From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=OkV6=I4=kernelnewbies.org=kernelnewbies-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 46277C433C1
	for <kernelnewbies@archiver.kernel.org>; Tue, 30 Mar 2021 18:41:01 +0000 (UTC)
Received: from shelob.surriel.com (shelob.surriel.com [96.67.55.147])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A568061968
	for <kernelnewbies@archiver.kernel.org>; Tue, 30 Mar 2021 18:41:00 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A568061968
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=vt.edu
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernelnewbies-bounces@kernelnewbies.org
Received: from localhost ([::1] helo=shelob.surriel.com)
	by shelob.surriel.com with esmtp (Exim 4.94)
	(envelope-from <kernelnewbies-bounces@kernelnewbies.org>)
	id 1lRJIB-0001u5-JX; Tue, 30 Mar 2021 14:40:43 -0400
Received: from mail-qv1-xf2e.google.com ([2607:f8b0:4864:20::f2e])
 by shelob.surriel.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94)
 (envelope-from <valdis@vt.edu>) id 1lRJIA-0001u0-N7
 for kernelnewbies@kernelnewbies.org; Tue, 30 Mar 2021 14:40:42 -0400
Received: by mail-qv1-xf2e.google.com with SMTP id q12so8659531qvc.8
 for <kernelnewbies@kernelnewbies.org>; Tue, 30 Mar 2021 11:40:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=vt-edu.20150623.gappssmtp.com; s=20150623;
 h=sender:from:to:cc:subject:in-reply-to:references:mime-version
 :content-transfer-encoding:date:message-id;
 bh=6UnAvyuv222Oyz8pbECw9fkWoeFE6/vSVGKhSaU1MAc=;
 b=hHjqrnKGyhgzNVweqHcg4LkZuBN68VhPAnuCr79W1er6BYj9KgkWMD5CokruFgeh6O
 ZIHmlYA21tFi5ZpfsKPSs17lJANbNPX1WtVJvxS07svc4R2GIRIG6YdTqVWYbeN8Is10
 ME1kNCas3AkX3OTdJtsT4xTg0r7p5fjqEO/rih9V+SWPZ3rk7/lqh9P3X0e8/3LsZoiX
 zFt0mMAneYi1l8nm5UYHaZGmCHaPY3qm5w2ihxAYBbvc4InQE7xU4NCHJUat8g+YU0Ya
 1kOH4LdQe+diF9F9Mplq6cKsHjGMMZCwAEm4ed7ITQ+CWlPl6XjCZb6eHsUSlQFNvlii
 0SEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:from:to:cc:subject:in-reply-to:references
 :mime-version:content-transfer-encoding:date:message-id;
 bh=6UnAvyuv222Oyz8pbECw9fkWoeFE6/vSVGKhSaU1MAc=;
 b=HcZBpmZClWQ1yN/4yQOfYCtXe9OEA+SCSxtmGJDgHAusRPto4ih7c5RD+NYSLOShlX
 7oL6ybLgiV9VKX02ZRDgbFHPSW2+dYBqljmWQH7M9E8pCtTnTNgbzE5R8VteaqM8cKAX
 EnW8IQUoKOYgyywMuP5ud/2bk+BHGmOMHi2DbOPKDi/JJaVLm9vVx9CBz97pNPJVzNMx
 AVbIDC+EjcWakxOE7wnobvGwObZ4Ty3mXbv2emKFSO+/WMivFSzj+T4eobAI7iT4Y0dq
 qcctH+SOj0Pgp7vFt5p6mdwCkp/theWbTt2I9K2pXH0BzHJjUpXO9zaR2ewfZQ15nteJ
 z2Cg==
X-Gm-Message-State: AOAM530Gw2QFlxVYIvvAoqtuE4M7zALR9b3i6sGftm/jcTiSWx/oJSdG
 edB9JDQeAAMH6S5ykVj3U7jJzg==
X-Google-Smtp-Source: ABdhPJyGygCtVd8UTEMKJt5p40C+gjd6VB6M9DSWc9F3FOWAEPqMfB8CrEt74d2zJoMMGlN9exCX6g==
X-Received: by 2002:a0c:e90d:: with SMTP id a13mr32035006qvo.36.1617129640088; 
 Tue, 30 Mar 2021 11:40:40 -0700 (PDT)
Received: from turing-police ([2601:5c0:c380:d61::359])
 by smtp.gmail.com with ESMTPSA id l14sm13786456qtp.4.2021.03.30.11.40.39
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 30 Mar 2021 11:40:39 -0700 (PDT)
From: "Valdis Kl=?utf-8?Q?=c4=93?=tnieks" <valdis.kletnieks@vt.edu>
X-Google-Original-From: "Valdis Kl=?utf-8?Q?=c4=93?=tnieks"
 <Valdis.Kletnieks@vt.edu>
X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7+dev
To: John Wood <john.wood@gmx.com>
Subject: Re: Notify special task kill using wait* functions
In-Reply-To: <20210330173459.GA3163@ubuntu>
References: <20210330173459.GA3163@ubuntu>
Mime-Version: 1.0
Date: Tue, 30 Mar 2021 14:40:38 -0400
Message-ID: <79804.1617129638@turing-police>
Cc: kernelnewbies@kernelnewbies.org
X-BeenThere: kernelnewbies@kernelnewbies.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Learn about the Linux kernel <kernelnewbies.kernelnewbies.org>
List-Unsubscribe: <https://lists.kernelnewbies.org/mailman/options/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=unsubscribe>
List-Archive: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/>
List-Post: <mailto:kernelnewbies@kernelnewbies.org>
List-Help: <mailto:kernelnewbies-request@kernelnewbies.org?subject=help>
List-Subscribe: <https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5319146927113558965=="
Errors-To: kernelnewbies-bounces@kernelnewbies.org

