Commit 4a2c7a78 authored by Oleg Nesterov's avatar Oleg Nesterov Committed by Linus Torvalds
Browse files

[PATCH] make fork() atomic wrt pgrp/session signals

Eric W. Biederman wrote:
> Ok. SUSV3/Posix is clear, fork is atomic with respect
> to signals.  Either a signal comes before or after a
> fork but not during. (See the rationale section).

> The tasklist_lock does not stop forks from adding to a process
> group. The forks stall while the tasklist_lock is held, but a fork
> that began before we grabbed the tasklist_lock simply completes
> afterwards, and the child does not receive the signal.

This also means that SIGSTOP or sig_kernel_coredump() signal can't
be delivered to pgrp/session reliably.

With this patch copy_process() returns -ERESTARTNOINTR when it
detects a pending signal, fork() will be restarted transparently
after handling the signals.

This patch also deletes now unneeded "group_stop_count > 0" check,
copy_process() can no longer succeed while group stop in progress.
Signed-off-by: default avatarOleg Nesterov <>
Acked-By: default avatarEric Biederman <>
Signed-off-by: default avatarAndrew Morton <>
Signed-off-by: default avatarLinus Torvalds <>
parent 47e65328
...@@ -1136,16 +1136,6 @@ static task_t *copy_process(unsigned long clone_flags, ...@@ -1136,16 +1136,6 @@ static task_t *copy_process(unsigned long clone_flags,
!cpu_online(task_cpu(p)))) !cpu_online(task_cpu(p))))
set_task_cpu(p, smp_processor_id()); set_task_cpu(p, smp_processor_id());
* Check for pending SIGKILL! The new thread should not be allowed
* to slip out of an OOM kill. (or normal SIGKILL.)
if (sigismember(&current->pending.signal, SIGKILL)) {
retval = -EINTR;
goto bad_fork_cleanup_namespace;
/* CLONE_PARENT re-uses the old parent */ /* CLONE_PARENT re-uses the old parent */
if (clone_flags & (CLONE_PARENT|CLONE_THREAD)) if (clone_flags & (CLONE_PARENT|CLONE_THREAD))
p->real_parent = current->real_parent; p->real_parent = current->real_parent;
...@@ -1154,6 +1144,23 @@ static task_t *copy_process(unsigned long clone_flags, ...@@ -1154,6 +1144,23 @@ static task_t *copy_process(unsigned long clone_flags,
p->parent = p->real_parent; p->parent = p->real_parent;
spin_lock(&current->sighand->siglock); spin_lock(&current->sighand->siglock);
* Process group and session signals need to be delivered to just the
* parent before the fork or both the parent and the child after the
* fork. Restart if a signal comes in before we add the new process to
* it's process group.
* A fatal signal pending means that current will exit, so the new
* thread can't slip out of an OOM kill (or normal SIGKILL).
if (signal_pending(current)) {
goto bad_fork_cleanup_namespace;
if (clone_flags & CLONE_THREAD) { if (clone_flags & CLONE_THREAD) {
/* /*
* Important: if an exit-all has been started then * Important: if an exit-all has been started then
...@@ -1170,16 +1177,6 @@ static task_t *copy_process(unsigned long clone_flags, ...@@ -1170,16 +1177,6 @@ static task_t *copy_process(unsigned long clone_flags,
p->group_leader = current->group_leader; p->group_leader = current->group_leader;
list_add_tail_rcu(&p->thread_group, &p->group_leader->thread_group); list_add_tail_rcu(&p->thread_group, &p->group_leader->thread_group);
if (current->signal->group_stop_count > 0) {
* There is an all-stop in progress for the group.
* We ourselves will stop as soon as we check signals.
* Make the new thread part of that group stop too.
set_tsk_thread_flag(p, TIF_SIGPENDING);
if (!cputime_eq(current->signal->it_virt_expires, if (!cputime_eq(current->signal->it_virt_expires,
cputime_zero) || cputime_zero) ||
!cputime_eq(current->signal->it_prof_expires, !cputime_eq(current->signal->it_prof_expires,
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment