
|
|
|
|
|
|
|
ptrace = p->ptrace;
|
|
|
|
|
|
|
|
/* if father isn't the real parent, then ptrace must be enabled */
|
|
|
|
BUG_ON(father != p->real_parent && !ptrace);
|
|
|
|
|
|
|
|
if (father == p->real_parent) {
|
|
|
|
/* reparent with a reaper, real father it's us */
|
2007-10-17 06:26:49 +00:00
|
|
|
p->real_parent = reaper;
|
2005-04-16 22:20:36 +00:00
|
|
|
reparent_thread(p, father, 0);
|
|
|
|
} else {
|
|
|
|
/* reparent ptraced task to its real parent */
|
|
|
|
__ptrace_unlink (p);
|
|
|
|
if (p->exit_state == EXIT_ZOMBIE && p->exit_signal != -1 &&
|
|
|
|
thread_group_empty(p))
|
|
|
|
do_notify_parent(p, p->exit_signal);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* if the ptraced child is a zombie with exit_signal == -1
|
|
|
|
* we must collect it before we exit, or it will remain
|
|
|
|
* zombie forever since we prevented it from self-reap itself
|
|
|
|
* while it was being traced by us, to be able to see it in wait4.
|
|
|
|
*/
|
|
|
|
if (unlikely(ptrace && p->exit_state == EXIT_ZOMBIE && p->exit_signal == -1))
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
list_add(&p->ptrace_list, &ptrace_dead);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
|
2007-10-19 06:39:57 +00:00
|
|
|
list_for_each_entry_safe(p, n, &father->ptrace_children, ptrace_list) {
|
2007-10-17 06:26:49 +00:00
|
|
|
p->real_parent = reaper;
|
2005-04-16 22:20:36 +00:00
|
|
|
reparent_thread(p, father, 1);
|
|
|
|
}
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
BUG_ON(!list_empty(&father->children));
|
|
|
|
BUG_ON(!list_empty(&father->ptrace_children));
|
|
|
|
|
|
|
|
list_for_each_entry_safe(p, n, &ptrace_dead, ptrace_list) {
|
|
|
|
list_del_init(&p->ptrace_list);
|
|
|
|
release_task(p);
|
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Send signals to all our closest relatives so that they know
|
|
|
|
* to properly mourn us..
|
|
|
|
*/
|
|
|
|
static void exit_notify(struct task_struct *tsk)
|
|
|
|
{
|
|
|
|
int state;
|
|
|
|
struct task_struct *t;
|
2007-02-12 08:52:57 +00:00
|
|
|
struct pid *pgrp;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
if (signal_pending(tsk) && !(tsk->signal->flags & SIGNAL_GROUP_EXIT)
|
|
|
|
&& !thread_group_empty(tsk)) {
|
|
|
|
/*
|
|
|
|
* This occurs when there was a race between our exit
|
|
|
|
* syscall and a group signal choosing us as the one to
|
|
|
|
* wake up. It could be that we are the only thread
|
|
|
|
* alerted to check for pending signals, but another thread
|
|
|
|
* should be woken now to take the signal since we will not.
|
|
|
|
* Now we'll wake all the threads in the group just to make
|
|
|
|
* sure someone gets all the pending signals.
|
|
|
|
*/
|
|
|
|
spin_lock_irq(&tsk->sighand->siglock);
|
|
|
|
for (t = next_thread(tsk); t != tsk; t = next_thread(t))
|
2007-05-23 20:57:44 +00:00
|
|
|
if (!signal_pending(t) && !(t->flags & PF_EXITING))
|
|
|
|
recalc_sigpending_and_wake(t);
|
2005-04-16 22:20:36 +00:00
|
|
|
spin_unlock_irq(&tsk->sighand->siglock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This does two things:
|
|
|
|
*
|
|
|
|
* A. Make init inherit all the child processes
|
|
|
|
* B. Check to see if any process groups have become orphaned
|
|
|
|
* as a result of our exiting, and if they have any stopped
|
|
|
|
* jobs, send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
|
|
|
|
*/
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
forget_original_parent(tsk);
|
2007-10-19 06:40:01 +00:00
|
|
|
exit_task_namespaces(tsk);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
pid namespaces: rework forget_original_parent()
A pid namespace is a "view" of a particular set of tasks on the system. They
work in a similar way to filesystem namespaces. A file (or a process) can be
accessed in multiple namespaces, but it may have a different name in each. In
a filesystem, this name might be /etc/passwd in one namespace, but
/chroot/etc/passwd in another.
For processes, a process may have pid 1234 in one namespace, but be pid 1 in
another. This allows new pid namespaces to have basically arbitrary pids, and
not have to worry about what pids exist in other namespaces. This is
essential for checkpoint/restart where a restarted process's pid might collide
with an existing process on the system's pid.
In this particular implementation, pid namespaces have a parent-child
relationship, just like processes. A process in a pid namespace may see all
of the processes in the same namespace, as well as all of the processes in all
of the namespaces which are children of its namespace. Processes may not,
however, see others which are in their parent's namespace, but not in their
own. The same goes for sibling namespaces.
The know issue to be solved in the nearest future is signal handling in the
namespace boundary. That is, currently the namespace's init is treated like
an ordinary task that can be killed from within an namespace. Ideally, the
signal handling by the namespace's init should have two sides: when signaling
the init from its namespace, the init should look like a real init task, i.e.
receive only those signals, that is explicitly wants to; when signaling the
init from one of the parent namespaces, init should look like an ordinary
task, i.e. receive any signal, only taking the general permissions into
account.
The pid namespace was developed by Pavel Emlyanov and Sukadev Bhattiprolu and
we eventually came to almost the same implementation, which differed in some
details. This set is based on Pavel's patches, but it includes comments and
patches that from Sukadev.
Many thanks to Oleg, who reviewed the patches, pointed out many BUGs and made
valuable advises on how to make this set cleaner.
This patch:
We have to call exit_task_namespaces() only after the exiting task has
reparented all his children and is sure that no other threads will reparent
theirs for it. Why this is needed is explained in appropriate patch. This
one only reworks the forget_original_parent() so that after calling this a
task cannot be/become parent of any other task.
We check PF_EXITING instead of ->exit_state while choosing the new parent.
Note that tasklits_lock acts as a barrier, everyone who takes tasklist after
us (when forget_original_parent() drops it) must see PF_EXITING.
The other changes are just cleanups. They just move some code from
exit_notify to forget_original_parent(). It is a bit silly to declare
ptrace_dead in exit_notify(), take tasklist, pass ptrace_dead to
forget_original_parent(), unlock-lock-unlock tasklist, and then use
ptrace_dead.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>
Cc: Paul Menage <menage@google.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-19 06:40:00 +00:00
|
|
|
write_lock_irq(&tasklist_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* Check to see if any process groups have become orphaned
|
|
|
|
* as a result of our exiting, and if they have any stopped
|
|
|
|
* jobs, send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
|
|
|
|
*
|
|
|
|
* Case i: Our father is in a different pgrp than we are
|
|
|
|
* and we were the only connection outside, so our pgrp
|
|
|
|
* is about to become orphaned.
