lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFxTtemhGJweOKfATojapGzD-riaowDUSh65OA2pCB+w6Q@mail.gmail.com>
Date:   Wed, 20 Jun 2018 10:16:43 +0900
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     Linux Containers <containers@...ts.linux-foundation.org>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        astrachan@...gle.com, Andrew Morton <akpm@...ux-foundation.org>,
        Al Viro <viro@...iv.linux.org.uk>,
        David Howells <dhowells@...hat.com>,
        Oleg Nesterov <oleg@...hat.com>,
        Alexey Dobriyan <adobriyan@...il.com>
Subject: Re: [GIT PULL] userns fixes for 4.17-rc2

On Tue, Jun 19, 2018 at 8:24 PM Eric W. Biederman <ebiederm@...ssion.com> wrote:
>
> I stared at this code for quite a while and I finally concluded that the
> best course forward is to simply things and remove the internal kernel
> mount of proc.  The internal mount of proc is directly responsible for
> this regression and it has been the source of pain over the years.

This is not the kind of patch that I'm willing to take outside the
merge window. This is *way* too subtle, and making sysctl do a
kern_mount()/kern_umount() seems odd.  The pid->count test also looks
potentially racy to me.

And even if we want to do all this, it damn well shouldn't be done in
one commit. The sysctl change could and should be done imdependently,
of the other ones, for example. That "remove kernel mount" commit
simply does too much in one go considering how subtle this is. If
there are problems, I want it to bisect to "oh, sysctl broke", not to
"that thing that removed the kernel mount broke something".

The "it's been broken two years" definitely argues for doing this
slowly and carefully, not this way.

                    Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