| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Aug 2019 15:30:01 +0200
From: Oleg Nesterov <oleg@...hat.com>
To: Christian Brauner <christian@...uner.io>
Cc: Adrian Reber <areber@...hat.com>,
Eric Biederman <ebiederm@...ssion.com>,
Pavel Emelianov <xemul@...tuozzo.com>,
Jann Horn <jannh@...gle.com>,
Dmitry Safonov <0x7f454c46@...il.com>,
linux-kernel@...r.kernel.org, Andrei Vagin <avagin@...il.com>,
Mike Rapoport <rppt@...ux.ibm.com>,
Radostin Stoyanov <rstoyanov1@...il.com>
Subject: Re: [PATCH v2 1/2] fork: extend clone3() to support CLONE_SET_TID
On 08/02, Christian Brauner wrote:
>
> On Wed, Jul 31, 2019 at 06:12:22PM +0200, Adrian Reber wrote:
> > The main motivation to add CLONE_SET_TID to clone3() is CRIU.
> >
> > To restore a process with the same PID/TID CRIU currently uses
> > /proc/sys/kernel/ns_last_pid. It writes the desired (PID - 1) to
> > ns_last_pid and then (quickly) does a clone(). This works most of the
> > time, but it is racy. It is also slow as it requires multiple syscalls.
>
> Can you elaborate how this is racy, please. Afaict, CRIU will always
> usually restore in a new pid namespace that it controls, right?
Why? No. For example you can checkpoint (not sure this is correct word)
a single process in your namespace, then (try to restore) it.
> What is
> the exact race?
something else in the same namespace can fork() right after criu writes
the pid-for-restore into ns_last_pid.
Oleg.
Powered by blists - more mailing lists