From: Oleg Nesterov <oleg@redhat.com>
To: Will Drewry <wad@chromium.org>
Cc: linux-kernel@vger.kernel.org, nschichan@freebox.fr,
keescook@chromium.org, james.l.morris@oracle.com,
akpm@linux-foundation.org, holt@sgi.com, viro@zeniv.linux.org.uk
Subject: Re: [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC
Date: Tue, 14 Jan 2014 20:21:18 +0100 [thread overview]
Message-ID: <20140114192118.GA31411@redhat.com> (raw)
In-Reply-To: <1389645028-17157-2-git-send-email-wad@chromium.org>
On 01/13, Will Drewry wrote:
>
> +static pid_t seccomp_sync_threads(void)
> +{
> + struct task_struct *thread, *caller;
> + pid_t failed = 0;
> + thread = caller = current;
> +
> + read_lock(&tasklist_lock);
> + if (thread_group_empty(caller))
> + goto done;
> + while_each_thread(caller, thread) {
> + task_lock(thread);
perhaps we take task_lock() to serialize with another caller of
seccomp_sync_threads()...
If yes, then perhaps you can use ->siglock instead of tasklist_lock
and do not use task_lock(). It would be even better to rely on rcu,
but:
> + get_seccomp_filter(caller);
> + /*
> + * Drop the task reference to the shared ancestor since
> + * current's path will hold a reference. (This also
> + * allows a put before the assignment.)
> + */
> + put_seccomp_filter(thread);
> + thread->seccomp.filter = caller->seccomp.filter;
As I said, I do not understand this patch yet, but this looks suspicious.
Why we can't race with this thread doing clone(CLONE_THREAD) ? We do
not the the new thread yet, but its ->seccomp can be already copied
by copy_process(), no?
Oleg.
next prev parent reply other threads:[~2014-01-14 19:21 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-13 20:30 [PATCH 1/2] seccomp: protect seccomp.filter pointer (w) with the task_lock Will Drewry
2014-01-13 20:30 ` [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC Will Drewry
2014-01-13 22:42 ` [PATCH 3/3] Documentation/prctl/seccomp_filter.txt: document extensions Will Drewry
2014-01-13 23:36 ` [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC Andy Lutomirski
2014-01-14 18:59 ` Will Drewry
2014-01-14 20:24 ` Andy Lutomirski
2014-01-14 20:59 ` Will Drewry
2014-01-14 21:09 ` Andy Lutomirski
2014-01-14 21:19 ` Will Drewry
2014-01-14 19:07 ` Oleg Nesterov
2014-01-14 19:21 ` Oleg Nesterov [this message]
2014-01-14 20:02 ` Oleg Nesterov
2014-01-14 20:13 ` Oleg Nesterov
2014-01-14 20:53 ` Will Drewry
2014-01-14 21:06 ` Will Drewry
2014-01-15 19:04 ` Oleg Nesterov
2014-01-15 19:28 ` Oleg Nesterov
2014-01-15 19:33 ` Will Drewry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140114192118.GA31411@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=holt@sgi.com \
--cc=james.l.morris@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nschichan@freebox.fr \
--cc=viro@zeniv.linux.org.uk \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.