On Sat, Jan 31, 2026 at 01:23:15PM -0800, Andrew Morton wrote: > On Thu, 29 Jan 2026 17:17:48 -0500 Aristeu Rozanski <[email protected]> wrote: > > > In order to synchronize new processes to test inheritance of > > memfd_noexec sysctl, memfd_test sets up the sysctl with a value before > > creating the new process. The new process then sends itself a SIGSTOP > > in order to wait for the parent to flip the sysctl value and send a > > SIGCONT signal. > > > > This would work as intended if it wasn't the fact that the new process > > is being created with CLONE_NEWPID, which creates a new PID namespace and > > the new process has PID 1 in this namespace. There're restrictions on > > sending signals to PID 1 and, although it's relaxed for other than root > > PID namespace, it's biting us here. In this specific case the SIGSTOP sent > > by the new process is ignored (no error to kill() is returned) and it never > > stops its execution. This is usually not noticiable as the parent usually > > manages to set the new sysctl value before the child has a chance to run > > and the test succeeds. But if you run the test in a loop, it eventually > > reproduces: > > > > while [ 1 ]; do ./memfd_test >log 2>&1 || break; done; cat log > > > > So this patch replaces the SIGSTOP/SIGCONT synchronization with IPC > > semaphore. > > > > Fixes: 6469b66e3f5a3 (selftests: improve vm.memfd_noexec sysctl tests, > > 2023-08-14) > > Thanks. Could you please resend this sometime, with a > cc:[email protected] and also cc'ing the 6469b66e3f5a3 author Aleksa > Sarai <[email protected]>? > > > +union semun { > > + int val; > > + struct semid_ds *buf; > > + unsigned short int *array; > > + struct seminfo *__buf; > > +}; > > + > > +/* > > + * we use semaphores on nested wait tasks due the use of CLONE_NEWPID: the > > + * children will be PID 1 and can't send SIGSTOP to itself due special > > s/children/child/, or s/itself/themselves/
Will fix and resend. Thanks! -- Aristeu
