From: Oleg Nesterov <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Roland McGrath <roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org,
containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org,
Sukadev Bhattiprolu
<sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org
Subject: Re: [PATCH 4/6][v5] Protect cinit from unblocked SIG_DFL signals
Date: Mon, 5 Jan 2009 14:24:07 +0100 [thread overview]
Message-ID: <20090105132407.GC3313@redhat.com> (raw)
In-Reply-To: <20081231001942.F35E2FC278-nL1rrgvulkc2UH6IwYuUx0EOCMrvLtNR@public.gmane.org>
On 12/30, Roland McGrath wrote:
>
> I'd just make the flag a parameter to send_signal() directly.
> Then you can just change kill_pid_info_as_uid (or its replacement)
> to call send_signal() with that new flag (and the 'group' flag)
> directly instead of using the trivial __group_send_sig_info wrapper.
Ah, good. Can't understand why I didn't think about this before!
But, perhaps, it is better to add the new helper, __send_signal()
or whatever which has the new "from_ancestor_ns" argument. Then,
static int send_signal(...)
{
bool from_ancestor_ns = 0;
#ifdef CONFIG_PID_NS
if (!is_si_special(info) && SI_FROMUSER(info)) {
from_ancestor_ns = !task_pid_nr_ns(current, task_active_pid_ns(t));
}
#endif
return __send_signal(..., from_ancestor_ns);
}
but this is cosmetic issue.
Oleg.
WARNING: multiple messages have this Message-ID (diff)
From: Oleg Nesterov <oleg@redhat.com>
To: Roland McGrath <roland@redhat.com>
Cc: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
ebiederm@xmission.com, bastian@waldi.eu.org, daniel@hozac.com,
xemul@openvz.org, containers@lists.osdl.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4/6][v5] Protect cinit from unblocked SIG_DFL signals
Date: Mon, 5 Jan 2009 14:24:07 +0100 [thread overview]
Message-ID: <20090105132407.GC3313@redhat.com> (raw)
In-Reply-To: <20081231001942.F35E2FC278@magilla.sf.frob.com>
On 12/30, Roland McGrath wrote:
>
> I'd just make the flag a parameter to send_signal() directly.
> Then you can just change kill_pid_info_as_uid (or its replacement)
> to call send_signal() with that new flag (and the 'group' flag)
> directly instead of using the trivial __group_send_sig_info wrapper.
Ah, good. Can't understand why I didn't think about this before!
But, perhaps, it is better to add the new helper, __send_signal()
or whatever which has the new "from_ancestor_ns" argument. Then,
static int send_signal(...)
{
bool from_ancestor_ns = 0;
#ifdef CONFIG_PID_NS
if (!is_si_special(info) && SI_FROMUSER(info)) {
from_ancestor_ns = !task_pid_nr_ns(current, task_active_pid_ns(t));
}
#endif
return __send_signal(..., from_ancestor_ns);
}
but this is cosmetic issue.
Oleg.
next prev parent reply other threads:[~2009-01-05 13:24 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-27 20:46 [PATCH 0/6][v5]: Container-init signal semantics Sukadev Bhattiprolu
[not found] ` <20081227204658.GA27197-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-12-27 20:49 ` [PATCH 1/6][v5] Remove 'handler' parameter to tracehook functions Sukadev Bhattiprolu
2008-12-27 20:49 ` Sukadev Bhattiprolu
2008-12-27 20:51 ` [PATCH 2/6][v5] Protect init from unwanted signals more Sukadev Bhattiprolu
2008-12-27 20:52 ` [PATCH 3/6][v5] Define siginfo_from_ancestor_ns() Sukadev Bhattiprolu
2008-12-31 0:12 ` Roland McGrath
[not found] ` <20081227205222.GB27337-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-01-05 12:42 ` Oleg Nesterov
2009-01-05 12:42 ` Oleg Nesterov
2009-01-05 14:33 ` Oleg Nesterov
2008-12-27 20:53 ` [PATCH 4/6][v5] Protect cinit from unblocked SIG_DFL signals Sukadev Bhattiprolu
2008-12-31 0:19 ` Roland McGrath
[not found] ` <20081231001942.F35E2FC278-nL1rrgvulkc2UH6IwYuUx0EOCMrvLtNR@public.gmane.org>
2009-01-05 13:24 ` Oleg Nesterov [this message]
2009-01-05 13:24 ` Oleg Nesterov
2008-12-27 20:54 ` [PATCH 5/6][v5] Protect cinit from blocked fatal signals Sukadev Bhattiprolu
2009-01-05 15:16 ` Oleg Nesterov
2008-12-27 20:55 ` [PATCH 6/6][v5] SI_USER: Masquerade si_pid when crossing pid ns boundary Sukadev Bhattiprolu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090105132407.GC3313@redhat.com \
--to=oleg-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=bastian-yyjItF7Rl6lg9hUCZPvPmw@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=roland-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=sukadev-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.