LKML Archive on lore.kernel.org
 help / color / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: Bernd Edlinger <bernd.edlinger@hotmail.de>
Cc: Jann Horn <jannh@google.com>,
	Christian Brauner <christian.brauner@ubuntu.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Andrew Morton <akpm@linux-foundation.org>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Oleg Nesterov <oleg@redhat.com>,
	Frederic Weisbecker <frederic@kernel.org>,
	Andrei Vagin <avagin@gmail.com>, Ingo Molnar <mingo@kernel.org>,
	"Peter Zijlstra \(Intel\)" <peterz@infradead.org>,
	Yuyang Du <duyuyang@gmail.com>,
	David Hildenbrand <david@redhat.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
	Anshuman Khandual <anshuman.khandual@arm.com>,
	David Howells <dhowells@redhat.com>,
	James Morris <jamorris@linux.microsoft.com>,
	Kees Cook <keescook@chromium.org>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Shakeel Butt <shakeelb@google.com>,
	Jason Gunthorpe <jgg@ziepe.ca>,
	Christian Kellner <christian@kellner.me>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Aleksa Sarai <cyphar@cyphar.com>,
	"Dmitry V. Levin" <ldv@altlinux.org>,
	"linux-doc\@vger.kernel.org" <linux-doc@vger.kernel.org>,
	"linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-fsdevel\@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
	"linux-mm\@kvack.org" <linux-mm@kvack.org>,
	"stable\@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCHv2] exec: Fix a deadlock in ptrace
Date: Mon, 02 Mar 2020 00:38:14 -0600
Message-ID: <87a74zmfc9.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <AM6PR03MB5170EB4427BF5C67EE98FF09E4E60@AM6PR03MB5170.eurprd03.prod.outlook.com> (Bernd Edlinger's message of "Sun, 1 Mar 2020 20:34:16 +0000")

Bernd Edlinger <bernd.edlinger@hotmail.de> writes:

> This fixes a deadlock in the tracer when tracing a multi-threaded
> application that calls execve while more than one thread are running.
>
> I observed that when running strace on the gcc test suite, it always
> blocks after a while, when expect calls execve, because other threads
> have to be terminated.  They send ptrace events, but the strace is no
> longer able to respond, since it is blocked in vm_access.
>
> The deadlock is always happening when strace needs to access the
> tracees process mmap, while another thread in the tracee starts to
> execve a child process, but that cannot continue until the
> PTRACE_EVENT_EXIT is handled and the WIFEXITED event is received:

I think your patch works, but I don't think to solve your case another
mutex is necessary.  Possibly it is justified, but I hesitate to
introduce yet another concept in the code.

Having read elsewhere in the thread that this does not solve the problem
Oleg has mentioned I am really hesitant to add more complexity to the
situation.


For your case there is a straight forward and local workaround.

When the current task is ptracing the target task don't bother with
cred_gaurd_mutex and ptrace_may_access in access_mm as those tests
have already passed.  Instead just confirm the ptrace status. AKA
the permission check in ptraces_access_vm.

I think something like this is all we need.

diff --git a/kernel/fork.c b/kernel/fork.c
index cee89229606a..b0ab98c84589 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1224,6 +1224,16 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode)
 	struct mm_struct *mm;
 	int err;
 
+	if (task->ptrace && (current == task->parent)) {
+		mm = get_task_mm(task);
+		if ((get_dumpable(mm) != SUID_DUMP_USER) &&
+		    !ptracer_capable(task, mm->user_ns)) {
+			mmput(mm);
+			mm = ERR_PTR(-EACCESS);
+		}
+		return mm;
+	}
+
 	err =  mutex_lock_killable(&task->signal->cred_guard_mutex);
 	if (err)
 		return ERR_PTR(err);

Does this solve your test case?

The patch above is short the approriate locking for the ptrace attached
check.  (tasklist_lock I think).  But is enough to illustrate the idea,
and it is probably a check we want in any event so that if the tracer
starts dropping privileges process_vm_readv and process_vm_writev will
still be usable by the tracer.

