Re: scope of cred_guard_mutex.
From: Kees Cook
Date: Fri Apr 07 2017 - 18:07:38 EST
On Thu, Apr 6, 2017 at 8:55 AM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> And this makes me think again that we need to restart this discusion with
> more CC's.
I'm a fan of that; I've not been able to follow this thread as it
seems to have gone far from the original deadlock problem. :) I've
seen issues with ptrace, zombies, and now exec. I'm lost. :P
>> Partly I object because your understanding and my understanding of
>> cred_guard_mutex are very different.
>>
>> As I read and understand the code the job of cred_guard_mutex is to keep
>> ptrace (and other threads of the proccess) from interferring in
>> exec and to ensure old resources are accessed with permission checks
>> using our original credentials and that new and modified resources are
>> accessed with permission checks using our new credentials.
>
> Yes, this is clear.
Maybe stupid idea: can we get a patch that just adds this kind of
documentation somewhere in the source? If we can agree on the purpose
of cred_guard_mutex, and get it into the code, that seems like a good
step in discussion...
-Kees
--
Kees Cook
Pixel Security