Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier

From: Al Viro
Date: Sat May 30 2020 - 10:08:52 EST

Next message: Stanley Chu: "[PATCH] scsi: ufs: Remove redundant urgent_bkop_lvl initialization"
Previous message: Michael Ellerman: "[GIT PULL] Please pull powerpc/linux.git powerpc-5.7-6 tag"
In reply to: Christian Brauner: "Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier"
Next in thread: Kees Cook: "Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 29, 2020 at 07:43:10PM -0700, Kees Cook wrote:

> Can anyone clarify the expected failure mode from SCM_RIGHTS? Can we
> move the put_user() after instead? I think cleanup would just be:
> replace_fd(fd, NULL, 0)

Bollocks.

Repeat after me: descriptor tables can be shared. There is no
"cleanup" after you've put something there. If you do not get
it, you have no business messing with any of this stuff.

Next message: Stanley Chu: "[PATCH] scsi: ufs: Remove redundant urgent_bkop_lvl initialization"
Previous message: Michael Ellerman: "[GIT PULL] Please pull powerpc/linux.git powerpc-5.7-6 tag"
In reply to: Christian Brauner: "Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier"
Next in thread: Kees Cook: "Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]