coredump: sanitize the setting of signal->group_exit_code

Now that the coredumping process can be SIGKILL'ed, the setting of ->group_exit_code in do_coredump() can race with complete_signal() and SIGKILL or 0x80 can be "lost", or wait(status) can report status == SIGKILL | 0x80. But the main problem is that it is not clear to me what should we do if binfmt->core_dump() succeeds but SIGKILL was sent, that is why this patch comes as a separate change. This patch adds 0x80 if ->core_dump() succeeds and the process was not killed. But perhaps we can (should?) re-set ->group_exit_code changed by SIGKILL back to "siginfo->si_signo |= 0x80" in case when core_dumped == T. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Tested-by: Mandeep Singh Baines <msb@chromium.org> Cc: Ingo Molnar <mingo@redhat.com> Cc: Neil Horman <nhorman@redhat.com> Cc: "Rafael J. Wysocki" <rjw@sisk.pl> Cc: Roland McGrath <roland@hack.frob.com> Cc: Tejun Heo <tj@kernel.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Oleg Nesterov <oleg@redhat.com> 2013-04-30 18:28:13 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2013-04-30 20:04:06 -0400
commit: acdedd99b0f3bff9b4bb2103a6b1268c03d1f963 (patch)
tree: bfacbb825c6024a0374db0a6a38a222581b15083 /fs/coredump.c
parent: 6cd8f0acae3420afce37bf51a9ff8c2c20342af5 (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/fs/coredump.c b/fs/coredump.c
index 6fea59043532..acc4448c28e7 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -390,12 +390,14 @@ static int coredump_wait(int exit_code, struct core_state *core_state)
        return core_waiters;
 }
-static void coredump_finish(struct mm_struct *mm)
+static void coredump_finish(struct mm_struct *mm, bool core_dumped)
 {
        struct core_thread *curr, *next;
        struct task_struct *task;
        spin_lock_irq(&current->sighand->siglock);
+        if (core_dumped && !__fatal_signal_pending(current))
+                current->signal->group_exit_code |= 0x80;
        current->signal->group_exit_task = NULL;
        current->signal->flags = SIGNAL_GROUP_EXIT;
        spin_unlock_irq(&current->sighand->siglock);
@@ -480,6 +482,7 @@ void do_coredump(siginfo_t *siginfo)
        int ispipe;
        struct files_struct *displaced;
        bool need_nonrelative = false;
+        bool core_dumped = false;
        static atomic_t core_dump_count = ATOMIC_INIT(0);
        struct coredump_params cprm = {
                .siginfo = siginfo,
@@ -638,9 +641,7 @@ void do_coredump(siginfo_t *siginfo)
                goto close_fail;
        if (displaced)
                put_files_struct(displaced);
-        retval = binfmt->core_dump(&cprm);
+        core_dumped = binfmt->core_dump(&cprm);
-        if (retval)
-                current->signal->group_exit_code |= 0x80;
        if (ispipe && core_pipe_limit)
                wait_for_dump_helpers(cprm.file);
@@ -653,7 +654,7 @@ fail_dropcount:
 fail_unlock:
        kfree(cn.corename);
 fail_corename:
-        coredump_finish(mm);
+        coredump_finish(mm, core_dumped);
        revert_creds(old_cred);
 fail_creds:
        put_cred(cred);
author	Oleg Nesterov <oleg@redhat.com>	2013-04-30 18:28:13 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2013-04-30 20:04:06 -0400
commit	acdedd99b0f3bff9b4bb2103a6b1268c03d1f963 (patch)
tree	bfacbb825c6024a0374db0a6a38a222581b15083 /fs/coredump.c
parent	6cd8f0acae3420afce37bf51a9ff8c2c20342af5 (diff)