Evolution-X-Devices/kernel_xiaomi_garnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bka
kernel_xiaomi_garnet/kernel/exit.c
Greg Kroah-Hartman 50582c0538 Merge 5.10.239 into android12-5.10-lts 
Changes in 5.10.239
	tracing: Fix compilation warning on arm32
	pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31
	pinctrl: armada-37xx: set GPIO output value before setting direction
	acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio()
	usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE
	usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device
	usb: usbtmc: Fix timeout value in get_stb
	thunderbolt: Do not double dequeue a configuration request
	netfilter: nft_socket: fix sk refcount leaks
	gfs2: gfs2_create_inode error handling fix
	perf/core: Fix broken throttling when max_samples_per_tick=1
	crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions
	x86/cpu: Sanitize CPUID(0x80000000) output
	crypto: marvell/cesa - Handle zero-length skcipher requests
	crypto: marvell/cesa - Avoid empty transfer descriptor
	crypto: lrw - Only add ecb if it is not already there
	crypto: xts - Only add ecb if it is not already there
	crypto: sun8i-ce - move fallback ahash_request to the end of the struct
	EDAC/skx_common: Fix general protection fault
	power: reset: at91-reset: Optimize at91_reset()
	PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks()
	x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges()
	ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
	spi: sh-msiof: Fix maximum DMA transfer size
	drm/vmwgfx: Add seqno waiter for sync_files
	media: rkvdec: Fix frame size enumeration
	m68k: mac: Fix macintosh_config for Mac II
	firmware: psci: Fix refcount leak in psci_dt_init
	selftests/seccomp: fix syscall_restart test for arm compat
	drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
	drm/vkms: Adjust vkms_state->active_planes allocation type
	drm/tegra: rgb: Fix the unbound reference count
	firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES
	wifi: ath11k: fix node corruption in ar->arvifs list
	f2fs: fix to do sanity check on sbi->total_valid_block_count
	net: ncsi: Fix GCPS 64-bit member variables
	wifi: rtw88: do not ignore hardware read error during DPK
	RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h
	f2fs: clean up w/ fscrypt_is_bounce_page()
	netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
	RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction
	clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
	ktls, sockmap: Fix missing uncharge operation
	libbpf: Use proper errno value in nlattr
	pinctrl: at91: Fix possible out-of-boundary access
	bpf: Fix WARN() in get_bpf_raw_tp_regs
	clk: qcom: gcc-msm8939: Fix mclk0 & mclk1 for 24 MHz
	s390/bpf: Store backchain even for leaf progs
	wifi: ath9k_htc: Abort software beacon handling if disabled
	netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
	vfio/type1: Fix error unwind in migration dirty bitmap allocation
	netfilter: nft_tunnel: fix geneve_opt dump
	net: usb: aqc111: fix error handling of usbnet read calls
	net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy
	calipso: Don't call calipso functions for AF_INET sk.
	net: openvswitch: Fix the dead loop of MPLS parse
	net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames
	f2fs: use d_inode(dentry) cleanup dentry->d_inode
	f2fs: fix to correct check conditions in f2fs_cross_rename
	ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select
	ARM: dts: at91: at91sam9263: fix NAND chip selects
	arm64: dts: imx8mm-beacon: Fix RTC capacitive load
	Squashfs: check return result of sb_min_blocksize
	nilfs2: add pointer check for nilfs_direct_propagate()
	nilfs2: do not propagate ENOENT error from nilfs_btree_propagate()
	bus: fsl-mc: fix double-free on mc_dev
	ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device
	arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou
	soc: aspeed: lpc: Fix impossible judgment condition
	soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
	fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
	perf build: Warn when libdebuginfod devel files are not available
	perf ui browser hists: Set actions->thread before calling do_zoom_thread()
	backlight: pm8941: Add NULL check in wled_configure()
	perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3
	rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send()
	mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove()
	mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
	perf tests switch-tracking: Fix timestamp comparison
	perf record: Fix incorrect --user-regs comments
	nfs: clear SB_RDONLY before getting superblock
	nfs: ignore SB_RDONLY when remounting nfs
	rtc: sh: assign correct interrupts with DT
	PCI: cadence: Fix runtime atomic count underflow
	dmaengine: ti: Add NULL check in udma_probe()
	PCI/DPC: Initialize aer_err_info before using it
	rtc: Fix offset calculation for .start_secs < 0
	usb: renesas_usbhs: Reorder clock handling and power management in probe
	serial: Fix potential null-ptr-deref in mlb_usio_probe()
	iio: adc: ad7124: Fix 3dB filter frequency reading
	MIPS: Loongson64: Add missing '#interrupt-cells' for loongson64c_ls7a
	vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
	net: stmmac: platform: guarantee uniqueness of bus_id
	gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt
	net: tipc: fix refcount warning in tipc_aead_encrypt
	driver: net: ethernet: mtk_star_emac: fix suspend/resume issue
	net/mlx4_en: Prevent potential integer overflow calculating Hz
	spi: bcm63xx-spi: fix shared reset
	spi: bcm63xx-hsspi: fix shared reset
	Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
	ice: create new Tx scheduler nodes for new queues only
	vmxnet3: correctly report gso type for UDP tunnels
	PM: sleep: Fix power.is_suspended cleanup for direct-complete devices
	do_change_type(): refuse to operate on unmounted/not ours mounts
	pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id()
	Input: synaptics-rmi4 - convert to use sysfs_emit() APIs
	Input: synaptics-rmi - fix crash with unsupported versions of F34
	arm64: dts: ti: k3-am65-main: Drop deprecated ti,otap-del-sel property
	arm64: dts: ti: k3-am65-main: Fix sdhci node properties
	arm64: dts: ti: k3-am65-main: Add missing taps to sdhci0
	serial: sh-sci: Check if TX data was written to device in .tx_empty()
	serial: sh-sci: Move runtime PM enable to sci_probe_single()
	serial: sh-sci: Clean sci_ports[0] after at earlycon exit
	ath10k: add atomic protection for device recovery
	ath10k: prevent deinitializing NAPI twice
	ath10k: snoc: fix unbalanced IRQ enable in crash recovery
	scsi: iscsi: Fix incorrect error path labels for flashnode operations
	net_sched: sch_sfq: fix a potential crash on gso_skb handling
	powerpc/vas: Move VAS API to book3s common platform
	powerpc/vas: Return -EINVAL if the offset is non-zero in mmap()
	i40e: return false from i40e_reset_vf if reset is in progress
	i40e: retry VFLR handling if there is ongoing VF reset
	tcp: factorize logic into tcp_epollin_ready()
	bpf: Clean up sockmap related Kconfigs
	net: Rename ->stream_memory_read to ->sock_is_readable
	net: Fix TOCTOU issue in sk_is_readable()
	macsec: MACsec SCI assignment for ES = 0
	net: mdio: C22 is now optional, EOPNOTSUPP if not provided
	net/mdiobus: Fix potential out-of-bounds read/write access
	net/mlx5: Ensure fw pages are always allocated on same NUMA
	net/mlx5: Fix return value when searching for existing flow group
	net_sched: prio: fix a race in prio_tune()
	net_sched: red: fix a race in __red_change()
	net_sched: tbf: fix a race in tbf_change()
	sch_ets: make est_qlen_notify() idempotent
	net_sched: ets: fix a race in ets_qdisc_change()
	fs/filesystems: Fix potential unsigned integer underflow in fs_name()
	posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
	x86/boot/compressed: prefer cc-option for CFLAGS additions
	MIPS: Move '-Wa,-msoft-float' check from as-option to cc-option
	MIPS: Prefer cc-option for additions to cflags
	kbuild: Update assembler calls to use proper flags and language target
	drm/amd/display: Do not add '-mhard-float' to dml_ccflags for clang
	mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation
	kbuild: Add CLANG_FLAGS to as-instr
	kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS
	kbuild: Add KBUILD_CPPFLAGS to as-option invocation
	drm/amd/display: Do not add '-mhard-float' to dcn2{1,0}_resource.o for clang
	usb: Flush altsetting 0 endpoints before reinitializating them after reset.
