lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090904124604.GA6248@redhat.com>
Date:	Fri, 4 Sep 2009 14:46:04 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	David Howells <dhowells@...hat.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	James Morris <jmorris@...ei.org>,
	Roland McGrath <roland@...hat.com>,
	Tom Horsley <tom.horsley@....net>,
	linux-kernel@...r.kernel.org, stable@...nel.org
Subject: Re: [PATCH 1/1] exec: do not sleep in TASK_TRACED under
	->cred_guard_mutex

On 09/04, David Howells wrote:
>
> Oleg Nesterov <oleg@...hat.com> wrote:
>
> > But I strongly believe we should blame another patch
> >
> > 	"CRED: Make execve() take advantage of copy-on-write credentials"
> > 	a6f76f23d297f70e2a6b3ec607f7aeeea9e37e8d
> >
> > The tracee must not sleep in TASK_TRACED holding this mutex (it was named
> > cred_exec_mutex). Even if we remove ->cred_guard_mutex from mm_for_maps()
> > and proc_pid_attr_write(), another task doing PTRACE_ATTACH should not
> > hang until it is killed or the tracee resumes.

(Argh. Sorry David, the changelog should have mentioned tracehook_report_exec()
 more explicitely).

So, David, do you agree with this patch? Do you think it can go to 2.6.31 ?


> Btw, should mm_for_maps() use mutex_lock_interruptible()?  There doesn't seem
> any point making it non-interruptible (except for kill signals) - unless that
> would muck up seqfile handling.

Perhaps, but we should change m_start() first, it should check IS_ERR() instead
of mm != NULL. Afaics, vfs_read()->seq_read() path will return ERESTART...
correctly.

I am not sure would be right though, short reads can confuse user space. And
this can't solve the problem, this only helps to react to signals.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