From: Magnus Lindholm <linmag7@gmail.com>
To: jannh@google.com
Cc: arjan@linux.intel.com, brauner@kernel.org, ebiederm@xmission.com,
jack@suse.cz, jake@lwn.net, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, regressions@lists.linux.dev,
stable@vger.kernel.org, viro@zeniv.linux.org.uk
Subject: Re: [PATCH] proc: protect ptrace_may_access() with exec_update_lock (part 1)
Date: Mon, 6 Jul 2026 19:07:35 +0200 [thread overview]
Message-ID: <20260706170735.2941493-1-linmag7@gmail.com> (raw)
In-Reply-To: <20260518-procfs-lockfix-part1-v1-1-5c3d20e0ac33@google.com>
Hi,
while testing my Alpha generic-entry series on top of v7.2-rc1, I noticed
that several strace --pidns-translation tests started failing. The same
generic-entry series on top of v7.1-rc1 passes these tests.
I bisected the regression between v7.1-rc1 and v7.2-rc1, always applying
the same generic-entry series before testing, and the first bad commit is:
6650527444dadc63d84aa939d14ecba4fadb2f69
proc: protect ptrace_may_access() with exec_update_lock (part 1)
Examples of failing strace tests include:
signal_receive--pidns-translation.gen.test
so_peercred--pidns-translation.gen.test
tgkill--pidns-translation.gen.test
tkill--pidns-translation.gen.test
fcntl--pidns-translation.gen.test
xet_robust_list--pidns-translation.gen.test
xetpgid--pidns-translation.gen.test
xetpriority--pidns-translation.gen.test
One simple reproducer is:
cd strace/tests
./xetpgid--pidns-translation.gen.test
The failure looks like this:
../../src/strace: NS_* ioctl commands are not supported by the kernel
and the decoded output lacks the expected pidns translation comments, e.g.:
- getpgid(2 /* 6 in strace's PID NS */) = 0
+ getpgid(2) = 0
Looking at the patch, the relevant part seems to be the change in
fs/proc/namespaces.c: proc_ns_get_link() and proc_ns_readlink() now take
task->signal->exec_update_lock around the ptrace_may_access() check and
namespace link/readlink handling. strace's --decode-pids=pidns code appears
to rely on accessing /proc/<pid>/ns/pid for short-lived tracees in a nested
PID namespace, so this looks like a plausible connection to the failure.
The kernel has the relevant namespace options enabled:
CONFIG_NAMESPACES=y
CONFIG_USER_NS=y
CONFIG_PID_NS=y
CONFIG_CHECKPOINT_RESTORE=y
CONFIG_PROC_FS=y
I also tested the basic nsfs ioctls with a small standalone program, both
outside and inside "unshare -Urpf", and NS_GET_NSTYPE,
NS_GET_PID_IN_PIDNS and NS_GET_PID_FROM_PIDNS all work there. So the failure
does not look like missing namespace support or a simple ioctl-number issue;
it seems specific to the proc/ns access pattern used by strace's pidns
translation code.
#regzbot introduced: 6650527444dadc63d84aa939d14ecba4fadb2f69
Thanks,
Magnus
next prev parent reply other threads:[~2026-07-06 17:07 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-18 16:35 [PATCH 0/2] proc: protect ptrace_may_access() with exec_update_lock Jann Horn
2026-05-18 16:35 ` [PATCH 1/2] proc: protect ptrace_may_access() with exec_update_lock (part 1) Jann Horn
2026-05-26 8:48 ` Oleg Nesterov
2026-05-26 9:44 ` Oleg Nesterov
2026-05-26 14:19 ` Jann Horn
2026-05-26 14:16 ` Jann Horn
2026-05-26 18:22 ` Oleg Nesterov
2026-05-26 18:30 ` Jann Horn
2026-06-05 14:36 ` Mark Brown
2026-06-05 14:39 ` Jann Horn
2026-07-06 17:07 ` Magnus Lindholm [this message]
2026-07-06 17:37 ` [PATCH] " Jann Horn
2026-07-06 18:00 ` Magnus Lindholm
2026-07-06 18:24 ` Jann Horn
2026-05-18 16:35 ` [PATCH 2/2] proc: protect ptrace_may_access() with exec_update_lock (FD links) Jann Horn
2026-05-22 11:47 ` [PATCH 0/2] proc: protect ptrace_may_access() with exec_update_lock Christian Brauner
2026-05-25 19:56 ` Eric W. Biederman
2026-05-26 11:10 ` Oleg Nesterov
2026-05-26 18:22 ` Jann Horn
2026-05-27 12:01 ` Christian Brauner
2026-05-27 12:31 ` Christian Brauner
2026-05-27 13:49 ` Jann Horn
2026-05-27 13:44 ` Jann Horn
2026-05-27 13:57 ` Christian Brauner
[not found] ` <87wlwny905.fsf@email.froward.int.ebiederm.org>
2026-05-28 14:20 ` Jann Horn
[not found] ` <87mrx9f8q2.fsf@email.froward.int.ebiederm.org>
2026-06-05 14:34 ` Jann Horn
2026-06-10 7:48 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260706170735.2941493-1-linmag7@gmail.com \
--to=linmag7@gmail.com \
--cc=arjan@linux.intel.com \
--cc=brauner@kernel.org \
--cc=ebiederm@xmission.com \
--cc=jack@suse.cz \
--cc=jake@lwn.net \
--cc=jannh@google.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=regressions@lists.linux.dev \
--cc=stable@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox