| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240216181214.GA10393@redhat.com> Date: Fri, 16 Feb 2024 19:12:14 +0100 From: Oleg Nesterov <oleg@...hat.com> To: Christian Brauner <brauner@...nel.org> Cc: Andy Lutomirski <luto@...capital.net>, "Eric W. Biederman" <ebiederm@...ssion.com>, Tycho Andersen <tycho@...ho.pizza>, linux-api@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 2/2] pidfd: change pidfd_send_signal() to respect PIDFD_THREAD On 02/16, Christian Brauner wrote: > > > SI_USER means that the target can trust the values of si_pid/si_uid > > in siginfo. > > Bah, what an annoying nonsense. I see that this can be used to emulate > stuff like SI_TIMER and SI_ASYNCIO. But I very much doubt the value of > e.g., emulating SI_DETHREAD. Maybe I'm missing something very obvious. I don't understand... SI_USER/SI_TKILL means that the signal comes from the userspace (kill/etc), but siginfo was filled by the kernel so the receiver can trust it. > So wouldn't be better of just writing this as? > > if ((task_pid(current) != pid || type > PIDTYPE_TGID) && > (kinfo.si_code >= 0 || kinfo.si_code == SI_TKILL)) > goto err; > > So that we don't have to repeat the same exercise if we extend this to > anything above PIDTYPE_PGID? Heh ;) I swear, this is how I wrote it originally, but then for some reason I thought it would raise the questions, so I changed it to check PIDTYPE_PGID. IOW, sure, I agree. Oleg.
Powered by blists - more mailing lists