Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > 27922b4260f65d317aabda37e42bbbff > files > 1930

kernel-2.6.18-238.el5.src.rpm

From: Jerome Marchand <jmarchan@redhat.com>
Date: Wed, 30 Jul 2008 09:17:47 +0200
Subject: [misc] fix wrong test in wait_task_stopped
Message-id: 4890159B.2030001@redhat.com
O-Subject: [RHEL5.3 Patch] BZ382161: fix wrong test in wait_task_stopped()
Bugzilla: 382211
RH-Acked-by: Roland McGrath <roland@redhat.com>
CVE: CVE-2007-5500

Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=382161

Description:
There is a wrong test in wait_task_stopped().
There was an old (p->state > TASK_STOPPED) test which used to mean not
dead (that was before TASK_TRACED and exit_state existed). Then, it
has been misunderstood as a wrong check of TASK_TRACED bit (commit
14bf01bb0599c89fc7f426d20353b76e12555308).
I'm not sure there is an actual bug on rhel5, but that test is very
wrong.

Upstream status:
commit a3474224e6a01924be40a8255636ea5522c1023a

Brew build:
http://brewweb.devel.redhat.com/brew/taskinfo?taskID=1413558

Test status:
Build on all archs, booted on i686.

Regards,
Jerome Marchand

diff --git a/kernel/exit.c b/kernel/exit.c
index 24d2b68..6afde30 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -1247,8 +1247,7 @@ static int wait_task_stopped(struct task_struct *p, int delayed_group_leader,
 		uid_t uid = p->uid;
 
 		exit_code = p->exit_code;
-		if (unlikely(!exit_code) ||
-		    unlikely(p->state & TASK_TRACED))
+		if (unlikely(!exit_code) || unlikely(p->exit_state))
 			goto bail_ref;
 		return wait_noreap_copyout(p, pid, uid, CLD_STOPPED,
 					   (exit_code << 8) | 0x7f,