From: Oleg Nesterov <oleg@redhat.com>
To: Bradley Morgan <include@grrlz.net>
Cc: Christian Brauner <brauner@kernel.org>,
ebiederm@xmission.com, Andrew Morton <akpm@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Adrian Huang <adrianhuang0701@gmail.com>,
Marco Elver <elver@google.com>,
Kexin Sun <kexinsun@smail.nju.edu.cn>,
Thomas Gleixner <tglx@kernel.org>,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH] signal: avoid shared siginfo namespace rewrites
Date: Mon, 22 Jun 2026 19:46:37 +0200 [thread overview]
Message-ID: <ajl0_fTFXHpL8P9T@redhat.com> (raw)
In-Reply-To: <20260622164029.11474-1-include@grrlz.net>
On 06/22, Bradley Morgan wrote:
>
> send_signal_locked() rewrites sender ids for the target namespace.
> Group sends reuse the same siginfo, so one recipient can affect the
> next.
Hmm... I'll re-read this change tomorrow after sleep, but I am almost sure
you are you are right anyway...
I am wondering if we can conditionalize the "swap(rewritten, info)" logic
with your patch, most probably this makes no sense...
May I suggest another change on top of your fix? Make the "kernel_siginfo *info"
arg of send_signal_locked() "const". To make it more clear. Yes, the signature
of has_si_pid_and_uid() should be changed too. Up to you.
Thanks,
Oleg.
> Copy the siginfo before changing it.
>
> Fixes: 7a0cf094944e ("signal: Correct namespace fixups of si_pid and si_uid")
> Cc: stable@vger.kernel.org
> Signed-off-by: Bradley Morgan <include@grrlz.net>
> ---
> kernel/signal.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/kernel/signal.c b/kernel/signal.c
> index b9fc7be1a169..d72d9be3a992 100644
> --- a/kernel/signal.c
> +++ b/kernel/signal.c
> @@ -1181,6 +1181,7 @@ static inline bool has_si_pid_and_uid(struct kernel_siginfo *info)
> int send_signal_locked(int sig, struct kernel_siginfo *info,
> struct task_struct *t, enum pid_type type)
> {
> + struct kernel_siginfo rewritten;
> /* Should SIGKILL or SIGSTOP be received by a pid namespace init? */
> bool force = false;
>
> @@ -1194,6 +1195,9 @@ int send_signal_locked(int sig, struct kernel_siginfo *info,
> /* SIGKILL and SIGSTOP is special or has ids */
> struct user_namespace *t_user_ns;
>
> + rewritten = *info;
> + info = &rewritten;
> +
> rcu_read_lock();
> t_user_ns = task_cred_xxx(t, user_ns);
> if (current_user_ns() != t_user_ns) {
> --
> 2.53.0
>
next prev parent reply other threads:[~2026-06-22 17:46 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-22 16:40 [PATCH] signal: avoid shared siginfo namespace rewrites Bradley Morgan
2026-06-22 17:46 ` Oleg Nesterov [this message]
2026-06-22 20:05 ` Bradley Morgan
2026-06-22 20:25 ` [PATCH v2 1/2] " Bradley Morgan
2026-06-22 20:25 ` [PATCH v2 2/2] signal: make send_signal_locked() take const siginfo Bradley Morgan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ajl0_fTFXHpL8P9T@redhat.com \
--to=oleg@redhat.com \
--cc=adrianhuang0701@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=brauner@kernel.org \
--cc=ebiederm@xmission.com \
--cc=elver@google.com \
--cc=include@grrlz.net \
--cc=kexinsun@smail.nju.edu.cn \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.