• Oleg Nesterov's avatar
    signals: remove 'handler' parameter to tracehook functions · 43918f2b
    Oleg Nesterov authored
    Container-init must behave like global-init to processes within the
    container and hence it must be immune to unhandled fatal signals from
    within the container (i.e SIG_DFL signals that terminate the process).
    
    But the same container-init must behave like a normal process to processes
    in ancestor namespaces and so if it receives the same fatal signal from a
    process in ancestor namespace, the signal must be processed.
    
    Implementing these semantics requires that send_signal() determine pid
    namespace of the sender but since signals can originate from workqueues/
    interrupt-handlers, determining pid namespace of sender may not always be
    possible or safe.
    
    This patchset implements the design/simplified semantics suggested by
    Oleg Nesterov.  The simplified semantics for container-init are:
    
    	- container-init must never be terminated by a signal from a
    	  descendant process.
    
    	- container-init must never be immune to SIGKILL from an ancestor
    	  namespace (so a process in parent namespace must always be able
    	  to terminate a descendant container).
    
    	- container-init may be immune to unhandled fatal signals (like
    	  SIGUSR1) even if they are from ancestor namespace. SIGKILL/SIGSTOP
    	  are the only reliable signals to a container-init from ancestor
    	  namespace.
    
    This patch:
    
    Based on an earlier patch submitted by Oleg Nesterov and comments from
    Roland McGrath (http://lkml.org/lkml/2008/11/19/258).
    
    The handler parameter is currently unused in the tracehook functions.
    Besides, the tracehook functions are called with siglock held, so the
    functions can check the handler if they later need to.
    
    Removing the parameter simiplifies changes to sig_ignored() in a follow-on
    patch.
    Signed-off-by: default avatarSukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
    Acked-by: default avatarRoland McGrath <roland@redhat.com>
    Signed-off-by: default avatarOleg Nesterov <oleg@tv-sign.ru>
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Daniel Lezcano <daniel.lezcano@free.fr>
    Cc: Ingo Molnar <mingo@elte.hu>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    43918f2b
signal.c 65.5 KB