|
|
|
|
*/
|
|
|
|
t = tsk->real_parent;
|
2007-10-17 06:26:58 +00:00
|
|
|
|
2007-02-12 08:52:57 +00:00
|
|
|
pgrp = task_pgrp(tsk);
|
|
|
|
if ((task_pgrp(t) != pgrp) &&
|
2007-03-29 05:38:16 +00:00
|
|
|
(task_session(t) == task_session(tsk)) &&
|
2007-02-12 08:52:57 +00:00
|
|
|
will_become_orphaned_pgrp(pgrp, tsk) &&
|
|
|
|
has_stopped_jobs(pgrp)) {
|
|
|
|
__kill_pgrp_info(SIGHUP, SEND_SIG_PRIV, pgrp);
|
|
|
|
__kill_pgrp_info(SIGCONT, SEND_SIG_PRIV, pgrp);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2007-08-03 21:04:41 +00:00
|
|
|
/* Let father know we died
|
2005-04-16 22:20:36 +00:00
|
|
|
*
|
|
|
|
* Thread signals are configurable, but you aren't going to use
|
2007-10-19 06:39:59 +00:00
|
|
|
* that to send signals to arbitary processes.
|
2005-04-16 22:20:36 +00:00
|
|
|
* That stops right now.
|
|
|
|
*
|
|
|
|
* If the parent exec id doesn't match the exec id we saved
|
|
|
|
* when we started then we know the parent has changed security
|
|
|
|
* domain.
|
|
|
|
*
|
|
|
|
* If our self_exec id doesn't match our parent_exec_id then
|
|
|
|
* we have changed execution domain as these two values started
|
|
|
|
* the same after a fork.
|
|
|
|
*/
|
|
|
|
if (tsk->exit_signal != SIGCHLD && tsk->exit_signal != -1 &&
|
|
|
|
( tsk->parent_exec_id != t->self_exec_id ||
|
|
|
|
tsk->self_exec_id != tsk->parent_exec_id)
|
|
|
|
&& !capable(CAP_KILL))
|
|
|
|
tsk->exit_signal = SIGCHLD;
|
|
|
|
|
|
|
|
|
|
|
|
/* If something other than our normal parent is ptracing us, then
|
|
|
|
* send it a SIGCHLD instead of honoring exit_signal. exit_signal
|
|
|
|
* only has special meaning to our real parent.
|
|
|
|
*/
|
|
|
|
if (tsk->exit_signal != -1 && thread_group_empty(tsk)) {
|
|
|
|
int signal = tsk->parent == tsk->real_parent ? tsk->exit_signal : SIGCHLD;
|
|
|
|
do_notify_parent(tsk, signal);
|
|
|
|
} else if (tsk->ptrace) {
|
|
|
|
do_notify_parent(tsk, SIGCHLD);
|
|
|
|
}
|
|
|
|
|
|
|
|
state = EXIT_ZOMBIE;
|
2007-08-03 21:04:41 +00:00
|
|
|
if (tsk->exit_signal == -1 && likely(!tsk->ptrace))
|
2005-04-16 22:20:36 +00:00
|
|
|
state = EXIT_DEAD;
|
|
|
|
tsk->exit_state = state;
|
|
|
|
|
2007-10-17 06:27:23 +00:00
|
|
|
if (thread_group_leader(tsk) &&
|
|
|
|
tsk->signal->notify_count < 0 &&
|
|
|
|
tsk->signal->group_exit_task)
|
|
|
|
wake_up_process(tsk->signal->group_exit_task);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
|
|
|
|
/* If the process is dead, release it - nobody will wait for it */
|
|
|
|
if (state == EXIT_DEAD)
|
|
|
|
release_task(tsk);
|
|
|
|
}
|
|
|
|
|
2007-07-16 06:38:48 +00:00
|
|
|
#ifdef CONFIG_DEBUG_STACK_USAGE
|
|
|
|
static void check_stack_usage(void)
|
|
|
|
{
|
|
|
|
static DEFINE_SPINLOCK(low_water_lock);
|
|
|
|
static int lowest_to_date = THREAD_SIZE;
|
|
|
|
unsigned long *n = end_of_stack(current);
|
|
|
|
unsigned long free;
|
|
|
|
|
|
|
|
while (*n == 0)
|
|
|
|
n++;
|
|
|
|
free = (unsigned long)n - (unsigned long)end_of_stack(current);
|
|
|
|
|
|
|
|
if (free >= lowest_to_date)
|
|
|
|
return;
|
|
|
|
|
|
|
|
spin_lock(&low_water_lock);
|
|
|
|
if (free < lowest_to_date) {
|
|
|
|
printk(KERN_WARNING "%s used greatest stack depth: %lu bytes "
|
|
|
|
"left\n",
|
|
|
|
current->comm, free);
|
|
|
|
lowest_to_date = free;
|
|
|
|
}
|
|
|
|
spin_unlock(&low_water_lock);
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
static inline void check_stack_usage(void) {}
|
|
|
|
#endif
|
|
|
|
|
2007-10-17 06:26:49 +00:00
|
|
|
static inline void exit_child_reaper(struct task_struct *tsk)
|
|
|
|
{
|
2007-10-19 06:39:50 +00:00
|
|
|
if (likely(tsk->group_leader != task_child_reaper(tsk)))
|
2007-10-17 06:26:49 +00:00
|
|
|
return;
|
|
|
|
|
2007-10-19 06:40:13 +00:00
|
|
|
if (tsk->nsproxy->pid_ns == &init_pid_ns)
|
|
|
|
panic("Attempted to kill init!");
|
|
|
|
|
|
|
|
/*
|
|
|
|
* @tsk is the last thread in the 'cgroup-init' and is exiting.
|
|
|
|
* Terminate all remaining processes in the namespace and reap them
|
|
|
|
* before exiting @tsk.
|
|
|
|
*
|
|
|
|
* Note that @tsk (last thread of cgroup-init) may not necessarily
|
|
|
|
* be the child-reaper (i.e main thread of cgroup-init) of the
|
|
|
|
* namespace i.e the child_reaper may have already exited.
|
|
|
|
*
|
|
|
|
* Even after a child_reaper exits, we let it inherit orphaned children,
|
|
|
|
* because, pid_ns->child_reaper remains valid as long as there is
|
|
|
|
* at least one living sub-thread in the cgroup init.
|
|
|
|
|
|
|
|
* This living sub-thread of the cgroup-init will be notified when
|
|
|
|
* a child inherited by the 'child-reaper' exits (do_notify_parent()
|
|
|
|
* uses __group_send_sig_info()). Further, when reaping child processes,
|
|
|
|
* do_wait() iterates over children of all living sub threads.
|
|
|
|
|
|
|
|
* i.e even though 'child_reaper' thread is listed as the parent of the
|
|
|
|
* orphaned children, any living sub-thread in the cgroup-init can
|
|
|
|
* perform the role of the child_reaper.
|
|
|
|
*/
|
|
|
|
zap_pid_ns_processes(tsk->nsproxy->pid_ns);
|
2007-10-17 06:26:49 +00:00
|
|
|
}
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
fastcall NORET_TYPE void do_exit(long code)
|
|
|
|
{
|
|
|
|
struct task_struct *tsk = current;
|
|
|
|
int group_dead;
|
|
|
|
|
|
|
|
profile_task_exit(tsk);
|
|
|
|
|
2005-06-27 08:55:12 +00:00
|
|
|
WARN_ON(atomic_read(&tsk->fs_excl));
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
if (unlikely(in_interrupt()))
|
|
|
|
panic("Aiee, killing interrupt handler!");
|
|
|
|
if (unlikely(!tsk->pid))
|
|
|
|
panic("Attempted to kill the idle task!");
|
|
|
|
|
|
|
|
if (unlikely(current->ptrace & PT_TRACE_EXIT)) {
|
|
|
|
current->ptrace_message = code;
|
|
|
|
ptrace_notify((PTRACE_EVENT_EXIT << 8) | SIGTRAP);
|
|
|
|
}
|
|
|
|
|
2005-06-23 07:09:13 +00:00
|
|
|
/*
|
|
|
|
* We're taking recursive faults here in do_exit. Safest is to just
|
|
|
|
* leave this task alone and wait for reboot.
