Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to forcibly kill tasks

From: Linus Torvalds
Date: Mon Jul 16 2018 - 12:50:42 EST

Next message: David Lechner: "Re: [PATCH v5 1/2] leds: core: Introduce generic pattern interface"
Previous message: Meelis Roos: "Re: 4.18-rc* regression: x86-32 troubles (with timers?)"
In reply to: Eric W. Biederman: "Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to forcibly kill tasks"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to forcibly kill tasks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 16, 2018 at 8:08 AM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote:
>
> The change for global init is it will now die if init is a member of the
> session or init is using this tty as it's controlling tty.
>
> Semantically killing init with SAK is completely appropriate.

No.

Semtnaitcally killing init is completely wrong. Because it will kill
the whole system.

And I don't mean that in "now init won't spawn new things". I mean
that in "now we don't have a child reaper any more, and the system
will be dead because we'll panic on exit".

So it's not about the controlling tty, it's about fundamental kernel
internal consistency guarantees.

See

write_unlock_irq(&tasklist_lock);
if (unlikely(pid_ns == &init_pid_ns)) {
panic("Attempted to kill init! exitcode=0x%08x\n",
father->signal->group_exit_code ?: father->exit_code);
}

in kernel/exit.c.

Linus

Next message: David Lechner: "Re: [PATCH v5 1/2] leds: core: Introduce generic pattern interface"
Previous message: Meelis Roos: "Re: 4.18-rc* regression: x86-32 troubles (with timers?)"
In reply to: Eric W. Biederman: "Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to forcibly kill tasks"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to forcibly kill tasks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]