Page MenuHomeFreeBSD
Differential D31563

sigtimedwait: Use a unique wait channel for sleeping
ClosedPublic
Actions

Authored by markj on Aug 16 2021, 5:19 PM.
Tags
None
Referenced Files
F82961118: D31563.id.diff
Sat, May 4, 1:15 PM
Unknown Object (File)
Sun, Apr 14, 5:28 PM
Unknown Object (File)
Feb 13 2024, 6:00 PM
Unknown Object (File)
Dec 26 2023, 2:36 AM
Unknown Object (File)
Dec 20 2023, 2:18 AM
Unknown Object (File)
Dec 12 2023, 11:45 AM
Unknown Object (File)
Nov 30 2023, 12:06 AM
Unknown Object (File)
Aug 15 2023, 10:35 PM
View All 18 Files
Subscribers
imp

Details

Reviewers
kib
Commits
rGc4feb1ab0ae0: sigtimedwait: Use a unique wait channel for sleeping
Summary

When a sigtimedwait(2) caller goes to sleep, it uses a wait channel of
p->p_sigacts with the proc lock as the interlock. However, p_sigacts
can be shared between processes if a child is created with
rfork(RFSIGSHARE | RFPROC). Thus we can end up with two threads
sleeping on the same wait channel using different locks, which is not
permitted.

Fix the problem simply by using a process-unique wait channel, following
the example of sigsuspend. I believe the actual wait channel value is
irrelevant here, sleeping threads are awoken using sleepq_abort().

Reported by: syzbot+8c417afabadb50bb8827@syzkaller.appspotmail.com
Reported by: syzbot+1d89fc2a9ef92ef64fa8@syzkaller.appspotmail.com

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kern/
3 lines

Diff 93778

View Options

sys/kern/kern_sig.c

Loading...