	xen/arm: call uaccess_ttbr0_enable for dm_op hypercall
	x86/iopl: Cure TIF_IO_BITMAP inconsistencies
	calipso: unlock rcu before returning -EAFNOSUPPORT
	net: usb: aqc111: debug info before sanitation
	kbuild: userprogs: fix bitsize and target detection on clang
	kbuild: hdrcheck: fix cross build with clang
	tcp: tcp_data_ready() must look at SOCK_DONE
	configfs: Do not override creating attribute file failure in populate_attrs()
	crypto: marvell/cesa - Do not chain submitted requests
	gfs2: move msleep to sleepable context
	ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
	ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
	net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
	net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
	wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
	nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
	nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
	jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
	wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
	media: ov8856: suppress probe deferral errors
	media: cxusb: no longer judge rbuf when the write fails
	media: gspca: Add error handling for stv06xx_read_sensor()
	media: v4l2-dev: fix error handling in __video_register_device()
	media: venus: Fix probe error handling
	media: videobuf2: use sgtable-based scatterlist wrappers
	media: vidtv: Terminating the subsequent process of initialization failure
	media: vivid: Change the siize of the composing
	ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
	ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
	bus: mhi: host: Fix conflict between power_up and SYSERR
	ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
	bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
	ext4: inline: fix len overflow in ext4_prepare_inline_data
	ext4: fix calculation of credits for extent tree modification
	ext4: factor out ext4_get_maxbytes()
	ext4: ensure i_size is smaller than maxbytes
	Input: ims-pcu - check record size in ims_pcu_flash_firmware()
	f2fs: prevent kernel warning due to negative i_nlink from corrupted image
	f2fs: fix to do sanity check on sit_bitmap_size
	NFC: nci: uart: Set tty->disc_data only in success path
	EDAC/altera: Use correct write width with the INTTEST register
	fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
	vgacon: Add check for vc_origin address range in vgacon_scroll()
	parisc: fix building with gcc-15
	clk: meson-g12a: add missing fclk_div2 to spicc
	ipc: fix to protect IPCS lookups using RCU
	mm: fix ratelimit_pages update error in dirty_ratio_handler()
	mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
	mtd: nand: sunxi: Add randomizer configuration before randomizer enable
	dm-mirror: fix a tiny race condition
	ftrace: Fix UAF when lookup kallsym after ftrace disabled
	net: ch9200: fix uninitialised access during mii_nway_restart
	staging: iio: ad5933: Correct settling cycles encoding per datasheet
	mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
	regulator: max14577: Add error check for max14577_read_reg()
	uio_hv_generic: Use correct size for interrupt and monitor pages
	PCI: Add ACS quirk for Loongson PCIe
	PCI: Fix lock symmetry in pci_slot_unlock()
	iio: imu: inv_icm42600: Fix temperature calculation
	iio: adc: ad7606_spi: fix reg write value mask
	ACPICA: fix acpi operand cache leak in dswstate.c
	clocksource: Fix the CPUs' choice in the watchdog per CPU verification
	ACPICA: Avoid sequence overread in call to strncmp()
	ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
	ACPICA: fix acpi parse and parseext cache leaks
	power: supply: bq27xxx: Retrieve again when busy
	ACPICA: utilities: Fix overflow check in vsnprintf()
	ASoC: tegra210_ahub: Add check to of_device_get_match_data()
	PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
	ACPI: battery: negate current when discharging
	drm/amdgpu/gfx6: fix CSIB handling
	sunrpc: update nextcheck time when adding new cache entries
	drm/bridge: analogix_dp: Add irq flag IRQF_NO_AUTOEN instead of calling disable_irq()
	exfat: fix double free in delayed_free
	drm/msm/hdmi: add runtime PM calls to DDC transfer function
	media: uapi: v4l: Fix V4L2_TYPE_IS_OUTPUT condition
	drm/amd/display: Add NULL pointer checks in dm_force_atomic_commit()
	drm/msm/a6xx: Increase HFI response timeout
	drm/amdgpu/gfx10: fix CSIB handling
	media: uapi: v4l: Change V4L2_TYPE_IS_CAPTURE condition
	drm/amdgpu/gfx7: fix CSIB handling
	ext4: ext4: unify EXT4_EX_NOCACHE|NOFAIL flags in ext4_ext_remove_space()
	jfs: fix array-index-out-of-bounds read in add_missing_indices
	media: rkvdec: Initialize the m2m context before the controls
	sunrpc: fix race in cache cleanup causing stale nextcheck time
	ext4: prevent stale extent cache entries caused by concurrent get es_cache
	drm/amdgpu/gfx8: fix CSIB handling
	drm/amdgpu/gfx9: fix CSIB handling
	jfs: Fix null-ptr-deref in jfs_ioc_trim
	drm/msm/dpu: don't select single flush for active CTL blocks
	drm/amdkfd: Set SDMA_RLCx_IB_CNTL/SWITCH_INSIDE_IB
	media: tc358743: ignore video while HPD is low
	media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
	nios2: force update_mmu_cache on spurious tlb-permission--related pagefaults
	thermal/drivers/qcom/tsens: Update conditions to strictly evaluate for IP v2+
	cpufreq: Force sync policy boost with global boost on sysfs update
	net: macb: Check return value of dma_set_mask_and_coherent()
	tipc: use kfree_sensitive() for aead cleanup
	i2c: designware: Invoke runtime suspend on quick slave re-registration
	emulex/benet: correct command version selection in be_cmd_get_stats()
	wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
	sctp: Do not wake readers in __sctp_write_space()
	i2c: npcm: Add clock toggle recovery
	net: dlink: add synchronization for stats update
	tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
	tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
	ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
	net: atlantic: generate software timestamp just before the doorbell
	pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
	pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
	pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
	pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
	net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
	wifi: mac80211: do not offer a mesh path if forwarding is disabled
	clk: rockchip: rk3036: mark ddrphy as critical
	scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
	iommu/amd: Ensure GA log notifier callbacks finish running before module unload
	vxlan: Do not treat dst cache initialization errors as fatal
	software node: Correct a OOB check in software_node_get_reference_args()
	scsi: lpfc: Use memcpy() for BIOS version
	sock: Correct error checking condition for (assign|release)_proto_idx()
	i40e: fix MMIO write access to an invalid page in i40e_clear_hw
	watchdog: da9052_wdt: respect TWDMIN
	bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
	ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
	tee: Prevent size calculation wraparound on 32-bit kernels
	Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
	platform: Add Surface platform directory
	platform/x86: dell_rbu: Fix list usage
	platform/x86: dell_rbu: Stop overwriting data buffer
	powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
	Revert "x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2" on v6.6 and older
	drivers/rapidio/rio_cm.c: prevent possible heap overwrite
	jffs2: check that raw node were preallocated before writing summary
	jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
	scsi: storvsc: Increase the timeouts to storvsc_timeout
	scsi: s390: zfcp: Ensure synchronous unit_add
	udmabuf: use sgtable-based scatterlist wrappers
	selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
	atm: Revert atm_account_tx() if copy_from_iter_full() fails.
	HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()
	Input: sparcspkr - avoid unannotated fall-through
	ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
	ALSA: hda/intel: Add Thinkpad E15 to PM deny list
	ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
	hugetlb: unshare some PMDs when splitting VMAs
	mm/hugetlb: unshare page tables during VMA split, not before
	mm: hugetlb: independent PMD page table shared count
	mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
	erofs: remove unused trace event erofs_destroy_inode
	drm/nouveau/bl: increase buffer size to avoid truncate warning
	hwmon: (occ) Add new temperature sensor type
	hwmon: (occ) Add soft minimum power cap attribute
	hwmon: (occ) Rework attribute registration for stack usage
	hwmon: (occ) fix unaligned accesses
	pldmfw: Select CRC32 when PLDMFW is selected
	aoe: clean device rq_list in aoedev_downdev()
	net: ice: Perform accurate aRFS flow match
	wifi: carl9170: do not ping device which has failed to load firmware
	mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
	atm: atmtcp: Free invalid length skb in atmtcp_c_send().
	tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
	tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
	calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
	net: atm: add lec_mutex
	net: atm: fix /proc/net/atm/lec handling
	ARM: dts: am335x-bone-common: Add GPIO PHY reset on revision C3 board
	ARM: dts: am335x-bone-common: Increase MDIO reset deassert time
	ARM: dts: am335x-bone-common: Increase MDIO reset deassert delay to 50ms
	serial: sh-sci: Increment the runtime usage counter for the earlycon device
	arm64: insn: Add barrier encodings
	arm64: move AARCH64_BREAK_FAULT into insn-def.h
	arm64: insn: add encoders for atomic operations
	arm64: insn: Add support for encoding DSB
	arm64: proton-pack: Expose whether the platform is mitigated by firmware
	arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre BHB
	arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe list
	arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() lists
	arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays
	arm64: proton-pack: Expose whether the branchy loop k value
	arm64: spectre: increase parameters that can be used to turn off bhb mitigation individually
	arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
	arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users
	arm64: proton-pack: Add new CPUs 'k' values for branch mitigation
	net/ipv4: fix type mismatch in inet_ehash_locks_alloc() causing build failure
	net: Fix checksum update for ILA adj-transport
	bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
	rtc: Improve performance of rtc_time64_to_tm(). Add tests.
	rtc: Make rtc_time64_to_tm() support dates before 1970
	net_sched: sch_sfq: annotate data-races around q->perturb_period
	net_sched: sch_sfq: handle bigger packets
	net_sched: sch_sfq: don't allow 1 packet limit
	net_sched: sch_sfq: use a temporary work area for validating configuration
	net_sched: sch_sfq: move the limit validation
	mm/huge_memory: fix dereferencing invalid pmd migration entry
	hwmon: (occ) Fix P10 VRM temp sensors
	rtc: test: Fix invalid format specifier.
