lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230421-kurstadt-stempeln-3459a64aef0c@brauner>
Date:   Fri, 21 Apr 2023 15:41:10 +0200
From:   Christian Brauner <brauner@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Christian Brauner <brauner@...nel.org>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [GIT PULL] pidfd updates

Hey Linus,

/* Summary */
This adds a new pidfd_prepare() helper which allows the caller to
reserve a pidfd number and allocates a new pidfd file that stashes the
provided struct pid.

It should be avoided installing a file descriptor into a task's file
descriptor table just to close it again via close_fd() in case an
error occurs. The fd has been visible to userspace and might already be
in use. Instead, a file descriptor should be reserved but not installed
into the caller's file descriptor table.

If another failure path is hit then the reserved file descriptor and
file can just be put without any userspace visible side-effects. And if
all failure paths are cleared the file descriptor and file can be
installed into the task's file descriptor table.

This helper is now used in all places that open coded this functionality
before. For example, this is currently done during copy_process() and
fanotify used pidfd_create(), which returns a pidfd that has already
been made visibile in the caller's file descriptor table, but then
closed it using close_fd().

In one of the next merge windows there is also new functionality coming
to unix domain sockets that will have to rely on pidfd_prepare().

/* Testing */
clang: Ubuntu clang version 15.0.6
gcc: (Ubuntu 12.2.0-3ubuntu1) 12.2.0

All patches are based on 6.3-rc4 and have been sitting in linux-next.
No build failures or warnings were observed. All old and new tests in
fstests, selftests, and LTP pass without regressions.

/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with
current mainline.

The following changes since commit 197b6b60ae7bc51dd0814953c562833143b292aa:

  Linux 6.3-rc4 (2023-03-26 14:40:20 -0700)

are available in the Git repository at:

  git@...olite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/v6.4/pidfd.file

for you to fetch changes up to eee3a0e93924f2aab8ebaa7f2e26fd0f3b33f9e7:

  fanotify: use pidfd_prepare() (2023-04-03 11:16:57 +0200)

Please consider pulling these changes from the signed v6.4/pidfd.file tag.

Thanks!
Christian

----------------------------------------------------------------
v6.4/pidfd.file

----------------------------------------------------------------
Christian Brauner (3):
      pid: add pidfd_prepare()
      fork: use pidfd_prepare()
      fanotify: use pidfd_prepare()

 fs/notify/fanotify/fanotify_user.c | 13 +++--
 include/linux/pid.h                |  1 +
 kernel/fork.c                      | 98 +++++++++++++++++++++++++++++++++-----
 kernel/pid.c                       | 19 +++-----
 4 files changed, 104 insertions(+), 27 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