Eric


> strace          D    0 30614  30584 0x00000000
> Call Trace:
> __schedule+0x3ce/0x6e0
> schedule+0x5c/0xd0
> schedule_preempt_disabled+0x15/0x20
> __mutex_lock.isra.13+0x1ec/0x520
> __mutex_lock_killable_slowpath+0x13/0x20
> mutex_lock_killable+0x28/0x30
> mm_access+0x27/0xa0
> process_vm_rw_core.isra.3+0xff/0x550
> process_vm_rw+0xdd/0xf0
> __x64_sys_process_vm_readv+0x31/0x40
> do_syscall_64+0x64/0x220
> entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> expect          D    0 31933  30876 0x80004003
> Call Trace:
> __schedule+0x3ce/0x6e0
> schedule+0x5c/0xd0
> flush_old_exec+0xc4/0x770
> load_elf_binary+0x35a/0x16c0
> search_binary_handler+0x97/0x1d0
> __do_execve_file.isra.40+0x5d4/0x8a0
> __x64_sys_execve+0x49/0x60
> do_syscall_64+0x64/0x220
> entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> The proposed solution is to have a second mutex that is
> used in mm_access, so it is allowed to continue while the
> dying threads are not yet terminated.
>
> I also took the opportunity to improve the documentation
> of prepare_creds, which is obviously out of sync.
>
> Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
> ---
>  Documentation/security/credentials.rst    | 18 ++++++------
>  fs/exec.c                                 |  9 ++++++
>  include/linux/binfmts.h                   |  6 +++-
>  include/linux/sched/signal.h              |  1 +
>  init/init_task.c                          |  1 +
>  kernel/cred.c                             |  2 +-
>  kernel/fork.c                             |  5 ++--
>  mm/process_vm_access.c                    |  2 +-
>  tools/testing/selftests/ptrace/Makefile   |  4 +--
>  tools/testing/selftests/ptrace/vmaccess.c | 46 +++++++++++++++++++++++++++++++
>  10 files changed, 79 insertions(+), 15 deletions(-)
>  create mode 100644 tools/testing/selftests/ptrace/vmaccess.c
>
> v2: adds a test case which passes when this patch is applied.
>
>
> diff --git a/Documentation/security/credentials.rst b/Documentation/security/credentials.rst
> index 282e79f..c98e0a8 100644
> --- a/Documentation/security/credentials.rst
> +++ b/Documentation/security/credentials.rst
> @@ -437,9 +437,13 @@ new set of credentials by calling::
>  
>  	struct cred *prepare_creds(void);
>  
> -this locks current->cred_replace_mutex and then allocates and constructs a
> -duplicate of the current process's credentials, returning with the mutex still
> -held if successful.  It returns NULL if not successful (out of memory).
> +this allocates and constructs a duplicate of the current process's credentials.
> +It returns NULL if not successful (out of memory).
> +
> +If called from __do_execve_file, the mutex current->signal->cred_guard_mutex
> +is acquired before this function gets called, and the mutex
> +current->signal->cred_change_mutex is acquired later, while the credentials
> +and the process mmap are actually changed.
>  
>  The mutex prevents ``ptrace()`` from altering the ptrace state of a process
>  while security checks on credentials construction and changing is taking place
> @@ -466,9 +470,8 @@ by calling::
>  
>  This will alter various aspects of the credentials and the process, giving the
>  LSM a chance to do likewise, then it will use ``rcu_assign_pointer()`` to
> -actually commit the new credentials to ``current->cred``, it will release
> -``current->cred_replace_mutex`` to allow ``ptrace()`` to take place, and it
> -will notify the scheduler and others of the changes.
