| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20081119022817.GA20290@us.ibm.com> Date: Tue, 18 Nov 2008 18:28:17 -0800 From: Sukadev Bhattiprolu <sukadev@...ux.vnet.ibm.com> To: oleg@...hat.com, ebiederm@...ssion.com Cc: daniel@...ac.com, xemul@...nvz.org, containers@...ts.osdl.org, linux-kernel@...r.kernel.org Subject: Re: [RFC][PATCH][v2] Define/use siginfo_from_ancestor_ns() | @@ -864,6 +902,9 @@ static int send_signal(int sig, struct siginfo *info, struct task_struct *t, | * and sent by user using something other than kill(). | */ | return -EAGAIN; | + | + if (from_ancestor_ns) | + return -ENOMEM; | } | | out_set: We had wanted to start with a check like above and improve later. But if sender is from ancestor namespace, we must post the signal even if we don't have the siginfo right ? Otherwise, a SIGKILL from ancestor may get the -ENOMEM ? Conversely, if a signal from same namespace is being posted to cinit, and we don't have siginfo, ->si_pid would be 0 and get_signal_to_deliver() would mistake that the sender is an ancestor ns and process the signal (which should have been ignored). So, maybe we should start with the reverse check ? if (same_ns && (t->signal->flags & SIGNAL_UNKILLABLE)) return -ENOMEM; Sukadev -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists