uml: Fix unsafe pid reference to foreground process group

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Although the tty core maintains a pid reference for the foreground
process group, if the foreground process group is changed that
pid reference is dropped. Thus, the pid reference used for signalling
could become stale.

Safely obtain a pid reference to the foreground process group and
release the reference after signalling is complete.

cc: Jeff Dike <jdike@addtoit.com>
Acked-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Reviewed-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Peter Hurley and committed by

Greg Kroah-Hartman 11 years ago 8a8a5510 bce65f18

+5 -1

1 changed file

expand all

arch

drivers

line.c

+5 -1

arch/um/drivers/line.c

··· 632 632 int fd = winch->fd; 633 633 int err; 634 634 char c; 635 + struct pid *pgrp; 635 636 636 637 if (fd != -1) { 637 638 err = generic_read(fd, &c, NULL); ··· 658 657 if (line != NULL) { 659 658 chan_window_size(line, &tty->winsize.ws_row, 660 659 &tty->winsize.ws_col); 661 - kill_pgrp(tty->pgrp, SIGWINCH, 1); 660 + pgrp = tty_get_pgrp(tty); 661 + if (pgrp) 662 + kill_pgrp(pgrp, SIGWINCH, 1); 663 + put_pid(pgrp); 662 664 } 663 665 tty_kref_put(tty); 664 666 }