> +actually commit the new credentials to ``current->cred``, and it will notify
> +the scheduler and others of the changes.
>  
>  This function is guaranteed to return 0, so that it can be tail-called at the
>  end of such functions as ``sys_setresuid()``.
> @@ -486,8 +489,7 @@ invoked::
>  
>  	void abort_creds(struct cred *new);
>  
> -This releases the lock on ``current->cred_replace_mutex`` that
> -``prepare_creds()`` got and then releases the new credentials.
> +This releases the new credentials.
>  
>  
>  A typical credentials alteration function would look something like this::
> diff --git a/fs/exec.c b/fs/exec.c
> index 74d88da..a6884e4 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1266,6 +1266,12 @@ int flush_old_exec(struct linux_binprm * bprm)
>  	if (retval)
>  		goto out;
>  
> +	retval = mutex_lock_killable(&current->signal->cred_change_mutex);
> +	if (retval)
> +		goto out;
> +
> +	bprm->called_flush_old_exec = 1;
> +
>  	/*
>  	 * Must be called _before_ exec_mmap() as bprm->mm is
>  	 * not visibile until then. This also enables the update
> @@ -1420,6 +1426,8 @@ static void free_bprm(struct linux_binprm *bprm)
>  {
>  	free_arg_pages(bprm);
>  	if (bprm->cred) {
> +		if (bprm->called_flush_old_exec)
> +			mutex_unlock(&current->signal->cred_change_mutex);
>  		mutex_unlock(&current->signal->cred_guard_mutex);
>  		abort_creds(bprm->cred);
>  	}
> @@ -1469,6 +1477,7 @@ void install_exec_creds(struct linux_binprm *bprm)
>  	 * credentials; any time after this it may be unlocked.
>  	 */
>  	security_bprm_committed_creds(bprm);
> +	mutex_unlock(&current->signal->cred_change_mutex);
>  	mutex_unlock(&current->signal->cred_guard_mutex);
>  }
>  EXPORT_SYMBOL(install_exec_creds);
> diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
> index b40fc63..2e1318b 100644
> --- a/include/linux/binfmts.h
> +++ b/include/linux/binfmts.h
> @@ -44,7 +44,11 @@ struct linux_binprm {
>  		 * exec has happened. Used to sanitize execution environment
>  		 * and to set AT_SECURE auxv for glibc.
>  		 */
> -		secureexec:1;
> +		secureexec:1,
> +		/*
> +		 * Set by flush_old_exec, when the cred_change_mutex is taken.
> +		 */
> +		called_flush_old_exec:1;
>  #ifdef __alpha__
>  	unsigned int taso:1;
>  #endif
> diff --git a/include/linux/sched/signal.h b/include/linux/sched/signal.h
> index 8805025..37eeabe 100644
> --- a/include/linux/sched/signal.h
> +++ b/include/linux/sched/signal.h
> @@ -225,6 +225,7 @@ struct signal_struct {
>  	struct mutex cred_guard_mutex;	/* guard against foreign influences on
>  					 * credential calculations
>  					 * (notably. ptrace) */
> +	struct mutex cred_change_mutex; /* guard against credentials change */
>  } __randomize_layout;
>  
>  /*
> diff --git a/init/init_task.c b/init/init_task.c
> index 9e5cbe5..6cd9a0f 100644
> --- a/init/init_task.c
> +++ b/init/init_task.c
> @@ -26,6 +26,7 @@
>  	.multiprocess	= HLIST_HEAD_INIT,
>  	.rlim		= INIT_RLIMITS,
>  	.cred_guard_mutex = __MUTEX_INITIALIZER(init_signals.cred_guard_mutex),
> +	.cred_change_mutex = __MUTEX_INITIALIZER(init_signals.cred_change_mutex),
>  #ifdef CONFIG_POSIX_TIMERS
>  	.posix_timers = LIST_HEAD_INIT(init_signals.posix_timers),
>  	.cputimer	= {
> diff --git a/kernel/cred.c b/kernel/cred.c
> index 809a985..e4c78de 100644
> --- a/kernel/cred.c
> +++ b/kernel/cred.c
> @@ -676,7 +676,7 @@ void __init cred_init(void)
>   *
>   * Returns the new credentials or NULL if out of memory.
>   *
> - * Does not take, and does not return holding current->cred_replace_mutex.