|
|
|
|
*/
|
|
|
|
if (unlikely(tsk->flags & PF_EXITING)) {
|
|
|
|
printk(KERN_ALERT
|
|
|
|
"Fixing recursive fault but reboot is needed!\n");
|
2007-06-08 20:47:00 +00:00
|
|
|
/*
|
|
|
|
* We can do this unlocked here. The futex code uses
|
|
|
|
* this flag just to verify whether the pi state
|
|
|
|
* cleanup has been done or not. In the worst case it
|
|
|
|
* loops once more. We pretend that the cleanup was
|
|
|
|
* done as there is no way to return. Either the
|
|
|
|
* OWNER_DIED bit is set by now or we push the blocked
|
|
|
|
* task into the wait for ever nirwana as well.
|
|
|
|
*/
|
|
|
|
tsk->flags |= PF_EXITPIDONE;
|
2006-02-28 17:51:55 +00:00
|
|
|
if (tsk->io_context)
|
|
|
|
exit_io_context();
|
2005-06-23 07:09:13 +00:00
|
|
|
set_current_state(TASK_UNINTERRUPTIBLE);
|
|
|
|
schedule();
|
|
|
|
}
|
|
|
|
|
2007-10-17 06:26:47 +00:00
|
|
|
tsk->flags |= PF_EXITING;
|
2007-06-08 20:47:00 +00:00
|
|
|
/*
|
|
|
|
* tsk->flags are checked in the futex code to protect against
|
|
|
|
* an exiting task cleaning up the robust pi futexes.
|
|
|
|
*/
|
2007-10-17 06:26:47 +00:00
|
|
|
smp_mb();
|
|
|
|
spin_unlock_wait(&tsk->pi_lock);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
if (unlikely(in_atomic()))
|
|
|
|
printk(KERN_INFO "note: %s[%d] exited with preempt_count %d\n",
|
2007-10-19 06:40:40 +00:00
|
|
|
current->comm, task_pid_nr(current),
|
2005-04-16 22:20:36 +00:00
|
|
|
preempt_count());
|
|
|
|
|
|
|
|
acct_update_integrals(tsk);
|
[PATCH] mm: update_hiwaters just in time
update_mem_hiwater has attracted various criticisms, in particular from those
concerned with mm scalability. Originally it was called whenever rss or
total_vm got raised. Then many of those callsites were replaced by a timer
tick call from account_system_time. Now Frank van Maarseveen reports that to
be found inadequate. How about this? Works for Frank.
Replace update_mem_hiwater, a poor combination of two unrelated ops, by macros
update_hiwater_rss and update_hiwater_vm. Don't attempt to keep
mm->hiwater_rss up to date at timer tick, nor every time we raise rss (usually
by 1): those are hot paths. Do the opposite, update only when about to lower
rss (usually by many), or just before final accounting in do_exit. Handle
mm->hiwater_vm in the same way, though it's much less of an issue. Demand
that whoever collects these hiwater statistics do the work of taking the
maximum with rss or total_vm.
And there has been no collector of these hiwater statistics in the tree. The
new convention needs an example, so match Frank's usage by adding a VmPeak
line above VmSize to /proc/<pid>/status, and also a VmHWM line above VmRSS
(High-Water-Mark or High-Water-Memory).
There was a particular anomaly during mremap move, that hiwater_vm might be
captured too high. A fleeting such anomaly remains, but it's quickly
corrected now, whereas before it would stick.
What locking? None: if the app is racy then these statistics will be racy,
it's not worth any overhead to make them exact. But whenever it suits,
hiwater_vm is updated under exclusive mmap_sem, and hiwater_rss under
page_table_lock (for now) or with preemption disabled (later on): without
going to any trouble, minimize the time between reading current values and
updating, to minimize those occasions when a racing thread bumps a count up
and back down in between.
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-30 01:16:18 +00:00
|
|
|
if (tsk->mm) {
|
|
|
|
update_hiwater_rss(tsk->mm);
|
|
|
|
update_hiwater_vm(tsk->mm);
|
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
group_dead = atomic_dec_and_test(&tsk->signal->live);
|
2005-08-04 23:49:32 +00:00
|
|
|
if (group_dead) {
|
2007-10-17 06:26:49 +00:00
|
|
|
exit_child_reaper(tsk);
|
2007-06-08 20:47:00 +00:00
|
|
|
hrtimer_cancel(&tsk->signal->real_timer);
|
2005-10-21 22:03:29 +00:00
|
|
|
exit_itimers(tsk->signal);
|
2005-08-04 23:49:32 +00:00
|
|
|
}
|
2006-06-25 12:49:25 +00:00
|
|
|
acct_collect(code, group_dead);
|
2007-10-17 06:27:30 +00:00
|
|
|
#ifdef CONFIG_FUTEX
|
2006-03-27 09:16:22 +00:00
|
|
|
if (unlikely(tsk->robust_list))
|
|
|
|
exit_robust_list(tsk);
|
2007-10-17 06:27:30 +00:00
|
|
|
#ifdef CONFIG_COMPAT
|
2006-03-27 09:16:24 +00:00
|
|
|
if (unlikely(tsk->compat_robust_list))
|
|
|
|
compat_exit_robust_list(tsk);
|
2007-10-17 06:27:30 +00:00
|
|
|
#endif
|
2006-03-27 09:16:24 +00:00
|
|
|
#endif
|
Audit: add TTY input auditing
Add TTY input auditing, used to audit system administrator's actions. This is
required by various security standards such as DCID 6/3 and PCI to provide
non-repudiation of administrator's actions and to allow a review of past
actions if the administrator seems to overstep their duties or if the system
becomes misconfigured for unknown reasons. These requirements do not make it
necessary to audit TTY output as well.
Compared to an user-space keylogger, this approach records TTY input using the
audit subsystem, correlated with other audit events, and it is completely
transparent to the user-space application (e.g. the console ioctls still
work).
TTY input auditing works on a higher level than auditing all system calls
within the session, which would produce an overwhelming amount of mostly
useless audit events.
Add an "audit_tty" attribute, inherited across fork (). Data read from TTYs
by process with the attribute is sent to the audit subsystem by the kernel.
The audit netlink interface is extended to allow modifying the audit_tty
attribute, and to allow sending explanatory audit events from user-space (for
example, a shell might send an event containing the final command, after the
interactive command-line editing and history expansion is performed, which
might be difficult to decipher from the TTY input alone).
Because the "audit_tty" attribute is inherited across fork (), it would be set
e.g. for sshd restarted within an audited session. To prevent this, the
audit_tty attribute is cleared when a process with no open TTY file
descriptors (e.g. after daemon startup) opens a TTY.
See https://www.redhat.com/archives/linux-audit/2007-June/msg00000.html for a
more detailed rationale document for an older version of this patch.
