| Message ID | 202012221402.0BME27gm228677@finist-co8.sw.ru |
|---|---|
| State | New |
| Series | "ptrace: fix task_join_group_stop() for the case when current is traced" |
| Headers | show
Delivered-To: criupatchwork@gmail.com Received: from imap.gmail.com [108.177.119.109] by patchwork.criu.org with IMAP (fetchmail-6.4.8) for <root@localhost> (single-drop); Tue, 22 Dec 2020 15:03:47 +0100 (CET) Received: by 2002:aa6:c11a:0:b029:a4:55c9:6120 with SMTP id c26csp5314318lkp; Tue, 22 Dec 2020 06:03:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJySRtw3SpyASzIxqKfc7023leVKU3DG9tXzvjDFlpmcLnw0/EiZhuczaLFaXGHW5vfQMIY0 X-Received: by 2002:a2e:2c15:: with SMTP id s21mr9461467ljs.39.1608645819571; Tue, 22 Dec 2020 06:03:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608645819; cv=none; d=google.com; s=arc-20160816; b=JQfHHvzjDID/h/GVOHqGlBIjYqrYsWz9j9udMJkJWpwzqzQ3FpeRU+FtSTHmQsGIzb qp/9fgR5Ams512veGYUqLwlEEfjWB/bHhukkzXmVt1i0AHpoJZBvmBLYnNogoGFpx3cg Z93C3pPwbbdXjxi6eaSlmREVcRVy+P8G5/hDQUrPGSjz1BdbazynQiLVLxUXlGTnoHsP AERf6uK8htzelHidElESUQrX960yGygq5n/Py1aT5ri3DSWhWmXnUP7654R1OYMceSAG VBzZ/fpRySUmkaEIcvMsfuIFYe3FxHuhuwPmGNf+BTFeBXlgFzZ7DNHEiRw+1ZJyXtMi Xtpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :cc:mime-version:in-reply-to:to:from:message-id:date; bh=eYV2WlgPLO8Hk0VZxjaqM3867ra9VkDUtP1296FM0TU=; b=Npx+Ty6dG02SZOsIDODRm+SH5SR4oHt87A+nYFXF4u627eywHYyJk5cIUMFS9/xlj/ 6sCoO6ewosnCDJJewyX0wbYlBNTWPRHg+Um0s/pk6yEqC7gtHZLnW4OeU+6E3Dnr5xm0 ruruBlCB1bbSBYOg855R/NNk/uPqwYFQDhSD2HYCbpAisu396M7cu7i7knohKe0vJMpm 7mUPAxwwAg5XPVow/sPuAcbYpu+gCbF7xzxw9MY1mxm/T8vqJeV8Kqm9IGaGs4LlOluQ wPHTizqkVQbMA4Wk/swG7lqxVVqIgNLrystc9C2F6uTYWPHEqNsaapANq5V51Zz2lgip vekA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of devel-bounces@openvz.org designates 185.231.241.50 as permitted sender) smtp.mailfrom=devel-bounces@openvz.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Return-Path: <devel-bounces@openvz.org> Received: from mail.openvz.org (mail.openvz.org. [185.231.241.50]) by mx.google.com with ESMTPS id 198si9623618lfg.32.2020.12.22.06.03.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Dec 2020 06:03:39 -0800 (PST) Received-SPF: pass (google.com: domain of devel-bounces@openvz.org designates 185.231.241.50 as permitted sender) client-ip=185.231.241.50; Authentication-Results: mx.google.com; spf=pass (google.com: domain of devel-bounces@openvz.org designates 185.231.241.50 as permitted sender) smtp.mailfrom=devel-bounces@openvz.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Received: from localhost.localdomain (localhost [127.0.0.1]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id 0BME2lYl023693; Tue, 22 Dec 2020 17:02:48 +0300 Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-he1eur02lp2059.outbound.protection.outlook.com [104.47.5.59]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id 0BME2cLM023678 for <devel@openvz.org>; Tue, 22 Dec 2020 17:02:39 +0300 Received: from AS8PR04CA0149.eurprd04.prod.outlook.com (2603:10a6:20b:127::34) by AM6PR08MB4069.eurprd08.prod.outlook.com (2603:10a6:20b:af::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3676.25; Tue, 22 Dec 2020 14:02:36 +0000 Received: from HE1EUR01FT052.eop-EUR01.prod.protection.outlook.com (2603:10a6:20b:127:cafe::88) by AS8PR04CA0149.outlook.office365.com (2603:10a6:20b:127::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3676.28 via Frontend Transport; Tue, 22 Dec 2020 14:02:36 +0000 Authentication-Results: spf=pass (sender IP is 185.231.240.75) smtp.mailfrom=virtuozzo.com; openvz.org; dkim=none (message not signed) header.d=none; openvz.org; dmarc=pass action=none header.from=virtuozzo.com; Received-SPF: Pass (protection.outlook.com: domain of virtuozzo.com designates 185.231.240.75 as permitted sender) receiver=protection.outlook.com; client-ip=185.231.240.75; helo=relay3.sw.ru; Received: from relay3.sw.ru (185.231.240.75) by HE1EUR01FT052.mail.protection.outlook.com (10.152.1.94) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3676.25 via Frontend Transport; Tue, 22 Dec 2020 14:02:35 +0000 Received: from [10.94.5.150] (helo=finist-co8.sw.ru) by relay3.sw.ru with esmtp (Exim 4.94) (envelope-from <khorenko@virtuozzo.com>) id 1kriEg-00E76i-Tj; Tue, 22 Dec 2020 17:01:58 +0300 Received: from finist-co8.sw.ru (localhost [127.0.0.1]) by finist-co8.sw.ru (8.15.2/8.15.2) with ESMTPS id 0BME27oC228678 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Tue, 22 Dec 2020 17:02:07 +0300 Received: (from khorenko@localhost) by finist-co8.sw.ru (8.15.2/8.15.2/Submit) id 0BME27gm228677; Tue, 22 Dec 2020 17:02:07 +0300 Date: Tue, 22 Dec 2020 17:02:07 +0300 Message-Id: <202012221402.0BME27gm228677@finist-co8.sw.ru> X-Authentication-Warning: finist-co8.sw.ru: khorenko set sender to khorenko@virtuozzo.com using -f From: Konstantin Khorenko <khorenko@virtuozzo.com> To: Andrey Ryabinin <aryabinin@virtuozzo.com> In-Reply-to: <20201217142356.27890-1-aryabinin@virtuozzo.com> X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: be399fe8-9244-4262-fd5d-08d8a6823c32 X-MS-TrafficTypeDiagnostic: AM6PR08MB4069: X-Forefront-Antispam-Report: CIP:185.231.240.75; CTRY:RU; LANG:en; SCL:-1; SRV:; IPV:CAL; SFV:SKN; H:relay3.sw.ru; PTR:relay.sw.ru; CAT:NONE; SFS:; DIR:INB; X-MS-Oob-TLC-OOBClassifiers: OLM:1201; X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?TzVivrKUemlBybC8rJlyj2p+nlrLCGCejdaHS/6tMmRFnRNTW7J0MZMgAD6v?= =?us-ascii?Q?a4L8JelAnqI3PV9z6NEGDJiQkazZHG9Bj3beWyg1z0EKYTUXoV2MhSnZoH/q?= =?us-ascii?Q?zjeY+pA0SR+rlc6f+Cx2ckVbTlx45f8UozRgAXvb5HftcuEyaht7X3fM1R9z?= =?us-ascii?Q?TAP7HCJm+JZ7rBmwsfmkS1c2uJWS9mrVWpFNrsyh9VWoVIjuMVDM8FdxhbLu?= =?us-ascii?Q?VqF/sz6D8QH+GZZ6dW8CkxCJOiw5kmLxjc59UfQ0lsaIZnA3OWVnR+GVVeXa?= =?us-ascii?Q?Hd0+SGSscWZRFU2wRiND/PmUEitOOfmeIaTonnOomIp99lC0RD8bSW1xr3Qt?= =?us-ascii?Q?Lw4ub1IkBTW5thXIJMRvu/0+tsUZw57md1BnrZO3oSpB2hMahPOR/gVyvycC?= =?us-ascii?Q?qz9b6GxTE/U1dnJ3zDsyJm1+AC84oiWnKnRhcc7RTRGtuI5VPl+DZObM6udd?= =?us-ascii?Q?Twhjak+ycZVHs9kXzMbaYCIUAQkvzWXP0KgMtZ7ylVGwDWunFMpth3/EApdt?= =?us-ascii?Q?+bNKf3qnQO4IbxLy+dOt70xHdN6RuUAeHHzt7YtOKhIFHjtpHLzcS9CDUAPL?= =?us-ascii?Q?6KZpOEhDc/EtDJ2vncTpqRbAqhxh0ueBrElI0J7axefexpDH+2o1lqyNr8bO?