CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Konstantin Belousov <kib@FreeBSD.org>
	Mon, 12 Jun 2023 07:33:43 +0000 (10:33 +0300)
committer	Konstantin Belousov <kib@FreeBSD.org>
	Tue, 4 Jul 2023 03:21:53 +0000 (06:21 +0300)
commit	3360b48525fc966894e77b8cd9c124669664472d
tree	f5ed17de8c7f8f94dcd75ab7bdc025028d40afbc	tree \| snapshot
parent	4b59d1724b765063891cb44c28079b4c503a02fd	commit \| diff

killpg(2): close a race with fork(2), part1

If the process group member performs fork(), the child could escape
signalling from killpg(). Prevent it by introducing an sx process group
lock pg_killsx which is taken interruptibly shared around fork. If there
is a pending signal, do the trip through userspace with ERESTART to
handle signal ASTs. The lock is taken exclusively during killpg().

The lock is also locked exclusive when the process changes group
membership, to avoid escaping a signal by this means, by ensuring that
the process group is stable during fork.

Note that the new lock is before proctree lock, so in some situations we
could only do trylocking to obtain it.

This relatively simple approach cannot work for REAP_KILL, because
process potentially belongs to more than one reaper tree by having
sub-reapers.

Reported by: dchagin
Tested by: dchagin, pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D40493

sys/kern/init_main.c		diff \| blob \| history
sys/kern/kern_fork.c		diff \| blob \| history
sys/kern/kern_proc.c		diff \| blob \| history
sys/kern/kern_prot.c		diff \| blob \| history
sys/kern/kern_sig.c		diff \| blob \| history
sys/sys/proc.h		diff \| blob \| history