[akpm@linux-foundation.org: build fix]
Signed-off-by: Miloslav Trmac <mitr@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Paul Fulghum <paulkf@microgate.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-16 06:40:56 +00:00
|
|
|
if (group_dead)
|
|
|
|
tty_audit_exit();
|
2006-03-30 01:30:19 +00:00
|
|
|
if (unlikely(tsk->audit_context))
|
|
|
|
audit_free(tsk);
|
2006-12-07 04:36:51 +00:00
|
|
|
|
2007-08-31 06:56:23 +00:00
|
|
|
tsk->exit_code = code;
|
2006-12-07 04:36:51 +00:00
|
|
|
taskstats_exit(tsk, group_dead);
|
2006-07-14 07:24:40 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
exit_mm(tsk);
|
|
|
|
|
2006-06-25 12:49:24 +00:00
|
|
|
if (group_dead)
|
2006-06-25 12:49:25 +00:00
|
|
|
acct_process();
|
2005-04-16 22:20:36 +00:00
|
|
|
exit_sem(tsk);
|
|
|
|
__exit_files(tsk);
|
|
|
|
__exit_fs(tsk);
|
2007-07-16 06:38:48 +00:00
|
|
|
check_stack_usage();
|
2005-04-16 22:20:36 +00:00
|
|
|
exit_thread();
|
2007-10-19 06:39:33 +00:00
|
|
|
cgroup_exit(tsk, 1);
|
2005-04-16 22:20:36 +00:00
|
|
|
exit_keys(tsk);
|
|
|
|
|
|
|
|
if (group_dead && tsk->signal->leader)
|
|
|
|
disassociate_ctty(1);
|
|
|
|
|
2005-11-14 00:06:55 +00:00
|
|
|
module_put(task_thread_info(tsk)->exec_domain->module);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (tsk->binfmt)
|
|
|
|
module_put(tsk->binfmt->module);
|
|
|
|
|
2005-11-07 08:59:16 +00:00
|
|
|
proc_exit_connector(tsk);
|
2007-01-30 21:28:23 +00:00
|
|
|
exit_notify(tsk);
|
2005-04-16 22:20:36 +00:00
|
|
|
#ifdef CONFIG_NUMA
|
|
|
|
mpol_free(tsk->mempolicy);
|
|
|
|
tsk->mempolicy = NULL;
|
|
|
|
#endif
|
2007-10-17 06:27:30 +00:00
|
|
|
#ifdef CONFIG_FUTEX
|
2006-06-27 09:54:58 +00:00
|
|
|
/*
|
|
|
|
* This must happen late, after the PID is not
|
|
|
|
* hashed anymore:
|
|
|
|
*/
|
|
|
|
if (unlikely(!list_empty(&tsk->pi_state_list)))
|
|
|
|
exit_pi_state_list(tsk);
|
|
|
|
if (unlikely(current->pi_state_cache))
|
|
|
|
kfree(current->pi_state_cache);
|
2007-10-17 06:27:30 +00:00
|
|
|
#endif
|
2006-01-09 23:59:21 +00:00
|
|
|
/*
|
2006-07-03 07:24:33 +00:00
|
|
|
* Make sure we are holding no locks:
|
2006-01-09 23:59:21 +00:00
|
|
|
*/
|
2006-07-03 07:24:33 +00:00
|
|
|
debug_check_no_locks_held(tsk);
|
2007-06-08 20:47:00 +00:00
|
|
|
/*
|
|
|
|
* We can do this unlocked here. The futex code uses this flag
|
|
|
|
* just to verify whether the pi state cleanup has been done
|
|
|
|
* or not. In the worst case it loops once more.
|
|
|
|
*/
|
|
|
|
tsk->flags |= PF_EXITPIDONE;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2006-02-28 17:51:55 +00:00
|
|
|
if (tsk->io_context)
|
|
|
|
exit_io_context();
|
|
|
|
|
2006-04-11 11:52:07 +00:00
|
|
|
if (tsk->splice_pipe)
|
|
|
|
__free_pipe_info(tsk->splice_pipe);
|
|
|
|
|
2005-10-30 23:02:47 +00:00
|
|
|
preempt_disable();
|
2006-09-29 09:01:10 +00:00
|
|
|
/* causes final put_task_struct in finish_task_switch(). */
|
2006-09-29 09:01:11 +00:00
|
|
|
tsk->state = TASK_DEAD;
|
2005-10-30 23:02:47 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
schedule();
|
|
|
|
BUG();
|
|
|
|
/* Avoid "noreturn function does return". */
|
2006-09-29 09:00:42 +00:00
|
|
|
for (;;)
|
|
|
|
cpu_relax(); /* For when BUG is null */
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
2005-04-23 07:08:00 +00:00
|
|
|
EXPORT_SYMBOL_GPL(do_exit);
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
NORET_TYPE void complete_and_exit(struct completion *comp, long code)
|
|
|
|
{
|
|
|
|
if (comp)
|
|
|
|
complete(comp);
|
2006-09-29 09:01:10 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
do_exit(code);
|
|
|
|
}
|
|
|
|
|
|
|
|
EXPORT_SYMBOL(complete_and_exit);
|
|
|
|
|
|
|
|
asmlinkage long sys_exit(int error_code)
|
|
|
|
{
|
|
|
|
do_exit((error_code&0xff)<<8);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Take down every thread in the group. This is called by fatal signals
|
|
|
|
* as well as by sys_exit_group (below).
|
|
|
|
*/
|
|
|
|
NORET_TYPE void
|
|
|
|
do_group_exit(int exit_code)
|
|
|
|
{
|
|
|
|
BUG_ON(exit_code & 0x80); /* core dumps don't get here */
|
|
|
|
|
|
|
|
if (current->signal->flags & SIGNAL_GROUP_EXIT)
|
|
|
|
exit_code = current->signal->group_exit_code;
|
|
|
|
else if (!thread_group_empty(current)) {
|
|
|
|
struct signal_struct *const sig = current->signal;
|
|
|
|
struct sighand_struct *const sighand = current->sighand;
|
|
|
|
spin_lock_irq(&sighand->siglock);
|
|
|
|
if (sig->flags & SIGNAL_GROUP_EXIT)
|
|
|
|
/* Another thread got here before we took the lock. */
|
|
|
|
exit_code = sig->group_exit_code;
|
|
|
|
else {
|
|
|
|
sig->group_exit_code = exit_code;
|
|
|
|
zap_other_threads(current);
|
|
|
|
}
|
|
|
|
spin_unlock_irq(&sighand->siglock);
|
|
|
|
}
|
|
|
|
|
|
|
|
do_exit(exit_code);
|
|
|
|
/* NOTREACHED */
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* this kills every thread in the thread group. Note that any externally
|
|
|
|
* wait4()-ing process will get the correct exit code - even if this
|
|
|
|
* thread is not the thread group leader.