> + * Does not take, and does not return holding ->cred_guard_mutex.
>   */
>  struct cred *prepare_kernel_cred(struct task_struct *daemon)
>  {
> diff --git a/kernel/fork.c b/kernel/fork.c
> index 0808095..0395154 100644
> --- a/kernel/fork.c
> +++ b/kernel/fork.c
> @@ -1224,7 +1224,7 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode)
>  	struct mm_struct *mm;
>  	int err;
>  
> -	err =  mutex_lock_killable(&task->signal->cred_guard_mutex);
> +	err =  mutex_lock_killable(&task->signal->cred_change_mutex);
>  	if (err)
>  		return ERR_PTR(err);
>  
> @@ -1234,7 +1234,7 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode)
>  		mmput(mm);
>  		mm = ERR_PTR(-EACCES);
>  	}
> -	mutex_unlock(&task->signal->cred_guard_mutex);
> +	mutex_unlock(&task->signal->cred_change_mutex);
>  
>  	return mm;
>  }
> @@ -1594,6 +1594,7 @@ static int copy_signal(unsigned long clone_flags, struct task_struct *tsk)
>  	sig->oom_score_adj_min = current->signal->oom_score_adj_min;
>  
>  	mutex_init(&sig->cred_guard_mutex);
> +	mutex_init(&sig->cred_change_mutex);
>  
>  	return 0;
>  }
> diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c
> index 357aa7b..b3e6eb5 100644
> --- a/mm/process_vm_access.c
> +++ b/mm/process_vm_access.c
> @@ -204,7 +204,7 @@ static ssize_t process_vm_rw_core(pid_t pid, struct iov_iter *iter,
>  	if (!mm || IS_ERR(mm)) {
>  		rc = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH;
>  		/*
> -		 * Explicitly map EACCES to EPERM as EPERM is a more a
> +		 * Explicitly map EACCES to EPERM as EPERM is a more
>  		 * appropriate error code for process_vw_readv/writev
>  		 */
>  		if (rc == -EACCES)
> diff --git a/tools/testing/selftests/ptrace/Makefile b/tools/testing/selftests/ptrace/Makefile
> index c0b7f89..2f1f532 100644
> --- a/tools/testing/selftests/ptrace/Makefile
> +++ b/tools/testing/selftests/ptrace/Makefile
> @@ -1,6 +1,6 @@
>  # SPDX-License-Identifier: GPL-2.0-only
> -CFLAGS += -iquote../../../../include/uapi -Wall
> +CFLAGS += -std=c99 -pthread -iquote../../../../include/uapi -Wall
>  
> -TEST_GEN_PROGS := get_syscall_info peeksiginfo
> +TEST_GEN_PROGS := get_syscall_info peeksiginfo vmaccess
>  
>  include ../lib.mk
> diff --git a/tools/testing/selftests/ptrace/vmaccess.c b/tools/testing/selftests/ptrace/vmaccess.c
> new file mode 100644
> index 0000000..ef08c9f
> --- /dev/null
> +++ b/tools/testing/selftests/ptrace/vmaccess.c
> @@ -0,0 +1,46 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (c) 2020 Bernd Edlinger <bernd.edlinger@hotmail.de>
> + * All rights reserved.
> + *
> + * Check whether /proc/$pid/mem can be accessed without causing deadlocks
> + * when de_thread is blocked with ->cred_guard_mutex held.
> + */
> +
> +#include "../kselftest_harness.h"
> +#include <stdio.h>
> +#include <fcntl.h>
> +#include <pthread.h>
> +#include <signal.h>
> +#include <unistd.h>
> +#include <sys/ptrace.h>
> +
> +static void *thread(void *arg)
> +{
> +	ptrace(PTRACE_TRACEME, 0, 0, 0);
> +	return NULL;
> +}
> +
> +TEST(vmaccess)
> +{
> +	int f, pid = fork();
> +	char mm[64];
> +
> +	if (!pid) {
> +		pthread_t pt;
> +		pthread_create(&pt, NULL, thread, NULL);
> +		pthread_join(pt, NULL);
> +		execlp("true", "true", NULL);
> +	}
> +
> +	sleep(1);
> +	sprintf(mm, "/proc/%d/mem", pid);
> +	f = open(mm, O_RDONLY);
> +	ASSERT_LE(0, f)
> +		close(f);
> +	/* this is not fixed! ptrace(PTRACE_ATTACH, pid, 0,0); */
> +	f = kill(pid, SIGCONT);
> +	ASSERT_EQ(0, f);
> +}
> +
> +TEST_HARNESS_MAIN

