linux/fs
Oleg Nesterov 329f7dba5f [PATCH] fix de_thread() vs send_group_sigqueue() race
When non-leader thread does exec, de_thread calls release_task(leader) before
calling exit_itimers(). If local timer interrupt happens in between, it can
oops in send_group_sigqueue() while taking ->sighand->siglock == NULL.

However, we can't change send_group_sigqueue() to check p->signal != NULL,
because sys_timer_create() does get_task_struct() only in SIGEV_THREAD_ID
case. So it is possible that this task_struct was already freed and we can't
trust p->signal.

This patch changes de_thread() so that leader released after exit_itimers()
call.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-08 12:58:38 -08:00
..
9p [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
adfs [ARM] fs/adfs/adfs.h: "extern inline" doesn't make sense 2005-08-20 17:20:28 +01:00
affs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
afs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
autofs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
autofs4 [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
befs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
bfs [PATCH] bfs iget() abuses 2005-10-04 13:22:01 -07:00
cifs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
coda [PATCH] Driver Core: fix up all callers of class_device_create() 2005-10-28 09:52:52 -07:00
cramfs [PATCH] fs/cramfs/uncompress.c should #include <linux/cramfs_fs.h> 2005-09-10 10:06:35 -07:00
debugfs [PATCH] remove duplicate get_dentry functions in various places 2005-06-23 09:45:20 -07:00
devfs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
devpts [PATCH] Generic VFS fallback for security xattrs 2005-09-05 00:05:52 -07:00
efs
exportfs
ext2 [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
ext3 [PATCH] Test for sb_getblk return value 2005-10-30 17:37:26 -08:00
fat [PATCH] fat: Remove duplicate directory scanning code 2005-10-30 17:37:32 -08:00
freevxfs [PATCH] vxfs: use generic_ro_fops 2005-11-07 07:53:41 -08:00
fuse [PATCH] FUSE: pass file handle in setattr 2005-11-07 07:53:42 -08:00
hfs [PATCH] gfp_t: fs/* 2005-10-28 08:16:47 -07:00
hfsplus [PATCH] gfp_t: fs/* 2005-10-28 08:16:47 -07:00
hostfs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
hpfs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
hppfs [PATCH] hppfs: fix symlink error path 2005-08-26 11:39:19 -07:00
hugetlbfs [PATCH] hugetlb: overcommit accounting check 2005-10-29 21:40:43 -07:00
isofs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
jbd [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
jffs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
jffs2 Merge master.kernel.org:/pub/scm/linux/kernel/git/tglx/mtd-2.6 2005-11-07 10:24:08 -08:00
jfs [PATCH] mm: split page table lock 2005-10-29 21:40:42 -07:00
lockd [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
minix [PATCH] update filesystems for new delete_inode behavior 2005-09-09 13:57:27 -07:00
msdos [PATCH] fat: remove the unneeded vfat_find() in vfat_rename() 2005-10-30 17:37:32 -08:00
ncpfs [PATCH] update filesystems for new delete_inode behavior 2005-09-09 13:57:27 -07:00
nfs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
nfs_common [PATCH] nfsacl: Solaris VxFS compatibility fix 2005-10-11 09:46:54 -07:00
nfsd [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
nls [PATCH] make some things static 2005-05-05 16:36:47 -07:00
ntfs NTFS: Fix a stupid bug causing writes to non-initialized pages to segfault. 2005-11-01 15:49:31 +00:00
openpromfs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
partitions [PATCH] s390: cleanup of include/asm-s390/vtoc.h 2005-11-07 07:53:34 -08:00
proc Merge git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc-merge 2005-11-07 20:23:46 -08:00
qnx4 [PATCH] update filesystems for new delete_inode behavior 2005-09-09 13:57:27 -07:00
ramfs
reiserfs [PATCH] reiserfs: [kv]free() checking cleanup 2005-10-30 17:37:17 -08:00
relayfs [PATCH] relayfs: fix bogus param value in call to vmap 2005-10-10 08:39:50 -07:00
romfs
smbfs [PATCH] smbfs: 'names_cache' memory leak 2005-11-07 07:53:39 -08:00
sysfs [PATCH] Fix oops in sysfs_hash_and_remove_file() 2005-08-26 19:37:13 -07:00
sysv [PATCH] update filesystems for new delete_inode behavior 2005-09-09 13:57:27 -07:00
