On Tue, 27 Sep 2005, Sergey Vlasov wrote:
>
> And then a process calls USBDEVFS_SUBMITURB and immediately exits; its
> pid gets reused by a completely different process (maybe even
> root-owned), then the urb completes, and kill_proc_info() sends the
> signal to the unsuspecting process.
Ehh.. pid's don't get re-used until they wrap.
Your _current_ code has that problem, though - "struct task_struct" _does_
get re-used.
Don't assume that the fixes are as bad.
Anyway, Christoph is certainly correct that what you _should_ be using is
the SIGIO infrastructure, even if you don't actually use the fcntl() to
register it.
> Hmm, then probably send_sig_info() should check for non-NULL
> p->sighand after taking tasklist_lock? Otherwise all uses of
> send_sig_info() for non-current tasks are unsafe.
I don't think so.
Your oops is because you're using a STALE POINTER.
If you look it up by pid, it won't be stale, now will it?
Hint: the point where sighand is released is also the point where the
process is unhashed.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