  reply index

Thread overview: 203+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-01 11:27 [PATCH] " Bernd Edlinger
2020-03-01 15:13 ` Aleksa Sarai
2020-03-01 15:58   ` Christian Brauner
2020-03-01 17:46     ` Bernd Edlinger
2020-03-01 18:20       ` Christian Brauner
2020-03-01 17:24   ` Bernd Edlinger
2020-03-01 18:21 ` Jann Horn
2020-03-01 18:52   ` Christian Brauner
2020-03-01 19:00     ` Bernd Edlinger
2020-03-01 20:00     ` Jann Horn
2020-03-01 20:34       ` [PATCHv2] " Bernd Edlinger
2020-03-02  6:38         ` Eric W. Biederman [this message]
2020-03-02 15:43           ` Bernd Edlinger
2020-03-02 15:57             ` Eric W. Biederman
2020-03-02 16:02               ` Bernd Edlinger
2020-03-02 16:17                 ` Eric W. Biederman
2020-03-02 16:43                   ` Jann Horn
2020-03-02 17:01                     ` Bernd Edlinger
2020-03-02 17:37                       ` Jann Horn
2020-03-02 17:42                         ` christian
2020-03-02 18:08                           ` Jann Horn
2020-03-02 20:10                             ` [PATCHv3] " Bernd Edlinger
2020-03-02 20:28                               ` Bernd Edlinger
2020-03-02 17:13                   ` [PATCHv2] " Bernd Edlinger
2020-03-02 21:49                     ` Eric W. Biederman
2020-03-02 22:00                       ` Bernd Edlinger
2020-03-02 22:18                       ` [PATCHv4] " Bernd Edlinger
2020-03-03  2:26                         ` Kees Cook
2020-03-03  4:54                           ` Bernd Edlinger
2020-03-03  5:29                             ` Kees Cook
2020-03-03  8:08                               ` Bernd Edlinger
2020-03-03  8:34                                 ` Christian Brauner
2020-03-03  8:43                                   ` Christian Brauner
2020-03-04 15:30                                 ` Christian Brauner
2020-03-03  8:58                           ` Christian Brauner
2020-03-03 10:34                             ` Bernd Edlinger
2020-03-03 11:23                               ` Bernd Edlinger
2020-03-03 14:20                                 ` Christian Brauner
2020-03-03 13:02                             ` [PATCHv5] " Bernd Edlinger
2020-03-03 15:18                               ` Eric W. Biederman
2020-03-03 16:48                                 ` Bernd Edlinger
2020-03-03 17:01                                   ` Christian Brauner
2020-03-03 17:20                                     ` Christian Brauner
2020-03-03 20:08                                   ` Eric W. Biederman
2020-03-04 14:37                                     ` Bernd Edlinger
2020-03-04 16:33                                       ` Eric W. Biederman
2020-03-04 21:49                                         ` Bernd Edlinger
2020-03-04 21:56                                         ` [PATCHv6] " Bernd Edlinger
2020-03-05 18:36                                           ` Bernd Edlinger
2020-03-05 21:14                                             ` [PATCH 0/2] Infrastructure to allow fixing exec deadlocks Eric W. Biederman
2020-03-05 21:15                                               ` [PATCH 1/2] exec: Properly mark the point of no return Eric W. Biederman
2020-03-05 22:34                                                 ` Bernd Edlinger
2020-03-06  5:19                                                   ` Eric W. Biederman
2020-03-05 22:56                                                 ` Bernd Edlinger
2020-03-06  5:09                                                   ` Eric W. Biederman
2020-03-06 16:26                                                     ` Bernd Edlinger
2020-03-06 17:16                                                       ` Eric W. Biederman
2020-03-05 21:16                                               ` [PATCH 2/2] exec: Add a exec_update_mutex to replace cred_guard_mutex Eric W. Biederman
2020-03-05 21:51                                                 ` Bernd Edlinger
2020-03-06  5:17                                                   ` Eric W. Biederman
2020-03-06 11:46                                                     ` Bernd Edlinger
2020-03-06 21:18                                                       ` Eric W. Biederman
2020-03-06 19:16                                                     ` Bernd Edlinger
2020-03-06 21:58                                                       ` Eric W. Biederman
2020-03-06 22:29                                                         ` Eric W. Biederman
2020-03-07  1:03                                                           ` Eric W. Biederman
2020-03-08 12:58                                                             ` [PATCH] exec: make de_thread alloc new signal struct earlier Bernd Edlinger
2020-03-08 18:12                                                               ` Eric W. Biederman
2020-03-05 22:31                                               ` [PATCH 0/2] Infrastructure to allow fixing exec deadlocks Bernd Edlinger
