• Neil Horman's avatar
    The user mode helper code has a race in it. call_usermodehelper_exec() · fd8fa92e
    Neil Horman authored
    takes an allocated subprocess_info structure, which it passes to a
    workqueue, and then passes it to a kernel thread which it creates, after
    which it calls complete to signal to the caller of
    call_usermodehelper_exec() that it can free the subprocess_info struct.
    
    But since we use that structure in the created thread, we can't call
    complete from __call_usermodehelper(), which is where we create the kernel
    thread.  We need to call complete() from within the kernel thread and then
    not use subprocess_info afterward in the case of UMH_WAIT_EXEC.  Tested
    successfully by me.
    Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Cc: Rusty Russell <rusty@rustcorp.com.au>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    fd8fa92e
kmod.c 14.6 KB