lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20081202115729.GB1132@wavehammer.waldi.eu.org>
Date:	Tue, 2 Dec 2008 12:57:29 +0100
From:	Bastian Blank <bastian@...di.eu.org>
To:	Sukadev Bhattiprolu <sukadev@...ux.vnet.ibm.com>
Cc:	Greg Kurz <gkurz@...ibm.com>, linux-kernel@...r.kernel.org,
	oleg@...hat.com, ebiederm@...ssion.com, containers@...ts.osdl.org,
	roland@...hat.com, xemul@...nvz.org
Subject: Re: [RFC][PATCH 2/5] pid: Generalize task_active_pid_ns

On Mon, Dec 01, 2008 at 01:15:18PM -0800, Sukadev Bhattiprolu wrote:
> Greg Kurz [gkurz@...ibm.com] wrote:
> | On Thu, 2008-11-27 at 02:17 +0100, Bastian Blank wrote:
> | > On Tue, Nov 25, 2008 at 07:45:28PM -0800, Sukadev Bhattiprolu wrote:
> | > > Currently task_active_pid_ns is not safe to call after a
> | > > task becomes a zombie and exit_task_namespaces is called,
> | > > as nsproxy becomes NULL.
> | > Why do you need to be able to get the pid namespace from zombie
> | > processes?
> After exiting namespaces, the process notifies parent. With new changes
> to signals (in this patchset), the signal code may need to determine
> the namespace of sender (the exiting child in this case).

So the parent of a process with a new pid namespace will never get a
SIGCHLD?

What I read in the kernel source (kernel/signal.c:do_notify_parent,
include/asm-generic/siginfo.h:CLD_EXITED) is that the exit signals
(SIGCHLD) are describes as sent by the kernel. 

> | I agree with Eric and Sukadev that task_active_pid_ns() is unsafe. There
> | isn't even a /* don't use with zombies */ in pid_namespace.h...
> Hmm. Its not unsafe at present. It would become unsafe if the signals code
> tries to determine the namespace of sender.

Why? Even now it may be used on zombie tasks.

Bastian

-- 
Vulcans do not approve of violence.
		-- Spock, "Journey to Babel", stardate 3842.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