|
|
|
|
*/
|
|
|
|
asmlinkage void sys_exit_group(int error_code)
|
|
|
|
{
|
|
|
|
do_group_exit((error_code & 0xff) << 8);
|
|
|
|
}
|
|
|
|
|
2006-07-03 07:25:41 +00:00
|
|
|
static int eligible_child(pid_t pid, int options, struct task_struct *p)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2007-05-06 21:50:20 +00:00
|
|
|
int err;
|
2007-10-19 06:40:14 +00:00
|
|
|
struct pid_namespace *ns;
|
2007-05-06 21:50:20 +00:00
|
|
|
|
2007-10-19 06:40:14 +00:00
|
|
|
ns = current->nsproxy->pid_ns;
|
2005-04-16 22:20:36 +00:00
|
|
|
if (pid > 0) {
|
2007-10-19 06:40:14 +00:00
|
|
|
if (task_pid_nr_ns(p, ns) != pid)
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
} else if (!pid) {
|
2007-10-19 06:40:14 +00:00
|
|
|
if (task_pgrp_nr_ns(p, ns) != task_pgrp_vnr(current))
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
} else if (pid != -1) {
|
2007-10-19 06:40:14 +00:00
|
|
|
if (task_pgrp_nr_ns(p, ns) != -pid)
|
2005-04-16 22:20:36 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Do not consider detached threads that are
|
|
|
|
* not ptraced:
|
|
|
|
*/
|
|
|
|
if (p->exit_signal == -1 && !p->ptrace)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/* Wait for all children (clone and not) if __WALL is set;
|
|
|
|
* otherwise, wait for clone children *only* if __WCLONE is
|
|
|
|
* set; otherwise, wait for non-clone children *only*. (Note:
|
|
|
|
* A "clone" child here is one that reports to its parent
|
|
|
|
* using a signal other than SIGCHLD.) */
|
|
|
|
if (((p->exit_signal != SIGCHLD) ^ ((options & __WCLONE) != 0))
|
|
|
|
&& !(options & __WALL))
|
|
|
|
return 0;
|
|
|
|
/*
|
|
|
|
* Do not consider thread group leaders that are
|
|
|
|
* in a non-empty thread group:
|
|
|
|
*/
|
2006-09-02 17:22:16 +00:00
|
|
|
if (delay_group_leader(p))
|
2005-04-16 22:20:36 +00:00
|
|
|
return 2;
|
|
|
|
|
2007-05-06 21:50:20 +00:00
|
|
|
err = security_task_wait(p);
|
|
|
|
if (err)
|
|
|
|
return err;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2006-07-03 07:25:41 +00:00
|
|
|
static int wait_noreap_copyout(struct task_struct *p, pid_t pid, uid_t uid,
|
2005-04-16 22:20:36 +00:00
|
|
|
int why, int status,
|
|
|
|
struct siginfo __user *infop,
|
|
|
|
struct rusage __user *rusagep)
|
|
|
|
{
|
|
|
|
int retval = rusagep ? getrusage(p, RUSAGE_BOTH, rusagep) : 0;
|
2006-07-03 07:25:41 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
put_task_struct(p);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(SIGCHLD, &infop->si_signo);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_errno);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user((short)why, &infop->si_code);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(pid, &infop->si_pid);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(uid, &infop->si_uid);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(status, &infop->si_status);
|
|
|
|
if (!retval)
|
|
|
|
retval = pid;
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Handle sys_wait4 work for one task in state EXIT_ZOMBIE. We hold
|
|
|
|
* read_lock(&tasklist_lock) on entry. If we return zero, we still hold
|
|
|
|
* the lock and this task is uninteresting. If we return nonzero, we have
|
|
|
|
* released the lock and the system call should return.
|
|
|
|
*/
|
2006-07-03 07:25:41 +00:00
|
|
|
static int wait_task_zombie(struct task_struct *p, int noreap,
|
2005-04-16 22:20:36 +00:00
|
|
|
struct siginfo __user *infop,
|
|
|
|
int __user *stat_addr, struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
unsigned long state;
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
int retval, status, traced;
|
2007-10-19 06:40:14 +00:00
|
|
|
struct pid_namespace *ns;
|
|
|
|
|
|
|
|
ns = current->nsproxy->pid_ns;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
if (unlikely(noreap)) {
|
2007-10-19 06:40:14 +00:00
|
|
|
pid_t pid = task_pid_nr_ns(p, ns);
|
2005-04-16 22:20:36 +00:00
|
|
|
uid_t uid = p->uid;
|
|
|
|
int exit_code = p->exit_code;
|
|
|
|
int why, status;
|
|
|
|
|
|
|
|
if (unlikely(p->exit_state != EXIT_ZOMBIE))
|
|
|
|
return 0;
|
|
|
|
if (unlikely(p->exit_signal == -1 && p->ptrace == 0))
|
|
|
|
return 0;
|
|
|
|
get_task_struct(p);
|
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
if ((exit_code & 0x7f) == 0) {
|
|
|
|
why = CLD_EXITED;
|
|
|
|
status = exit_code >> 8;
|
|
|
|
} else {
|
|
|
|
why = (exit_code & 0x80) ? CLD_DUMPED : CLD_KILLED;
|
|
|
|
status = exit_code & 0x7f;
|
|
|
|
}
|
|
|
|
return wait_noreap_copyout(p, pid, uid, why,
|
|
|
|
status, infop, ru);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Try to move the task's state to DEAD
|
|
|
|
* only one thread is allowed to do this:
|
|
|
|
*/
|
|
|
|
state = xchg(&p->exit_state, EXIT_DEAD);
|
|
|
|
if (state != EXIT_ZOMBIE) {
|
|
|
|
BUG_ON(state != EXIT_DEAD);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
/* traced means p->ptrace, but not vice versa */
|
|
|
|
traced = (p->real_parent != p->parent);
|
|
|
|
|
|
|
|
if (likely(!traced)) {
|
2006-01-10 04:54:39 +00:00
|
|
|
struct signal_struct *psig;
|
|
|
|
struct signal_struct *sig;
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* The resource counters for the group leader are in its
|
|
|
|
* own task_struct. Those for dead threads in the group
|
|
|
|
* are in its signal_struct, as are those for the child
|
|
|
|
* processes it has previously reaped. All these
|
|
|
|
* accumulate in the parent's signal_struct c* fields.
|
|
|
|
*
|
|
|
|
* We don't bother to take a lock here to protect these
|
|
|
|
* p->signal fields, because they are only touched by
|
|
|
|
* __exit_signal, which runs with tasklist_lock
|
|
|
|
* write-locked anyway, and so is excluded here. We do
|
|
|
|
* need to protect the access to p->parent->signal fields,
|
|
|
|
* as other threads in the parent group can be right
|
|
|
|
* here reaping other children at the same time.
|
|
|
|
*/
|
|
|
|
spin_lock_irq(&p->parent->sighand->siglock);
|
2006-01-10 04:54:39 +00:00
|
|
|
psig = p->parent->signal;
|
|
|
|
sig = p->signal;
|
|
|
|
psig->cutime =
|
|
|
|
cputime_add(psig->cutime,
|
2005-04-16 22:20:36 +00:00
|
|
|
cputime_add(p->utime,
|
2006-01-10 04:54:39 +00:00
|
|
|
cputime_add(sig->utime,
|
|
|
|
sig->cutime)));
|
|
|
|
psig->cstime =
|
|
|
|
cputime_add(psig->cstime,
|
2005-04-16 22:20:36 +00:00
|
|
|
cputime_add(p->stime,
|
2006-01-10 04:54:39 +00:00
|
|
|
cputime_add(sig->stime,
|
|
|
|
sig->cstime)));
|
2007-10-15 15:00:19 +00:00
|
|
|
psig->cgtime =
|
|
|
|
cputime_add(psig->cgtime,
|
|
|
|
cputime_add(p->gtime,
|
|
|
|
cputime_add(sig->gtime,
|
|
|
|
sig->cgtime)));
|
2006-01-10 04:54:39 +00:00
|
|
|
psig->cmin_flt +=
|
|
|
|
p->min_flt + sig->min_flt + sig->cmin_flt;
|
|
|
|
psig->cmaj_flt +=
|
|
|
|
p->maj_flt + sig->maj_flt + sig->cmaj_flt;
|
|
|
|
psig->cnvcsw +=
|
|
|
|
p->nvcsw + sig->nvcsw + sig->cnvcsw;
|
|
|
|
psig->cnivcsw +=
|
|
|
|
p->nivcsw + sig->nivcsw + sig->cnivcsw;
|
2007-05-11 05:22:37 +00:00
|
|
|
psig->cinblock +=
|
|
|
|
task_io_get_inblock(p) +
|
|
|
|
sig->inblock + sig->cinblock;
|
|
|
|
psig->coublock +=
|
|
|
|
task_io_get_oublock(p) +
|
|
|
|
sig->oublock + sig->coublock;
|
2005-04-16 22:20:36 +00:00
|
|
|
spin_unlock_irq(&p->parent->sighand->siglock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now we are sure this task is interesting, and no other
|
|
|
|
* thread can reap it because we set its state to EXIT_DEAD.
