* [GIT PULL] pid namespace fixes for v4.12-rc2
@ 2017-05-17 23:42 Eric W. Biederman
0 siblings, 0 replies; 2+ messages in thread
From: Eric W. Biederman @ 2017-05-17 23:42 UTC (permalink / raw)
To: Linus Torvalds
Cc: Linux Containers, linux-kernel, Vovo Yang, Guenter Roeck,
Kirill Tkhai, Oleg Nesterov
Linus,
Please pull the for-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus
HEAD: 3fd37226216620c1a468afa999739d5016fbc349 pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
These are two bugs that turn out to have simple fixes that were reported
during the merge window. Both of these issues have existed for a while
and it just happens that they both were reported at almost the same
time.
Eric W. Biederman (1):
pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
Kirill Tkhai (1):
pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
kernel/fork.c | 8 ++++++--
kernel/pid_namespace.c | 2 +-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index 06d759ab4c62..aa1076c5e4a9 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1845,11 +1845,13 @@ static __latent_entropy struct task_struct *copy_process(
*/
recalc_sigpending();
if (signal_pending(current)) {
- spin_unlock(¤t->sighand->siglock);
- write_unlock_irq(&tasklist_lock);
retval = -ERESTARTNOINTR;
goto bad_fork_cancel_cgroup;
}
+ if (unlikely(!(ns_of_pid(pid)->nr_hashed & PIDNS_HASH_ADDING))) {
+ retval = -ENOMEM;
+ goto bad_fork_cancel_cgroup;
+ }
if (likely(p->pid)) {
ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
@@ -1907,6 +1909,8 @@ static __latent_entropy struct task_struct *copy_process(
return p;
bad_fork_cancel_cgroup:
+ spin_unlock(¤t->sighand->siglock);
+ write_unlock_irq(&tasklist_lock);
cgroup_cancel_fork(p);
bad_fork_free_pid:
cgroup_threadgroup_change_end(current);
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index d1f3e9f558b8..74a5a7255b4d 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -277,7 +277,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
* if reparented.
*/
for (;;) {
- set_current_state(TASK_UNINTERRUPTIBLE);
+ set_current_state(TASK_INTERRUPTIBLE);
if (pid_ns->nr_hashed == init_pids)
break;
schedule();
Eric
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [GIT PULL] pid namespace fixes for v4.12-rc2
@ 2017-05-17 23:42 Eric W. Biederman
0 siblings, 0 replies; 2+ messages in thread
From: Eric W. Biederman @ 2017-05-17 23:42 UTC (permalink / raw)
To: Linus Torvalds
Cc: Vovo Yang, Linux Containers, Oleg Nesterov,
linux-kernel-u79uwXL29TY76Z2rM5mHXA, Kirill Tkhai, Guenter Roeck
Linus,
Please pull the for-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus
HEAD: 3fd37226216620c1a468afa999739d5016fbc349 pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
These are two bugs that turn out to have simple fixes that were reported
during the merge window. Both of these issues have existed for a while
and it just happens that they both were reported at almost the same
time.
Eric W. Biederman (1):
pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
Kirill Tkhai (1):
pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
kernel/fork.c | 8 ++++++--
kernel/pid_namespace.c | 2 +-
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index 06d759ab4c62..aa1076c5e4a9 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1845,11 +1845,13 @@ static __latent_entropy struct task_struct *copy_process(
*/
recalc_sigpending();
if (signal_pending(current)) {
- spin_unlock(¤t->sighand->siglock);
- write_unlock_irq(&tasklist_lock);
retval = -ERESTARTNOINTR;
goto bad_fork_cancel_cgroup;
}
+ if (unlikely(!(ns_of_pid(pid)->nr_hashed & PIDNS_HASH_ADDING))) {
+ retval = -ENOMEM;
+ goto bad_fork_cancel_cgroup;
+ }
if (likely(p->pid)) {
ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
@@ -1907,6 +1909,8 @@ static __latent_entropy struct task_struct *copy_process(
return p;
bad_fork_cancel_cgroup:
+ spin_unlock(¤t->sighand->siglock);
+ write_unlock_irq(&tasklist_lock);
cgroup_cancel_fork(p);
bad_fork_free_pid:
cgroup_threadgroup_change_end(current);
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index d1f3e9f558b8..74a5a7255b4d 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -277,7 +277,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
* if reparented.
*/
for (;;) {
- set_current_state(TASK_UNINTERRUPTIBLE);
+ set_current_state(TASK_INTERRUPTIBLE);
if (pid_ns->nr_hashed == init_pids)
break;
schedule();
Eric
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-05-17 23:48 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-05-17 23:42 [GIT PULL] pid namespace fixes for v4.12-rc2 Eric W. Biederman
-- strict thread matches above, loose matches on Subject: below --
2017-05-17 23:42 Eric W. Biederman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.