Even to init SIGKILL and SIGSTOP are alwasys delivered if they are sent, so don't allow tracing an init task allow them. Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> --- kernel/signal.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/signal.c b/kernel/signal.c index 5eff2f9f8c42..627b482fa3f8 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -98,8 +98,12 @@ static int sig_ignored(struct task_struct *t, int sig, bool force) /* * Tracers may want to know about even ignored signals. + * We can never safely allow SIGKILL or SIGSTOP to + * be sent to init from it's children. */ - return !t->ptrace; + return !t->ptrace || + ((t->signal->flags & SIGNAL_UNKILLABLE) && + sig_kernel_only(sig) && !force); } /* -- 2.10.1 -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
