On 01/26, Ingo Molnar wrote: > > * Sasha Levin <[email protected]> wrote: > > > A random wakeup can get us out of sigsuspend() without TIF_SIGPENDING > > being set. > > > > Avoid that by making sure we were signaled, like sys_pause() does. > > > > Signed-off-by: Sasha Levin <[email protected]> > > --- > > kernel/signal.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > diff --git a/kernel/signal.c b/kernel/signal.c > > index 5da9180..3256c7e 100644 > > --- a/kernel/signal.c > > +++ b/kernel/signal.c > > @@ -3528,8 +3528,10 @@ static int sigsuspend(sigset_t *set) > > current->saved_sigmask = current->blocked; > > set_current_blocked(set); > > > > - __set_current_state(TASK_INTERRUPTIBLE); > > - schedule(); > > + while (!signal_pending(current)) { > > + __set_current_state(TASK_INTERRUPTIBLE); > > + schedule(); > > + } > > set_restore_sigmask(); > > return -ERESTARTNOHAND; > > } > > So this does not appear to be anything new, right? > > I agree with the fix, but I'm somewhat worried about the potential ABI impact: > does anything exist out there that has learned to rely on spurious returns > from > SyS_sigsuspend() or SyS_rt_sigsuspend() system calls?
Unlikely. We can even forget about set_restore_sigmask/TIF_RESTORE_SIGMASK and WARN_ON(). We are going to return -ERESTARTNOHAND, this assumes that TIF_SIGPENDING must be set and thus do_signal() will be called, userspace should never see this error code. This is even documented in errno.h. Oleg.
