lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070411114205.GA127@tv-sign.ru>
Date:	Wed, 11 Apr 2007 15:42:05 +0400
From:	Oleg Nesterov <oleg@...sign.ru>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Davide Libenzi <davidel@...ilserver.org>,
	Jan Engelhardt <jengelh@...ux01.gwdg.de>,
	Ingo Molnar <mingo@...e.hu>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Robin Holt <holt@....com>, Roland McGrath <roland@...hat.com>,
	"Serge E. Hallyn" <serge@...lyn.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/3] make kernel threads invisible to /sbin/init

On 04/10, Eric W. Biederman wrote:
>
> Oleg Nesterov <oleg@...sign.ru> writes:
> 
> > 1. rename reparent_to_init() to reparent_kthread() and export it
> >
> > 2. use init_pid_ns.child_reaper instead of child_reaper(current)
> >
> > 3. set ->exit_signal = -1, so init can't see us and we don't use
> >    it to reap the task.
> >
> > 4. add reparent_kthread() to kthread() and stopmachine()
> >
> 
> If the goal is to hide from /sbin/init.  We don't need to touch
> kernel/kthread.c or 
> kernel/stop_machine.c
> 
> Their parents are already kernel threads.
> 
> For the kernel thread they all inherit signals with SIGCHLD set to
> SIG_IGN, so there is child auto reaping in that form.  Adding
> the ->exit_signal = -1 would be a bonus but is not required.

Unless a kernel thread does kernel_thread() (not kthread_create) and
exits. In that case the child will be re-parented to init which doesn't
ignore SIGCHLD.

Robin Holt wrote:
>
> wait_task_zombie() is taking many seconds to get through the list.
> For the case of a modprobe, stop_machine creates one thread per cpu
> (remember big number). All are parented to init and their exit will
> cause wait_task_zombie to scan multiple times most of the way through
> this very long list looking for threads which need to be reaped.

initially, "stopmachine" threads were not parented to init.

However, I agree, your patch is better, and solves most problems in more
simple way. Including the above problem, I believe. "stopmachine" likely
does exit_notify() and notices SIG_IGN (inherited from kthreadd_setup())
before "do_stop" does forget_original_parent().

Oleg.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