Re: [GIT PULL] Please pull proc and exec work for 5.7-rc1

From: Linus Torvalds
Date: Tue Apr 07 2020 - 15:51:15 EST

Next message: Luck, Tony: "RE: [PATCH 0/9 v3] New way to track mce notifier chain actions"
Previous message: shuah: "Re: [PATCH 5.6 00/30] 5.6.3-rc2 review"
In reply to: Eric W. Biederman: "Re: [GIT PULL] Please pull proc and exec work for 5.7-rc1"
Next in thread: Bernd Edlinger: "Re: [GIT PULL] Please pull proc and exec work for 5.7-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 6, 2020 at 3:20 PM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote:
>
> But fundamentally the only reason we need this information stable
> before the point of no return is so that we can return a nice error
> code to the process calling exec. Instead of terminating the
> process with SIGSEGV.

I'd suggest doing it the other way around instead: let the thread that
does the security_setprocattr() die, since execve() is terminating
other threads anyway.

And the easy way to do that is to just make the rule be that anybody
who waits for this thing for write needs to use a killable wait.

So if the execve() got started earlier, and already took the cred lock
(whatever we'll call it) for reading, then zap_other_threads() will
take care of another thread doing setprocattr().

That sounds like a really simple model, no?

Linus

Next message: Luck, Tony: "RE: [PATCH 0/9 v3] New way to track mce notifier chain actions"
Previous message: shuah: "Re: [PATCH 5.6 00/30] 5.6.3-rc2 review"
In reply to: Eric W. Biederman: "Re: [GIT PULL] Please pull proc and exec work for 5.7-rc1"
Next in thread: Bernd Edlinger: "Re: [GIT PULL] Please pull proc and exec work for 5.7-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]