From: Oleg Nesterov <oleg@redhat.com>
To: Will Drewry <wad@chromium.org>
Cc: linux-kernel@vger.kernel.org, nschichan@freebox.fr,
keescook@chromium.org, james.l.morris@oracle.com,
akpm@linux-foundation.org, holt@sgi.com, viro@zeniv.linux.org.uk
Subject: Re: [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC
Date: Tue, 14 Jan 2014 20:21:18 +0100 [thread overview]
Message-ID: <20140114192118.GA31411@redhat.com> (raw)
In-Reply-To: <1389645028-17157-2-git-send-email-wad@chromium.org>
On 01/13, Will Drewry wrote:
>
> +static pid_t seccomp_sync_threads(void)
> +{
> + struct task_struct *thread, *caller;
> + pid_t failed = 0;
> + thread = caller = current;
> +
> + read_lock(&tasklist_lock);
> + if (thread_group_empty(caller))
> + goto done;
> + while_each_thread(caller, thread) {
> + task_lock(thread);
perhaps we take task_lock() to serialize with another caller of
seccomp_sync_threads()...
If yes, then perhaps you can use ->siglock instead of tasklist_lock
and do not use task_lock(). It would be even better to rely on rcu,
but:
> + get_seccomp_filter(caller);
> + /*
> + * Drop the task reference to the shared ancestor since
> + * current's path will hold a reference. (This also
> + * allows a put before the assignment.)
> + */
> + put_seccomp_filter(thread);
> + thread->seccomp.filter = caller->seccomp.filter;
As I said, I do not understand this patch yet, but this looks suspicious.
Why we can't race with this thread doing clone(CLONE_THREAD) ? We do
not the the new thread yet, but its ->seccomp can be already copied
by copy_process(), no?
Oleg.
next prev parent reply other threads:[~2014-01-14 19:21 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-13 20:30 [PATCH 1/2] seccomp: protect seccomp.filter pointer (w) with the task_lock Will Drewry
2014-01-13 20:30 ` [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC Will Drewry
2014-01-13 22:42 ` [PATCH 3/3] Documentation/prctl/seccomp_filter.txt: document extensions Will Drewry
2014-01-13 23:36 ` [PATCH 2/2] sys, seccomp: add PR_SECCOMP_EXT and SECCOMP_EXT_ACT_TSYNC Andy Lutomirski
2014-01-14 18:59 ` Will Drewry
2014-01-14 20:24 ` Andy Lutomirski
2014-01-14 20:59 ` Will Drewry
2014-01-14 21:09 ` Andy Lutomirski
2014-01-14 21:19 ` Will Drewry
2014-01-14 19:07 ` Oleg Nesterov
2014-01-14 19:21 ` Oleg Nesterov [this message]
2014-01-14 20:02 ` Oleg Nesterov
2014-01-14 20:13 ` Oleg Nesterov
2014-01-14 20:53 ` Will Drewry
2014-01-14 21:06 ` Will Drewry
2014-01-15 19:04 ` Oleg Nesterov
2014-01-15 19:28 ` Oleg Nesterov
2014-01-15 19:33 ` Will Drewry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140114192118.GA31411@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=holt@sgi.com \
--cc=james.l.morris@oracle.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nschichan@freebox.fr \
--cc=viro@zeniv.linux.org.uk \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox