Re: [PATCH] user namespace: make signal.c respect user namespaces

[Oleg Nesterov]

On 09/20, Serge E. Hallyn wrote:
>
> Quoting Oleg Nesterov (oleg@xxxxxxxxxx):
> >
> > 	static inline uid_t good_name(struct task_struct *from, struct task_struct *to)
> > 	{
> > 		// the caller does rcu_read_lock() if needed
> > 		const struct cred *from_cred = __task_cred(from);
> > 		return user_ns_map_uid(task_cred_xxx(to, user_ns),
> > 					from_cred, from_cred->uid);
> > 	}
>
> That looks great, thanks.  I couldn't think it up myself, but now that
> I see it in your email, I see this would be very valuable in helping
> make this code more readable  :)

Damn ;) The problem is, "the caller does rcu_read_lock() if needed"
can't shut up __rcu_dereference_check(). current_cred() passes c == true
to do this.

This reminds me, __task_cred()->task_is_dead() should go away. Probably
we can replace it with (__t == current). Otherwise send_signal() needs
rcu_read_lock() to avoid the warning from lockdep, or the helper needs
the unconditional rcu_read_lock().

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/