	s390/pci: Fix __pcilg_mio_inuser() inline assembly
	perf: Fix sample vs do_exit()
	arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
	bpf: fix precision backtracking instruction iteration
	scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops
	Linux 5.10.239

Change-Id: If83691fc44267d4d5e1bc04eb0d2ef52becfe05c
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-07-13 12:44:54 +00:00

1836 lines
45 KiB
C
Raw Permalink Blame History

// SPDX-License-Identifier: GPL-2.0-only
/*
* linux/kernel/exit.c
*
* Copyright (C) 1991, 1992 Linus Torvalds
*/
#include <linux/mm.h>
#include <linux/slab.h>
#include <linux/sched/autogroup.h>
#include <linux/sched/mm.h>
#include <linux/sched/stat.h>
#include <linux/sched/task.h>
#include <linux/sched/task_stack.h>
#include <linux/sched/cputime.h>
#include <linux/interrupt.h>
#include <linux/module.h>
#include <linux/capability.h>
#include <linux/completion.h>
#include <linux/personality.h>
#include <linux/tty.h>
#include <linux/iocontext.h>
#include <linux/key.h>
#include <linux/cpu.h>
#include <linux/acct.h>
#include <linux/tsacct_kern.h>
#include <linux/file.h>
#include <linux/fdtable.h>
#include <linux/freezer.h>
#include <linux/binfmts.h>
#include <linux/nsproxy.h>
#include <linux/pid_namespace.h>
#include <linux/ptrace.h>
#include <linux/profile.h>
#include <linux/mount.h>
#include <linux/proc_fs.h>
#include <linux/kthread.h>
#include <linux/mempolicy.h>
#include <linux/taskstats_kern.h>
#include <linux/delayacct.h>
#include <linux/cgroup.h>
#include <linux/syscalls.h>
#include <linux/signal.h>
#include <linux/posix-timers.h>
#include <linux/cn_proc.h>
#include <linux/mutex.h>
#include <linux/futex.h>
#include <linux/pipe_fs_i.h>
#include <linux/audit.h> /* for audit_free() */
#include <linux/resource.h>
#include <linux/blkdev.h>
#include <linux/task_io_accounting_ops.h>
#include <linux/tracehook.h>
#include <linux/fs_struct.h>
#include <linux/init_task.h>
#include <linux/perf_event.h>
#include <trace/events/sched.h>
#include <linux/hw_breakpoint.h>
#include <linux/oom.h>
#include <linux/writeback.h>
#include <linux/shm.h>
#include <linux/kcov.h>
#include <linux/random.h>
#include <linux/rcuwait.h>
#include <linux/compat.h>
#include <linux/io_uring.h>
#include <linux/sysfs.h>
#include <linux/uaccess.h>
#include <asm/unistd.h>
#include <asm/mmu_context.h>
#include <trace/hooks/mm.h>
#include <trace/hooks/dtask.h>
/*
* The default value should be high enough to not crash a system that randomly
* crashes its kernel from time to time, but low enough to at least not permit
* overflowing 32-bit refcounts or the ldsem writer count.
*/
static unsigned int oops_limit = 10000;
#ifdef CONFIG_SYSCTL
static struct ctl_table kern_exit_table[] = {
{
.procname = "oops_limit",
.data = &oops_limit,
.maxlen = sizeof(oops_limit),
.mode = 0644,
.proc_handler = proc_douintvec,
},
{ }
};
static __init int kernel_exit_sysctls_init(void)
{
register_sysctl_init("kernel", kern_exit_table);
return 0;
}
late_initcall(kernel_exit_sysctls_init);
#endif
static atomic_t oops_count = ATOMIC_INIT(0);
#ifdef CONFIG_SYSFS
static ssize_t oops_count_show(struct kobject *kobj, struct kobj_attribute *attr,
char *page)
{
return sysfs_emit(page, "%d\n", atomic_read(&oops_count));
}
static struct kobj_attribute oops_count_attr = __ATTR_RO(oops_count);
static __init int kernel_exit_sysfs_init(void)
{
sysfs_add_file_to_group(kernel_kobj, &oops_count_attr.attr, NULL);
return 0;
}
late_initcall(kernel_exit_sysfs_init);
#endif
static void __unhash_process(struct task_struct *p, bool group_dead)
{
nr_threads--;
detach_pid(p, PIDTYPE_PID);
if (group_dead) {
detach_pid(p, PIDTYPE_TGID);
detach_pid(p, PIDTYPE_PGID);
detach_pid(p, PIDTYPE_SID);
list_del_rcu(&p->tasks);
list_del_init(&p->sibling);
__this_cpu_dec(process_counts);
}
list_del_rcu(&p->thread_group);
list_del_rcu(&p->thread_node);
}
/*
* This function expects the tasklist_lock write-locked.
*/
static void __exit_signal(struct task_struct *tsk)
{
struct signal_struct *sig = tsk->signal;
bool group_dead = thread_group_leader(tsk);
struct sighand_struct *sighand;
struct tty_struct *tty;
u64 utime, stime;
sighand = rcu_dereference_check(tsk->sighand,
lockdep_tasklist_lock_is_held());
spin_lock(&sighand->siglock);
#ifdef CONFIG_POSIX_TIMERS
posix_cpu_timers_exit(tsk);
if (group_dead)
posix_cpu_timers_exit_group(tsk);
#endif
if (group_dead) {
tty = sig->tty;
sig->tty = NULL;
} else {
/*
* If there is any task waiting for the group exit
* then notify it:
*/
if (sig->notify_count > 0 && !--sig->notify_count)
wake_up_process(sig->group_exit_task);
if (tsk == sig->curr_target)
sig->curr_target = next_thread(tsk);
}
add_device_randomness((const void*) &tsk->se.sum_exec_runtime,
sizeof(unsigned long long));
/*
* Accumulate here the counters for all threads as they die. We could
* skip the group leader because it is the last user of signal_struct,
* but we want to avoid the race with thread_group_cputime() which can
* see the empty ->thread_head list.
*/
task_cputime(tsk, &utime, &stime);
write_seqlock(&sig->stats_lock);
sig->utime += utime;
sig->stime += stime;
sig->gtime += task_gtime(tsk);
sig->min_flt += tsk->min_flt;
sig->maj_flt += tsk->maj_flt;
sig->nvcsw += tsk->nvcsw;
sig->nivcsw += tsk->nivcsw;
sig->inblock += task_io_get_inblock(tsk);
sig->oublock += task_io_get_oublock(tsk);
task_io_accounting_add(&sig->ioac, &tsk->ioac);
sig->sum_sched_runtime += tsk->se.sum_exec_runtime;
sig->nr_threads--;
__unhash_process(tsk, group_dead);
write_sequnlock(&sig->stats_lock);
/*
* Do this under ->siglock, we can race with another thread
* doing sigqueue_free() if we have SIGQUEUE_PREALLOC signals.
*/
flush_sigqueue(&tsk->pending);
tsk->sighand = NULL;
spin_unlock(&sighand->siglock);
__cleanup_sighand(sighand);
clear_tsk_thread_flag(tsk, TIF_SIGPENDING);
if (group_dead) {
flush_sigqueue(&sig->shared_pending);
tty_kref_put(tty);
}
}
static void delayed_put_task_struct(struct rcu_head *rhp)
{
struct task_struct *tsk = container_of(rhp, struct task_struct, rcu);
perf_event_delayed_put(tsk);
trace_sched_process_free(tsk);
put_task_struct(tsk);
}
void put_task_struct_rcu_user(struct task_struct *task)
{
if (refcount_dec_and_test(&task->rcu_users))
call_rcu(&task->rcu, delayed_put_task_struct);
}
void release_task(struct task_struct *p)
{
struct task_struct *leader;
struct pid *thread_pid;
int zap_leader;
repeat:
/* don't need to get the RCU readlock here - the process is dead and
* can't be modifying its own credentials. But shut RCU-lockdep up */
rcu_read_lock();
atomic_dec(&__task_cred(p)->user->processes);
rcu_read_unlock();
cgroup_release(p);
write_lock_irq(&tasklist_lock);
ptrace_release_task(p);
thread_pid = get_pid(p->thread_pid);
__exit_signal(p);
/*
* If we are the last non-leader member of the thread
* group, and the leader is zombie, then notify the
* group leader's parent process. (if it wants notification.)
*/
zap_leader = 0;
leader = p->group_leader;
if (leader != p && thread_group_empty(leader)
&& leader->exit_state == EXIT_ZOMBIE) {
/*
* If we were the last child thread and the leader has
* exited already, and the leader's parent ignores SIGCHLD,
* then we are the one who should release the leader.
