1 files changed, 41 insertions, 44 deletions
diff --git a/kernel/fork.c b/kernel/fork.c
index 9b51a1b190d4..b9e2edd00726 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -60,7 +60,9 @@
 #include <linux/tty.h>
 #include <linux/proc_fs.h>
 #include <linux/blkdev.h>
+#include <linux/fs_struct.h>
 #include <trace/sched.h>
+#include <linux/magic.h>
 #include <asm/pgtable.h>
 #include <asm/pgalloc.h>
@@ -212,6 +214,8 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
 {
        struct task_struct *tsk;
        struct thread_info *ti;
+        unsigned long *stackend;
        int err;
        prepare_to_copy(orig);
@@ -237,6 +241,8 @@ static struct task_struct *dup_task_struct(struct task_struct *orig)
                goto out;
        setup_thread_stack(tsk, orig);
+        stackend = end_of_stack(tsk);
+        *stackend = STACK_END_MAGIC;    /* for overflow detection */
 #ifdef CONFIG_CC_STACKPROTECTOR
        tsk->stack_canary = get_random_int();
@@ -279,7 +285,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
        mm->free_area_cache = oldmm->mmap_base;
        mm->cached_hole_size = ~0UL;
        mm->map_count = 0;
-        cpus_clear(mm->cpu_vm_mask);
+        cpumask_clear(mm_cpumask(mm));
        mm->mm_rb = RB_ROOT;
        rb_link = &mm->mm_rb.rb_node;
        rb_parent = NULL;
@@ -639,6 +645,9 @@ static int copy_mm(unsigned long clone_flags, struct task_struct * tsk)
        tsk->min_flt = tsk->maj_flt = 0;
        tsk->nvcsw = tsk->nivcsw = 0;
+#ifdef CONFIG_DETECT_HUNG_TASK
+        tsk->last_switch_count = tsk->nvcsw + tsk->nivcsw;
+#endif
        tsk->mm = NULL;
        tsk->active_mm = NULL;
@@ -676,38 +685,21 @@ fail_nomem:
        return retval;
 }
-static struct fs_struct *__copy_fs_struct(struct fs_struct *old)
-{
-        struct fs_struct *fs = kmem_cache_alloc(fs_cachep, GFP_KERNEL);
-        /* We don't need to lock fs - think why ;-) */
-        if (fs) {
-                atomic_set(&fs->count, 1);
-                rwlock_init(&fs->lock);
-                fs->umask = old->umask;
-                read_lock(&old->lock);
-                fs->root = old->root;
-                path_get(&old->root);
-                fs->pwd = old->pwd;
-                path_get(&old->pwd);
-                read_unlock(&old->lock);
-        }
-        return fs;
-}
-struct fs_struct *copy_fs_struct(struct fs_struct *old)
-{
-        return __copy_fs_struct(old);
-}
-EXPORT_SYMBOL_GPL(copy_fs_struct);
 static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
 {
+        struct fs_struct *fs = current->fs;
        if (clone_flags & CLONE_FS) {
-                atomic_inc(&current->fs->count);
+                /* tsk->fs is already what we want */
+                write_lock(&fs->lock);
+                if (fs->in_exec) {
+                        write_unlock(&fs->lock);
+                        return -EAGAIN;
+                }
+                fs->users++;
+                write_unlock(&fs->lock);
                return 0;
        }
-        tsk->fs = __copy_fs_struct(current->fs);
+        tsk->fs = copy_fs_struct(fs);
        if (!tsk->fs)
                return -ENOMEM;
        return 0;
@@ -839,6 +831,8 @@ static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)
        atomic_set(&sig->live, 1);
        init_waitqueue_head(&sig->wait_chldexit);
        sig->flags = 0;
+        if (clone_flags & CLONE_NEWPID)
+                sig->flags |= SIGNAL_UNKILLABLE;
        sig->group_exit_code = 0;
        sig->group_exit_task = NULL;
        sig->group_stop_count = 0;
@@ -1046,11 +1040,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
        p->default_timer_slack_ns = current->timer_slack_ns;
-#ifdef CONFIG_DETECT_SOFTLOCKUP