= =?us-ascii?Q?tBbhNbK1ZNKN8Rx9mjGTsvMtwL3NyeAsSjE2PMxHYUG/c827OFofjhYykGH1?= =?us-ascii?Q?sywLvPZJL2l82Afu7zDgCEgr0skIOm6SXHne+stZmdYUmrXPM2B2DiRDm8lO?= =?us-ascii?Q?bCRQ4ry7dSX1t/U4TfsKwWBZsi6mTT2sAOUq8MCcp98YinE1n+eagH2aBzMM?= =?us-ascii?Q?lru838qFXI9DrHzVG4+9UlpqK6bc/GoG1HEbh8UVHls2oVHc7k5R7vILdWeA?= =?us-ascii?Q?yvUtszrpM3O1VW1iNh7/InRB/CKBL8xONTHrNQYvUgoW/OSs9JG64rWThjba?= =?us-ascii?Q?JlOENp1Ejp2Qjnxwwc9enc2IK3X8ANh10MB/5ommBSCoodPve7cQkS2kjutH?= =?us-ascii?Q?ae4cv5q/cSw6Vgch5AHMCCmfcEENJW/6jFSHCVigZ6obW1Bv0mcXrlCNRjV4?= =?us-ascii?Q?+DXWqhADF6vugF1zQGJ6tSGfAtI1alf5n7NSOTT82DuQOpakGyTpfY3UYgL6?= =?us-ascii?Q?tkDbxSz5883rcD8gKGnMLgC7atAF0FURgd/YOnQv1QUel3RaOeFdx+5Tv0gd?= =?us-ascii?Q?FSz9QcQBVQZj9B1ykf+pn2sRlo4IceTy0VTsZ1+vES/e6RL7RJV23vvWWVL/?= =?us-ascii?Q?pPBUSgojSP/LW4IHtmpvQoPHk/lLm511PGzwi+IMDuDJcZLwEgmyBnDDGvUZ?= =?us-ascii?Q?o5Fy3AXtFBiqbzcSEEjb1N4fkbtrEuZCshnQCFySstRKphI+fl6flN8S1KuD?= =?us-ascii?Q?h61toI6I4xa0Jb3A+5I7vZuvFv1k6/QXeROw4EKSX0ikYyHEJmVejCLgEoDF?= =?us-ascii?Q?CjMJiXW3HsBRVjinSvy/gvJFKiUPvaGQOIkgk63788lSzLq6e+BIgc/ziU6x?= =?us-ascii?Q?Dp6Py+V55KK2lRcVlWxkT1lyiU9OV19w1QrvFpzfuwK+r4k15K1VoYHRGclk?= =?us-ascii?Q?NV8lROcT8BXuNAI9CjxO/XHpsfgBSkLq2iqHrDrmDjfXUhXw3+MxN16Jtzfi?= =?us-ascii?Q?WQ=3D=3D?= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Dec 2020 14:02:35.8839 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: be399fe8-9244-4262-fd5d-08d8a6823c32 X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0bc7f26d-0264-416e-a6fc-8352af79c58f; Ip=[185.231.240.75]; Helo=[relay3.sw.ru] X-MS-Exchange-CrossTenant-AuthSource: HE1EUR01FT052.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4069 X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 185.231.240.75 X-MS-Exchange-CrossPremises-TransportTrafficType: Email X-MS-Exchange-CrossPremises-AuthSource: HE1EUR01FT052.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossPremises-AuthAs: Anonymous X-MS-Exchange-CrossPremises-SCL: -1 X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent X-OrganizationHeadersPreserved: AM6PR08MB4069.eurprd08.prod.outlook.com Cc: OpenVZ devel <devel@openvz.org> Subject: [Devel] [PATCH RHEL8 COMMIT] ms/ptrace: fix task_join_group_stop() for the case when current is traced X-BeenThere: devel@openvz.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: OpenVZ development <devel.openvz.org> List-Unsubscribe: <https://lists.openvz.org/mailman/options/devel>, <mailto:devel-request@openvz.org?subject=unsubscribe> List-Archive: <http://lists.openvz.org/pipermail/devel/> List-Post: <mailto:devel@openvz.org> List-Help: <mailto:devel-request@openvz.org?subject=help> List-Subscribe: <https://lists.openvz.org/mailman/listinfo/devel>, <mailto:devel-request@openvz.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: devel-bounces@openvz.org Errors-To: devel-bounces@openvz.org |
diff --git a/kernel/signal.c b/kernel/signal.c index 177cd7f04acb..171f7496f811 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -388,16 +388,17 @@ static bool task_participate_group_stop(struct task_struct *task) void task_join_group_stop(struct task_struct *task) { + unsigned long mask = current->jobctl & JOBCTL_STOP_SIGMASK; + struct signal_struct *sig = current->signal; + + if (sig->group_stop_count) { + sig->group_stop_count++; + mask |= JOBCTL_STOP_CONSUME; + } else if (!(sig->flags & SIGNAL_STOP_STOPPED)) + return; + /* Have the new thread join an on-going signal group stop */ - unsigned long jobctl = current->jobctl; - if (jobctl & JOBCTL_STOP_PENDING) { - struct signal_struct *sig = current->signal; - unsigned long signr = jobctl & JOBCTL_STOP_SIGMASK; - unsigned long gstop = JOBCTL_STOP_PENDING | JOBCTL_STOP_CONSUME; - if (task_set_jobctl_pending(task, signr | gstop)) { - sig->group_stop_count++; - } - } + task_set_jobctl_pending(task, mask | JOBCTL_STOP_PENDING); } /*
The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh8-4.18.0-240.1.1.vz8.5.3 ------> commit 375b9696ec2b0eb6af3a22647ade8e9881d03133 Author: Oleg Nesterov <oleg@redhat.com> Date: Tue Dec 22 17:02:07 2020 +0300 ms/ptrace: fix task_join_group_stop() for the case when current is traced This testcase #include <stdio.h> #include <unistd.h> #include <signal.h> #include <sys/ptrace.h> #include <sys/wait.h> #include <pthread.h> #include <assert.h> void *tf(void *arg) { return NULL; } int main(void) { int pid = fork(); if (!pid) { kill(getpid(), SIGSTOP); pthread_t th; pthread_create(&th, NULL, tf, NULL); return 0; } waitpid(pid, NULL, WSTOPPED); ptrace(PTRACE_SEIZE, pid, 0, PTRACE_O_TRACECLONE); waitpid(pid, NULL, 0); ptrace(PTRACE_CONT, pid, 0,0); waitpid(pid, NULL, 0); int status; int thread = waitpid(-1, &status, 0); assert(thread > 0 && thread != pid); assert(status == 0x80137f); return 0; } fails and triggers WARN_ON_ONCE(!signr) in do_jobctl_trap(). This is because task_join_group_stop() has 2 problems when current is traced: 1. We can't rely on the "JOBCTL_STOP_PENDING" check, a stopped tracee can be woken up by debugger and it can clone another thread which should join the group-stop. We need to check group_stop_count || SIGNAL_STOP_STOPPED. 2. If SIGNAL_STOP_STOPPED is already set, we should not increment sig->group_stop_count and add JOBCTL_STOP_CONSUME. The new thread should stop without another do_notify_parent_cldstop() report. To clarify, the problem is very old and we should blame ptrace_init_task(). But now that we have task_join_group_stop() it makes more sense to fix this helper to avoid the code duplication. Reported-by: syzbot+3485e3773f7da290eecc@syzkaller.appspotmail.com Signed-off-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Cc: Jens Axboe <axboe@kernel.dk> Cc: Christian Brauner <christian@brauner.io> Cc: "Eric W . Biederman" <ebiederm@xmission.com> Cc: Zhiqiang Liu <liuzhiqiang26@huawei.com> Cc: Tejun Heo <tj@kernel.org> Cc: <stable@vger.kernel.org> Link: https://lkml.kernel.org/r/20201019134237.GA18810@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> https://jira.sw.ru/browse/PSBM-123525 (cherry picked from commit 7b3c36fc4c231ca532120bbc0df67a12f09c1d96) Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> --- kernel/signal.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-)