2020-03-06  5:06                                                 ` Eric W. Biederman
2020-03-08 21:34                                               ` [PATCH 0/5] " Eric W. Biederman
2020-03-08 21:35                                                 ` [PATCH v2 1/5] exec: Only compute current once in flush_old_exec Eric W. Biederman
2020-03-09 13:56                                                   ` Bernd Edlinger
2020-03-09 17:34                                                     ` Eric W. Biederman
2020-03-09 17:56                                                       ` Bernd Edlinger
2020-03-09 19:27                                                         ` Bernd Edlinger
2020-03-10 20:17                                                   ` Kees Cook
2020-03-10 21:12                                                   ` Christian Brauner
2020-03-08 21:36                                                 ` [PATCH v2 2/5] exec: Factor unshare_sighand out of de_thread and call it separately Eric W. Biederman
2020-03-09 19:28                                                   ` Bernd Edlinger
2020-03-10 20:29                                                   ` Kees Cook
2020-03-10 20:34                                                     ` Bernd Edlinger
2020-03-10 20:57                                                       ` Kees Cook
2020-03-10 21:21                                                   ` Christian Brauner
2020-03-08 21:36                                                 ` [PATCH v2 3/5] exec: Move cleanup of posix timers on exec out of de_thread Eric W. Biederman
2020-03-09 19:30                                                   ` Bernd Edlinger
2020-03-09 19:59                                                   ` Christian Brauner
2020-03-09 20:06                                                     ` Eric W. Biederman
2020-03-09 20:17                                                       ` Christian Brauner
2020-03-09 20:48                                                         ` Eric W. Biederman
2020-03-10  8:55                                                           ` Christian Brauner
2020-03-10 18:52                                                             ` [PATCH] pidfd: Stop taking cred_guard_mutex Eric W. Biederman
2020-03-10 19:15                                                               ` Christian Brauner
2020-03-10 19:16                                                               ` Jann Horn
2020-03-10 19:27                                                                 ` Eric W. Biederman
2020-03-10 20:00                                                                   ` Jann Horn
2020-03-10 20:10                                                                     ` Jann Horn
2020-03-10 20:22                                                                       ` Bernd Edlinger
2020-03-11  6:11                                                                         ` Bernd Edlinger
2020-03-11 14:56                                                                           ` Jann Horn
2020-03-10 20:57                                                                       ` Eric W. Biederman
2020-03-10 21:29                                                                         ` Christian Brauner
2020-03-11 18:49                                                                         ` Kees Cook
2020-03-14  9:12                                                                           ` [PATCH] pidfd: Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 20:16                                                           ` [PATCH v2 3/5] exec: Move cleanup of posix timers on exec out of de_thread Kees Cook
2020-03-10 20:31                                                   ` Kees Cook
2020-03-10 20:57                                                   ` Jann Horn
2020-03-10 21:05                                                     ` Eric W. Biederman
2020-03-10 21:22                                                   ` Christian Brauner
2020-03-08 21:38                                                 ` [PATCH v2 4/5] exec: Move exec_mmap right after de_thread in flush_old_exec Eric W. Biederman
2020-03-09 19:34                                                   ` Bernd Edlinger
2020-03-09 19:45                                                     ` Eric W. Biederman
2020-03-09 19:52                                                       ` Bernd Edlinger
2020-03-09 19:58                                                         ` Eric W. Biederman
2020-03-09 20:03                                                           ` Bernd Edlinger
2020-03-09 20:35                                                             ` Eric W. Biederman
2020-03-10 20:44                                                   ` Kees Cook
2020-03-10 21:20                                                     ` Eric W. Biederman
2020-03-10 20:47                                                   ` Kees Cook