-        p->last_switch_count = 0;
-        p->last_switch_timestamp = 0;
-#endif
        task_io_accounting_init(&p->ioac);
        acct_clear_integrals(p);
@@ -1125,7 +1114,7 @@ static struct task_struct *copy_process(unsigned long clone_flags,
                goto bad_fork_cleanup_mm;
        if ((retval = copy_io(clone_flags, p)))
                goto bad_fork_cleanup_namespaces;
-        retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);
+        retval = copy_thread(clone_flags, stack_start, stack_size, p, regs);
        if (retval)
                goto bad_fork_cleanup_io;
@@ -1263,8 +1252,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
                        p->signal->leader_pid = pid;
                        tty_kref_put(p->signal->tty);
                        p->signal->tty = tty_kref_get(current->signal->tty);
-                        set_task_pgrp(p, task_pgrp_nr(current));
-                        set_task_session(p, task_session_nr(current));
                        attach_pid(p, PIDTYPE_PGID, task_pgrp(current));
                        attach_pid(p, PIDTYPE_SID, task_session(current));
                        list_add_tail_rcu(&p->tasks, &init_task.tasks);
@@ -1488,6 +1475,7 @@ void __init proc_caches_init(void)
        mm_cachep = kmem_cache_create("mm_struct",
                        sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,
                        SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
+        vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC);
        mmap_init();
 }
@@ -1543,12 +1531,16 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
 {
        struct fs_struct *fs = current->fs;
-        if ((unshare_flags & CLONE_FS) &&
+        if (!(unshare_flags & CLONE_FS) || !fs)
-            (fs && atomic_read(&fs->count) > 1)) {
+                return 0;
-                *new_fsp = __copy_fs_struct(current->fs);
-                if (!*new_fsp)
+        /* don't need lock here; in the worst case we'll do useless copy */
-                        return -ENOMEM;
+        if (fs->users == 1)
-        }
+                return 0;
+        *new_fsp = copy_fs_struct(fs);
+        if (!*new_fsp)
+                return -ENOMEM;
        return 0;
 }
@@ -1664,8 +1656,13 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
                if (new_fs) {
                        fs = current->fs;
+                        write_lock(&fs->lock);
                        current->fs = new_fs;
-                        new_fs = fs;
+                        if (--fs->users)
+                                new_fs = NULL;
+                        else
+                                new_fs = fs;
+                        write_unlock(&fs->lock);
                }
                if (new_mm) {
@@ -1704,7 +1701,7 @@ bad_unshare_cleanup_sigh:
 bad_unshare_cleanup_fs:
        if (new_fs)
-                put_fs_struct(new_fs);
+                free_fs_struct(new_fs);
 bad_unshare_cleanup_thread:
 bad_unshare_out:

diff --git a/kernel/fork.c b/kernel/fork.c index 9b51a1b190d4..b9e2edd00726 100644 --- a/kernel/fork.c +++ b/kernel/fork.c
@@ -60,7 +60,9 @@
60	#include <linux/tty.h>	60	#include <linux/tty.h>
61	#include <linux/proc_fs.h>	61	#include <linux/proc_fs.h>
62	#include <linux/blkdev.h>	62	#include <linux/blkdev.h>
		63	#include <linux/fs_struct.h>
63	#include <trace/sched.h>	64	#include <trace/sched.h>
		65	#include <linux/magic.h>
64		66
65	#include <asm/pgtable.h>	67	#include <asm/pgtable.h>
66	#include <asm/pgalloc.h>	68	#include <asm/pgalloc.h>
@@ -212,6 +214,8 @@ static struct task_struct dup_task_struct(struct task_struct orig)
212	{	214	{
