From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>,
Linux Kernel <linux-kernel@vger.kernel.org>,
xfs@oss.sgi.com, Ben Myers <bpm@sgi.com>,
Oleg Nesterov <oleg@redhat.com>, Dave Jones <davej@redhat.com>
Subject: Re: splice vs execve lockdep trace.
Date: Tue, 16 Jul 2013 06:31:40 +0100 [thread overview]
Message-ID: <20130716053140.GK4165@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFxiGXht8+Dox=C2ezYYf1yMaLAzMYr40j=+peP8j5Ha6w@mail.gmail.com>
On Mon, Jul 15, 2013 at 08:25:14PM -0700, Linus Torvalds wrote:
> The "pipe -> cred_guard_mutex" lock chain is pretty direct, and can be
> clearly attributed to splicing into /proc. Now, whether that is a
> *good* idea or not is clearly debatable, and I do think that maybe we
> should just not splice to/from proc files, but that doesn't seem to be
> new, and I don't think it's necessarily *broken* per se, it's just
> that splicing into /proc seems somewhat unnecessary, and various proc
> files do end up taking locks that can be "interesting".
FWIW, we might attack that one - after all, we could have ->splice_write()
for that guy that would grab cred_guard_mutex, then call splice_from_pipe()
with actor that would map/do security_setprocattr/unmap... Said that,
considering what it does on write, it really does *not* want to deal with
partial writes, so...
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Dave Jones <davej@redhat.com>,
Linux Kernel <linux-kernel@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Oleg Nesterov <oleg@redhat.com>, Ben Myers <bpm@sgi.com>,
xfs@oss.sgi.com
Subject: Re: splice vs execve lockdep trace.
Date: Tue, 16 Jul 2013 06:31:40 +0100 [thread overview]
Message-ID: <20130716053140.GK4165@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFxiGXht8+Dox=C2ezYYf1yMaLAzMYr40j=+peP8j5Ha6w@mail.gmail.com>
On Mon, Jul 15, 2013 at 08:25:14PM -0700, Linus Torvalds wrote:
> The "pipe -> cred_guard_mutex" lock chain is pretty direct, and can be
> clearly attributed to splicing into /proc. Now, whether that is a
> *good* idea or not is clearly debatable, and I do think that maybe we
> should just not splice to/from proc files, but that doesn't seem to be
> new, and I don't think it's necessarily *broken* per se, it's just
> that splicing into /proc seems somewhat unnecessary, and various proc
> files do end up taking locks that can be "interesting".
FWIW, we might attack that one - after all, we could have ->splice_write()
for that guy that would grab cred_guard_mutex, then call splice_from_pipe()
with actor that would map/do security_setprocattr/unmap... Said that,
considering what it does on write, it really does *not* want to deal with
partial writes, so...
next prev parent reply other threads:[~2013-07-16 5:31 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-16 1:53 splice vs execve lockdep trace Dave Jones
2013-07-16 2:32 ` Linus Torvalds
2013-07-16 2:38 ` Dave Jones
2013-07-16 3:25 ` Linus Torvalds
2013-07-16 3:25 ` Linus Torvalds
2013-07-16 3:28 ` Dave Jones
2013-07-16 3:28 ` Dave Jones
2013-07-16 5:31 ` Al Viro [this message]
2013-07-16 5:31 ` Al Viro
2013-07-16 6:03 ` Dave Chinner
2013-07-16 6:03 ` Dave Chinner
2013-07-16 6:16 ` Al Viro
2013-07-16 6:16 ` Al Viro
2013-07-16 6:41 ` Dave Chinner
2013-07-16 6:41 ` Dave Chinner
2013-07-16 6:50 ` Dave Chinner
2013-07-16 6:50 ` Dave Chinner
2013-07-16 19:33 ` Ben Myers
2013-07-16 19:33 ` Ben Myers
2013-07-16 20:18 ` Linus Torvalds
2013-07-16 20:18 ` Linus Torvalds
2013-07-16 20:43 ` Dave Chinner
2013-07-16 20:43 ` Dave Chinner
2013-07-16 21:02 ` Linus Torvalds
2013-07-16 21:02 ` Linus Torvalds
2013-07-17 4:06 ` Dave Chinner
2013-07-17 4:06 ` Dave Chinner
2013-07-17 4:54 ` Linus Torvalds
2013-07-17 4:54 ` Linus Torvalds
2013-07-17 5:51 ` Dave Chinner
2013-07-17 5:51 ` Dave Chinner
2013-07-17 16:03 ` Linus Torvalds
2013-07-17 16:03 ` Linus Torvalds
2013-07-17 23:40 ` Ben Myers
2013-07-17 23:40 ` Ben Myers
2013-07-18 0:17 ` Linus Torvalds
2013-07-18 0:17 ` Linus Torvalds
2013-07-18 3:42 ` Dave Chinner
2013-07-18 3:42 ` Dave Chinner
2013-07-18 21:16 ` Ben Myers
2013-07-18 21:16 ` Ben Myers
2013-07-18 22:21 ` Ben Myers
2013-07-18 22:21 ` Ben Myers
2013-07-18 22:49 ` Dave Chinner
2013-07-18 22:49 ` Dave Chinner
2013-07-18 3:17 ` Dave Chinner
2013-07-18 3:17 ` Dave Chinner
2013-07-16 13:59 ` Vince Weaver
2013-07-16 13:59 ` Vince Weaver
2013-07-16 15:02 ` Dave Jones
2013-07-16 15:02 ` Dave Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130716053140.GK4165@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=bpm@sgi.com \
--cc=davej@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.