Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries

From: Christian Brauner
Date: Thu Dec 09 2021 - 09:08:39 EST

Next message: Rebecca Lawrence: "[no subject]"
Previous message: Sean Nyekjaer: "Re: [PATCH v5 3/4] mtd: core: protect access to MTD devices while in suspend"
In reply to: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 09, 2021 at 02:44:19PM +0100, Michal Koutný wrote:
> On Wed, Dec 08, 2021 at 01:07:54PM -1000, Tejun Heo <tj@xxxxxxxxxx> wrote:
>
> > + saved_cred = override_creds(of->file->f_cred);
> > ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
> > - of->file->f_path.dentry->d_sb, threadgroup);
> > + of->file->f_path.dentry->d_sb,
> > + threadgroup, ctx->ns);
> > + revert_creds(saved_cred);
>
> I wonder now whether such a wrap shouldn't also be around cgroup_kill()
> too (+ replacement of send_sig() with group_send_sig_info() [1])?

send_sig() isn't used that was changed in response to a review. I'm
confused.

>
> This shouldn't break the use case of passing cgroup kill fd to a less
> privileged task for (auto)destruction purposes but on the other hand it
> would prevent subverting the fd to a more privileged confused task to
> kill otherwise disallowed processes.

Kill and freeze only do time permission checking at open. Why would you
introduce another write time check?

Next message: Rebecca Lawrence: "[no subject]"
Previous message: Sean Nyekjaer: "Re: [PATCH v5 3/4] mtd: core: protect access to MTD devices while in suspend"
In reply to: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]