Eric, our discussion was a bit confusing, and it seems that we did not fully convince each other. So let me ask what do you finally think about this fix.
Let me repeat. Even if I do not agree with some of your objections, I do agree that 1/2 does not look nice and clean. And we seem to agree that either way, with or without this fix, we need more changes in this area. But we need a simple and backportable fix for stable trees, say for rhel7. This bug was reported many times, and this is the simplest solution I was able to find. Oleg. On 02/13, Oleg Nesterov wrote: > > Hello, > > Lets finally fix this problem, it was reported several times. I still think > that > in the longer term we should (try to) rework the security hooks and > (partially) > revert this change, but this is not trivial and we need something backportable > anyway. > > Eric, Jann, we already discussed this change. 1/2 is the same patch I > suggested 3 > months ago except now it compiles and moves flush_signal_handlers() to > de_thread(). > > Both patches ask for subsequent cleanups, see the changelogs. > > Oleg. > > arch/x86/ia32/ia32_aout.c | 3 ++ > fs/binfmt_aout.c | 3 ++ > fs/binfmt_elf.c | 6 ++- > fs/binfmt_elf_fdpic.c | 4 ++ > fs/binfmt_flat.c | 3 ++ > fs/exec.c | 128 > +++++++++++++++++++++++----------------------- > include/linux/binfmts.h | 1 + > kernel/exit.c | 5 +- > kernel/signal.c | 21 +++++--- > 9 files changed, 101 insertions(+), 73 deletions(-)
