Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries

From: Michal Koutný
Date: Thu Dec 09 2021 - 08:44:24 EST

Next message: Leo Yan: "Re: [PATCH] perf cs-etm: Remove duplicate and incorrect aux size checks"
Previous message: Thadeu Lima de Souza Cascardo: "[PATCH] bpf: return EOPNOTSUPP when JIT is needed and not possible"
In reply to: Tejun Heo: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Christian Brauner: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 08, 2021 at 01:07:54PM -1000, Tejun Heo <tj@xxxxxxxxxx> wrote:

> + saved_cred = override_creds(of->file->f_cred);
> ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
> - of->file->f_path.dentry->d_sb, threadgroup);
> + of->file->f_path.dentry->d_sb,
> + threadgroup, ctx->ns);
> + revert_creds(saved_cred);

I wonder now whether such a wrap shouldn't also be around cgroup_kill()
too (+ replacement of send_sig() with group_send_sig_info() [1])?

This shouldn't break the use case of passing cgroup kill fd to a less
privileged task for (auto)destruction purposes but on the other hand it
would prevent subverting the fd to a more privileged confused task to
kill otherwise disallowed processes.

Thanks,
Michal

[1] https://lore.kernel.org/r/m1v97x6niq.fsf@xxxxxxxxxxxxxxxxx/

Next message: Leo Yan: "Re: [PATCH] perf cs-etm: Remove duplicate and incorrect aux size checks"
Previous message: Thadeu Lima de Souza Cascardo: "[PATCH] bpf: return EOPNOTSUPP when JIT is needed and not possible"
In reply to: Tejun Heo: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Christian Brauner: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]