OpenVZ Forum: Devel » [RFC][PATCH 0/15] Pid namespaces

Home » Mailing lists » Devel » [RFC][PATCH 0/15] Pid namespaces

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

[PATCH 3/15] kern_siginfo helper [message #15297 is a reply to message #15293]

Thu, 26 July 2007 14:48

Pavel Emelianov
Messages: 1149
Registered: September 2006

Senior Member

From: Sukadev Bhattiprolu <sukadev@us.ibm.com>

get_signal_to_deliver() checks to ensure that /sbin/init does not
receive any unwanted signals. With implementation of multiple pid
namespaces, we need to extend this check for all "container-init"
processes (processes with pid == 1 in the pid namespace)

IOW, A container-init process, must not receive unwanted signals from
within the container. However, the container-init must receive and
honor any signals it receives from an ancestor pid namespace (i.e it
must appear like a normal process in its parent namespace).

i.e for correct processing of the signal, either:

- the recepient of the signal (in get_signal_to_deliver()) must
have some information (such as pid namespace) of the sender

- or the sender of the signal (in send_signal()) should know
whether the signal is an "unwanted" signal from the recepient's
POV.

This patch provides a simple mechanism, to pass additional information from
the sender to the recepient (from send_signal() to get_signal_to_deliver()).

This patch is just a helper and a follow-on patch will use this infrastructure
to actually pass in information about the sender.

Implementation note:

Most signal interfaces in the kernel operate on 'siginfo_t' data
structure which is user-visible and cannot be easily modified/
extended. So this patch defines a wrapper, 'struct kern_siginfo',
around the 'siginfo_t' and allows extending this wrapper for future
needs.

TODO: This is more an exploratory patch and modifies only interfaces
necessary to implement correct signal semantics in pid namespaces.

If the approach is feasible, we could consistently use 'kern_siginfo'
in other signal interfaces and possibly in 'struct sigqueue'.

We could modify dequeue_signal() to directly work with 'kern_siginfo'
and remove dequeue_signal_kern_info().

Signed-off-by: Sukadev Bhattiprolu <sukadev@us.ibm.com>

---

include/linux/signal.h | 7 +++++++
kernel/signal.c | 38 +++++++++++++++++++++++++++++++-------
2 files changed, 38 insertions(+), 7 deletions(-)

diff -upr linux-2.6.23-rc1-mm1.orig/include/linux/signal.h linux-2.6.23-rc1-mm1-7/include/linux/signal.h
--- linux-2.6.23-rc1-mm1.orig/include/linux/signal.h 2007-07-26 16:34:45.000000000 +0400
+++ linux-2.6.23-rc1-mm1-7/include/linux/signal.h 2007-07-26 16:36:37.000000000 +0400
@@ -7,6 +7,13 @@
#ifdef __KERNEL__
#include <linux/list.h>

+struct kern_siginfo {
+ siginfo_t *info;
+ int flags;
+};
+
+#define KERN_SIGINFO_CINIT 0x1 /* True iff signalling container-init */
+
/*
* Real Time signals may be queued.
*/
diff -upr linux-2.6.23-rc1-mm1.orig/kernel/signal.c linux-2.6.23-rc1-mm1-7/kernel/signal.c
--- linux-2.6.23-rc1-mm1.orig/kernel/signal.c 2007-07-26 16:34:45.000000000 +0400
+++ linux-2.6.23-rc1-mm1-7/kernel/signal.c 2007-07-26 16:36:37.000000000 +0400
@@ -299,10 +299,12 @@ unblock_all_signals(void)
spin_unlock_irqrestore(&current->sighand->siglock, flags);
}

-static int collect_signal(int sig, struct sigpending *list, siginfo_t *info)
+static int collect_signal(int sig, struct sigpending *list,
+ struct kern_siginfo *kinfo)
{
struct sigqueue *q, *first = NULL;
int still_pending = 0;
+ siginfo_t *info = kinfo->info;

if (unlikely(!sigismember(&list->signal, sig)))
return 0;
@@ -343,7 +348,7 @@ static int collect_signal(int sig, struc
}

static int __dequeue_signal(struct sigpending *pending, sigset_t *mask,
- siginfo_t *info)
+ struct kern_siginfo *kinfo)
{
int sig = next_signal(pending, mask);