*/
zap_leader = do_notify_parent(leader, leader->exit_signal);
if (zap_leader)
leader->exit_state = EXIT_DEAD;
}
write_unlock_irq(&tasklist_lock);
seccomp_filter_release(p);
proc_flush_pid(thread_pid);
put_pid(thread_pid);
release_thread(p);
put_task_struct_rcu_user(p);
p = leader;
if (unlikely(zap_leader))
goto repeat;
}
int rcuwait_wake_up(struct rcuwait *w)
{
int ret = 0;
struct task_struct *task;
rcu_read_lock();
/*
* Order condition vs @task, such that everything prior to the load
* of @task is visible. This is the condition as to why the user called
* rcuwait_wake() in the first place. Pairs with set_current_state()
* barrier (A) in rcuwait_wait_event().
*
* WAIT WAKE
* [S] tsk = current [S] cond = true
* MB (A) MB (B)
* [L] cond [L] tsk
*/
smp_mb(); /* (B) */
task = rcu_dereference(w->task);
if (task)
ret = wake_up_process(task);
rcu_read_unlock();
return ret;
}
EXPORT_SYMBOL_GPL(rcuwait_wake_up);
/*
* Determine if a process group is "orphaned", according to the POSIX
* definition in 2.2.2.52. Orphaned process groups are not to be affected
* by terminal-generated stop signals. Newly orphaned process groups are
* to receive a SIGHUP and a SIGCONT.
*
* "I ask you, have you ever known what it is to be an orphan?"
*/
static int will_become_orphaned_pgrp(struct pid *pgrp,
struct task_struct *ignored_task)
{
struct task_struct *p;
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
if ((p == ignored_task) ||
(p->exit_state && thread_group_empty(p)) ||
is_global_init(p->real_parent))
continue;
if (task_pgrp(p->real_parent) != pgrp &&
task_session(p->real_parent) == task_session(p))
return 0;
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
return 1;
}
int is_current_pgrp_orphaned(void)
{
int retval;
read_lock(&tasklist_lock);
retval = will_become_orphaned_pgrp(task_pgrp(current), NULL);
read_unlock(&tasklist_lock);
return retval;
}
static bool has_stopped_jobs(struct pid *pgrp)
{
struct task_struct *p;
do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
if (p->signal->flags & SIGNAL_STOP_STOPPED)
return true;
} while_each_pid_task(pgrp, PIDTYPE_PGID, p);
return false;
}
/*
* Check to see if any process groups have become orphaned as
* a result of our exiting, and if they have any stopped jobs,
* send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
*/
static void
kill_orphaned_pgrp(struct task_struct *tsk, struct task_struct *parent)
{
struct pid *pgrp = task_pgrp(tsk);
struct task_struct *ignored_task = tsk;
if (!parent)
/* exit: our father is in a different pgrp than
* we are and we were the only connection outside.
*/
parent = tsk->real_parent;
else
/* reparent: our child is in a different pgrp than
* we are, and it was the only connection outside.
*/
ignored_task = NULL;
if (task_pgrp(parent) != pgrp &&
task_session(parent) == task_session(tsk) &&
will_become_orphaned_pgrp(pgrp, ignored_task) &&
has_stopped_jobs(pgrp)) {
__kill_pgrp_info(SIGHUP, SEND_SIG_PRIV, pgrp);
__kill_pgrp_info(SIGCONT, SEND_SIG_PRIV, pgrp);
}
}
#ifdef CONFIG_MEMCG
/*
* A task is exiting. If it owned this mm, find a new owner for the mm.
*/
void mm_update_next_owner(struct mm_struct *mm)
{
struct task_struct *c, *g, *p = current;
retry:
/*
* If the exiting or execing task is not the owner, it's
* someone else's problem.
*/
if (mm->owner != p)
return;
/*
* The current owner is exiting/execing and there are no other
* candidates. Do not leave the mm pointing to a possibly
* freed task structure.
*/
if (atomic_read(&mm->mm_users) <= 1) {
WRITE_ONCE(mm->owner, NULL);
return;
}
read_lock(&tasklist_lock);
/*
* Search in the children
*/
list_for_each_entry(c, &p->children, sibling) {
if (c->mm == mm)
goto assign_new_owner;
}
/*
* Search in the siblings
*/
list_for_each_entry(c, &p->real_parent->children, sibling) {
if (c->mm == mm)
goto assign_new_owner;
}
/*
* Search through everything else, we should not get here often.
*/
for_each_process(g) {
if (atomic_read(&mm->mm_users) <= 1)
break;
if (g->flags & PF_KTHREAD)
continue;
for_each_thread(g, c) {
if (c->mm == mm)
goto assign_new_owner;
if (c->mm)
break;
}
}
read_unlock(&tasklist_lock);
/*
* We found no owner yet mm_users > 1: this implies that we are
* most likely racing with swapoff (try_to_unuse()) or /proc or
* ptrace or page migration (get_task_mm()). Mark owner as NULL.
*/
WRITE_ONCE(mm->owner, NULL);
return;
assign_new_owner:
BUG_ON(c == p);
get_task_struct(c);
/*
* The task_lock protects c->mm from changing.
* We always want mm->owner->mm == mm
*/
task_lock(c);
/*
* Delay read_unlock() till we have the task_lock()
* to ensure that c does not slip away underneath us
*/
read_unlock(&tasklist_lock);
if (c->mm != mm) {
task_unlock(c);
put_task_struct(c);
goto retry;
}
WRITE_ONCE(mm->owner, c);
task_unlock(c);
put_task_struct(c);
}
#endif /* CONFIG_MEMCG */
/*
* Turn us into a lazy TLB process if we
* aren't already..
*/
static void exit_mm(void)
{
struct mm_struct *mm = current->mm;
struct core_state *core_state;
exit_mm_release(current, mm);
if (!mm)
return;
sync_mm_rss(mm);
/*
* Serialize with any possible pending coredump.
* We must hold mmap_lock around checking core_state
* and clearing tsk->mm. The core-inducing thread
* will increment ->nr_threads for each thread in the
* group with ->mm != NULL.
*/
mmap_read_lock(mm);
core_state = mm->core_state;
if (core_state) {
struct core_thread self;
mmap_read_unlock(mm);
self.task = current;
if (self.task->flags & PF_SIGNALED)
self.next = xchg(&core_state->dumper.next, &self);
else
self.task = NULL;
/*
* Implies mb(), the result of xchg() must be visible
* to core_state->dumper.
*/
if (atomic_dec_and_test(&core_state->nr_threads))
complete(&core_state->startup);
for (;;) {
set_current_state(TASK_UNINTERRUPTIBLE);
if (!self.task) /* see coredump_finish() */
break;
freezable_schedule();
}
__set_current_state(TASK_RUNNING);
mmap_read_lock(mm);
}
mmgrab(mm);
BUG_ON(mm != current->active_mm);
/* more a memory barrier than a real lock */
task_lock(current);
current->mm = NULL;
mmap_read_unlock(mm);
enter_lazy_tlb(mm, current);
task_unlock(current);
mm_update_next_owner(mm);
trace_android_vh_exit_mm(mm);
mmput(mm);
if (test_thread_flag(TIF_MEMDIE))
exit_oom_victim();
}
static struct task_struct *find_alive_thread(struct task_struct *p)
{
struct task_struct *t;
for_each_thread(p, t) {
if (!(t->flags & PF_EXITING))
return t;
}
return NULL;
}
static struct task_struct *find_child_reaper(struct task_struct *father,
struct list_head *dead)
__releases(&tasklist_lock)
__acquires(&tasklist_lock)
{
struct pid_namespace *pid_ns = task_active_pid_ns(father);
struct task_struct *reaper = pid_ns->child_reaper;
struct task_struct *p, *n;
if (likely(reaper != father))
return reaper;
reaper = find_alive_thread(father);
if (reaper) {
pid_ns->child_reaper = reaper;
return reaper;
}
write_unlock_irq(&tasklist_lock);
list_for_each_entry_safe(p, n, dead, ptrace_entry) {
list_del_init(&p->ptrace_entry);
release_task(p);
}
zap_pid_ns_processes(pid_ns);
write_lock_irq(&tasklist_lock);
return father;
}
/*
* When we die, we re-parent all our children, and try to:
* 1. give them to another thread in our thread group, if such a member exists
* 2. give it to the first ancestor process which prctl'd itself as a
* child_subreaper for its children (like a service manager)
* 3. give it to the init process (PID 1) in our pid namespace
*/
static struct task_struct *find_new_reaper(struct task_struct *father,
struct task_struct *child_reaper)
{
struct task_struct *thread, *reaper;
thread = find_alive_thread(father);
if (thread)
return thread;
if (father->signal->has_child_subreaper) {
unsigned int ns_level = task_pid(father)->level;
/*
* Find the first ->is_child_subreaper ancestor in our pid_ns.
* We can't check reaper != child_reaper to ensure we do not
* cross the namespaces, the exiting parent could be injected
* by setns() + fork().
