On Mon, Aug 19, 2013 at 11:33 AM, Oleg Nesterov <[email protected]> wrote: > On 08/19, Andy Lutomirski wrote: >> >> On Mon, Aug 19, 2013 at 10:25 AM, Oleg Nesterov <[email protected]> wrote: >> > Hello. >> > >> > Colin reports that vfork() doesn't work after unshare(PIDNS). The >> > reason is trivial, copy_process() does: >> > >> > /* >> > * If the new process will be in a different pid namespace >> > * don't allow the creation of threads. >> > */ >> > if ((clone_flags & (CLONE_VM|CLONE_NEWPID)) && >> > (task_active_pid_ns(current) != current->nsproxy->pid_ns)) >> > return ERR_PTR(-EINVAL); >> > >> > and CLONE_VM obviously nacks vfork(). So perhaps we can relax >> > this check to CLONE_THREAD? Or should we really nack CLONE_VM >> > by security reasons? >> > >> > OTOH. Perhaps we should also deny CLONE_PARENT in this case? >> > >> > In short. So far I am thinking about the patch below but I got >> > lost and totally confused. Will try to think more tomorrow, but >> > I would like to see the fix from someone who still understands >> > this all. >> > >> > Oleg. >> >> By way of (partial) explanation: >> >> http://marc.info/?l=linux-kernel&m=135545831607095 > > Thanks... too late for me to even try to read this discussion today. > > and I am a bit confused, > >> (tl;dr: I think that CLONE_VM is irrelevant here, but there may be >> other issues lurking around.) > > So do you think this change is fine or not (ignoring the fact it needs > cleanups) ?
I think that removing the CLONE_VM check is fine (although there are some other ones that should probably be removed as well), but I'm not sure if that check needs replacing with something else. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