213	struct task_struct *tsk;	215	struct task_struct *tsk;
214	struct thread_info *ti;	216	struct thread_info *ti;
		217	unsigned long *stackend;
		218
215	int err;	219	int err;
216		220
217	prepare_to_copy(orig);	221	prepare_to_copy(orig);
@@ -237,6 +241,8 @@ static struct task_struct dup_task_struct(struct task_struct orig)
237	goto out;	241	goto out;
238		242
239	setup_thread_stack(tsk, orig);	243	setup_thread_stack(tsk, orig);
		244	stackend = end_of_stack(tsk);
		245	stackend = STACK_END_MAGIC; / for overflow detection */
240		246
241	#ifdef CONFIG_CC_STACKPROTECTOR	247	#ifdef CONFIG_CC_STACKPROTECTOR
242	tsk->stack_canary = get_random_int();	248	tsk->stack_canary = get_random_int();
@@ -279,7 +285,7 @@ static int dup_mmap(struct mm_struct mm, struct mm_struct oldmm)
279	mm->free_area_cache = oldmm->mmap_base;	285	mm->free_area_cache = oldmm->mmap_base;
280	mm->cached_hole_size = ~0UL;	286	mm->cached_hole_size = ~0UL;
281	mm->map_count = 0;	287	mm->map_count = 0;
282	cpus_clear(mm->cpu_vm_mask);	288	cpumask_clear(mm_cpumask(mm));
283	mm->mm_rb = RB_ROOT;	289	mm->mm_rb = RB_ROOT;
284	rb_link = &mm->mm_rb.rb_node;	290	rb_link = &mm->mm_rb.rb_node;
285	rb_parent = NULL;	291	rb_parent = NULL;
@@ -639,6 +645,9 @@ static int copy_mm(unsigned long clone_flags, struct task_struct * tsk)
639		645
640	tsk->min_flt = tsk->maj_flt = 0;	646	tsk->min_flt = tsk->maj_flt = 0;
641	tsk->nvcsw = tsk->nivcsw = 0;	647	tsk->nvcsw = tsk->nivcsw = 0;
		648	#ifdef CONFIG_DETECT_HUNG_TASK
		649	tsk->last_switch_count = tsk->nvcsw + tsk->nivcsw;
		650	#endif
642		651
643	tsk->mm = NULL;	652	tsk->mm = NULL;
644	tsk->active_mm = NULL;	653	tsk->active_mm = NULL;
@@ -676,38 +685,21 @@ fail_nomem:
676	return retval;	685	return retval;
677	}	686	}
678		687
679	static struct fs_struct __copy_fs_struct(struct fs_struct old)
680	{
681	struct fs_struct *fs = kmem_cache_alloc(fs_cachep, GFP_KERNEL);
682	/* We don't need to lock fs - think why ;-) */
683	if (fs) {
684	atomic_set(&fs->count, 1);
685	rwlock_init(&fs->lock);
686	fs->umask = old->umask;
687	read_lock(&old->lock);
688	fs->root = old->root;
689	path_get(&old->root);
690	fs->pwd = old->pwd;
691	path_get(&old->pwd);
692	read_unlock(&old->lock);
693	}
694	return fs;
695	}
696
697	struct fs_struct copy_fs_struct(struct fs_struct old)
698	{
699	return __copy_fs_struct(old);
700	}
701
702	EXPORT_SYMBOL_GPL(copy_fs_struct);
703
704	static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)	688	static int copy_fs(unsigned long clone_flags, struct task_struct *tsk)
705	{	689	{
		690	struct fs_struct *fs = current->fs;
706	if (clone_flags & CLONE_FS) {	691	if (clone_flags & CLONE_FS) {
707	atomic_inc(&current->fs->count);	692	/* tsk->fs is already what we want */
		693	write_lock(&fs->lock);
		694	if (fs->in_exec) {
		695	write_unlock(&fs->lock);
		696	return -EAGAIN;
		697	}
		698	fs->users++;
		699	write_unlock(&fs->lock);
708	return 0;	700	return 0;
709	}	701	}
710	tsk->fs = __copy_fs_struct(current->fs);	702	tsk->fs = copy_fs_struct(fs);
711	if (!tsk->fs)	703	if (!tsk->fs)
712	return -ENOMEM;	704	return -ENOMEM;
713	return 0;	705	return 0;
@@ -839,6 +831,8 @@ static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)
839	atomic_set(&sig->live, 1);	831	atomic_set(&sig->live, 1);
840	init_waitqueue_head(&sig->wait_chldexit);	832	init_waitqueue_head(&sig->wait_chldexit);
841	sig->flags = 0;	833	sig->flags = 0;
		834	if (clone_flags & CLONE_NEWPID)
		835	sig->flags \|= SIGNAL_UNKILLABLE;
842	sig->group_exit_code = 0;	836	sig->group_exit_code = 0;
843	sig->group_exit_task = NULL;	837	sig->group_exit_task = NULL;
844	sig->group_stop_count = 0;	838	sig->group_stop_count = 0;
@@ -1046,11 +1040,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1046		1040