udf [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
ufs [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
vfat [PATCH] fat: remove the unneeded vfat_find() in vfat_rename() 2005-10-30 17:37:32 -08:00
xfs [PATCH] mm: rename kmem_cache_s to kmem_cache 2005-11-07 07:53:24 -08:00
aio.c [PATCH] aio: remove aio_max_nr accounting race 2005-11-07 07:53:38 -08:00
attr.c [PATCH] fs/attr.c: remove BUG() 2005-10-30 17:37:27 -08:00
bad_inode.c [PATCH] make some things static 2005-05-05 16:36:47 -07:00
binfmt_aout.c [PATCH] mm: mm_init set_mm_counters 2005-10-29 21:40:38 -07:00
binfmt_elf_fdpic.c [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
binfmt_elf.c [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
binfmt_em86.c
binfmt_flat.c [PATCH] mm: mm_init set_mm_counters 2005-10-29 21:40:38 -07:00
binfmt_misc.c
binfmt_script.c
binfmt_som.c [PATCH] mm: mm_init set_mm_counters 2005-10-29 21:40:38 -07:00
bio.c [PATCH] gfp_t: fs/* 2005-10-28 08:16:47 -07:00
block_dev.c [PATCH] block: add unlocked_ioctl support for block devices 2005-06-23 09:45:32 -07:00
buffer.c [PATCH] __find_get_block_slow() cleanup 2005-11-07 07:53:39 -08:00
char_dev.c [PATCH] cdev: cdev_put oops 2005-07-12 16:01:02 -07:00
compat_ioctl.c [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
compat.c [PATCH] mm: update_hiwaters just in time 2005-10-29 21:40:39 -07:00
dcache.c [PATCH] Remove hlist_for_each_rcu() API, convert existing use to hlist_for_each_entry_rcu 2005-11-07 07:53:35 -08:00
dcookies.c [PATCH] dcookies.c: use proper refcounting functions 2005-07-07 18:23:52 -07:00
direct-io.c [PATCH] core remove PageReserved 2005-10-29 21:40:39 -07:00
dnotify.c
dquot.c [PATCH] saner handling of auto_acct_off() and DQUOT_OFF() in umount 2005-11-07 18:18:09 -08:00
eventpoll.c [PATCH] epoll: handle timeout overflow 2005-09-28 07:46:41 -07:00
exec.c [PATCH] fix de_thread() vs send_group_sigqueue() race 2005-11-08 12:58:38 -08:00
fcntl.c [PATCH] files: lock-free fd look-up 2005-09-09 13:57:55 -07:00
fifo.c
file_table.c [PATCH] mm: rename kmem_cache_s to kmem_cache 2005-11-07 07:53:24 -08:00
file.c [PATCH] Fix the fdtable freeing in the case of vmalloced fdset/arrays 2005-09-14 12:38:26 -07:00
filesystems.c [PATCH] fix missing includes 2005-10-30 17:37:32 -08:00
fs-writeback.c [PATCH] kernel-docs: fix kernel-doc format problems 2005-11-07 07:53:55 -08:00
inode.c [PATCH] fix nr_unused accounting, and avoid recursing in iput with I_WILL_FREE set 2005-10-30 17:37:26 -08:00
inotify.c [PATCH] inotify/idr leak fix 2005-10-23 16:38:39 -07:00
ioctl.c
ioprio.c Don't allow normal users to set idle IO priority 2005-08-20 18:51:29 -07:00
Kconfig Merge master.kernel.org:/pub/scm/linux/kernel/git/tglx/mtd-2.6 2005-11-07 10:24:08 -08:00
Kconfig.binfmt [PATCH] CONFIG_IA32 2005-10-30 17:37:10 -08:00
libfs.c [PATCH] fix fsync(dir) return value for ram-based filesystems 2005-06-25 16:24:38 -07:00
locks.c Fix Connectathon locking test failure 2005-10-18 14:20:21 -07:00
Makefile [PATCH] beginning of the shared-subtree proper 2005-11-07 18:18:10 -08:00
mbcache.c [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00
mpage.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
namei.c [PATCH] VFS: pass file pointer to filesystem from ftruncate() 2005-11-07 07:53:42 -08:00
namespace.c [PATCH] unbindable mounts 2005-11-07 18:18:11 -08:00
nfsctl.c
open.c [PATCH] VFS: pass file pointer to filesystem from ftruncate() 2005-11-07 07:53:42 -08:00
pipe.c [PATCH] sched: TASK_NONINTERACTIVE 2005-09-10 10:06:22 -07:00
pnode.c [PATCH] unbindable mounts 2005-11-07 18:18:11 -08:00
pnode.h [PATCH] unbindable mounts 2005-11-07 18:18:11 -08:00
posix_acl.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
quota_v1.c
quota_v2.c
quota.c [PATCH] quota: small cleanups 2005-11-07 07:53:39 -08:00
read_write.c [PATCH] readv/writev syscalls are not checked by lsm 2005-09-29 15:42:08 -07:00
readdir.c
select.c [PATCH] files: lock-free fd look-up 2005-09-09 13:57:55 -07:00
seq_file.c [PATCH] allow callers of seq_open do allocation themselves 2005-11-07 18:18:09 -08:00
stat.c
super.c [PATCH] saner handling of auto_acct_off() and DQUOT_OFF() in umount 2005-11-07 18:18:09 -08:00
xattr_acl.c
xattr.c [PATCH] kfree cleanup: fs 2005-11-07 07:54:06 -08:00