2020-03-10 21:09                                                     ` Eric W. Biederman
2020-03-08 21:38                                                 ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Eric W. Biederman
2020-03-09 13:45                                                   ` Bernd Edlinger
2020-03-09 17:40                                                     ` Eric W. Biederman
2020-03-09 18:01                                                       ` Bernd Edlinger
2020-03-09 18:10                                                         ` Eric W. Biederman
2020-03-09 18:24                                                           ` Eric W. Biederman
2020-03-09 18:36                                                             ` Eric W. Biederman
2020-03-09 18:47                                                               ` Bernd Edlinger
2020-03-09 19:02                                                                 ` Eric W. Biederman
2020-03-09 19:24                                                                   ` Bernd Edlinger
2020-03-09 19:35                                                                     ` Eric W. Biederman
2020-03-09 19:39                                                                     ` Eric W. Biederman
2020-03-10 13:43                                                                       ` [PATCH 0/4] Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 15:35                                                                         ` Eric W. Biederman
2020-03-10 17:44                                                                           ` [PATCH 0/4] Use new infrastructure in more simple cases Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 1/4] kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 19:01                                                                             ` Eric W. Biederman
2020-03-10 19:42                                                                               ` Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 2/4] proc: " Bernd Edlinger
2020-03-11 18:59                                                                             ` Kees Cook
2020-03-11 19:10                                                                             ` Kees Cook
2020-03-11 19:38                                                                               ` Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 3/4] proc: io_accounting: " Bernd Edlinger
2020-03-10 19:06                                                                             ` Eric W. Biederman
2020-03-10 20:19                                                                               ` Bernd Edlinger
2020-03-10 21:25                                                                                 ` Eric W. Biederman
2020-03-11 19:08                                                                             ` Kees Cook
2020-03-11 19:48                                                                               ` Bernd Edlinger
2020-03-11 19:48                                                                               ` Eric W. Biederman
2020-03-10 17:45                                                                           ` [PATCH 4/4] perf: " Bernd Edlinger
2020-03-10 13:43                                                                       ` [PATCH 1/4] exec: Fix a deadlock in ptrace Bernd Edlinger
2020-03-10 15:13                                                                         ` Eric W. Biederman
2020-03-10 15:17                                                                           ` Bernd Edlinger
2020-03-10 21:00                                                                         ` Kees Cook
2020-03-10 13:44                                                                       ` [PATCH 2/4] selftests/ptrace: add test cases for dead-locks Bernd Edlinger
2020-03-10 21:36                                                                         ` Kees Cook
2020-03-10 22:41                                                                         ` Dmitry V. Levin
2020-03-10 13:44                                                                       ` [PATCH 3/4] mm: docs: Fix a comment in process_vm_rw_core Bernd Edlinger
2020-03-11 18:53                                                                         ` Kees Cook
2020-03-10 13:44                                                                       ` [PATCH 4/4] kernel: doc: remove outdated comment cred.c Bernd Edlinger
2020-03-11 18:54                                                                         ` Kees Cook
2020-03-09 19:33                                                                   ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Dmitry V. Levin
2020-03-09 19:42                                                                     ` Eric W. Biederman