@@ -357,7 +364,7 @@ static int __dequeue_signal(struct sigpe
}
}

- if (!collect_signal(sig, pending, info))
+ if (!collect_signal(sig, pending, kinfo))
sig = 0;
}

@@ -370,18 +377,20 @@ static int __dequeue_signal(struct sigpe
*
* All callers have to hold the siglock.
*/
-int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info)
+int dequeue_signal_kern_info(struct task_struct *tsk, sigset_t *mask,
+ struct kern_siginfo *kinfo)
{
int signr = 0;
+ siginfo_t *info = kinfo->info;

/* We only dequeue private signals from ourselves, we don't let
* signalfd steal them
*/
if (tsk == current)
- signr = __dequeue_signal(&tsk->pending, mask, info);
+ signr = __dequeue_signal(&tsk->pending, mask, kinfo);
if (!signr) {
signr = __dequeue_signal(&tsk->signal->shared_pending,
- mask, info);
+ mask, kinfo);
/*
* itimer signal ?
*
@@ -441,6 +450,22 @@ int dequeue_signal(struct task_struct *t
}

/*
+ * Dequeue a signal and return the element to the caller, which is
+ * expected to free it.
+ *
+ * All callers have to hold the siglock.
+ */
+int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info)
+{
+ struct kern_siginfo kinfo;
+
+ kinfo.info = info;
+ kinfo.flags = 0;
+
+ return dequeue_signal_kern_info(tsk, mask, &kinfo);
+}
+
+/*
* Tell a process that it has a new active signal..
*
* NOTE! we rely on the previous spin_lock to
@@ -1779,6 +1873,10 @@ int get_signal_to_deliver(siginfo_t *inf
{
sigset_t *mask = &current->blocked;
int signr = 0;
+ struct kern_siginfo kinfo;
+
+ kinfo.info = info;
+ kinfo.flags = 0;

try_to_freeze();

@@ -1791,7 +1889,7 @@ relock:
handle_group_stop())
goto relock;

- signr = dequeue_signal(current, mask, info);
+ signr = dequeue_signal_kern_info(current, mask, &kinfo);

if (!signr)
break; /* will return 0 */

Report message to a moderator

[Message index]

