On 10/12, Srikar Dronamraju wrote: > > I think we should be okay if the test exits in UTASK_SSTEP state. Yes, and afaics we can't avoid this case, at least currently. But we should move free_uprobe_utask() to mm_release(), or somewhere else before mm->core_state check in exit_mm(). My main concern is stop/freeze in UTASK_SSTEP state. If nothing else, debugger can attach to the stopped task and disable the stepping. Or SIGKILL, it should work in this case. > > Great. I'll think a bit more and send you the "final" version tomorrow. > > Assuming we can change sstep_complete() as we discussed, it doesn't need > > fatal_signal_pending(). > > Okay. Sorry. I was busy today. Tomorrow ;) > > HOWEVER. There is yet another problem. Another thread can, say, unmap() > > xol_vma. In this case we should ensure that the task can't fault in an > > endless loop. > > Hmm should we add a check in unmap() to see if the vma that we are > trying to unmap is the xol_vma and if so return? Oh, I am not sure. You know, I _think_ that perhaps we should do something diferent in the long term. In particular, this xol page should not have vma at all. This way we shouldn't worry about unmap/remap/mprotect. But even if this is possible (I am not really sure), I do not think we should do this right now. > Our assumption has been that once an xol_vma has been created, it should > be around till the process gets killed. Yes, I see. But afaics this assumption is currently wrong. This means that we should ensure the evil application can't exploit this fact. Oleg. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>