From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756364Ab0LJQCU (ORCPT ); Fri, 10 Dec 2010 11:02:20 -0500 Received: from 184-106-158-135.static.cloud-ips.com ([184.106.158.135]:55032 "EHLO mail" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1756170Ab0LJQCT (ORCPT ); Fri, 10 Dec 2010 11:02:19 -0500 Date: Fri, 10 Dec 2010 16:02:23 +0000 From: "Serge E. Hallyn" To: "Eric W. Biederman" Cc: "Serge E. Hallyn" , LSM , containers@lists.linux-foundation.org, Kees Cook , kernel list Subject: Re: [RFC PATCH 4/4] allow killing tasks in your own or child userns Message-ID: <20101210160223.GA16601@mail.hallyn.com> References: <20101209172027.GA10085@mail.hallyn.com> <20101209172843.GA10155@mail.hallyn.com> <20101209173050.GA10206@mail.hallyn.com> <20101209173245.GB10206@mail.hallyn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Quoting Eric W. Biederman (ebiederm@xmission.com): > "Serge E. Hallyn" writes: > > +static inline int kill_ok_by_cred(struct cred *cred, struct cred *tcred) > > +{ > Nit: You should just pass in the target task here. > Making it abundantly clear where current and tcred come from. > ns_capable implicitly uses current which is a little surprising > when everything else is being passed in, but makes perfect sense > in this context. Thanks, that makes sense, will do. If the set seems fine overall, then I'll also look at adding ptrace controls, and hopefully send the result out next week. thanks, -serge