1047	p->default_timer_slack_ns = current->timer_slack_ns;	1041	p->default_timer_slack_ns = current->timer_slack_ns;
1048		1042
1049	#ifdef CONFIG_DETECT_SOFTLOCKUP
1050	p->last_switch_count = 0;
1051	p->last_switch_timestamp = 0;
1052	#endif
1053
1054	task_io_accounting_init(&p->ioac);	1043	task_io_accounting_init(&p->ioac);
1055	acct_clear_integrals(p);	1044	acct_clear_integrals(p);
1056		1045
@@ -1125,7 +1114,7 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1125	goto bad_fork_cleanup_mm;	1114	goto bad_fork_cleanup_mm;
1126	if ((retval = copy_io(clone_flags, p)))	1115	if ((retval = copy_io(clone_flags, p)))
1127	goto bad_fork_cleanup_namespaces;	1116	goto bad_fork_cleanup_namespaces;
1128	retval = copy_thread(0, clone_flags, stack_start, stack_size, p, regs);	1117	retval = copy_thread(clone_flags, stack_start, stack_size, p, regs);
1129	if (retval)	1118	if (retval)
1130	goto bad_fork_cleanup_io;	1119	goto bad_fork_cleanup_io;
1131		1120
@@ -1263,8 +1252,6 @@ static struct task_struct *copy_process(unsigned long clone_flags,
1263	p->signal->leader_pid = pid;	1252	p->signal->leader_pid = pid;
1264	tty_kref_put(p->signal->tty);	1253	tty_kref_put(p->signal->tty);
1265	p->signal->tty = tty_kref_get(current->signal->tty);	1254	p->signal->tty = tty_kref_get(current->signal->tty);
1266	set_task_pgrp(p, task_pgrp_nr(current));
1267	set_task_session(p, task_session_nr(current));
1268	attach_pid(p, PIDTYPE_PGID, task_pgrp(current));	1255	attach_pid(p, PIDTYPE_PGID, task_pgrp(current));
1269	attach_pid(p, PIDTYPE_SID, task_session(current));	1256	attach_pid(p, PIDTYPE_SID, task_session(current));
1270	list_add_tail_rcu(&p->tasks, &init_task.tasks);	1257	list_add_tail_rcu(&p->tasks, &init_task.tasks);
@@ -1488,6 +1475,7 @@ void __init proc_caches_init(void)
1488	mm_cachep = kmem_cache_create("mm_struct",	1475	mm_cachep = kmem_cache_create("mm_struct",
1489	sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,	1476	sizeof(struct mm_struct), ARCH_MIN_MMSTRUCT_ALIGN,
1490	SLAB_HWCACHE_ALIGN\|SLAB_PANIC, NULL);	1477	SLAB_HWCACHE_ALIGN\|SLAB_PANIC, NULL);
		1478	vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC);
1491	mmap_init();	1479	mmap_init();
1492	}	1480	}
1493		1481
@@ -1543,12 +1531,16 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp)
1543	{	1531	{
1544	struct fs_struct *fs = current->fs;	1532	struct fs_struct *fs = current->fs;
1545		1533
1546	if ((unshare_flags & CLONE_FS) &&	1534	if (!(unshare_flags & CLONE_FS) \|\| !fs)
1547	(fs && atomic_read(&fs->count) > 1)) {	1535	return 0;
1548	*new_fsp = __copy_fs_struct(current->fs);	1536
1549	if (!*new_fsp)	1537	/* don't need lock here; in the worst case we'll do useless copy */
1550	return -ENOMEM;	1538	if (fs->users == 1)
1551	}	1539	return 0;
		1540
		1541	*new_fsp = copy_fs_struct(fs);
		1542	if (!*new_fsp)
		1543	return -ENOMEM;
1552		1544
1553	return 0;	1545	return 0;
1554	}	1546	}
@@ -1664,8 +1656,13 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags)
1664		1656
1665	if (new_fs) {	1657	if (new_fs) {
1666	fs = current->fs;	1658	fs = current->fs;
		1659	write_lock(&fs->lock);
1667	current->fs = new_fs;	1660	current->fs = new_fs;
1668	new_fs = fs;	1661	if (--fs->users)
		1662	new_fs = NULL;
		1663	else
		1664	new_fs = fs;
		1665	write_unlock(&fs->lock);
1669	}	1666	}
1670		1667
1671	if (new_mm) {	1668	if (new_mm) {
@@ -1704,7 +1701,7 @@ bad_unshare_cleanup_sigh:
1704		1701
1705	bad_unshare_cleanup_fs:	1702	bad_unshare_cleanup_fs:
1706	if (new_fs)	1703	if (new_fs)
1707	put_fs_struct(new_fs);	1704	free_fs_struct(new_fs);
1708		1705
1709	bad_unshare_cleanup_thread:	1706	bad_unshare_cleanup_thread:
1710	bad_unshare_out:	1707	bad_unshare_out: