From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752790AbcGYTWs (ORCPT ); Mon, 25 Jul 2016 15:22:48 -0400 Received: from mail-lf0-f48.google.com ([209.85.215.48]:33556 "EHLO mail-lf0-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751105AbcGYTWp (ORCPT ); Mon, 25 Jul 2016 15:22:45 -0400 Date: Mon, 25 Jul 2016 22:22:42 +0300 From: Cyrill Gorcunov To: "Eric W. Biederman" Cc: Stanislav Kinsburskiy , peterz@infradead.org, mingo@redhat.com, mhocko@suse.com, keescook@chromium.org, linux-kernel@vger.kernel.org, mguzik@redhat.com, bsegall@google.com, john.stultz@linaro.org, oleg@redhat.com, matthltc@us.ibm.com, akpm@linux-foundation.org, luto@amacapital.net, vbabka@suse.cz, xemul@virtuozzo.com Subject: Re: [PATCH] prctl: remove one-shot limitation for changing exe link Message-ID: <20160725192242.GA26208@uranus> References: <20160712152940.24895.61315.stgit@localhost.localdomain> <8a863273-c571-63d6-c0c3-637dff5645a3@virtuozzo.com> <87y44pbmtc.fsf@x220.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87y44pbmtc.fsf@x220.int.ebiederm.org> User-Agent: Mutt/1.6.1 (2016-04-27) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 25, 2016 at 01:21:51PM -0500, Eric W. Biederman wrote: > Stanislav Kinsburskiy writes: > > > Gentlemen, > > > > Looks like there are no objections to this patch. > > There has been objection. > > The only justification for the change that has been put forward is > someone doing a restore lazily. I don't see a reason why you can't call > prctl_set_mm_exe_file until you have the file in place instead of a > place holder that sounds like a trivial solution to any restore issues. > > The truth is an unlimited settable exe link is essentially meaningless, > as you can't depend on it for anything. One shot seems the best > compromise I have seen put forward between the definite > checkpoint/restart requirement to set the this value and the general > need to have something that makes sense and people can depend on for > system management. > > Also there is a big fat bug in prctl_set_mm_exe_file. It doesn't > validate that the new file is a actually mmaped executable. We would > definitely need that to be fixed before even considering removing the > limit. Could you please elaborate? We check for inode being executable, what else needed? > Right now all I see is people involved in the implementation details of > their own little feature > > So for the patch I am responding to: > Nacked-by: "Eric W. Biederman" > > Plus the merge window is open so no one is taking any patches right now. > It is the time to take what has already been staged and get that code > merged. > > Eric > Cyrill