| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240731145132.GC16718@redhat.com>
Date: Wed, 31 Jul 2024 16:51:33 +0200
From: Oleg Nesterov <oleg@...hat.com>
To: Christian Brauner <brauner@...nel.org>
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Aleksa Sarai <cyphar@...har.com>,
Tycho Andersen <tandersen@...flix.com>,
Daan De Meyer <daan.j.demeyer@...il.com>, Tejun Heo <tj@...nel.org>,
stable@...r.kernel.org
Subject: Re: [PATCH] pidfd: prevent creation of pidfds for kthreads
On 07/31, Christian Brauner wrote:
>
> It's currently possible to create pidfds for kthreads but it is unclear
> what that is supposed to mean. Until we have use-cases for it and we
> figured out what behavior we want block the creation of pidfds for
> kthreads.
Hmm... could you explain your concerns? Why do you think we should disallow
pidfd_open(pid-of-kthread) ?
> @@ -2403,6 +2416,12 @@ __latent_entropy struct task_struct *copy_process(
> if (clone_flags & CLONE_PIDFD) {
> int flags = (clone_flags & CLONE_THREAD) ? PIDFD_THREAD : 0;
>
> + /* Don't create pidfds for kernel threads for now. */
> + if (args->kthread) {
> + retval = -EINVAL;
> + goto bad_fork_free_pid;
Do we really need this check? Userspace can't use args->kthread != NULL,
the kernel users should not use CLONE_PIDFD.
Oleg.
Powered by blists - more mailing lists