Re: Signal delivery to kernel threads/processes?
From: David Schultz (das_at_FreeBSD.ORG)
Date: 01/16/04
- Previous message: John Baldwin: "Re: Request for Comments: libarchive, bsdtar"
- In reply to: Robert Watson: "Signal delivery to kernel threads/processes?"
- Next in thread: Don Lewis: "Re: Signal delivery to kernel threads/processes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 16 Jan 2004 13:34:18 -0800 To: Robert Watson <rwatson@FreeBSD.ORG>
On Fri, Jan 16, 2004, Robert Watson wrote:
> Bill Paul raised an interesting question with me recently -- he observed
> that a userspace process running with root privileges could deliver a
> signal to a kthread, and that this might produce undesired behavior. I
> was sure that, at some point, we had a check disallowing this, but I don't
> see it in either RELENG_4 or HEAD. Do we rely on the ability to
> send/receive signals to interrupt kthreads, that we know of? While the
> signal delivery itself doesn't make sense, waking up a tsleep() with
> PCATCH could well be useful behavior. Should a kthread have to declare if
> it wants to receive interruptions? Given plans, at some point, to make
> kthreads be real threads, and be part of a kernel process, that would
> raise some challenges for code relying on the ability to be interrupted
> with a signal in kernel space, as signals generated by kill() are
> targetted at processes, not threads.
>
> Any thoughts? It's tempting simply to add the following to cr_cansignal()
> to at least disallow sourcing the signals in userspace:
>
> if (p->p_flag & P_SYSTEM)
> return (EPERM);
I believe nfsd needs to accept signals so that it can be shut
down. But now that I think about what you've said, I wonder what
this implies for system processes such as aiod that switch their
credentials to those of the request they are processing. It would
seem that in the window during which they have the ordinary user's
uid, they could be killed by an ordinary user. I hope there's
already some safeguard against this that I don't know about...
_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
- Previous message: John Baldwin: "Re: Request for Comments: libarchive, bsdtar"
- In reply to: Robert Watson: "Signal delivery to kernel threads/processes?"
- Next in thread: Don Lewis: "Re: Signal delivery to kernel threads/processes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
- Re: [PATCH] RFC: have tcp_recvmsg() check kthread_should_stop() and treat it as if it were signalled
... kthread getting killed before it's supposed to be stopped anyway. ... or skb_recv_datagrametc
will exit cleanly on ... above race is true only for kthreads that do flush signals
on ... (Linux-Kernel) - Re: [PATCH] RFC: have tcp_recvmsg() check kthread_should_stop() and treat it as if it were signalled
... but there's quite a subtle difference between signals being ... kthread treats
SIGKILL as "urgent exit with a lot of printks" while ... Note also that kthread
could use TASK_INTERRUPTIBLE sleep ... and it may have some special meaning for ...
(Linux-Kernel) - Re: [PATCH] RFC: have tcp_recvmsg() check kthread_should_stop() and treat it as if it were signalled
... but there's quite a subtle difference between signals being ... kthread
treats SIGKILL as "urgent exit with a lot of printks" while ... everybody here agrees kernel
threads have no business dabbling in them) ... (Linux-Kernel) - Re: [DRIVER SUBMISSION] DRBD wants to go mainline
... >>> Don't use signals between kernel threads, ... signals-based interface
for your kernel thread _at all_. ... cifs_demultiplexer_threadis just your normal kthread
that: ... how about fixing this to actually use proper workqueues or something ...
(Linux-Kernel) - Re: [PATCH 3/3] make kthread_stop() scalable
... that this a kthread that is stopping to test in recalc_sigpending. ... of terminating
interruptible sleeps. ... Several kernel threads call into functions that use loops
like ... I don't want to continue to use signals. ... (Linux-Kernel)
