Prev: [PATCH 4/6] wait_for_helper: SIGCHLD from user-space can lead to use-after-free
Next: [PATCH 6/6] call_usermodehelper: UMH_WAIT_EXEC ignores kernel_thread() failure
From: Oleg Nesterov on 15 Mar 2010 16:00
__call_usermodehelper(UMH_NO_WAIT) has 2 problems:

- if kernel_thread() fails, call_usermodehelper_freeinfo()
is not called.

- for unknown reason UMH_NO_WAIT has UMH_WAIT_PROC logic,
we spawn yet another thread which waits until the user
mode application exits.

Change the UMH_NO_WAIT code to use ____call_usermodehelper() instead of
wait_for_helper(), and do call_usermodehelper_freeinfo() unconditionally.
We can rely on CLONE_VFORK, do_fork(CLONE_VFORK) until the child exits
or execs.

With or without this patch UMH_NO_WAIT does not report the error if
kernel_thread() fails, this is correct since the caller doesn't wait
for result.

Signed-off-by: Oleg Nesterov <oleg(a)redhat.com>
---

kernel/kmod.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)

--- 34-rc1/kernel/kmod.c~5_UMH_NO_WAIT 2010-03-15 20:28:31.000000000 +0100
+++ 34-rc1/kernel/kmod.c 2010-03-15 20:32:23.000000000 +0100
@@ -205,10 +205,7 @@ static int wait_for_helper(void *data)
sub_info->retval = ret;
}

- if (sub_info->wait == UMH_NO_WAIT)
- call_usermodehelper_freeinfo(sub_info);
- else
- complete(sub_info->complete);
+ complete(sub_info->complete);
return 0;
}

@@ -217,13 +214,13 @@ static void __call_usermodehelper(struct
{
struct subprocess_info *sub_info =
container_of(work, struct subprocess_info, work);
- pid_t pid;
enum umh_wait wait = sub_info->wait;
+ pid_t pid;

/* CLONE_VFORK: wait until the usermode helper has execve'd
* successfully We need the data structures to stay around
* until that is done. */
- if (wait == UMH_WAIT_PROC || wait == UMH_NO_WAIT)
+ if (wait == UMH_WAIT_PROC)
pid = kernel_thread(wait_for_helper, sub_info,
CLONE_FS | CLONE_FILES | SIGCHLD);
else
@@ -232,6 +229,7 @@ static void __call_usermodehelper(struct

switch (wait) {
case UMH_NO_WAIT:
+ call_usermodehelper_freeinfo(sub_info);
break;

case UMH_WAIT_PROC:

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [PATCH 4/6] wait_for_helper: SIGCHLD from user-space can lead to use-after-free
Next: [PATCH 6/6] call_usermodehelper: UMH_WAIT_EXEC ignores kernel_thread() failure