|
|
|
|
*/
|
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
|
|
|
|
retval = ru ? getrusage(p, RUSAGE_BOTH, ru) : 0;
|
|
|
|
status = (p->signal->flags & SIGNAL_GROUP_EXIT)
|
|
|
|
? p->signal->group_exit_code : p->exit_code;
|
|
|
|
if (!retval && stat_addr)
|
|
|
|
retval = put_user(status, stat_addr);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(SIGCHLD, &infop->si_signo);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(0, &infop->si_errno);
|
|
|
|
if (!retval && infop) {
|
|
|
|
int why;
|
|
|
|
|
|
|
|
if ((status & 0x7f) == 0) {
|
|
|
|
why = CLD_EXITED;
|
|
|
|
status >>= 8;
|
|
|
|
} else {
|
|
|
|
why = (status & 0x80) ? CLD_DUMPED : CLD_KILLED;
|
|
|
|
status &= 0x7f;
|
|
|
|
}
|
|
|
|
retval = put_user((short)why, &infop->si_code);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(status, &infop->si_status);
|
|
|
|
}
|
|
|
|
if (!retval && infop)
|
2007-10-19 06:40:14 +00:00
|
|
|
retval = put_user(task_pid_nr_ns(p, ns), &infop->si_pid);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(p->uid, &infop->si_uid);
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
if (!retval)
|
2007-10-19 06:40:14 +00:00
|
|
|
retval = task_pid_nr_ns(p, ns);
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
|
|
|
|
if (traced) {
|
2005-04-16 22:20:36 +00:00
|
|
|
write_lock_irq(&tasklist_lock);
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
/* We dropped tasklist, ptracer could die and untrace */
|
|
|
|
ptrace_unlink(p);
|
|
|
|
/*
|
|
|
|
* If this is not a detached task, notify the parent.
|
|
|
|
* If it's still not detached after that, don't release
|
|
|
|
* it now.
|
|
|
|
*/
|
|
|
|
if (p->exit_signal != -1) {
|
|
|
|
do_notify_parent(p, p->exit_signal);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (p->exit_signal != -1) {
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
p->exit_state = EXIT_ZOMBIE;
|
|
|
|
p = NULL;
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
}
|
|
|
|
if (p != NULL)
|
|
|
|
release_task(p);
|
wait_task_zombie: fix 2/3 races vs forget_original_parent()
Two threads, T1 and T2. T2 ptraces P, and P is not a child of ptracer's
thread group. P exits and goes to TASK_ZOMBIE.
T1 does wait_task_zombie(P):
P->exit_state = TASK_DEAD;
...
read_unlock(&tasklist_lock);
T2 does exit(), takes tasklist,
forget_original_parent() does
__ptrace_unlink(P) but doesn't
call do_notify_parent(P) because
p->exit_state == EXIT_DEAD.
Now, P is not visible to our process: __ptrace_unlink() removed it from
->children. We should send notification to P->parent and release P if and
only if SIGCHLD is ignored.
And we have 3 bugs:
1. P->parent does do_wait() and gets -ECHILD (P is on ->parent->children,
but its state is TASK_DEAD).
2. // wait_task_zombie() continues
if (put_user(...)) {
// TODO: is this safe?
p->exit_state = EXIT_ZOMBIE;
return;
}
we return without notification/release, task_struct leaked.
Solution: ignore -EFAULT and proceed. It is an application's bug if
we can't fill infop/stat_addr (in case of VM_FAULT_OOM we have much
more problems).
3. // wait_task_zombie() continues
if (p->real_parent != p->parent) {
// Not taken, it was untraced'ed
...
}
release_task(p);
we released the task which we shouldn't.
Solution: check ->real_parent != ->parent before, under tasklist_lock,
but use ptrace_unlink() instead of __ptrace_unlink() to check ->ptrace.
This patch hopefully solves 2 and 3, the 1st bug will be fixed later, we need
some cleanups in forget_original_parent/reparent_thread.
However, the first race is very unlikely and not critical, so I hope it makes
sense to fix 1 and 2 for now.
4. Small cleanup: don't "restore" EXIT_ZOMBIE unless we know we are not going
to realease the child.
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17 06:26:58 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Handle sys_wait4 work for one task in state TASK_STOPPED. We hold
|
|
|
|
* read_lock(&tasklist_lock) on entry. If we return zero, we still hold
|
|
|
|
* the lock and this task is uninteresting. If we return nonzero, we have
|
|
|
|
* released the lock and the system call should return.
|
|
|
|
*/
|
2006-07-03 07:25:41 +00:00
|
|
|
static int wait_task_stopped(struct task_struct *p, int delayed_group_leader,
|
|
|
|
int noreap, struct siginfo __user *infop,
|
2005-04-16 22:20:36 +00:00
|
|
|
int __user *stat_addr, struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
int retval, exit_code;
|
2007-10-19 06:40:14 +00:00
|
|
|
struct pid_namespace *ns;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
if (!p->exit_code)
|
|
|
|
return 0;
|
|
|
|
if (delayed_group_leader && !(p->ptrace & PT_PTRACED) &&
|
2007-10-17 06:27:00 +00:00
|
|
|
p->signal->group_stop_count > 0)
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
* A group stop is in progress and this is the group leader.
|
|
|
|
* We won't report until all threads have stopped.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now we are pretty sure this task is interesting.
|
|
|
|
* Make sure it doesn't get reaped out from under us while we
|
|
|
|
* give up the lock and then examine it below. We don't want to
|
|
|
|
* keep holding onto the tasklist_lock while we call getrusage and
|
|
|
|
* possibly take page faults for user memory.
|
|
|
|
*/
|
2007-10-19 06:40:14 +00:00
|
|
|
ns = current->nsproxy->pid_ns;
|
2005-04-16 22:20:36 +00:00
|
|
|
get_task_struct(p);
|
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
|
|
|
|
if (unlikely(noreap)) {
|
2007-10-19 06:40:14 +00:00
|
|
|
pid_t pid = task_pid_nr_ns(p, ns);
|
2005-04-16 22:20:36 +00:00
|
|
|
uid_t uid = p->uid;
|
|
|
|
int why = (p->ptrace & PT_PTRACED) ? CLD_TRAPPED : CLD_STOPPED;
|
|
|
|
|
|
|
|
exit_code = p->exit_code;
|
2007-11-14 06:11:50 +00:00
|
|
|
if (unlikely(!exit_code) || unlikely(p->exit_state))
|
2005-04-16 22:20:36 +00:00
|
|
|
goto bail_ref;
|
|
|
|
return wait_noreap_copyout(p, pid, uid,
|
|
|
|
why, (exit_code << 8) | 0x7f,
|
|
|
|
infop, ru);
|
|
|
|
}
|
|
|
|
|
|
|
|
write_lock_irq(&tasklist_lock);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This uses xchg to be atomic with the thread resuming and setting
|
|
|
|
* it. It must also be done with the write lock held to prevent a
|
|
|
|
* race with the EXIT_ZOMBIE case.
