Re: [PATCH -next 04/10] uml: Fix unsafe pid reference to foreground process group
From: Richard Weinberger
Date: Fri Oct 17 2014 - 03:58:13 EST
Am 16.10.2014 um 20:59 schrieb Peter Hurley:
> Although the tty core maintains a pid reference for the foreground
> process group, if the foreground process group is changed that
> pid reference is dropped. Thus, the pid reference used for signalling
> could become stale.
>
> Safely obtain a pid reference to the foreground process group and
> release the reference after signalling is complete.
>
> cc: Jeff Dike <jdike@xxxxxxxxxxx>
> cc: Richard Weinberger <richard@xxxxxx>
> cc: user-mode-linux-devel@xxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: Peter Hurley <peter@xxxxxxxxxxxxxxxxxx>
Acked-by: Richard Weinberger <richard@xxxxxx>
> ---
> arch/um/drivers/line.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/um/drivers/line.c b/arch/um/drivers/line.c
> index 8035145..6208702 100644
> --- a/arch/um/drivers/line.c
> +++ b/arch/um/drivers/line.c
> @@ -632,6 +632,7 @@ static irqreturn_t winch_interrupt(int irq, void *data)
> int fd = winch->fd;
> int err;
> char c;
> + struct pid *pgrp;
>
> if (fd != -1) {
> err = generic_read(fd, &c, NULL);
> @@ -657,7 +658,10 @@ static irqreturn_t winch_interrupt(int irq, void *data)
> if (line != NULL) {
> chan_window_size(line, &tty->winsize.ws_row,
> &tty->winsize.ws_col);
> - kill_pgrp(tty->pgrp, SIGWINCH, 1);
> + pgrp = tty_get_pgrp(tty);
> + if (pgrp)
> + kill_pgrp(pgrp, SIGWINCH, 1);
> + put_pid(pgrp);
> }
> tty_kref_put(tty);
> }
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/