--===============5319146927113558965==
Content-Type: multipart/signed; boundary="==_Exmh_1617129638_70618P";
	 micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit

--==_Exmh_1617129638_70618P
Content-Type: text/plain; charset=us-ascii

On Tue, 30 Mar 2021 19:34:59 +0200, John Wood said:

> The question is: How can I notify to wait* functions that the task has
> been killed by the "Brute" LSM.

What wait* functions even *care* that your LSM was what killed it?

If you're caring about somehow notifying userspace that it was your LSM
specifically, remember that if your code works properly, only attackers
get notified - and they can then determine "Ah, this system has Brute installed,
we need to back off and fly under its radar".

You're much better off sending a SIGKILL to the entire process group
and be done with it. That way the bad guys get less information.

--==_Exmh_1617129638_70618P
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Comment: Exmh version 2.9.0 11/07/2018

iQIVAwUBYGNwpgdmEQWDXROgAQK2mA//Vox12r9fbzmjJRqM69wuyCl7zqfUJcIb
8RxBBgz+tO0SP4X4rTd45zBShalY5oL9y81fdy+A1q14e4Q5cRAaNC1bXJ1DK71D
CRhu6LT4vajxlaZu7G3j9F+IHLBpBO5O/ciWI9HJ6kuLtZTJ1bCgmq+GecuKv/w3
gSFewkvicaCideihF4+aWm6u5kPREHGCAxnIEmlglnG2BIbjlat4Z5iL1fDcPQZ2
DU+U3dFtfQqSzKh0GLA6xrruXI9mfzDuGmvhh0WOrb/lXixK9X4+jvjJy877ugio
a4spzFtAGAbeDpEkfTcCjhQiELBytwS27rGJhwkO4UOW/Nqhb0OpSrxQT3tJnRRd
x8rBYWsa+GXmgHSx8fwAs9WuY3TWS+KqyBLlLgJ5ZKkaax4fJfMfcSiaJd0bETsf
sYcmX3z5dw7p8JJCHB0M1CpyMHOwTqJNA/5tB4LoQ787GbXYn7FiN8TVmZLij+D3
lVGWOmnld3/78NpTzfHCYGBtMCqW37Td3aJqy2HK1+ttvSlXPtTylh1kBI2xh1pP
exW2noLnLbFmKI4oXrzYDTGreiL1EUpBEdS0p1J5zkEiGDasWKMhhxGnEfkFT/rR
LxTMKEu1ktMqDicTAfjrX4JBEVrvk0M/d+ys7TyCi4Aq7nHc2tuW2f9+8yeaAzvQ
hhx5xFKwSYo=
=6rOo
-----END PGP SIGNATURE-----

--==_Exmh_1617129638_70618P--


--===============5319146927113558965==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

--===============5319146927113558965==--