Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp3835781imm; Mon, 15 Oct 2018 05:07:40 -0700 (PDT) X-Google-Smtp-Source: ACcGV62oNMBH/wfRCgyY1zDooRBBpzhUx8FqujUHi5idFmZ4G0hArOvfN3d1hh2AeBqPT+H9gXOT X-Received: by 2002:a65:44c6:: with SMTP id g6-v6mr15399127pgs.350.1539605260074; Mon, 15 Oct 2018 05:07:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539605260; cv=none; d=google.com; s=arc-20160816; b=0cLkAJQsfQlv3VnLlx68xzZd9ihjMg9E75w1escEyx0nUzdyVWJ/M4tjwayivkn8CS PMyUlYz+C6SWP2ncum7x1k/DJc2tXeSy92bdayVPZRI10aWi7ty45gFz+CG4Vf77dJDc VaJbmpclgKCTGFv+9YCKmfMVozhXKzv5sZmZDFNYA3Yy1cboEeSKxYgJyPh+cT1gKGi6 6Q0EgMP207Hg2dSWZXjwAazyPMNbRc07lIoYyAk2OiFeuHaUKVMNCv4FA8k/rb10vDy9 ByehqvpwNsYGUfLTo/IeCNj7XWhpfM8ZdBWZGHNXipgz86buelVM/fhvGxBIZ9V561qu /fFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=vNN+YNMwplUVvSkdE8XYLu/iECc1qC5cmOpWp8mcfrg=; b=TaqOYHres40s3zqGbFOoGcbl8knHiENU4pIdKq0YenQVF2iHqpoiQ2k3810vWO5rMZ d66Wd/hBTCNTIIUAcbVN14p38OA8biot8WzmCCmUjxIM7Yd0OxW49zfnX3yF029oZ8+u BhTr6Wxcs84SYCuuGwzYSDor8latnpBkiPlyJDgj9Nm7tViG3AyhjcCdjWxEf98x25+6 KyZ5zV406tLkQPhRgPa+Dil8snkIqIMQpBJQte8i259GtXK9jGes+KizxHS+i96WBIGm p9YYUIyO/lWwcjBiX8UpiXXMUSsw0Zi+xfjgvVbU3woomEZtYYowjjZlpYvOwvmnXma9 KxTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v20-v6si8877376pgk.586.2018.10.15.05.07.25; Mon, 15 Oct 2018 05:07:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726614AbeJOTud (ORCPT + 99 others); Mon, 15 Oct 2018 15:50:33 -0400 Received: from mx1.redhat.com ([209.132.183.28]:33992 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726319AbeJOTud (ORCPT ); Mon, 15 Oct 2018 15:50:33 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B1A35CF21; Mon, 15 Oct 2018 12:05:32 +0000 (UTC) Received: from dhcp-27-174.brq.redhat.com (unknown [10.43.17.106]) by smtp.corp.redhat.com (Postfix) with SMTP id 9E24B45A5; Mon, 15 Oct 2018 12:05:22 +0000 (UTC) Received: by dhcp-27-174.brq.redhat.com (nbSMTP-1.00) for uid 1000 oleg@redhat.com; Mon, 15 Oct 2018 14:05:32 +0200 (CEST) Date: Mon, 15 Oct 2018 14:05:21 +0200 From: Oleg Nesterov To: Enke Chen Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, Peter Zijlstra , Arnd Bergmann , "Eric W. Biederman" , Khalid Aziz , Kate Stewart , Helge Deller , Greg Kroah-Hartman , Al Viro , Andrew Morton , Christian Brauner , Catalin Marinas , Will Deacon , Dave Martin , Mauro Carvalho Chehab , Michal Hocko , Rik van Riel , "Kirill A. Shutemov" , Roman Gushchin , Marcos Paulo de Souza , Dominik Brodowski , Cyrill Gorcunov , Yang Shi , Jann Horn , Kees Cook , linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, "Victor Kamensky (kamensky)" , xe-linux-external@cisco.com, Stefan Strogin , Eugene Syromiatnikov Subject: Re: [PATCH] kernel/signal: Signal-based pre-coredump notification Message-ID: <20181015120521.GA10146@redhat.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Mon, 15 Oct 2018 12:05:33 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/12, Enke Chen wrote: > > For simplicity and consistency, this patch provides an implementation > for signal-based fault notification prior to the coredump of a child > process. A new prctl command, PR_SET_PREDUMP_SIG, is defined that can > be used by an application to express its interest and to specify the > signal (SIGCHLD or SIGUSR1 or SIGUSR2) for such a notification. A new > signal code (si_code), CLD_PREDUMP, is also defined for SIGCHLD. To be honest, I can't say I like this new feature... > --- a/include/linux/sched.h > +++ b/include/linux/sched.h > @@ -696,6 +696,10 @@ struct task_struct { > int exit_signal; > /* The signal sent when the parent dies: */ > int pdeath_signal; > + > + /* The signal sent prior to a child's coredump: */ > + int predump_signal; > + At least, I think predump_signal should live in signal_struct, not task_struct. (pdeath_signal too, but it is too late to change (fix) this awkward API). > +static void do_notify_parent_predump(struct task_struct *tsk) > +{ > + struct sighand_struct *sighand; > + struct task_struct *parent; > + struct kernel_siginfo info; > + unsigned long flags; > + int sig; > + > + parent = tsk->real_parent; So, debuggere won't be notified, only real_parent... > + sig = parent->predump_signal; probably ->predump_signal should be cleared on exec? > + /* Check again with tasklist_lock" locked by the caller */ > + if (!valid_predump_signal(sig)) > + return; I don't understand why we need valid_predump_signal() at all. > bool get_signal(struct ksignal *ksig) > { > struct sighand_struct *sighand = current->sighand; > @@ -2497,6 +2535,19 @@ bool get_signal(struct ksignal *ksig) > current->flags |= PF_SIGNALED; > > if (sig_kernel_coredump(signr)) { > + /* > + * Notify the parent prior to the coredump if the > + * parent is interested in such a notificaiton. > + */ > + int p_sig = current->real_parent->predump_signal; > + > + if (valid_predump_signal(p_sig)) { > + read_lock(&tasklist_lock); > + do_notify_parent_predump(current); > + read_unlock(&tasklist_lock); > + cond_resched(); perhaps this should be called by do_coredump() after coredump_wait() kills all the sub-threads? > +static int prctl_set_predump_signal(struct task_struct *tsk, pid_t pid, int sig) > +{ > + struct task_struct *p; > + int error; > + > + /* 0 is valid for disabling the feature */ > + if (sig && !valid_predump_signal(sig)) > + return -EINVAL; > + > + /* For the current task, the common case */ > + if (pid == 0) { > + tsk->predump_signal = sig; > + return 0; > + } > + > + error = -ESRCH; > + rcu_read_lock(); > + p = find_task_by_vpid(pid); > + if (p) { > + if (!set_predump_signal_perm(p)) > + error = -EPERM; > + else { > + error = 0; > + p->predump_signal = sig; > + } > + } > + rcu_read_unlock(); > + return error; > +} Why? I mean, why do we really want to support the pid != 0 case? Oleg.