[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

kernel fork signal races

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: kernel fork signal races
From: mickey <mickey_(_at_)_lucifier_(_dot_)_net>
Date: Wed, 22 Mar 2006 20:28:53 +0100

re
during the process forking new process is put onto the childs and
pgrp list too early before it is fully forked and thus later
uvmspace_fork() going into tsleep may as well allow signals
to be delivered to the newly but incompletely forked process.
please test.
cu


-- 
    paranoic mickey       (my employers have changed but, the name has remained)

Index: kern/kern_fork.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_fork.c,v
retrieving revision 1.82
diff -u -r1.82 kern_fork.c
--- kern/kern_fork.c	20 Feb 2006 19:39:11 -0000	1.82
+++ kern/kern_fork.c	16 Mar 2006 15:10:46 -0000
@@ -278,18 +290,15 @@
 		p2->p_flag |= P_CONTROLT;
 	if (flags & FORK_PPWAIT)
 		p2->p_flag |= P_PPWAIT;
-	LIST_INSERT_AFTER(p1, p2, p_pglist);
 	p2->p_pptr = p1;
 	if (flags & FORK_NOZOMBIE)
 		p2->p_flag |= P_NOZOMBIE;
-	LIST_INSERT_HEAD(&p1->p_children, p2, p_sibling);
 	LIST_INIT(&p2->p_children);
 
 #ifdef RTHREADS
 	if (flags & FORK_THREAD) {
 		p2->p_flag |= P_THREAD;
 		p2->p_thrparent = p1->p_thrparent;
-		LIST_INSERT_HEAD(&p1->p_thrparent->p_thrchildren, p2, p_thrsib);
 	} else {
 		p2->p_thrparent = p2;
 	}
@@ -346,6 +355,9 @@
 	uvm_fork(p1, p2, ((flags & FORK_SHAREVM) ? TRUE : FALSE), stack,
 	    stacksize, func ? func : child_return, arg ? arg : p2);
 
+	timeout_set(&p2->p_stats->p_virt_to, virttimer_trampoline, p2);
+	timeout_set(&p2->p_stats->p_prof_to, proftimer_trampoline, p2);
+
 	vm = p2->p_vmspace;
 
 	if (flags & FORK_FORK) {
@@ -387,14 +399,15 @@
 
 	LIST_INSERT_HEAD(&allproc, p2, p_list);
 	LIST_INSERT_HEAD(PIDHASH(p2->p_pid), p2, p_hash);
+	LIST_INSERT_HEAD(&p1->p_children, p2, p_sibling);
+	LIST_INSERT_AFTER(p1, p2, p_pglist);
+	if (flags & FORK_THREAD)
+		LIST_INSERT_HEAD(&p1->p_thrparent->p_thrchildren, p2, p_thrsib);
 
 #if NSYSTRACE > 0
 	if (ISSET(p1->p_flag, P_SYSTRACE))
 		systrace_fork(p1, p2);
 #endif
-
-	timeout_set(&p2->p_stats->p_virt_to, virttimer_trampoline, p2);
-	timeout_set(&p2->p_stats->p_prof_to, proftimer_trampoline, p2);
 
 	/*
 	 * Make child runnable, set start time, and add to run queue.

Prev by Date: Coverity fix for games/hunt
Next by Date: 3.9: wscons changed?
Previous by thread: Re: Coverity fix for games/hunt
Next by thread: 3.9: wscons changed?
Index(es):
- Date
- Thread

Visit your host, monkey.org