lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Sep 2010 20:50:01 +0200 From: Oleg Nesterov <oleg@...hat.com> To: Will Drewry <wad@...omium.org> Cc: Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org, Alexander Viro <viro@...iv.linux.org.uk>, Andrew Morton <akpm@...ux-foundation.org>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, Roland McGrath <roland@...hat.com>, Neil Horman <nhorman@...driver.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, containers@...ts.linux-foundation.org, Eugene Teo <eteo@...hat.com>, Tejun Heo <tj@...nel.org>, Serge Hallyn <serue@...ibm.com>, Alexey Dobriyan <adobriyan@...il.com>, linux-fsdevel@...r.kernel.org Subject: Re: [PATCH 2/2] exec: move core_pattern pipe helper into the crashing namespace On 09/17, Will Drewry wrote: > > On Fri, Sep 17, 2010 at 8:29 PM, Oleg Nesterov <oleg@...hat.com> wrote: > > > > This looks overcomplicated to me, or I missed something. > > > > I do not understand why should we do this beforehand, and why we need > > copy_namespaces_unattached(). > > > > Can't you just pass current to umh_pipe_setup() (or another helper) as > > the argument? Then this helper can copy ->fs and ->nsproxy itself. > > I wasn't sure if it was reasonable to pass the current task_struct > over, but I certainly can. Why not? current calls call_usermodehelper_exec(), it can't go away until subprocess_info->init() returns, it sleeps on wait_for_completion(). > In practice, this seems to amount to just adding a refcount to all the > namespaces and creating a new nsproxy which isn't really needed. Most > likely, doing what you've suggested above plus the copy_fs_struct and > the swap out will do the trick. I'll try it out and see. That's make > it much clearer I think. Yes, just get_nsproxy() (like fork() does) should be fine in this case. As for copying ->fs, I am not sure actually. core_pattern is global, say it is "|/coredumper". If you change ->root, then exec can fail because that binary is not visible to the coredumping process? Probably we should move core_pattern into ->pid_ns, I dunno. Oleg. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists