Kernel: Acquire reference to waitee before trying to block in sys$waitid

Previously, we would try to acquire a reference to the all processes lock or other contended resources while holding both the scheduler lock and the thread's blocker lock. This could lead to a deadlock if we actually have to block on those other resources.
2025-05-31 21:28:14 +00:00 · 2021-08-22 22:01:04 -06:00 · 2021-08-22 22:01:04 -06:00 · 54161bf5b4
commit 54161bf5b4
parent dea62fe93c
4 changed files with 43 additions and 66 deletions
--- a/Kernel/Syscalls/waitid.cpp
+++ b/Kernel/Syscalls/waitid.cpp
@ -4,15 +4,16 @@
 * SPDX-License-Identifier: BSD-2-Clause
 */

+#include <AK/Variant.h>
 #include <Kernel/Debug.h>
 #include <Kernel/Process.h>

 namespace Kernel {

-KResultOr<siginfo_t> Process::do_waitid(idtype_t idtype, int id, int options)
+KResultOr<siginfo_t> Process::do_waitid(Variant<Empty, NonnullRefPtr<Process>, NonnullRefPtr<ProcessGroup>> waitee, int options)
 {
    KResultOr<siginfo_t> result = KResult(KSuccess);
-    if (Thread::current()->block<Thread::WaitBlocker>({}, options, idtype, id, result).was_interrupted())
+    if (Thread::current()->block<Thread::WaitBlocker>({}, options, move(waitee), result).was_interrupted())
        return EINTR;
    VERIFY(!result.is_error() || (options & WNOHANG) || result.error() != KSuccess);
    return result;
@ -27,18 +28,34 @@ KResultOr<FlatPtr> Process::sys$waitid(Userspace<const Syscall::SC_waitid_params
    if (!copy_from_user(&params, user_params))
        return EFAULT;

+    Variant<Empty, NonnullRefPtr<Process>, NonnullRefPtr<ProcessGroup>> waitee = Empty {};
    switch (params.idtype) {
    case P_ALL:
-    case P_PID:
-    case P_PGID:
+        waitee = Empty {};
        break;
+    case P_PID: {
+        auto waitee_process = Process::from_pid(params.id);
+        if (!waitee_process || waitee_process->ppid() != Process::current().pid()) {
+            return ECHILD;
+        }
+        waitee = waitee_process.release_nonnull();
+        break;
+    }
+    case P_PGID: {
+        auto waitee_group = ProcessGroup::from_pgid(params.id);
+        if (!waitee_group) {
+            return ECHILD;
+        }
+        waitee = waitee_group.release_nonnull();
+        break;
+    }
    default:
        return EINVAL;
    }

    dbgln_if(PROCESS_DEBUG, "sys$waitid({}, {}, {}, {})", params.idtype, params.id, params.infop, params.options);

-    auto siginfo_or_error = do_waitid(static_cast<idtype_t>(params.idtype), params.id, params.options);
+    auto siginfo_or_error = do_waitid(move(waitee), params.options);
    if (siginfo_or_error.is_error())
        return siginfo_or_error.error();