pidfd fixes for v5.2-rc1
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7btrcuORLb1XUhEwjrBW1T7ssS0FAlzVbswACgkQjrBW1T7s sS0E1g/+KzVB7tvPFeTF3dE49ZuUygW/YD1tUpxRTr1C0Wm4W5FFRg9tg/SdGO1E uXAGpl3qy4kcpG66MdVJHEdsG4ffSHzz/jrLMl3cktrnnO0nSG5kjl2Bg0AoF2GK Y7qiwmxQ9/20WeU5lK/tZKdHdGtv8Fo0a8119Ol0OEi0qZ2VUEXz0qM5Bh7GR3UW Y/mTuRnhQgGbjTArTms06WgCd6/tuyEffAXgeNbAmPCe6zuW5i2KsnDSdLbb59r5 SR8La0rfGcgs8k2waKR68sw8dMdEN2Za/8MoY4GRKa226dQUtr0NooJW913R2Kc1 y4dlgk8cZC3kAZnlBDZChkIKwOCnR6ha5UYsm3ksDEja9mS7vOhwpW3yThFRCGnY caHwrO/o/T393ENOBz8Nbbjq7B+TRc8nq+Wm5xm+ZeTKMhuEvXV2d1Gi32tlyuMl +TI4BKi0V2hA/L71imQy/0A0E3obU6ctxFThWGCF//mSp3QwjF1yNsR9eV9wCp3d MBL0Rv5zxrqkjklUq8TSJEXNLbMj12pvd4pKiSymhJuJO2PCoZ+RMZvPVGj+/Iku atQE/0kE1yUEYFGgoMTLsGyGPMG3CSPNhO63Q/8U/MO/YqSge5ql4tMP8iiT5jOi vdQ807OKwdg4M3A1IIUBbYZbIuY/g7n/065tnKR+7nxR1OLqB/E= =0qDn -----END PGP SIGNATURE----- Merge tag 'pidfd-fixes-v5.2-rc1' of gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux Pull pidfd fixes from Christian Brauner: "This fixes two bugs: - The first one reported by Linus whereby the pidfd-metadata binary was not placed in a .gitignore file. - The second one is rather urgent and fixes a locking issue found by syzkaller. What happened is that during process creation we need to check whether the cgroup we are in allows us to fork. To perform this check the cgroup needs to guard itself against threadgroup changes and takes a lock. Prior to CLONE_PIDFD the cleanup target "bad_fork_free_pid" would also need to release said lock. That's not true anymore since CLONE_PIDFD so this is fixed here. Syzkaller has tested the patch and was not able to reproduce the issue" * tag 'pidfd-fixes-v5.2-rc1' of gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux: fork: do not release lock that wasn't taken samples: add .gitignore for pidfd-metadata
This commit is contained in:
commit
3232b43f72
|
@ -2102,7 +2102,7 @@ static __latent_entropy struct task_struct *copy_process(
|
|||
*/
|
||||
retval = cgroup_can_fork(p);
|
||||
if (retval)
|
||||
goto bad_fork_put_pidfd;
|
||||
goto bad_fork_cgroup_threadgroup_change_end;
|
||||
|
||||
/*
|
||||
* From this point on we must avoid any synchronous user-space
|
||||
|
@ -2217,11 +2217,12 @@ static __latent_entropy struct task_struct *copy_process(
|
|||
spin_unlock(¤t->sighand->siglock);
|
||||
write_unlock_irq(&tasklist_lock);
|
||||
cgroup_cancel_fork(p);
|
||||
bad_fork_cgroup_threadgroup_change_end:
|
||||
cgroup_threadgroup_change_end(current);
|
||||
bad_fork_put_pidfd:
|
||||
if (clone_flags & CLONE_PIDFD)
|
||||
ksys_close(pidfd);
|
||||
bad_fork_free_pid:
|
||||
cgroup_threadgroup_change_end(current);
|
||||
if (pid != &init_struct_pid)
|
||||
free_pid(pid);
|
||||
bad_fork_cleanup_thread:
|
||||
|
|
1
samples/pidfd/.gitignore
vendored
Normal file
1
samples/pidfd/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
pidfd-metadata
|
Loading…
Reference in New Issue
Block a user