* We check pid->level, this is slightly more efficient than
* task_active_pid_ns(reaper) != task_active_pid_ns(father).
*/
for (reaper = father->real_parent;
task_pid(reaper)->level == ns_level;
reaper = reaper->real_parent) {
if (reaper == &init_task)
break;
if (!reaper->signal->is_child_subreaper)
continue;
thread = find_alive_thread(reaper);
if (thread)
return thread;
}
}
return child_reaper;
}
/*
* Any that need to be release_task'd are put on the @dead list.
*/
static void reparent_leader(struct task_struct *father, struct task_struct *p,
struct list_head *dead)
{
if (unlikely(p->exit_state == EXIT_DEAD))
return;
/* We don't want people slaying init. */
p->exit_signal = SIGCHLD;
/* If it has exited notify the new parent about this child's death. */
if (!p->ptrace &&
p->exit_state == EXIT_ZOMBIE && thread_group_empty(p)) {
if (do_notify_parent(p, p->exit_signal)) {
p->exit_state = EXIT_DEAD;
list_add(&p->ptrace_entry, dead);
}
}
kill_orphaned_pgrp(p, father);
}
/*
* This does two things:
*
* A. Make init inherit all the child processes
* B. Check to see if any process groups have become orphaned
* as a result of our exiting, and if they have any stopped
* jobs, send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
*/
static void forget_original_parent(struct task_struct *father,
struct list_head *dead)
{
struct task_struct *p, *t, *reaper;
if (unlikely(!list_empty(&father->ptraced)))
exit_ptrace(father, dead);
/* Can drop and reacquire tasklist_lock */
reaper = find_child_reaper(father, dead);
if (list_empty(&father->children))
return;
reaper = find_new_reaper(father, reaper);
list_for_each_entry(p, &father->children, sibling) {
for_each_thread(p, t) {
RCU_INIT_POINTER(t->real_parent, reaper);
BUG_ON((!t->ptrace) != (rcu_access_pointer(t->parent) == father));
if (likely(!t->ptrace))
t->parent = t->real_parent;
if (t->pdeath_signal)
group_send_sig_info(t->pdeath_signal,
SEND_SIG_NOINFO, t,
PIDTYPE_TGID);
}
/*
* If this is a threaded reparent there is no need to
* notify anyone anything has happened.
*/
if (!same_thread_group(reaper, father))
reparent_leader(father, p, dead);
}
list_splice_tail_init(&father->children, &reaper->children);
}
/*
* Send signals to all our closest relatives so that they know
* to properly mourn us..
*/
static void exit_notify(struct task_struct *tsk, int group_dead)
{
bool autoreap;
struct task_struct *p, *n;
LIST_HEAD(dead);
write_lock_irq(&tasklist_lock);
forget_original_parent(tsk, &dead);
if (group_dead)
kill_orphaned_pgrp(tsk->group_leader, NULL);
tsk->exit_state = EXIT_ZOMBIE;
if (unlikely(tsk->ptrace)) {
int sig = thread_group_leader(tsk) &&
thread_group_empty(tsk) &&
!ptrace_reparented(tsk) ?
tsk->exit_signal : SIGCHLD;
autoreap = do_notify_parent(tsk, sig);
} else if (thread_group_leader(tsk)) {
autoreap = thread_group_empty(tsk) &&
do_notify_parent(tsk, tsk->exit_signal);
} else {
autoreap = true;
}
if (autoreap) {
tsk->exit_state = EXIT_DEAD;
list_add(&tsk->ptrace_entry, &dead);
}
/* mt-exec, de_thread() is waiting for group leader */
if (unlikely(tsk->signal->notify_count < 0))
wake_up_process(tsk->signal->group_exit_task);
write_unlock_irq(&tasklist_lock);
list_for_each_entry_safe(p, n, &dead, ptrace_entry) {
list_del_init(&p->ptrace_entry);
release_task(p);
}
}
#ifdef CONFIG_DEBUG_STACK_USAGE
static void check_stack_usage(void)
{
static DEFINE_SPINLOCK(low_water_lock);
static int lowest_to_date = THREAD_SIZE;
unsigned long free;
free = stack_not_used(current);
if (free >= lowest_to_date)
return;
spin_lock(&low_water_lock);
if (free < lowest_to_date) {
pr_info("%s (%d) used greatest stack depth: %lu bytes left\n",
current->comm, task_pid_nr(current), free);
lowest_to_date = free;
}
spin_unlock(&low_water_lock);
}
#else
static inline void check_stack_usage(void) {}
#endif
void __noreturn do_exit(long code)
{
struct task_struct *tsk = current;
int group_dead;
/*
* We can get here from a kernel oops, sometimes with preemption off.
* Start by checking for critical errors.
* Then fix up important state like USER_DS and preemption.
* Then do everything else.
*/
WARN_ON(blk_needs_flush_plug(tsk));
if (unlikely(in_interrupt()))
panic("Aiee, killing interrupt handler!");
if (unlikely(!tsk->pid))
panic("Attempted to kill the idle task!");
/*
* If do_exit is called because this processes oopsed, it's possible
* that get_fs() was left as KERNEL_DS, so reset it to USER_DS before
* continuing. Amongst other possible reasons, this is to prevent
* mm_release()->clear_child_tid() from writing to a user-controlled
* kernel address.
*/
force_uaccess_begin();
if (unlikely(in_atomic())) {
pr_info("note: %s[%d] exited with preempt_count %d\n",
current->comm, task_pid_nr(current),
preempt_count());
preempt_count_set(PREEMPT_ENABLED);
}
profile_task_exit(tsk);
kcov_task_exit(tsk);
ptrace_event(PTRACE_EVENT_EXIT, code);
validate_creds_for_do_exit(tsk);
/*
* We're taking recursive faults here in do_exit. Safest is to just
* leave this task alone and wait for reboot.
*/
if (unlikely(tsk->flags & PF_EXITING)) {
pr_alert("Fixing recursive fault but reboot is needed!\n");
futex_exit_recursive(tsk);
set_current_state(TASK_UNINTERRUPTIBLE);
schedule();
}
io_uring_files_cancel();
exit_signals(tsk); /* sets PF_EXITING */
/* sync mm's RSS info before statistics gathering */
if (tsk->mm)
sync_mm_rss(tsk->mm);
acct_update_integrals(tsk);
group_dead = atomic_dec_and_test(&tsk->signal->live);
trace_android_vh_exit_check(current, code, group_dead);
if (group_dead) {
/*
* If the last thread of global init has exited, panic
* immediately to get a useable coredump.
*/
if (unlikely(is_global_init(tsk)))
panic("Attempted to kill init! exitcode=0x%08x\n",
tsk->signal->group_exit_code ?: (int)code);
#ifdef CONFIG_POSIX_TIMERS
hrtimer_cancel(&tsk->signal->real_timer);
exit_itimers(tsk);
#endif
if (tsk->mm)
setmax_mm_hiwater_rss(&tsk->signal->maxrss, tsk->mm);
}
acct_collect(code, group_dead);
if (group_dead)
tty_audit_exit();
audit_free(tsk);
tsk->exit_code = code;
taskstats_exit(tsk, group_dead);
/*
* Since sampling can touch ->mm, make sure to stop everything before we
* tear it down.
*
* Also flushes inherited counters to the parent - before the parent
* gets woken up by child-exit notifications.
*/
perf_event_exit_task(tsk);
exit_mm();
if (group_dead)
acct_process();
trace_sched_process_exit(tsk);
exit_sem(tsk);
exit_shm(tsk);
exit_files(tsk);
exit_fs(tsk);
if (group_dead)
disassociate_ctty(1);
exit_task_namespaces(tsk);
exit_task_work(tsk);
exit_thread(tsk);
sched_autogroup_exit_task(tsk);
cgroup_exit(tsk);
/*
* FIXME: do that only when needed, using sched_exit tracepoint
*/
flush_ptrace_hw_breakpoint(tsk);
exit_tasks_rcu_start();
exit_notify(tsk, group_dead);
proc_exit_connector(tsk);
mpol_put_task_policy(tsk);
#ifdef CONFIG_FUTEX
if (unlikely(current->pi_state_cache))
kfree(current->pi_state_cache);
#endif
/*
* Make sure we are holding no locks:
*/
debug_check_no_locks_held();
if (tsk->io_context)
exit_io_context(tsk);
if (tsk->splice_pipe)
free_pipe_info(tsk->splice_pipe);
if (tsk->task_frag.page)
put_page(tsk->task_frag.page);
validate_creds_for_do_exit(tsk);
check_stack_usage();
preempt_disable();
if (tsk->nr_dirtied)
__this_cpu_add(dirty_throttle_leaks, tsk->nr_dirtied);
exit_rcu();
exit_tasks_rcu_finish();
lockdep_free_task(tsk);
do_task_dead();
}
EXPORT_SYMBOL_GPL(do_exit);
void __noreturn make_task_dead(int signr)
{
/*
* Take the task off the cpu after something catastrophic has
* happened.