|
|
|
|
*/
|
|
|
|
exit_code = xchg(&p->exit_code, 0);
|
|
|
|
if (unlikely(p->exit_state)) {
|
|
|
|
/*
|
|
|
|
* The task resumed and then died. Let the next iteration
|
|
|
|
* catch it in EXIT_ZOMBIE. Note that exit_code might
|
|
|
|
* already be zero here if it resumed and did _exit(0).
|
|
|
|
* The task itself is dead and won't touch exit_code again;
|
|
|
|
* other processors in this function are locked out.
|
|
|
|
*/
|
|
|
|
p->exit_code = exit_code;
|
|
|
|
exit_code = 0;
|
|
|
|
}
|
|
|
|
if (unlikely(exit_code == 0)) {
|
|
|
|
/*
|
|
|
|
* Another thread in this function got to it first, or it
|
|
|
|
* resumed, or it resumed and then died.
|
|
|
|
*/
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
bail_ref:
|
|
|
|
put_task_struct(p);
|
|
|
|
/*
|
|
|
|
* We are returning to the wait loop without having successfully
|
|
|
|
* removed the process and having released the lock. We cannot
|
|
|
|
* continue, since the "p" task pointer is potentially stale.
|
|
|
|
*
|
|
|
|
* Return -EAGAIN, and do_wait() will restart the loop from the
|
|
|
|
* beginning. Do _not_ re-acquire the lock.
|
|
|
|
*/
|
|
|
|
return -EAGAIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* move to end of parent's list to avoid starvation */
|
|
|
|
remove_parent(p);
|
2006-03-29 00:11:05 +00:00
|
|
|
add_parent(p);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
write_unlock_irq(&tasklist_lock);
|
|
|
|
|
|
|
|
retval = ru ? getrusage(p, RUSAGE_BOTH, ru) : 0;
|
|
|
|
if (!retval && stat_addr)
|
|
|
|
retval = put_user((exit_code << 8) | 0x7f, stat_addr);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(SIGCHLD, &infop->si_signo);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(0, &infop->si_errno);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user((short)((p->ptrace & PT_PTRACED)
|
|
|
|
? CLD_TRAPPED : CLD_STOPPED),
|
|
|
|
&infop->si_code);
|
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(exit_code, &infop->si_status);
|
|
|
|
if (!retval && infop)
|
2007-10-19 06:40:14 +00:00
|
|
|
retval = put_user(task_pid_nr_ns(p, ns), &infop->si_pid);
|
2005-04-16 22:20:36 +00:00
|
|
|
if (!retval && infop)
|
|
|
|
retval = put_user(p->uid, &infop->si_uid);
|
|
|
|
if (!retval)
|
2007-10-19 06:40:14 +00:00
|
|
|
retval = task_pid_nr_ns(p, ns);
|
2005-04-16 22:20:36 +00:00
|
|
|
put_task_struct(p);
|
|
|
|
|
|
|
|
BUG_ON(!retval);
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Handle do_wait work for one task in a live, non-stopped state.
|
|
|
|
* read_lock(&tasklist_lock) on entry. If we return zero, we still hold
|
|
|
|
* the lock and this task is uninteresting. If we return nonzero, we have
|
|
|
|
* released the lock and the system call should return.
|
|
|
|
*/
|
2006-07-03 07:25:41 +00:00
|
|
|
static int wait_task_continued(struct task_struct *p, int noreap,
|
2005-04-16 22:20:36 +00:00
|
|
|
struct siginfo __user *infop,
|
|
|
|
int __user *stat_addr, struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
int retval;
|
|
|
|
pid_t pid;
|
|
|
|
uid_t uid;
|
2007-10-19 06:40:14 +00:00
|
|
|
struct pid_namespace *ns;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
if (!(p->signal->flags & SIGNAL_STOP_CONTINUED))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
spin_lock_irq(&p->sighand->siglock);
|
|
|
|
/* Re-check with the lock held. */
|
|
|
|
if (!(p->signal->flags & SIGNAL_STOP_CONTINUED)) {
|
|
|
|
spin_unlock_irq(&p->sighand->siglock);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
if (!noreap)
|
|
|
|
p->signal->flags &= ~SIGNAL_STOP_CONTINUED;
|
|
|
|
spin_unlock_irq(&p->sighand->siglock);
|
|
|
|
|
2007-10-19 06:40:14 +00:00
|
|
|
ns = current->nsproxy->pid_ns;
|
|
|
|
pid = task_pid_nr_ns(p, ns);
|
2005-04-16 22:20:36 +00:00
|
|
|
uid = p->uid;
|
|
|
|
get_task_struct(p);
|
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
|
|
|
|
if (!infop) {
|
|
|
|
retval = ru ? getrusage(p, RUSAGE_BOTH, ru) : 0;
|
|
|
|
put_task_struct(p);
|
|
|
|
if (!retval && stat_addr)
|
|
|
|
retval = put_user(0xffff, stat_addr);
|
|
|
|
if (!retval)
|
2007-10-19 06:40:14 +00:00
|
|
|
retval = task_pid_nr_ns(p, ns);
|
2005-04-16 22:20:36 +00:00
|
|
|
} else {
|
|
|
|
retval = wait_noreap_copyout(p, pid, uid,
|
|
|
|
CLD_CONTINUED, SIGCONT,
|
|
|
|
infop, ru);
|
|
|
|
BUG_ON(retval == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static inline int my_ptrace_child(struct task_struct *p)
|
|
|
|
{
|
|
|
|
if (!(p->ptrace & PT_PTRACED))
|
|
|
|
return 0;
|
|
|
|
if (!(p->ptrace & PT_ATTACHED))
|
|
|
|
return 1;
|
|
|
|
/*
|
|
|
|
* This child was PTRACE_ATTACH'd. We should be seeing it only if
|
|
|
|
* we are the attacher. If we are the real parent, this is a race
|
|
|
|
* inside ptrace_attach. It is waiting for the tasklist_lock,
|
|
|
|
* which we have to switch the parent links, but has already set
|
|
|
|
* the flags in p->ptrace.
|
|
|
|
*/
|
|
|
|
return (p->parent != p->real_parent);
|
|
|
|
}
|
|
|
|
|
|
|
|
static long do_wait(pid_t pid, int options, struct siginfo __user *infop,
|
|
|
|
int __user *stat_addr, struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
DECLARE_WAITQUEUE(wait, current);
|
|
|
|
struct task_struct *tsk;
|
|
|
|
int flag, retval;
|
2007-05-06 21:50:20 +00:00
|
|
|
int allowed, denied;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
add_wait_queue(¤t->signal->wait_chldexit,&wait);
|
|
|
|
repeat:
|
|
|
|
/*
|
|
|
|
* We will set this flag if we see any child that might later
|
|
|
|
* match our criteria, even if we are not able to reap it yet.
|
|
|
|
*/
|
|
|
|
flag = 0;
|
2007-05-06 21:50:20 +00:00
|
|
|
allowed = denied = 0;
|
2005-04-16 22:20:36 +00:00
|
|
|
current->state = TASK_INTERRUPTIBLE;
|
|
|
|
read_lock(&tasklist_lock);
|
|
|
|
tsk = current;
|
|
|
|
do {
|
|
|
|
struct task_struct *p;
|
|
|
|
int ret;
|
|
|
|
|
2007-10-19 06:39:57 +00:00
|
|
|
list_for_each_entry(p, &tsk->children, sibling) {
|
2005-04-16 22:20:36 +00:00
|
|
|
ret = eligible_child(pid, options, p);
|
|
|
|
if (!ret)
|
|
|
|
continue;
|
|
|
|
|
2007-05-06 21:50:20 +00:00
|
|
|
if (unlikely(ret < 0)) {
|
|
|
|
denied = ret;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
allowed = 1;
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
switch (p->state) {
|
|
|
|
case TASK_TRACED:
|
2005-10-30 23:02:50 +00:00
|
|
|
/*
|
|
|
|
* When we hit the race with PTRACE_ATTACH,
|
|
|
|
* we will not report this child. But the
|
|
|
|
* race means it has not yet been moved to
|
|
|
|
* our ptrace_children list, so we need to
|
|
|
|
* set the flag here to avoid a spurious ECHILD
|
|
|
|
* when the race happens with the only child.
