linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Christoph Böhmwalder" <christoph.boehmwalder@linbit.com>
To: David Laight <David.Laight@ACULAB.COM>, Jens Axboe <axboe@kernel.dk>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Philipp Reisner <philipp.reisner@linbit.com>,
	"stable@vger.kernel.org" <stable@vger.kernel.org>,
	"Eric W . Biederman" <ebiederm@xmission.com>
Subject: Re: [PATCH] drbd: do not ignore signals in threads
Date: Mon, 5 Aug 2019 11:33:01 +0200	[thread overview]
Message-ID: <ad16d006-4382-3f77-8968-6f840e58b8df@linbit.com> (raw)
In-Reply-To: <6259de605e9246b095233e3984262b93@AcuMS.aculab.com>

On 29.07.19 10:50, David Laight wrote:
> Doesn't unmasking the signals and using send_sig() instead  of force_sig()
> have the (probably unwanted) side effect of allowing userspace to send
> the signal?

I have ran some tests, and it does look like it is now possible to send
signals to the DRBD kthread from userspace. However, ...

> I've certainly got some driver code that uses force_sig() on a kthread
> that it doesn't (ever) want userspace to signal.

... we don't feel that it is absolutely necessary for userspace to be
unable to send a signal to our kthreads. This is because the DRBD thread
independently checks its own state, and (for example) only exits as a
result of a signal if its thread state was already "EXITING" to begin
with.

As such, our priority here is to get the main issue -- DRBD hanging upon
exit -- resolved. I agree that it is not exactly desirable to have userspace
send random signals to kthreads; not for DRBD and certainly not in general.
However, we feel like it is more important to have DRBD actually work again
in 5.3.

That said, there should probably still be a way to be able to send a signal
to a kthread from the kernel, but not from userspace. I think the author of
the original patch (Eric) might have some ideas here.

Jens, could you take a look and decide whether or not it's appropriate for you
to funnel this through the linux-block tree to Linus for rc4?

> The origina1 commit says:
>> Further force_sig is for delivering synchronous signals (aka exceptions).
>> The locking in force_sig is not prepared to deal with running processes, as
>> tsk->sighand may change during exec for a running process.
> 
> I think a lot of code has assumed that the only real difference between
> send_sig() and force_sig() is that the latter ignores the signal mask.
> 
> If you need to unblock a kernel thread (eg one blocked in kernel_accept())
> in order to unload a driver, then you really don't want it to be possible
> for anything else to signal the kthread.
> 
> 	David
> 
> -
> Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
> Registration No: 1397386 (Wales)
--
Christoph Böhmwalder
LINBIT | Keeping the Digital World Running
DRBD HA —  Disaster Recovery — Software defined Storage

  reply	other threads:[~2019-08-05  9:33 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-29  8:32 [PATCH] drbd: do not ignore signals in threads Christoph Böhmwalder
2019-07-29  8:50 ` David Laight
2019-08-05  9:33   ` Christoph Böhmwalder [this message]
2019-08-05  9:41     ` David Laight
2019-08-12 11:52       ` Philipp Reisner
2019-08-12 13:12         ` David Laight
2019-08-12 13:28           ` Philipp Reisner
2019-08-16 22:19             ` [PATCH] signal: Allow cifs and drbd to receive their terminating signals Eric W. Biederman
2019-08-19  8:37               ` Christoph Böhmwalder
2019-08-19 22:03                 ` [GIT PULL] " Eric W. Biederman
2019-08-19 23:35                   ` pr-tracker-bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ad16d006-4382-3f77-8968-6f840e58b8df@linbit.com \
    --to=christoph.boehmwalder@linbit.com \
    --cc=David.Laight@ACULAB.COM \
    --cc=axboe@kernel.dk \
    --cc=ebiederm@xmission.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=philipp.reisner@linbit.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).