• Harald Welte's avatar
    [PATCH] Fix signal sending in usbdevio on async URB completion · 46113830
    Harald Welte authored
    If a process issues an URB from userspace and (starts to) terminate
    before the URB comes back, we run into the issue described above.  This
    is because the urb saves a pointer to "current" when it is posted to the
    device, but there's no guarantee that this pointer is still valid
    afterwards.
    
    In fact, there are three separate issues:
    
    1) the pointer to "current" can become invalid, since the task could be
       completely gone when the URB completion comes back from the device.
    
    2) Even if the saved task pointer is still pointing to a valid task_struct,
       task_struct->sighand could have gone meanwhile.
    
    3) Even if the process is perfectly fine, permissions may have changed,
       and we can no longer send it a signal.
    
    So what we do instead, is to save the PID and uid's of the process, and
    introduce a new kill_proc_info_as_uid() function.
    Signed-off-by: default avatarHarald Welte <laforge@gnumonks.org>
    [ Fixed up types and added symbol exports ]
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    46113830
devio.c 39.9 KB