|
|
|
|
*/
|
|
|
|
flag = 1;
|
2005-04-16 22:20:36 +00:00
|
|
|
if (!my_ptrace_child(p))
|
|
|
|
continue;
|
|
|
|
/*FALLTHROUGH*/
|
|
|
|
case TASK_STOPPED:
|
|
|
|
/*
|
|
|
|
* It's stopped now, so it might later
|
|
|
|
* continue, exit, or stop again.
|
|
|
|
*/
|
|
|
|
flag = 1;
|
|
|
|
if (!(options & WUNTRACED) &&
|
|
|
|
!my_ptrace_child(p))
|
|
|
|
continue;
|
|
|
|
retval = wait_task_stopped(p, ret == 2,
|
|
|
|
(options & WNOWAIT),
|
|
|
|
infop,
|
|
|
|
stat_addr, ru);
|
|
|
|
if (retval == -EAGAIN)
|
|
|
|
goto repeat;
|
|
|
|
if (retval != 0) /* He released the lock. */
|
|
|
|
goto end;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
// case EXIT_DEAD:
|
|
|
|
if (p->exit_state == EXIT_DEAD)
|
|
|
|
continue;
|
|
|
|
// case EXIT_ZOMBIE:
|
|
|
|
if (p->exit_state == EXIT_ZOMBIE) {
|
|
|
|
/*
|
|
|
|
* Eligible but we cannot release
|
|
|
|
* it yet:
|
|
|
|
*/
|
|
|
|
if (ret == 2)
|
|
|
|
goto check_continued;
|
|
|
|
if (!likely(options & WEXITED))
|
|
|
|
continue;
|
|
|
|
retval = wait_task_zombie(
|
|
|
|
p, (options & WNOWAIT),
|
|
|
|
infop, stat_addr, ru);
|
|
|
|
/* He released the lock. */
|
|
|
|
if (retval != 0)
|
|
|
|
goto end;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
check_continued:
|
|
|
|
/*
|
|
|
|
* It's running now, so it might later
|
|
|
|
* exit, stop, or stop and then continue.
|
|
|
|
*/
|
|
|
|
flag = 1;
|
|
|
|
if (!unlikely(options & WCONTINUED))
|
|
|
|
continue;
|
|
|
|
retval = wait_task_continued(
|
|
|
|
p, (options & WNOWAIT),
|
|
|
|
infop, stat_addr, ru);
|
|
|
|
if (retval != 0) /* He released the lock. */
|
|
|
|
goto end;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!flag) {
|
2007-10-19 06:39:57 +00:00
|
|
|
list_for_each_entry(p, &tsk->ptrace_children,
|
|
|
|
ptrace_list) {
|
2005-04-16 22:20:36 +00:00
|
|
|
if (!eligible_child(pid, options, p))
|
|
|
|
continue;
|
|
|
|
flag = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (options & __WNOTHREAD)
|
|
|
|
break;
|
|
|
|
tsk = next_thread(tsk);
|
2006-06-23 09:06:06 +00:00
|
|
|
BUG_ON(tsk->signal != current->signal);
|
2005-04-16 22:20:36 +00:00
|
|
|
} while (tsk != current);
|
|
|
|
|
|
|
|
read_unlock(&tasklist_lock);
|
|
|
|
if (flag) {
|
|
|
|
retval = 0;
|
|
|
|
if (options & WNOHANG)
|
|
|
|
goto end;
|
|
|
|
retval = -ERESTARTSYS;
|
|
|
|
if (signal_pending(current))
|
|
|
|
goto end;
|
|
|
|
schedule();
|
|
|
|
goto repeat;
|
|
|
|
}
|
|
|
|
retval = -ECHILD;
|
2007-05-06 21:50:20 +00:00
|
|
|
if (unlikely(denied) && !allowed)
|
|
|
|
retval = denied;
|
2005-04-16 22:20:36 +00:00
|
|
|
end:
|
|
|
|
current->state = TASK_RUNNING;
|
|
|
|
remove_wait_queue(¤t->signal->wait_chldexit,&wait);
|
|
|
|
if (infop) {
|
|
|
|
if (retval > 0)
|
|
|
|
retval = 0;
|
|
|
|
else {
|
|
|
|
/*
|
|
|
|
* For a WNOHANG return, clear out all the fields
|
|
|
|
* we would set so the user can easily tell the
|
|
|
|
* difference.
|
|
|
|
*/
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_signo);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_errno);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_code);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_pid);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_uid);
|
|
|
|
if (!retval)
|
|
|
|
retval = put_user(0, &infop->si_status);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return retval;
|
|
|
|
}
|
|
|
|
|
|
|
|
asmlinkage long sys_waitid(int which, pid_t pid,
|
|
|
|
struct siginfo __user *infop, int options,
|
|
|
|
struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
long ret;
|
|
|
|
|
|
|
|
if (options & ~(WNOHANG|WNOWAIT|WEXITED|WSTOPPED|WCONTINUED))
|
|
|
|
return -EINVAL;
|
|
|
|
if (!(options & (WEXITED|WSTOPPED|WCONTINUED)))
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
switch (which) {
|
|
|
|
case P_ALL:
|
|
|
|
pid = -1;
|
|
|
|
break;
|
|
|
|
case P_PID:
|
|
|
|
if (pid <= 0)
|
|
|
|
return -EINVAL;
|
|
|
|
break;
|
|
|
|
case P_PGID:
|
|
|
|
if (pid <= 0)
|
|
|
|
return -EINVAL;
|
|
|
|
pid = -pid;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = do_wait(pid, options, infop, NULL, ru);
|
|
|
|
|
|
|
|
/* avoid REGPARM breakage on x86: */
|
|
|
|
prevent_tail_call(ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
asmlinkage long sys_wait4(pid_t pid, int __user *stat_addr,
|
|
|
|
int options, struct rusage __user *ru)
|
|
|
|
{
|
|
|
|
long ret;
|
|
|
|
|
|
|
|
if (options & ~(WNOHANG|WUNTRACED|WCONTINUED|
|
|
|
|
__WNOTHREAD|__WCLONE|__WALL))
|
|
|
|
return -EINVAL;
|
|
|
|
ret = do_wait(pid, options | WEXITED, NULL, stat_addr, ru);
|
|
|
|
|
|
|
|
/* avoid REGPARM breakage on x86: */
|
|
|
|
prevent_tail_call(ret);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef __ARCH_WANT_SYS_WAITPID
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sys_waitpid() remains for compatibility. waitpid() should be
|
|
|
|
* implemented by calling sys_wait4() from libc.a.
|
|
|
|
*/
|
|
|
|
asmlinkage long sys_waitpid(pid_t pid, int __user *stat_addr, int options)
|
|
|
|
{
|
|
|
|
return sys_wait4(pid, stat_addr, options, NULL);
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|