*/
unsigned int limit;
/*
* Every time the system oopses, if the oops happens while a reference
* to an object was held, the reference leaks.
* If the oops doesn't also leak memory, repeated oopsing can cause
* reference counters to wrap around (if they're not using refcount_t).
* This means that repeated oopsing can make unexploitable-looking bugs
* exploitable through repeated oopsing.
* To make sure this can't happen, place an upper bound on how often the
* kernel may oops without panic().
*/
limit = READ_ONCE(oops_limit);
if (atomic_inc_return(&oops_count) >= limit && limit)
panic("Oopsed too often (kernel.oops_limit is %d)", limit);
do_exit(signr);
}
void complete_and_exit(struct completion *comp, long code)
{
if (comp)
complete(comp);
do_exit(code);
}
EXPORT_SYMBOL(complete_and_exit);
SYSCALL_DEFINE1(exit, int, error_code)
{
do_exit((error_code&0xff)<<8);
}
/*
* Take down every thread in the group. This is called by fatal signals
* as well as by sys_exit_group (below).
*/
void
do_group_exit(int exit_code)
{
struct signal_struct *sig = current->signal;
BUG_ON(exit_code & 0x80); /* core dumps don't get here */
if (signal_group_exit(sig))
exit_code = sig->group_exit_code;
else if (!thread_group_empty(current)) {
struct sighand_struct *const sighand = current->sighand;
spin_lock_irq(&sighand->siglock);
if (signal_group_exit(sig))
/* Another thread got here before we took the lock. */
exit_code = sig->group_exit_code;
else {
sig->group_exit_code = exit_code;
sig->flags = SIGNAL_GROUP_EXIT;
zap_other_threads(current);
}
spin_unlock_irq(&sighand->siglock);
}
do_exit(exit_code);
/* NOTREACHED */
}
/*
* this kills every thread in the thread group. Note that any externally
* wait4()-ing process will get the correct exit code - even if this
* thread is not the thread group leader.
*/
SYSCALL_DEFINE1(exit_group, int, error_code)
{
do_group_exit((error_code & 0xff) << 8);
/* NOTREACHED */
return 0;
}
struct waitid_info {
pid_t pid;
uid_t uid;
int status;
int cause;
};
struct wait_opts {
enum pid_type wo_type;
int wo_flags;
struct pid *wo_pid;
struct waitid_info *wo_info;
int wo_stat;
struct rusage *wo_rusage;
wait_queue_entry_t child_wait;
int notask_error;
};
static int eligible_pid(struct wait_opts *wo, struct task_struct *p)
{
return wo->wo_type == PIDTYPE_MAX ||
task_pid_type(p, wo->wo_type) == wo->wo_pid;
}
static int
eligible_child(struct wait_opts *wo, bool ptrace, struct task_struct *p)
{
if (!eligible_pid(wo, p))
return 0;
/*
* Wait for all children (clone and not) if __WALL is set or
* if it is traced by us.
*/
if (ptrace || (wo->wo_flags & __WALL))
return 1;
/*
* Otherwise, wait for clone children *only* if __WCLONE is set;
* otherwise, wait for non-clone children *only*.
*
* Note: a "clone" child here is one that reports to its parent
* using a signal other than SIGCHLD, or a non-leader thread which
* we can only see if it is traced by us.
*/
if ((p->exit_signal != SIGCHLD) ^ !!(wo->wo_flags & __WCLONE))
return 0;
return 1;
}
/*
* Handle sys_wait4 work for one task in state EXIT_ZOMBIE. We hold
* read_lock(&tasklist_lock) on entry. If we return zero, we still hold
* the lock and this task is uninteresting. If we return nonzero, we have
* released the lock and the system call should return.
*/
static int wait_task_zombie(struct wait_opts *wo, struct task_struct *p)
{
int state, status;
pid_t pid = task_pid_vnr(p);
uid_t uid = from_kuid_munged(current_user_ns(), task_uid(p));
struct waitid_info *infop;
if (!likely(wo->wo_flags & WEXITED))
return 0;
if (unlikely(wo->wo_flags & WNOWAIT)) {
status = p->exit_code;
get_task_struct(p);
read_unlock(&tasklist_lock);
sched_annotate_sleep();
if (wo->wo_rusage)
getrusage(p, RUSAGE_BOTH, wo->wo_rusage);
put_task_struct(p);
goto out_info;
}
/*
* Move the task's state to DEAD/TRACE, only one thread can do this.
*/
state = (ptrace_reparented(p) && thread_group_leader(p)) ?
EXIT_TRACE : EXIT_DEAD;
if (cmpxchg(&p->exit_state, EXIT_ZOMBIE, state) != EXIT_ZOMBIE)
return 0;
/*
* We own this thread, nobody else can reap it.
*/
read_unlock(&tasklist_lock);
sched_annotate_sleep();
/*
* Check thread_group_leader() to exclude the traced sub-threads.
*/
if (state == EXIT_DEAD && thread_group_leader(p)) {
struct signal_struct *sig = p->signal;
struct signal_struct *psig = current->signal;
unsigned long maxrss;
u64 tgutime, tgstime;
/*
* The resource counters for the group leader are in its
* own task_struct. Those for dead threads in the group
* are in its signal_struct, as are those for the child
* processes it has previously reaped. All these
* accumulate in the parent's signal_struct c* fields.
*
* We don't bother to take a lock here to protect these
* p->signal fields because the whole thread group is dead
* and nobody can change them.
*
* psig->stats_lock also protects us from our sub-theads
* which can reap other children at the same time. Until
* we change k_getrusage()-like users to rely on this lock
* we have to take ->siglock as well.
*
* We use thread_group_cputime_adjusted() to get times for
* the thread group, which consolidates times for all threads
* in the group including the group leader.
*/
thread_group_cputime_adjusted(p, &tgutime, &tgstime);
spin_lock_irq(&current->sighand->siglock);
write_seqlock(&psig->stats_lock);
psig->cutime += tgutime + sig->cutime;
psig->cstime += tgstime + sig->cstime;
psig->cgtime += task_gtime(p) + sig->gtime + sig->cgtime;
psig->cmin_flt +=
p->min_flt + sig->min_flt + sig->cmin_flt;
psig->cmaj_flt +=
p->maj_flt + sig->maj_flt + sig->cmaj_flt;
psig->cnvcsw +=
p->nvcsw + sig->nvcsw + sig->cnvcsw;
psig->cnivcsw +=
p->nivcsw + sig->nivcsw + sig->cnivcsw;
psig->cinblock +=
task_io_get_inblock(p) +
sig->inblock + sig->cinblock;
psig->coublock +=
task_io_get_oublock(p) +
sig->oublock + sig->coublock;
maxrss = max(sig->maxrss, sig->cmaxrss);
if (psig->cmaxrss < maxrss)
psig->cmaxrss = maxrss;
task_io_accounting_add(&psig->ioac, &p->ioac);
task_io_accounting_add(&psig->ioac, &sig->ioac);
write_sequnlock(&psig->stats_lock);
spin_unlock_irq(&current->sighand->siglock);
}
if (wo->wo_rusage)
getrusage(p, RUSAGE_BOTH, wo->wo_rusage);
status = (p->signal->flags & SIGNAL_GROUP_EXIT)
? p->signal->group_exit_code : p->exit_code;
wo->wo_stat = status;
if (state == EXIT_TRACE) {
write_lock_irq(&tasklist_lock);
/* We dropped tasklist, ptracer could die and untrace */
ptrace_unlink(p);
/* If parent wants a zombie, don't release it now */
state = EXIT_ZOMBIE;
if (do_notify_parent(p, p->exit_signal))
state = EXIT_DEAD;
p->exit_state = state;
write_unlock_irq(&tasklist_lock);
}
if (state == EXIT_DEAD)
release_task(p);
out_info:
infop = wo->wo_info;
if (infop) {
if ((status & 0x7f) == 0) {
infop->cause = CLD_EXITED;
infop->status = status >> 8;
} else {
infop->cause = (status & 0x80) ? CLD_DUMPED : CLD_KILLED;
infop->status = status & 0x7f;
}
infop->pid = pid;
infop->uid = uid;
}
return pid;
}
static int *task_stopped_code(struct task_struct *p, bool ptrace)
{
if (ptrace) {
if (task_is_traced(p) && !(p->jobctl & JOBCTL_LISTENING))
return &p->exit_code;
} else {
if (p->signal->flags & SIGNAL_STOP_STOPPED)
return &p->signal->group_exit_code;
}
return NULL;
}
/**
* wait_task_stopped - Wait for %TASK_STOPPED or %TASK_TRACED
* @wo: wait options
* @ptrace: is the wait for ptrace
* @p: task to wait for
*
* Handle sys_wait4() work for %p in state %TASK_STOPPED or %TASK_TRACED.
*
* CONTEXT:
* read_lock(&tasklist_lock), which is released if return value is
* non-zero. Also, grabs and releases @p->sighand->siglock.