2020-03-10 20:55                                                                   ` Kees Cook
2020-03-10 21:02                                                                     ` Eric W. Biederman
2020-03-10 21:21                                                   ` Jann Horn
2020-03-10 21:30                                                     ` Eric W. Biederman
2020-03-10 23:21                                                       ` Jann Horn
2020-03-11  0:15                                                         ` Eric W. Biederman
2020-03-11  6:33                                                           ` Bernd Edlinger
2020-03-11 16:29                                                             ` Eric W. Biederman
2020-03-11 13:18                                                   ` Qian Cai
2020-03-12 10:27                                                   ` Kirill Tkhai
2020-03-12 12:24                                                     ` Eric W. Biederman
2020-03-12 13:45                                                       ` Kirill Tkhai
2020-03-12 14:38                                                         ` Eric W. Biederman
2020-03-12 15:23                                                           ` Kirill Tkhai
2020-03-13  1:05                                                           ` Bernd Edlinger
2020-03-13  9:13                                                             ` Kirill Tkhai
2020-03-14  9:11                                                               ` [PATCH v3 " Bernd Edlinger
2020-03-17  8:56                                                                 ` Kirill Tkhai
2020-03-17 21:53                                                                   ` Bernd Edlinger
2020-03-18 12:22                                                                     ` Kirill Tkhai
2020-03-18 20:06                                                                       ` Bernd Edlinger
2020-03-19  7:13                                                                         ` Kirill Tkhai
2020-03-19  7:19                                                                           ` Bernd Edlinger
2020-03-19  9:11                                                                           ` [PATCH v4 3/5] " Bernd Edlinger
2020-03-19  9:13                                                                             ` Bernd Edlinger
2020-03-19  9:19                                                                               ` Greg Kroah-Hartman
2020-03-19  9:20                                                                                 ` Bernd Edlinger
2020-03-21 22:53                                                                                 ` Bernd Edlinger
2020-03-14  9:12                                                               ` [PATCH 0/2] exec: Fix dead-lock in de_thread with ptrace_attach Bernd Edlinger
2020-03-14  9:12                                                               ` [PATCH 1/2] " Bernd Edlinger
2020-03-14  9:13                                                               ` [PATCH 2/2] doc: Update documentation of ->exec_*_mutex Bernd Edlinger
2020-03-14  9:57                                                               ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Bernd Edlinger
2020-03-14 10:02                                                                 ` Bernd Edlinger
2020-03-17  8:58                                                                   ` Kirill Tkhai
2020-03-09 13:58                                                 ` [PATCH 0/5] Infrastructure to allow fixing exec deadlocks Bernd Edlinger
2020-03-03 16:50                                 ` [PATCHv5] exec: Fix a deadlock in ptrace Christian Brauner
2020-03-02 12:28         ` [PATCHv2] " Oleg Nesterov
2020-03-02 15:56           ` Bernd Edlinger
2020-03-02  7:47       ` [PATCH] " Christian Brauner
2020-03-02  7:48         ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87a74zmfc9.fsf@x220.int.ebiederm.org \
    --to=ebiederm@xmission.com \
    --cc=aarcange@redhat.com \
    --cc=adobriyan@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=anshuman.khandual@arm.com \
    --cc=avagin@gmail.com \
    --cc=bernd.edlinger@hotmail.de \
    --cc=bigeasy@linutronix.de \
    --cc=christian.brauner@ubuntu.com \
    --cc=christian@kellner.me \
    --cc=corbet@lwn.net \
    --cc=cyphar@cyphar.com \
    --cc=david@redhat.com \
    --cc=dhowells@redhat.com \
    --cc=duyuyang@gmail.com \
    --cc=frederic@kernel.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=jamorris@linux.microsoft.com \
    --cc=jannh@google.com \
    --cc=jgg@ziepe.ca \
    --cc=keescook@chromium.org \
    --cc=ldv@altlinux.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mingo@kernel.org \
    --cc=oleg@redhat.com \
    --cc=peterz@infradead.org \
    --cc=shakeelb@google.com \
    --cc=stable@vger.kernel.org \
    --cc=tglx@linutronix.de \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git