lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <wj3tqes2kd3tjsxpj62kqb6u56lht2pko3qnkjzulyqqoel2nj@apym47ae33gl>
Date: Thu, 30 Jan 2025 10:26:08 +0100
From: Michal Koutný <mkoutny@...e.com>
To: Shakeel Butt <shakeel.butt@...ux.dev>
Cc: Tejun Heo <tj@...nel.org>, Christian Brauner <brauner@...nel.org>, 
	linux-kernel@...r.kernel.org, cgroups@...r.kernel.org, Joshua Hahn <joshua.hahnjy@...il.com>
Subject: Re: Maybe a race window in cgroup.kill?

On Wed, Jan 29, 2025 at 11:08:41AM -0800, Shakeel Butt <shakeel.butt@...ux.dev> wrote:
> I think this is indeed the race though small. One way to fix this is by
> taking cgroup_threadgroup_rwsem in write mode in __cgroup_kill() as the
> fork side takes it in read mode from cgroup_can_fork() to
> cgroup_post_fork().

I don't see that cgroup_mutex and css_set_lock alone ensure the ordering
neither. cgroup_threadgroup_rwsem would be certain but heavy as you
write.

As I'm looking at it now, freezing is similar but shouldn't allow such a
child escape if k3' came before c6 since the CGRP_FREEZE (or
~CGRP_FREEZE) is permanent (until next operation).
That is IIUC basis for Shakeel's sequence approach too.
(CLONE_INTO_CGROUP should be fine thanks to cgroup_mutex.)

Thanks,
Michal

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