*
* RETURNS:
* 0 if wait condition didn't exist and search for other wait conditions
* should continue. Non-zero return, -errno on failure and @p's pid on
* success, implies that tasklist_lock is released and wait condition
* search should terminate.
*/
static int wait_task_stopped(struct wait_opts *wo,
int ptrace, struct task_struct *p)
{
struct waitid_info *infop;
int exit_code, *p_code, why;
uid_t uid = 0; /* unneeded, required by compiler */
pid_t pid;
/*
* Traditionally we see ptrace'd stopped tasks regardless of options.
*/
if (!ptrace && !(wo->wo_flags & WUNTRACED))
return 0;
if (!task_stopped_code(p, ptrace))
return 0;
exit_code = 0;
spin_lock_irq(&p->sighand->siglock);
p_code = task_stopped_code(p, ptrace);
if (unlikely(!p_code))
goto unlock_sig;
exit_code = *p_code;
if (!exit_code)
goto unlock_sig;
if (!unlikely(wo->wo_flags & WNOWAIT))
*p_code = 0;
uid = from_kuid_munged(current_user_ns(), task_uid(p));
unlock_sig:
spin_unlock_irq(&p->sighand->siglock);
if (!exit_code)
return 0;
/*
* Now we are pretty sure this task is interesting.
* Make sure it doesn't get reaped out from under us while we
* give up the lock and then examine it below. We don't want to
* keep holding onto the tasklist_lock while we call getrusage and
* possibly take page faults for user memory.
*/
get_task_struct(p);
pid = task_pid_vnr(p);
why = ptrace ? CLD_TRAPPED : CLD_STOPPED;
read_unlock(&tasklist_lock);
sched_annotate_sleep();
if (wo->wo_rusage)
getrusage(p, RUSAGE_BOTH, wo->wo_rusage);
put_task_struct(p);
if (likely(!(wo->wo_flags & WNOWAIT)))
wo->wo_stat = (exit_code << 8) | 0x7f;
infop = wo->wo_info;
if (infop) {
infop->cause = why;
infop->status = exit_code;
infop->pid = pid;
infop->uid = uid;
}
return pid;
}
/*
* Handle do_wait work for one task in a live, non-stopped state.
* read_lock(&tasklist_lock) on entry. If we return zero, we still hold
* the lock and this task is uninteresting. If we return nonzero, we have
* released the lock and the system call should return.
*/
static int wait_task_continued(struct wait_opts *wo, struct task_struct *p)
{
struct waitid_info *infop;
pid_t pid;
uid_t uid;
if (!unlikely(wo->wo_flags & WCONTINUED))
return 0;
if (!(p->signal->flags & SIGNAL_STOP_CONTINUED))
return 0;
spin_lock_irq(&p->sighand->siglock);
/* Re-check with the lock held. */
if (!(p->signal->flags & SIGNAL_STOP_CONTINUED)) {
spin_unlock_irq(&p->sighand->siglock);
return 0;
}
if (!unlikely(wo->wo_flags & WNOWAIT))
p->signal->flags &= ~SIGNAL_STOP_CONTINUED;
uid = from_kuid_munged(current_user_ns(), task_uid(p));
spin_unlock_irq(&p->sighand->siglock);
pid = task_pid_vnr(p);
get_task_struct(p);
read_unlock(&tasklist_lock);
sched_annotate_sleep();
if (wo->wo_rusage)
getrusage(p, RUSAGE_BOTH, wo->wo_rusage);
put_task_struct(p);
infop = wo->wo_info;
if (!infop) {
wo->wo_stat = 0xffff;
} else {
infop->cause = CLD_CONTINUED;
infop->pid = pid;
infop->uid = uid;
infop->status = SIGCONT;
}
return pid;
}
/*
* Consider @p for a wait by @parent.
*
* -ECHILD should be in ->notask_error before the first call.
* Returns nonzero for a final return, when we have unlocked tasklist_lock.
* Returns zero if the search for a child should continue;
* then ->notask_error is 0 if @p is an eligible child,
* or still -ECHILD.
*/
static int wait_consider_task(struct wait_opts *wo, int ptrace,
struct task_struct *p)
{
/*
* We can race with wait_task_zombie() from another thread.
* Ensure that EXIT_ZOMBIE -> EXIT_DEAD/EXIT_TRACE transition
* can't confuse the checks below.
*/
int exit_state = READ_ONCE(p->exit_state);
int ret;
if (unlikely(exit_state == EXIT_DEAD))
return 0;
ret = eligible_child(wo, ptrace, p);
if (!ret)
return ret;
if (unlikely(exit_state == EXIT_TRACE)) {
/*
* ptrace == 0 means we are the natural parent. In this case
* we should clear notask_error, debugger will notify us.
*/
if (likely(!ptrace))
wo->notask_error = 0;
return 0;
}
if (likely(!ptrace) && unlikely(p->ptrace)) {
/*
* If it is traced by its real parent's group, just pretend
* the caller is ptrace_do_wait() and reap this child if it
* is zombie.
*
* This also hides group stop state from real parent; otherwise
* a single stop can be reported twice as group and ptrace stop.
* If a ptracer wants to distinguish these two events for its
* own children it should create a separate process which takes
* the role of real parent.
*/
if (!ptrace_reparented(p))
ptrace = 1;
}
/* slay zombie? */
if (exit_state == EXIT_ZOMBIE) {
/* we don't reap group leaders with subthreads */
if (!delay_group_leader(p)) {
/*
* A zombie ptracee is only visible to its ptracer.
* Notification and reaping will be cascaded to the
* real parent when the ptracer detaches.
*/
if (unlikely(ptrace) || likely(!p->ptrace))
return wait_task_zombie(wo, p);
}
/*
* Allow access to stopped/continued state via zombie by
* falling through. Clearing of notask_error is complex.
*
* When !@ptrace:
*
* If WEXITED is set, notask_error should naturally be
* cleared. If not, subset of WSTOPPED|WCONTINUED is set,
* so, if there are live subthreads, there are events to
* wait for. If all subthreads are dead, it's still safe
* to clear - this function will be called again in finite
* amount time once all the subthreads are released and
* will then return without clearing.
*
* When @ptrace:
*
* Stopped state is per-task and thus can't change once the
* target task dies. Only continued and exited can happen.
* Clear notask_error if WCONTINUED | WEXITED.
*/
if (likely(!ptrace) || (wo->wo_flags & (WCONTINUED | WEXITED)))
wo->notask_error = 0;
} else {
/*
* @p is alive and it's gonna stop, continue or exit, so
* there always is something to wait for.
*/
wo->notask_error = 0;
}
/*
* Wait for stopped. Depending on @ptrace, different stopped state
* is used and the two don't interact with each other.
*/
ret = wait_task_stopped(wo, ptrace, p);
if (ret)
return ret;
/*
* Wait for continued. There's only one continued state and the
* ptracer can consume it which can confuse the real parent. Don't
* use WCONTINUED from ptracer. You don't need or want it.
*/
return wait_task_continued(wo, p);
}
/*
* Do the work of do_wait() for one thread in the group, @tsk.
*
* -ECHILD should be in ->notask_error before the first call.
* Returns nonzero for a final return, when we have unlocked tasklist_lock.
* Returns zero if the search for a child should continue; then
* ->notask_error is 0 if there were any eligible children,
* or still -ECHILD.
*/
static int do_wait_thread(struct wait_opts *wo, struct task_struct *tsk)
{
struct task_struct *p;
list_for_each_entry(p, &tsk->children, sibling) {
int ret = wait_consider_task(wo, 0, p);
if (ret)
return ret;
}
return 0;
}
static int ptrace_do_wait(struct wait_opts *wo, struct task_struct *tsk)
{
struct task_struct *p;
list_for_each_entry(p, &tsk->ptraced, ptrace_entry) {
int ret = wait_consider_task(wo, 1, p);
if (ret)
return ret;
}
return 0;
}
static int child_wait_callback(wait_queue_entry_t *wait, unsigned mode,
int sync, void *key)
{
struct wait_opts *wo = container_of(wait, struct wait_opts,
child_wait);
struct task_struct *p = key;
if (!eligible_pid(wo, p))
return 0;
if ((wo->wo_flags & __WNOTHREAD) && wait->private != p->parent)
return 0;
return default_wake_function(wait, mode, sync, key);
}
void __wake_up_parent(struct task_struct *p, struct task_struct *parent)
{
__wake_up_sync_key(&parent->signal->wait_chldexit,
TASK_INTERRUPTIBLE, p);
}
static long do_wait(struct wait_opts *wo)
{
struct task_struct *tsk;
int retval;
trace_sched_process_wait(wo->wo_pid);
init_waitqueue_func_entry(&wo->child_wait, child_wait_callback);
wo->child_wait.private = current;
add_wait_queue(&current->signal->wait_chldexit, &wo->child_wait);
repeat:
/*
* If there is nothing that can match our criteria, just get out.
