Prev: [PATCH] vfs rerepost: fix RCU-lockdep false positive due to /proc
Next: Boston Linux Power Management Mini-summit - August 9th, 2010
From: Sukadev Bhattiprolu on 25 Jun 2010 17:20
Oleg Nesterov [oleg(a)redhat.com] wrote:
| On 06/25, Sukadev Bhattiprolu wrote:
| >
| > Louis Rilling [Louis.Rilling(a)kerlabs.com] wrote:
| > | - proc_pid_readdir():
| > | Needs similar check and protection to proc_pid_lookup(), but there is another
| > | issue: next_tgid() can find a dying task:
| >
| > Hmm, I thought proc_pid_readdir() would be a problem too but convinced myself
| > that it would not - since a process running proc_pid_readdir() would have
| > a reference to the pid namespace,
|
| Where does this reference comes from ?

Caller of proc_pid_readdir() would be living in the same pid namespace right ?
i.e the pid namespace is not empty. If not they would be accessing a different
instance of /proc -no ?

Hmm, but thinking some more, if pid ns is created but /proc not
remounted, the process would be accessing the parent ns (which cannot go
away).

A process cannot access a descendant/unrelated pid namespaces's /proc right ?

|
| proc_pid_readdir() pins the task_struct (ns->child_reaper), not the pid/ns.
|
| But I won't be surprised if I am wrong again ;)
|
| Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: Oleg Nesterov on 25 Jun 2010 17:40
On 06/25, Sukadev Bhattiprolu wrote:
>
> Oleg Nesterov [oleg(a)redhat.com] wrote:
> | On 06/25, Sukadev Bhattiprolu wrote:
> | >
> | > Louis Rilling [Louis.Rilling(a)kerlabs.com] wrote:
> | > | - proc_pid_readdir():
> | > | Needs similar check and protection to proc_pid_lookup(), but there is another
> | > | issue: next_tgid() can find a dying task:
> | >
> | > Hmm, I thought proc_pid_readdir() would be a problem too but convinced myself
> | > that it would not - since a process running proc_pid_readdir() would have
> | > a reference to the pid namespace,
> |
> | Where does this reference comes from ?
>
> Caller of proc_pid_readdir() would be living in the same pid namespace right ?

Afaics, in general not.

Suppose that we do something like

if (!clone(CLONE_NEWPID)) {
mount("none", "/SUB_PROC", "proc", 0, NULL);
exit();
}

After that /SUB_PROC/ still exists, one can do "ls /SUB_PROC/".

This particular case is fine, ns->child_reaper was already cleared.
But, as Louis pointed out, ls can race with the exiting init.

> | But I won't be surprised if I am wrong again ;)

Yes ;)

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: Sukadev Bhattiprolu on 25 Jun 2010 18:00
Oleg Nesterov [oleg(a)redhat.com] wrote:
| On 06/25, Sukadev Bhattiprolu wrote:
| >
| > Oleg Nesterov [oleg(a)redhat.com] wrote:
| > | On 06/25, Sukadev Bhattiprolu wrote:
| > | >
| > | > Louis Rilling [Louis.Rilling(a)kerlabs.com] wrote:
| > | > | - proc_pid_readdir():
| > | > | Needs similar check and protection to proc_pid_lookup(), but there is another
| > | > | issue: next_tgid() can find a dying task:
| > | >
| > | > Hmm, I thought proc_pid_readdir() would be a problem too but convinced myself
| > | > that it would not - since a process running proc_pid_readdir() would have
| > | > a reference to the pid namespace,
| > |
| > | Where does this reference comes from ?
| >
| > Caller of proc_pid_readdir() would be living in the same pid namespace right ?
|
| Afaics, in general not.
|
| Suppose that we do something like
|
| if (!clone(CLONE_NEWPID)) {
| mount("none", "/SUB_PROC", "proc", 0, NULL);
| exit();
| }
|
| After that /SUB_PROC/ still exists, one can do "ls /SUB_PROC/".

Yes, I see it now. Thanks,

Sukadev
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
First  |  Prev  | 
Pages: 1 2
Prev: [PATCH] vfs rerepost: fix RCU-lockdep false positive due to /proc
Next: Boston Linux Power Management Mini-summit - August 9th, 2010