Re: pppd service crash in linux-3.13.6

[Peter Hurley]

On 03/14/2014 05:04 PM, Oleg Nesterov wrote:
> On 03/14, Peter Hurley wrote:
> > On 03/14/2014 03:23 PM, Oleg Nesterov wrote:
> > > On 03/14, Peter Hurley wrote:
> > > >
> > Yes, cgroup_release_agent() is the work function that is scheduled.
> >
> > > > which requires both namespace and tty facilities.
> > >
> > > Hmm... why?
> > >
> > > The exiting task obviously can't exec. The only way to spawn a userspace
> > > process is call_usermodehelper(), it should work just fine, no?
> >
> > You're correct, in the immediate sense that the user command exec'd will
> > not inherit open file descriptors.
> >
> > But what if it expects to be able to find the intact children of
> > the foreground process group, and can't because the controlling tty
> > has already been torn down and all the children already sent SIGHUP.
>
> Which group/tty ? call_usermodehelper() asks the workqueue thread
> to kthread_create/exec. See also below...
>
> > Or what if the user command expects to find and join the user namespace
> > of the dying process but now it's already been freed?
>
> But it can't even know who called call_usermodehelper(). Besides,
> cgroup_release_agent() uses UMH_WAIT_EXEC, so the caller can continue
> and disappear completely before the usermode process has any chance
> to do something.

I'm just hypothesizing potential breakage, since the order of teardown
is sensitive to changes, and I didn't do a complete audit of all the
possibilities.

If you feel strongly about moving disassociate_tty(), I won't object.

Regards,
Peter Hurley


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/