On 3/25/20 4:10 PM, Eric W. Biederman wrote:
Bernd Edlinger bernd.edlinger@hotmail.de writes:
This is an infrastructure change that makes way for fixing this issue. Each patch was already posted previously so this is just a cleanup of the original mailing list thread(s) which got out of control by now.
Everything started here: https://lore.kernel.org/lkml/AM6PR03MB5170B06F3A2B75EFB98D071AE4E60@AM6PR03M...
I added reviewed-by tags from the mailing list threads, except when withdrawn.
It took a lot longer than expected to collect everything from the mailinglist threads, since several commit messages have been infected with typos, and they got fixed without a new patch version.
- Correct the point of no return.
- Add two new mutexes to replace cred_guard_mutex.
- Fix each use of cred_guard_mutex.
- Update documentation.
- Add a test case.
Bernd Edlinger (11): exec: Fix a deadlock in strace selftests/ptrace: add test cases for dead-locks mm: docs: Fix a comment in process_vm_rw_core kernel: doc: remove outdated comment cred.c kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve proc: Use new infrastructure to fix deadlocks in execve proc: io_accounting: Use new infrastructure to fix deadlocks in execve perf: Use new infrastructure to fix deadlocks in execve pidfd: Use new infrastructure to fix deadlocks in execve exec: Fix dead-lock in de_thread with ptrace_attach doc: Update documentation of ->exec_*_mutex
Eric W. Biederman (5): exec: Only compute current once in flush_old_exec exec: Factor unshare_sighand out of de_thread and call it separately exec: Move cleanup of posix timers on exec out of de_thread exec: Move exec_mmap right after de_thread in flush_old_exec exec: Add exec_update_mutex to replace cred_guard_mutex
Documentation/security/credentials.rst | 29 +++++-- fs/exec.c | 122 ++++++++++++++++++++++-------- fs/proc/base.c | 23 +++--- include/linux/binfmts.h | 8 +- include/linux/sched/signal.h | 17 ++++- init/init_task.c | 3 +- kernel/cred.c | 4 +- kernel/events/core.c | 12 +-- kernel/fork.c | 7 +- kernel/kcmp.c | 8 +- kernel/pid.c | 4 +- kernel/ptrace.c | 20 ++++- kernel/seccomp.c | 15 ++-- mm/process_vm_access.c | 2 +- tools/testing/selftests/ptrace/Makefile | 4 +- tools/testing/selftests/ptrace/vmaccess.c | 86 +++++++++++++++++++++ 16 files changed, 278 insertions(+), 86 deletions(-) create mode 100644 tools/testing/selftests/ptrace/vmaccess.c
Two small nits.
- You reposted my patches with adding your signed-off-by
- You reposted my patches and did not include a "From:" in the body so "git am" listed you as the author.
I have fixed those up and will be merging this code to linux-next, unless you object.
Thanks, I have not expected that a From: which names a different domain than hotmail.de would be forwarded by the SMTP servers I have to use. Actually I was not even aware of the problem at all.
The Patch "exec: Add exec_update_mutex to replace cred_guard_mutex" was initially reviewed-by: bernd.edlinger@hotmail.de but it turned out to be faulty, so I update your patch faithfully, and did a small change to fix the patch, therefore it is actually 99% your and 1% my patch, therefore I figured I should be in a signed-off-by: together with you. BTW: I saw a Reviewed-by: Kirill Tkhai ktkhai@virtuozzo.com on the mailing list, you should add that as well.
Thanks Bernd.