2005-12-09 02:14:41

by Oren Laadan

[permalink] [raw]
Subject: [PATCH] fork: fix race in setting child's pgrp and tty

[PATCH] fork: fix race in setting child's pgrp and tty

In fork, child should recopy parent's pgrp/tty after it has tasklist_lock.
Otherwise following a setpgid() on the parent, *after* copy_signal(), the
child will own a stale pgrp (which may be reused); (eg. if copy_mm()
sleeps a long while due to memory pressure). Similar issue for the tty.

Signed-off-by: Oren Laadan <[email protected]>
---

diff --git a/kernel/fork.c b/kernel/fork.c
index fb8572a..059e71f 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1055,6 +1055,15 @@ static task_t *copy_process(unsigned lon
!cpu_online(task_cpu(p))))
set_task_cpu(p, smp_processor_id());

+ /*
+ * signal->{prgp,tty} may have changed since we had copied them;
+ * pgrp may have been freed -- and reused -- since then [orenl]
+ */
+ if (p->signal != current->signal) {
+ p->signal->tty = current->signal->tty;
+ p->signal->pgrp = process_group(current);
+ }
+
/*
* Check for pending SIGKILL! The new thread should not be allowed
* to slip out of an OOM kill. (or normal SIGKILL.)