* We will clear ->notask_error to zero if we see any child that
* might later match our criteria, even if we are not able to reap
* it yet.
*/
wo->notask_error = -ECHILD;
if ((wo->wo_type < PIDTYPE_MAX) &&
(!wo->wo_pid || !pid_has_task(wo->wo_pid, wo->wo_type)))
goto notask;
set_current_state(TASK_INTERRUPTIBLE);
read_lock(&tasklist_lock);
tsk = current;
do {
retval = do_wait_thread(wo, tsk);
if (retval)
goto end;
retval = ptrace_do_wait(wo, tsk);
if (retval)
goto end;
if (wo->wo_flags & __WNOTHREAD)
break;
} while_each_thread(current, tsk);
read_unlock(&tasklist_lock);
notask:
retval = wo->notask_error;
if (!retval && !(wo->wo_flags & WNOHANG)) {
retval = -ERESTARTSYS;
if (!signal_pending(current)) {
schedule();
goto repeat;
}
}
end:
__set_current_state(TASK_RUNNING);
remove_wait_queue(&current->signal->wait_chldexit, &wo->child_wait);
return retval;
}
static long kernel_waitid(int which, pid_t upid, struct waitid_info *infop,
int options, struct rusage *ru)
{
struct wait_opts wo;
struct pid *pid = NULL;
enum pid_type type;
long ret;
unsigned int f_flags = 0;
if (options & ~(WNOHANG|WNOWAIT|WEXITED|WSTOPPED|WCONTINUED|
__WNOTHREAD|__WCLONE|__WALL))
return -EINVAL;
if (!(options & (WEXITED|WSTOPPED|WCONTINUED)))
return -EINVAL;
switch (which) {
case P_ALL:
type = PIDTYPE_MAX;
break;
case P_PID:
type = PIDTYPE_PID;
if (upid <= 0)
return -EINVAL;
pid = find_get_pid(upid);
break;
case P_PGID:
type = PIDTYPE_PGID;
if (upid < 0)
return -EINVAL;
if (upid)
pid = find_get_pid(upid);
else
pid = get_task_pid(current, PIDTYPE_PGID);
break;
case P_PIDFD:
type = PIDTYPE_PID;
if (upid < 0)
return -EINVAL;
pid = pidfd_get_pid(upid, &f_flags);
if (IS_ERR(pid))
return PTR_ERR(pid);
break;
default:
return -EINVAL;
}
wo.wo_type = type;
wo.wo_pid = pid;
wo.wo_flags = options;
wo.wo_info = infop;
wo.wo_rusage = ru;
if (f_flags & O_NONBLOCK)
wo.wo_flags |= WNOHANG;
ret = do_wait(&wo);
if (!ret && !(options & WNOHANG) && (f_flags & O_NONBLOCK))
ret = -EAGAIN;
put_pid(pid);
return ret;
}
SYSCALL_DEFINE5(waitid, int, which, pid_t, upid, struct siginfo __user *,
infop, int, options, struct rusage __user *, ru)
{
struct rusage r;
struct waitid_info info = {.status = 0};
long err = kernel_waitid(which, upid, &info, options, ru ? &r : NULL);
int signo = 0;
if (err > 0) {
signo = SIGCHLD;
err = 0;
if (ru && copy_to_user(ru, &r, sizeof(struct rusage)))
return -EFAULT;
}
if (!infop)
return err;
if (!user_write_access_begin(infop, sizeof(*infop)))
return -EFAULT;
unsafe_put_user(signo, &infop->si_signo, Efault);
unsafe_put_user(0, &infop->si_errno, Efault);
unsafe_put_user(info.cause, &infop->si_code, Efault);
unsafe_put_user(info.pid, &infop->si_pid, Efault);
unsafe_put_user(info.uid, &infop->si_uid, Efault);
unsafe_put_user(info.status, &infop->si_status, Efault);
user_write_access_end();
return err;
Efault:
user_write_access_end();
return -EFAULT;
}
long kernel_wait4(pid_t upid, int __user *stat_addr, int options,
struct rusage *ru)
{
struct wait_opts wo;
struct pid *pid = NULL;
enum pid_type type;
long ret;
if (options & ~(WNOHANG|WUNTRACED|WCONTINUED|
__WNOTHREAD|__WCLONE|__WALL))
return -EINVAL;
/* -INT_MIN is not defined */
if (upid == INT_MIN)
return -ESRCH;
if (upid == -1)
type = PIDTYPE_MAX;
else if (upid < 0) {
type = PIDTYPE_PGID;
pid = find_get_pid(-upid);
} else if (upid == 0) {
type = PIDTYPE_PGID;
pid = get_task_pid(current, PIDTYPE_PGID);
} else /* upid > 0 */ {
type = PIDTYPE_PID;
pid = find_get_pid(upid);
}
wo.wo_type = type;
wo.wo_pid = pid;
wo.wo_flags = options | WEXITED;
wo.wo_info = NULL;
wo.wo_stat = 0;
wo.wo_rusage = ru;
ret = do_wait(&wo);
put_pid(pid);
if (ret > 0 && stat_addr && put_user(wo.wo_stat, stat_addr))
ret = -EFAULT;
return ret;
}
int kernel_wait(pid_t pid, int *stat)
{
struct wait_opts wo = {
.wo_type = PIDTYPE_PID,
.wo_pid = find_get_pid(pid),
.wo_flags = WEXITED,
};
int ret;
ret = do_wait(&wo);
if (ret > 0 && wo.wo_stat)
*stat = wo.wo_stat;
put_pid(wo.wo_pid);
return ret;
}
SYSCALL_DEFINE4(wait4, pid_t, upid, int __user *, stat_addr,
int, options, struct rusage __user *, ru)
{
struct rusage r;
long err = kernel_wait4(upid, stat_addr, options, ru ? &r : NULL);
if (err > 0) {
if (ru && copy_to_user(ru, &r, sizeof(struct rusage)))
return -EFAULT;
}
return err;
}
#ifdef __ARCH_WANT_SYS_WAITPID
/*
* sys_waitpid() remains for compatibility. waitpid() should be
* implemented by calling sys_wait4() from libc.a.
*/
SYSCALL_DEFINE3(waitpid, pid_t, pid, int __user *, stat_addr, int, options)
{
return kernel_wait4(pid, stat_addr, options, NULL);
}
#endif
#ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(wait4,
compat_pid_t, pid,
compat_uint_t __user *, stat_addr,
int, options,
struct compat_rusage __user *, ru)
{
struct rusage r;
long err = kernel_wait4(pid, stat_addr, options, ru ? &r : NULL);
if (err > 0) {
if (ru && put_compat_rusage(&r, ru))
return -EFAULT;
}
return err;
}
COMPAT_SYSCALL_DEFINE5(waitid,
int, which, compat_pid_t, pid,
struct compat_siginfo __user *, infop, int, options,
struct compat_rusage __user *, uru)
{
struct rusage ru;
struct waitid_info info = {.status = 0};
long err = kernel_waitid(which, pid, &info, options, uru ? &ru : NULL);
int signo = 0;
if (err > 0) {
signo = SIGCHLD;
err = 0;
if (uru) {
/* kernel_waitid() overwrites everything in ru */
if (COMPAT_USE_64BIT_TIME)
err = copy_to_user(uru, &ru, sizeof(ru));
else
err = put_compat_rusage(&ru, uru);
if (err)
return -EFAULT;
}
}
if (!infop)
return err;
if (!user_write_access_begin(infop, sizeof(*infop)))
return -EFAULT;
unsafe_put_user(signo, &infop->si_signo, Efault);
unsafe_put_user(0, &infop->si_errno, Efault);
unsafe_put_user(info.cause, &infop->si_code, Efault);
unsafe_put_user(info.pid, &infop->si_pid, Efault);
unsafe_put_user(info.uid, &infop->si_uid, Efault);
unsafe_put_user(info.status, &infop->si_status, Efault);
user_write_access_end();
return err;
Efault:
user_write_access_end();
return -EFAULT;
}
#endif
/**
* thread_group_exited - check that a thread group has exited
* @pid: tgid of thread group to be checked.
*
* Test if the thread group represented by tgid has exited (all
* threads are zombies, dead or completely gone).
*
* Return: true if the thread group has exited. false otherwise.
*/
bool thread_group_exited(struct pid *pid)
{
struct task_struct *task;
bool exited;
rcu_read_lock();
task = pid_task(pid, PIDTYPE_PID);
exited = !task ||
(READ_ONCE(task->exit_state) && thread_group_empty(task));
rcu_read_unlock();
return exited;
}
EXPORT_SYMBOL(thread_group_exited);
__weak void abort(void)
{
BUG();
/* if that doesn't kill us, halt */
panic("Oops failed to kill thread");
}
EXPORT_SYMBOL(abort);
Reference in New Issue View Git Blame Copy Permalink