		[RFC][PATCH 0/15] Pid namespaces By: Pavel Emelianov on Thu, 26 July 2007 14:45
		[PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Thu, 26 July 2007 14:46
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Thu, 26 July 2007 16:47
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Fri, 27 July 2007 08:07
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Fri, 27 July 2007 08:24
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Fri, 27 July 2007 08:35
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Fri, 27 July 2007 08:37
		Re: [PATCH 1/15] Move exit_task_namespaces() By: dev on Thu, 26 July 2007 16:59
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Dave Hansen on Thu, 26 July 2007 16:10
		Re: [PATCH 1/15] Move exit_task_namespaces() By: xemul on Fri, 27 July 2007 06:38
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Thu, 02 August 2007 16:18
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 08:00
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Mon, 06 August 2007 09:54
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 09:58
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Mon, 06 August 2007 10:38
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 11:21
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Mon, 06 August 2007 12:52
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 13:38
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 11:29
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Mon, 06 August 2007 12:48
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Pavel Emelianov on Mon, 06 August 2007 13:36
		Re: [PATCH 1/15] Move exit_task_namespaces() By: Oleg Nesterov on Mon, 06 August 2007 13:55
		[PATCH 2/15] Introduce MS_KERNMOUNT flag By: Pavel Emelianov on Thu, 26 July 2007 14:47
		[PATCH 3/15] kern_siginfo helper By: Pavel Emelianov on Thu, 26 July 2007 14:48
		Re: [PATCH 3/15] kern_siginfo helper By: Oleg Nesterov on Sun, 29 July 2007 11:40
		Re: [PATCH 3/15] kern_siginfo helper By: Pavel Emelianov on Mon, 30 July 2007 06:07
		Re: [PATCH 3/15] kern_siginfo helper By: Sukadev Bhattiprolu on Tue, 31 July 2007 00:21
		[PATCH 4/15] Make proc_flust_task() flush entries from multiple proc trees By: Pavel Emelianov on Thu, 26 July 2007 14:48
		[PATCH 5/15] Introduce struct upid By: Pavel Emelianov on Thu, 26 July 2007 14:49
		Re: [PATCH 5/15] Introduce struct upid By: Oleg Nesterov on Sun, 29 July 2007 09:50
		Re: [PATCH 5/15] Introduce struct upid By: Pavel Emelianov on Mon, 30 July 2007 05:58
		[PATCH 6/15] Make alloc_pid(), free_pid() and put_pid() work with struct upid By: Pavel Emelianov on Thu, 26 July 2007 14:50
		Re: [PATCH 6/15] Make alloc_pid(), free_pid() and put_pid() work with struct upid By: Oleg Nesterov on Sun, 29 July 2007 10:14
		Re: [PATCH 6/15] Make alloc_pid(), free_pid() and put_pid() work with struct upid By: Pavel Emelianov on Mon, 30 July 2007 06:03
		[PATCH 7/15] Helpers to obtain pid numbers By: Pavel Emelianov on Thu, 26 July 2007 14:51
		Re: [PATCH 7/15] Helpers to obtain pid numbers By: Dave Hansen on Thu, 26 July 2007 19:03
		Re: [PATCH 7/15] Helpers to obtain pid numbers By: Pavel Emelianov on Fri, 27 July 2007 06:40
		Re: [PATCH 7/15] Helpers to obtain pid numbers By: Oleg Nesterov on Sun, 29 July 2007 12:08
		Re: [PATCH 7/15] Helpers to obtain pid numbers By: Pavel Emelianov on Mon, 30 July 2007 06:11
		[PATCH 8/15] Helpers to find the task by its numerical ids By: Pavel Emelianov on Thu, 26 July 2007 14:51
		Re: [PATCH 8/15] Helpers to find the task by its numerical ids By: Dave Hansen on Thu, 26 July 2007 19:05
		Re: [PATCH 8/15] Helpers to find the task by its numerical ids By: Pavel Emelianov on Fri, 27 July 2007 06:43
		Re: [PATCH 8/15] Helpers to find the task by its numerical ids By: Oleg Nesterov on Sun, 29 July 2007 12:39
		Re: [PATCH 8/15] Helpers to find the task by its numerical ids By: Pavel Emelianov on Mon, 30 July 2007 06:15
		[PATCH 9/15] Move alloc_pid() after the namespace is cloned By: Pavel Emelianov on Thu, 26 July 2007 14:52
		Re: [PATCH 9/15] Move alloc_pid() after the namespace is cloned By: Oleg Nesterov on Fri, 27 July 2007 15:10
		Re: [PATCH 9/15] Move alloc_pid() after the namespace is cloned By: Pavel Emelianov on Mon, 30 July 2007 06:17
		Re: [PATCH 9/15] Move alloc_pid() after the namespace is cloned By: Sukadev Bhattiprolu on Mon, 30 July 2007 23:43
		Re: [PATCH 9/15] Move alloc_pid() after the namespace is cloned By: Sukadev Bhattiprolu on Tue, 31 July 2007 05:49
		[PATCH 10/15] Make each namespace has its own proc tree By: Pavel Emelianov on Thu, 26 July 2007 14:54
		Re: [PATCH 10/15] Make each namespace has its own proc tree By: Oleg Nesterov on Sun, 29 July 2007 15:56
		Re: [PATCH 10/15] Make each namespace has its own proc tree By: Oleg Nesterov on Sun, 29 July 2007 17:02
		Re: [PATCH 10/15] Make each namespace has its own proc tree By: Pavel Emelianov on Mon, 30 July 2007 06:45
		Re: [PATCH 10/15] Make each namespace has its own proc tree By: Pavel Emelianov on Mon, 30 July 2007 06:43
		[PATCH 11/15] Signal semantics By: Pavel Emelianov on Thu, 26 July 2007 14:55
		Re: [PATCH 11/15] Signal semantics By: Oleg Nesterov on Fri, 27 July 2007 12:30
		Re: [PATCH 11/15] Signal semantics By: Pavel Emelianov on Fri, 27 July 2007 13:38
		Re: [PATCH 11/15] Signal semantics By: serue on Fri, 27 July 2007 19:59
		Re: [PATCH 11/15] Signal semantics By: Sukadev Bhattiprolu on Fri, 27 July 2007 20:23
		Re: [PATCH 11/15] Signal semantics By: Pavel Emelianov on Mon, 30 July 2007 09:34
		Re: [PATCH 11/15] Signal semantics By: Pavel Emelianov on Mon, 30 July 2007 09:31
		Re: [PATCH 11/15] Signal semantics By: serue on Wed, 01 August 2007 16:13
		Re: [PATCH 11/15] Signal semantics By: dev on Thu, 02 August 2007 08:35
		Re: [PATCH 11/15] Signal semantics By: serue on Thu, 02 August 2007 20:09
		Re: [PATCH 11/15] Signal semantics By: Oleg Nesterov on Sun, 29 July 2007 11:23
		[PATCH 12/15] Miscelaneous stuff for pid namespaces By: Pavel Emelianov on Thu, 26 July 2007 14:56
		Re: [PATCH 12/15] Miscelaneous stuff for pid namespaces By: Pavel Emelianov on Fri, 27 July 2007 06:53
		Re: [PATCH 12/15] Miscelaneous stuff for pid namespaces By: Sukadev Bhattiprolu on Fri, 27 July 2007 06:22
		[PATCH 13/15] Clone the pid namespace By: Pavel Emelianov on Thu, 26 July 2007 14:56
		[PATCH 14/15] Destroy pid namespace on init's death By: Pavel Emelianov on Thu, 26 July 2007 14:57
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Sun, 29 July 2007 10:39
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Pavel Emelianov on Mon, 30 July 2007 11:56
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Mon, 30 July 2007 15:44
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Tue, 31 July 2007 09:07
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Wed, 01 August 2007 06:16
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Dave Hansen on Wed, 01 August 2007 16:00
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Wed, 01 August 2007 19:51
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: dev on Thu, 02 August 2007 08:37
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Thu, 02 August 2007 16:08
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Thu, 02 August 2007 17:08
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Fri, 03 August 2007 06:22
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Fri, 03 August 2007 10:55
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Thu, 02 August 2007 07:37
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Wed, 01 August 2007 19:48
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Thu, 02 August 2007 07:29
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Thu, 02 August 2007 15:39
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Thu, 02 August 2007 17:20
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Thu, 02 August 2007 17:29
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Thu, 02 August 2007 18:36
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Oleg Nesterov on Thu, 02 August 2007 18:49
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: serue on Thu, 02 August 2007 19:13
		Re: [PATCH 14/15] Destroy pid namespace on init's death By: Sukadev Bhattiprolu on Fri, 03 August 2007 21:36
		[PATCH 15/15] Hooks over the code to show correct values to user By: Pavel Emelianov on Thu, 26 July 2007 14:58
		Re: [PATCH 15/15] Hooks over the code to show correct values to user By: Sukadev Bhattiprolu on Fri, 27 July 2007 05:57
		Re: [PATCH 15/15] Hooks over the code to show correct values to user By: Pavel Emelianov on Fri, 27 July 2007 06:44
		Re: [PATCH 15/15] Hooks over the code to show correct values to user By: Oleg Nesterov on Sun, 29 July 2007 14:29
		Re: [PATCH 15/15] Hooks over the code to show correct values to user By: Pavel Emelianov on Mon, 30 July 2007 06:49
		Re: [PATCH 15/15] Hooks over the code to show correct values to user By: Oleg Nesterov on Tue, 31 July 2007 10:04
		Re: [RFC][PATCH 0/15] Pid namespaces By: Sukadev Bhattiprolu on Fri, 27 July 2007 04:22
		Re: [RFC][PATCH 0/15] Pid namespaces By: Sukadev Bhattiprolu on Fri, 27 July 2007 06:08
		Re: [RFC][PATCH 0/15] Pid namespaces By: Pavel Emelianov on Fri, 27 July 2007 06:47

Previous Topic:	Re: [RFC, PATCH] handle the multi-threaded init's exit() properly
Next Topic:	[PATCH 0/14] sysfs cleanups

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sat Sep 06 12:21:24 GMT 2025

Total time taken to generate the page: 0.08649 seconds