On Tue, 27 Sep 2005, Sergey Vlasov wrote:
>
> And then a process calls USBDEVFS_SUBMITURB and immediately exits; its
> pid gets reused by a completely different process (maybe even
> root-owned), then the urb completes, and kill_proc_info() sends the
> signal to the unsuspecting process.
Ehh.. pid's don't get re-used until they wrap.
Your _current_ code has that problem, though - "struct task_struct" _does_
get re-used.
Don't assume that the fixes are as bad.
Anyway, Christoph is certainly correct that what you _should_ be using is
the SIGIO infrastructure, even if you don't actually use the fcntl() to
register it.
> Hmm, then probably send_sig_info() should check for non-NULL
> p->sighand after taking tasklist_lock? Otherwise all uses of
> send_sig_info() for non-current tasks are unsafe.
I don't think so.
Your oops is because you're using a STALE POINTER.
If you look it up by pid, it won't be stale, now will it?
Hint: the point where sighand is released is also the point where the
process is unhashed.
Linus
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
linux-usb-devel@lists.sourceforge.net
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
