The Linux Kernel Mailing List
 help / color / mirror / Atom feed
From: Magnus Lindholm <linmag7@gmail.com>
To: jannh@google.com
Cc: arjan@linux.intel.com, brauner@kernel.org, ebiederm@xmission.com,
	jack@suse.cz, jake@lwn.net, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org, regressions@lists.linux.dev,
	stable@vger.kernel.org, viro@zeniv.linux.org.uk
Subject: Re: [PATCH] proc: protect ptrace_may_access() with exec_update_lock (part 1)
Date: Mon,  6 Jul 2026 19:07:35 +0200	[thread overview]
Message-ID: <20260706170735.2941493-1-linmag7@gmail.com> (raw)
In-Reply-To: <20260518-procfs-lockfix-part1-v1-1-5c3d20e0ac33@google.com>

Hi,

while testing my Alpha generic-entry series on top of v7.2-rc1, I noticed
that several strace --pidns-translation tests started failing. The same
generic-entry series on top of v7.1-rc1 passes these tests.

I bisected the regression between v7.1-rc1 and v7.2-rc1, always applying
the same generic-entry series before testing, and the first bad commit is:

  6650527444dadc63d84aa939d14ecba4fadb2f69
  proc: protect ptrace_may_access() with exec_update_lock (part 1)

Examples of failing strace tests include:

  signal_receive--pidns-translation.gen.test
  so_peercred--pidns-translation.gen.test
  tgkill--pidns-translation.gen.test
  tkill--pidns-translation.gen.test
  fcntl--pidns-translation.gen.test
  xet_robust_list--pidns-translation.gen.test
  xetpgid--pidns-translation.gen.test
  xetpriority--pidns-translation.gen.test

One simple reproducer is:

  cd strace/tests
  ./xetpgid--pidns-translation.gen.test

The failure looks like this:

  ../../src/strace: NS_* ioctl commands are not supported by the kernel

and the decoded output lacks the expected pidns translation comments, e.g.:

  - getpgid(2 /* 6 in strace's PID NS */) = 0
  + getpgid(2) = 0

Looking at the patch, the relevant part seems to be the change in
fs/proc/namespaces.c: proc_ns_get_link() and proc_ns_readlink() now take
task->signal->exec_update_lock around the ptrace_may_access() check and
namespace link/readlink handling. strace's --decode-pids=pidns code appears
to rely on accessing /proc/<pid>/ns/pid for short-lived tracees in a nested
PID namespace, so this looks like a plausible connection to the failure.

The kernel has the relevant namespace options enabled:

  CONFIG_NAMESPACES=y
  CONFIG_USER_NS=y
  CONFIG_PID_NS=y
  CONFIG_CHECKPOINT_RESTORE=y
  CONFIG_PROC_FS=y

I also tested the basic nsfs ioctls with a small standalone program, both
outside and inside "unshare -Urpf", and NS_GET_NSTYPE,
NS_GET_PID_IN_PIDNS and NS_GET_PID_FROM_PIDNS all work there. So the failure
does not look like missing namespace support or a simple ioctl-number issue;
it seems specific to the proc/ns access pattern used by strace's pidns
translation code.

#regzbot introduced: 6650527444dadc63d84aa939d14ecba4fadb2f69

Thanks,
Magnus

  parent reply	other threads:[~2026-07-06 17:07 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-18 16:35 [PATCH 0/2] proc: protect ptrace_may_access() with exec_update_lock Jann Horn
2026-05-18 16:35 ` [PATCH 1/2] proc: protect ptrace_may_access() with exec_update_lock (part 1) Jann Horn
2026-05-26  8:48   ` Oleg Nesterov
2026-05-26  9:44     ` Oleg Nesterov
2026-05-26 14:19       ` Jann Horn
2026-05-26 14:16     ` Jann Horn
2026-05-26 18:22       ` Oleg Nesterov
2026-05-26 18:30         ` Jann Horn
2026-06-05 14:36   ` Mark Brown
2026-06-05 14:39     ` Jann Horn
2026-07-06 17:07   ` Magnus Lindholm [this message]
2026-07-06 17:37     ` [PATCH] " Jann Horn
2026-07-06 18:00       ` Magnus Lindholm
2026-07-06 18:24         ` Jann Horn
2026-05-18 16:35 ` [PATCH 2/2] proc: protect ptrace_may_access() with exec_update_lock (FD links) Jann Horn
2026-05-22 11:47 ` [PATCH 0/2] proc: protect ptrace_may_access() with exec_update_lock Christian Brauner
2026-05-25 19:56 ` Eric W. Biederman
2026-05-26 11:10   ` Oleg Nesterov
2026-05-26 18:22   ` Jann Horn
2026-05-27 12:01     ` Christian Brauner
2026-05-27 12:31       ` Christian Brauner
2026-05-27 13:49         ` Jann Horn
2026-05-27 13:44       ` Jann Horn
2026-05-27 13:57         ` Christian Brauner
     [not found]     ` <87wlwny905.fsf@email.froward.int.ebiederm.org>
2026-05-28 14:20       ` Jann Horn
     [not found]         ` <87mrx9f8q2.fsf@email.froward.int.ebiederm.org>
2026-06-05 14:34           ` Jann Horn
2026-06-10  7:48             ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260706170735.2941493-1-linmag7@gmail.com \
    --to=linmag7@gmail.com \
    --cc=arjan@linux.intel.com \
    --cc=brauner@kernel.org \
    --cc=ebiederm@xmission.com \
    --cc=jack@suse.cz \
    --cc=jake@lwn.net \
    --cc=jannh@google.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=regressions@lists.linux.dev \
    --cc=stable@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox