• Oleg Nesterov's avatar
    pids: de_thread: don't clear session/pgrp pids for the old leader · 65450ceb
    Oleg Nesterov authored
    Based on Eric W. Biederman's idea.
    
    Unless task == current, without tasklist_lock held task_session()/task_pgrp()
    can return NULL if the caller races with de_thread() which switches the group
    leader.
    
    Change transfer_pid() to not clear old->pids[type].pid for the old leader.
    This means that its .pid can point to "nowhere", but this is already true for
    sub-threads, and the old leader is not group_leader() any longer.  IOW, with
    or without this change we can't trust task's special pids unless it is the
    group leader.
    
    With this change the following code
    
    	rcu_read_lock();
    	task = find_task_by_xxx();
    	do_something(task_pgrp(task), task_session(task));
    	rcu_read_unlock();
    
    can't race with exec and hit the NULL pid.
    Signed-off-by: default avatarOleg Nesterov <oleg@tv-sign.ru>
    Cc:  "Eric W. Biederman" <ebiederm@xmission.com>
    Cc: Pavel Emelyanov <xemul@openvz.org>
    Cc: Roland McGrath <roland@redhat.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    65450ceb
pid.c 12.5 KB