aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@tv-sign.ru>2006-03-28 19:11:16 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2006-03-28 21:36:42 -0500
commit6b3934ef52712ece50605dfc72e55d00c580831a (patch)
tree5ec3c4f69a20880f75de6ff8d7d2f67d96328df3
parent7001510d0cbf51ad202dd2d0744f54104285cbb9 (diff)
[PATCH] copy_process: cleanup bad_fork_cleanup_signal
__exit_signal() does important cleanups atomically under ->siglock. It is also called from copy_process's error path. This is not good, for example we can't move __unhash_process() under ->siglock for that reason. We should not mix these 2 paths, just look at ugly 'if (p->sighand)' under 'bad_fork_cleanup_sighand:' label. For copy_process() case it is sufficient to just backout copy_signal(), nothing more. Again, nobody can see this task yet. For CLONE_THREAD case we just decrement signal->count, otherwise nobody can see this ->signal and we can free it lockless. This patch assumes it is safe to do exit_thread_group_keys() without tasklist_lock. Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--include/linux/sched.h2
-rw-r--r--include/linux/slab.h1
-rw-r--r--kernel/fork.c23
-rw-r--r--kernel/signal.c15
4 files changed, 21 insertions, 20 deletions
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 69c2a1e1529e..7dd430b697aa 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1149,7 +1149,7 @@ extern void flush_thread(void);
1149extern void exit_thread(void); 1149extern void exit_thread(void);
1150 1150
1151extern void exit_files(struct task_struct *); 1151extern void exit_files(struct task_struct *);
1152extern void exit_signal(struct task_struct *); 1152extern void __cleanup_signal(struct signal_struct *);
1153extern void __exit_signal(struct task_struct *); 1153extern void __exit_signal(struct task_struct *);
1154extern void __exit_sighand(struct task_struct *); 1154extern void __exit_sighand(struct task_struct *);
1155extern void exit_itimers(struct signal_struct *); 1155extern void exit_itimers(struct signal_struct *);
diff --git a/include/linux/slab.h b/include/linux/slab.h
index 15e1d9736b1b..3af03b19c983 100644
--- a/include/linux/slab.h
+++ b/include/linux/slab.h
@@ -210,7 +210,6 @@ extern kmem_cache_t *names_cachep;
210extern kmem_cache_t *files_cachep; 210extern kmem_cache_t *files_cachep;
211extern kmem_cache_t *filp_cachep; 211extern kmem_cache_t *filp_cachep;
212extern kmem_cache_t *fs_cachep; 212extern kmem_cache_t *fs_cachep;
213extern kmem_cache_t *signal_cachep;
214extern kmem_cache_t *sighand_cachep; 213extern kmem_cache_t *sighand_cachep;
215extern kmem_cache_t *bio_cachep; 214extern kmem_cache_t *bio_cachep;
216 215
diff --git a/kernel/fork.c b/kernel/fork.c
index 8a46ad52be8f..0aff28cdbadd 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -84,7 +84,7 @@ static kmem_cache_t *task_struct_cachep;
84#endif 84#endif
85 85
86/* SLAB cache for signal_struct structures (tsk->signal) */ 86/* SLAB cache for signal_struct structures (tsk->signal) */
87kmem_cache_t *signal_cachep; 87static kmem_cache_t *signal_cachep;
88 88
89/* SLAB cache for sighand_struct structures (tsk->sighand) */ 89/* SLAB cache for sighand_struct structures (tsk->sighand) */
90kmem_cache_t *sighand_cachep; 90kmem_cache_t *sighand_cachep;
@@ -872,6 +872,22 @@ static inline int copy_signal(unsigned long clone_flags, struct task_struct * ts
872 return 0; 872 return 0;
873} 873}
874 874
875void __cleanup_signal(struct signal_struct *sig)
876{
877 exit_thread_group_keys(sig);
878 kmem_cache_free(signal_cachep, sig);
879}
880
881static inline void cleanup_signal(struct task_struct *tsk)
882{
883 struct signal_struct *sig = tsk->signal;
884
885 atomic_dec(&sig->live);
886
887 if (atomic_dec_and_test(&sig->count))
888 __cleanup_signal(sig);
889}
890
875static inline void copy_flags(unsigned long clone_flags, struct task_struct *p) 891static inline void copy_flags(unsigned long clone_flags, struct task_struct *p)
876{ 892{
877 unsigned long new_flags = p->flags; 893 unsigned long new_flags = p->flags;
@@ -1206,10 +1222,9 @@ bad_fork_cleanup_mm:
1206 if (p->mm) 1222 if (p->mm)
1207 mmput(p->mm); 1223 mmput(p->mm);
1208bad_fork_cleanup_signal: 1224bad_fork_cleanup_signal:
1209 exit_signal(p); 1225 cleanup_signal(p);
1210bad_fork_cleanup_sighand: 1226bad_fork_cleanup_sighand:
1211 if (p->sighand) 1227 __exit_sighand(p);
1212 __exit_sighand(p);
1213bad_fork_cleanup_fs: 1228bad_fork_cleanup_fs:
1214 exit_fs(p); /* blocking */ 1229 exit_fs(p); /* blocking */
1215bad_fork_cleanup_files: 1230bad_fork_cleanup_files:
diff --git a/kernel/signal.c b/kernel/signal.c
index 1d7f4463c32d..54e9ef673e68 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -395,23 +395,10 @@ void __exit_signal(struct task_struct *tsk)
395 clear_tsk_thread_flag(tsk,TIF_SIGPENDING); 395 clear_tsk_thread_flag(tsk,TIF_SIGPENDING);
396 flush_sigqueue(&tsk->pending); 396 flush_sigqueue(&tsk->pending);
397 if (sig) { 397 if (sig) {
398 /* 398 __cleanup_signal(sig);
399 * We are cleaning up the signal_struct here.
400 */
401 exit_thread_group_keys(sig);
402 kmem_cache_free(signal_cachep, sig);
403 } 399 }
404} 400}
405 401
406void exit_signal(struct task_struct *tsk)
407{
408 atomic_dec(&tsk->signal->live);
409
410 write_lock_irq(&tasklist_lock);
411 __exit_signal(tsk);
412 write_unlock_irq(&tasklist_lock);
413}
414
415/* 402/*
416 * Flush all handlers for a task. 403 * Flush all handlers for a task.
417 */ 404 */