lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 04 Sep 2009 09:39:07 +0100
From:	David Howells <dhowells@...hat.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	dhowells@...hat.com, Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	James Morris <jmorris@...ei.org>,
	Roland McGrath <roland@...hat.com>,
	Tom Horsley <tom.horsley@....net>,
	linux-kernel@...r.kernel.org, stable@...nel.org
Subject: Re: [PATCH 1/1] exec: do not sleep in TASK_TRACED under ->cred_guard_mutex

Oleg Nesterov <oleg@...hat.com> wrote:

> But I strongly believe we should blame another patch
> 
> 	"CRED: Make execve() take advantage of copy-on-write credentials"
> 	a6f76f23d297f70e2a6b3ec607f7aeeea9e37e8d
> 
> The tracee must not sleep in TASK_TRACED holding this mutex (it was named
> cred_exec_mutex). Even if we remove ->cred_guard_mutex from mm_for_maps()
> and proc_pid_attr_write(), another task doing PTRACE_ATTACH should not
> hang until it is killed or the tracee resumes.

Ummm...  I don't see how this is relevant.

Yes, a task must not sleep in TASK_TRACED if it is holding this mutex, but how
does that apply to do_exec(), mm_for_maps() or proc_pid_attr_write()?  A
process can't be in any of those three if it is in the TASK_TRACED state.

A process can only be in the TASK_TRACED state in one of two ways: its parent
moved it there from the TASK_STOPPED state, or it put itself in that state -
neither of which should apply here.

Apart from that, I've no objection to dropping the guard semaphore earlier.

I do think though, the problem is elsewhere.  Are we failing to unlock the
semaphore somewhere?  Or double locking it, I wonder?  Has Tom tried lockdep?

Btw, should mm_for_maps() use mutex_lock_interruptible()?  There doesn't seem
any point making it non-interruptible (except for kill signals) - unless that
would muck up seqfile handling.

> +int prepare_bprm_creds(struct linux_binprm *bprm)
> +{

__acquires()

> +void free_bprm(struct linux_binprm *bprm)
> +{

__releases()
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