lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2026010828-squash-tranquil-7544@gregkh>
Date: Thu, 8 Jan 2026 06:37:53 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: jongan.kim@....com
Cc: arve@...roid.com, tkjos@...roid.com, brauner@...nel.org,
	cmllamas@...gle.com, aliceryhl@...gle.com,
	linux-kernel@...r.kernel.org, kernel-team@...roid.com,
	ht.hong@....com, sunghoon.kim@....com, sanghun.lee@....com,
	jungsu.hwang@....com, seulgi.lee@....com
Subject: Re: [PATCH RESEND] binder: handle PID namespace conversion for
 freeze operation

On Thu, Jan 08, 2026 at 10:10:11AM +0900, jongan.kim@....com wrote:
> From: "JongAn Kim" <jongan.kim@....com>
> 
> Currently, when a freeze is attempted from a non-init PID namespace,
> there is a possibility that the wrong process in the init namespace
> may be frozen due to PID collision across namespaces.

I did not think that binder worked with pid namespaces.  I think I've
asked this before and was told it was not supported.

So how are you running into this?  What system requires this?

> For example, if a container with PID namespace has a process with
> PID 100 (which maps to PID 5000 in init namespace), attempting to
> freeze PID 100 from the container could incorrectly match a different
> process with PID 100 in the init namespace.
> 
> This patch fixes the issue by:
> 1. Converting the caller's PID from their namespace to init namespace
> 2. Matching against binder_proc->pid (which stores init namespace TGID)
> 3. Returning -EINVAL for invalid PIDs and -ESRCH for not-found processes

Are you sure this is the only place pid namespaces come into play in
binder?  If this is going to be supported, I think all uses of pids need
to handle namespaces.

or am I confused as to what is broken here?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