Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

On 11/22, KOSAKI Motohiro wrote: > > >> I have found no problem in this patch. However, I have a very basic > >> question. > >> Why do we need to keep fs->in_exec? > > > > To ensure that a sub-thread can't create a new process with the same > > ->fs while we are doing exec without

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

On 11/22, KOSAKI Motohiro wrote: I have found no problem in this patch. However, I have a very basic question. Why do we need to keep fs-in_exec? To ensure that a sub-thread can't create a new process with the same -fs while we are doing exec without LSM_UNSAFE_SHARE, I guess. This

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

>> I have found no problem in this patch. However, I have a very basic question. >> Why do we need to keep fs->in_exec? > > To ensure that a sub-thread can't create a new process with the same > ->fs while we are doing exec without LSM_UNSAFE_SHARE, I guess. This > is only for security/ code.

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

On 11/22, KOSAKI Motohiro wrote: > > (11/22/2013 12:54 PM), Oleg Nesterov wrote: > > fs_struct->in_exec == T means that this ->fs is used by a single > > process (thread group), and one of the treads does do_execve(). > > > > To avoid the mt-exec races this code has the following complications: >

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

(11/22/2013 12:54 PM), Oleg Nesterov wrote: > fs_struct->in_exec == T means that this ->fs is used by a single > process (thread group), and one of the treads does do_execve(). > > To avoid the mt-exec races this code has the following complications: > > 1. check_unsafe_exec() returns

[PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

fs_struct->in_exec == T means that this ->fs is used by a single process (thread group), and one of the treads does do_execve(). To avoid the mt-exec races this code has the following complications: 1. check_unsafe_exec() returns -EBUSY if ->in_exec was already set by another

[PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

fs_struct-in_exec == T means that this -fs is used by a single process (thread group), and one of the treads does do_execve(). To avoid the mt-exec races this code has the following complications: 1. check_unsafe_exec() returns -EBUSY if -in_exec was already set by another

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

(11/22/2013 12:54 PM), Oleg Nesterov wrote: fs_struct-in_exec == T means that this -fs is used by a single process (thread group), and one of the treads does do_execve(). To avoid the mt-exec races this code has the following complications: 1. check_unsafe_exec() returns -EBUSY if

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

On 11/22, KOSAKI Motohiro wrote: (11/22/2013 12:54 PM), Oleg Nesterov wrote: fs_struct-in_exec == T means that this -fs is used by a single process (thread group), and one of the treads does do_execve(). To avoid the mt-exec races this code has the following complications: 1.

Re: [PATCH 2/4] check_unsafe_exec: kill the dead -EAGAIN and clear_in_exec logic

I have found no problem in this patch. However, I have a very basic question. Why do we need to keep fs-in_exec? To ensure that a sub-thread can't create a new process with the same -fs while we are doing exec without LSM_UNSAFE_SHARE, I guess. This is only for security/ code. But in