Re: Signal delivery to kernel threads/processes?

From: Don Lewis (truckman_at_FreeBSD.org)
Date: 01/17/04

Next message: Ruslan Ermilov: "Revamp of kerberos5/ makefiles"

Previous message: Don Lewis: "Re: Request for Comments: libarchive, bsdtar"
In reply to: Robert Watson: "Signal delivery to kernel threads/processes?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 17 Jan 2004 01:57:36 -0800 (PST)
To: rwatson@FreeBSD.org

On 16 Jan, Robert Watson wrote:
>
> Bill Paul raised an interesting question with me recently -- he observed
> that a userspace process running with root privileges could deliver a
> signal to a kthread, and that this might produce undesired behavior. I
> was sure that, at some point, we had a check disallowing this, but I don't
> see it in either RELENG_4 or HEAD. Do we rely on the ability to
> send/receive signals to interrupt kthreads, that we know of? While the
> signal delivery itself doesn't make sense, waking up a tsleep() with
> PCATCH could well be useful behavior. Should a kthread have to declare if
> it wants to receive interruptions? Given plans, at some point, to make
> kthreads be real threads, and be part of a kernel process, that would
> raise some challenges for code relying on the ability to be interrupted
> with a signal in kernel space, as signals generated by kill() are
> targetted at processes, not threads.
>
> Any thoughts? It's tempting simply to add the following to cr_cansignal()
> to at least disallow sourcing the signals in userspace:
>
> if (p->p_flag & P_SYSTEM)
> return (EPERM);
>
> But I don't have a broad enough view of what goes on in the kernel to
> reason about what disasters this might cause if signalling is relied on.

The only thing I worried about is what happens to kthreads on
shutdown. It looks like this is handled by kthread_suspend() which
tells the thread that it has received a SIGSTOP, but this isn't done
with the normal signal delivery mechanism.
_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"

Next message: Ruslan Ermilov: "Revamp of kerberos5/ makefiles"

Previous message: Don Lewis: "Re: Request for Comments: libarchive, bsdtar"
In reply to: Robert Watson: "Signal delivery to kernel threads/processes?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: [PATCH] RFC: have tcp_recvmsg() check kthread_should_stop() and treat it as if it were signalled
... used instead to protect from spurious signals from userspace. ... Why is it wrong for kthreads to let signals through? ... design must ensure that userspace be unaware of even their existence. ... but the real ugly uses of signals by kernel threads ...
(Linux-Kernel)
Re: [PATCH] RFC: have tcp_recvmsg() check kthread_should_stop() and treat it as if it were signalled
... > used instead to protect from spurious signals from userspace. ... > otherwise there really isn't much those kthreads can do that get blocked ... design must ensure that userspace be unaware of even their existence. ... but the real ugly uses of signals by kernel threads ...
(Linux-Kernel)
Re: [PATCH - take 2] knfsd: nfsd: Handle ERESTARTSYS from syscalls. (and possible kthread_stop c
... -/* these signals will be delivered to an nfsd thread ... kthreads from coming down. ... int kthread_should_stop ...
(Linux-Kernel)
Re: [DRIVER SUBMISSION] DRBD wants to go mainline
... kthreads API cannot handle kernel threads that want ... (note that you don't need to allow / write code to handle / etc signals ... signals-based interface for your kernel thread _at all_. ... it is waiting in recv, waiting for the peer to say something. ...
(Linux-Kernel)
Re: [PATCH] CIFS: make cifsd (more)
... signals for cifsd kernel thread), I just merged something similar to ... It looks like kthreads and signalling ... Note that the problem of insulation from userspace signals predates the ...
(Linux-Kernel)