From nobody Mon Aug 07 00:59:52 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RJyf02tVrz4pk87;
	Mon,  7 Aug 2023 00:59:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RJyf02LPSz3Wcc;
	Mon,  7 Aug 2023 00:59:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1691369992;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=i9ZX/FqWVNvVcCf9S4p0NEzEOs2Gt5xSuywdqL/Lgd0=;
	b=UEzNNACPK6I1h3YwqbM1FmnOZsQKsbPaMVODOrmnR46G77EOmR+ADE7IYKdjo2ZWCmxyRt
	HrLNnLe5s2qUaHCDcXxi5mp4hO3qfy4RLLx57TXYrg7JxdBaXpaQn2BnibyII/ZEsYS414
	Ka+rmTVr0ui2G0ypj5MSheImaJV2SxfjVa8trFQHNkUESbtA1JXXOhj65URG6GXwA5M1ck
	TWFeq6AFnPtTmYea6WlX+tv+aqmgMBf5lrrCcpdDf8fLSOsPXaNGP3gFbTSFWOLC0V4j4k
	2mHx1/KNi2+LdGlJ02HjHzlKH8dhOOa+IvgsmzFAgAA2W6KMWtLkieZbrGamOw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1691369992;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=i9ZX/FqWVNvVcCf9S4p0NEzEOs2Gt5xSuywdqL/Lgd0=;
	b=l0GtNKCJmY4ljS4Tl6PCMZ3WX4myAlmayhlxNh77GPjlxIm57ca/PvBxiqzXx/DQhbpO78
	zbZbLF6BAlzKCTVR+dIraM1IljELKol/QaYZ1XSXW0dNPFWTxH3ZB4F8L9muQNlLS/AsuU
	iidsbT1yT3v/dHHmx8uJQzzzyJfTAjiH6ziSuqLi996KjO8vtT2Tl5fmdhE34ZKCuWei7V
	wpGhCkmBlIvS2QecF2ZHTNnF3xf+wJQTJ15i1v3RxPa99d/kPuhmkcihmp1VnTcaOB1aHu
	uIHEfIgLHuW/py5so1RAaYKgpVja7Ip/vVwkLDJfbQbcDCgZ8z+D+kRsutrScw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1691369992; a=rsa-sha256; cv=none;
	b=XoSxunX0n3oeag9ZhfawxZJLeaV3M2kKH7as4L7pvRJjgtZVJ5MkzMebIUU7b8Nx2xTUq3
	Xjtozz0cPdrjHDISNnUWcIrR+qfUtM2lz/s9FtF8D4JAXbwTIAgULpLyCzwWPRm6wiyJBi
	8avwe/H26CPs6Oaq7xxQtkAgp01ePLYj0ouXuUGjEeAO6xkL3s9ALCmTQZWu0hnDpNRa7l
	kiAV7wsp9uJ1wYCWyrrvyGyd1g4z2uuxfrRK3zBmtbVOq03Lgg33tDSs4Y5Wp6a27Au+Ig
	ob7gtnxitgSw7trpX6qod8MhbZYdqIpUpjLhN+TClyxnar+nk65Wr8mo9Shpiw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RJyf01QhCzXqZ;
	Mon,  7 Aug 2023 00:59:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3770xq4i077226;
	Mon, 7 Aug 2023 00:59:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3770xqim077225;
	Mon, 7 Aug 2023 00:59:52 GMT
	(envelope-from git)
Date: Mon, 7 Aug 2023 00:59:52 GMT
Message-Id: <202308070059.3770xqim077225@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 910aa553a9ba - stable/13 - killpg(): close a race with fork(), part 2
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 910aa553a9baaa66030b40dc56c254bcc74a9286
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=910aa553a9baaa66030b40dc56c254bcc74a9286

commit 910aa553a9baaa66030b40dc56c254bcc74a9286
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-07-20 21:19:03 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-08-07 00:48:45 +0000

    killpg(): close a race with fork(), part 2
    
    (cherry picked from commit 232b922cb363e01ac0dd2a277d93cf74d8485e79)
---
 sys/kern/kern_fork.c | 47 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 6fb9d2a83c8f..3b612e7b8990 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -857,7 +857,7 @@ fork1(struct thread *td, struct fork_req *fr)
 	static int curfail;
 	static struct timeval lastfail;
 	int flags, pages;
-	bool killsx_locked;
+	bool killsx_locked, singlethreaded;
 
 	flags = fr->fr_flags;
 	pages = fr->fr_pages;
@@ -915,6 +915,7 @@ fork1(struct thread *td, struct fork_req *fr)
 	newproc = NULL;
 	vm2 = NULL;
 	killsx_locked = false;
+	singlethreaded = false;
 
 	/*
 	 * Increment the nprocs resource before allocations occur.
@@ -945,14 +946,37 @@ fork1(struct thread *td, struct fork_req *fr)
 	}
 
 	/*
-	 * Atomically check for signals and block threads from sending
-	 * a signal to our process group until the child is visible.
+	 * If we are possibly multi-threaded, and there is a process
+	 * sending a signal to our group right now, ensure that our
+	 * other threads cannot be chosen for the signal queueing.
+	 * Otherwise, this might delay signal action, and make the new
+	 * child escape the signaling.
 	 */
 	pg = p1->p_pgrp;
-	if (sx_slock_sig(&pg->pg_killsx) != 0) {
+	if (p1->p_numthreads > 1) {
+		if (sx_try_slock(&pg->pg_killsx) != 0) {
+			killsx_locked = true;
+		} else {
+			PROC_LOCK(p1);
+			if (thread_single(p1, SINGLE_BOUNDARY)) {
+				PROC_UNLOCK(p1);
+				error = ERESTART;
+				goto fail2;
+			}
+			PROC_UNLOCK(p1);
+			singlethreaded = true;
+		}
+	}
+
+	/*
+	 * Atomically check for signals and block processes from sending
+	 * a signal to our process group until the child is visible.
+	 */
+	if (!killsx_locked && sx_slock_sig(&pg->pg_killsx) != 0) {
 		error = ERESTART;
 		goto fail2;
-	} else if (__predict_false(p1->p_pgrp != pg || sig_intr() != 0)) {
+	}
+	if (__predict_false(p1->p_pgrp != pg || sig_intr() != 0)) {
 		/*
 		 * Either the process was moved to other process
 		 * group, or there is pending signal.  sx_slock_sig()
@@ -1056,8 +1080,8 @@ fork1(struct thread *td, struct fork_req *fr)
 	}
 
 	do_fork(td, fr, newproc, td2, vm2, fp_procdesc);
-	sx_sunlock(&pg->pg_killsx);
-	return (0);
+	error = 0;
+	goto cleanup;
 fail0:
 	error = EAGAIN;
 #ifdef MAC
@@ -1075,9 +1099,16 @@ fail2:
 		fdrop(fp_procdesc, td);
 	}
 	atomic_add_int(&nprocs, -1);
+cleanup:
 	if (killsx_locked)
 		sx_sunlock(&pg->pg_killsx);
-	pause("fork", hz / 2);
+	if (singlethreaded) {
+		PROC_LOCK(p1);
+		thread_single_end(p1, SINGLE_BOUNDARY);
+		PROC_UNLOCK(p1);
+	}
+	if (error != 0)
+		pause("fork", hz / 2);
 	return (error);
 }