LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
To: Kees Cook <keescook@chromium.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Jann Horn <jannh@google.com>,
	Christian Brauner <christian.brauner@ubuntu.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Andrew Morton <akpm@linux-foundation.org>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Oleg Nesterov <oleg@redhat.com>,
	Frederic Weisbecker <frederic@kernel.org>,
	Andrei Vagin <avagin@gmail.com>, Ingo Molnar <mingo@kernel.org>,
	"Peter Zijlstra (Intel)" <peterz@infradead.org>,
	Yuyang Du <duyuyang@gmail.com>,
	David Hildenbrand <david@redhat.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
	Anshuman Khandual <anshuman.khandual@arm.com>,
	David Howells <dhowells@redhat.com>,
	James Morris <jamorris@linux.microsoft.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Shakeel Butt <shakeelb@google.com>,
	Jason Gunthorpe <jgg@ziepe.ca>,
	Christian Kellner <christian@kellner.me>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Aleksa Sarai <cyphar@cyphar.com>,
	"Dmitry V. Levin" <ldv@altlinux.org>,
	"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	"stable@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCHv4] exec: Fix a deadlock in ptrace
Date: Tue, 3 Mar 2020 08:08:26 +0000
Message-ID: <AM6PR03MB5170A15099986CEC3189F251E4E40@AM6PR03MB5170.eurprd03.prod.outlook.com> (raw)
In-Reply-To: <202003022103.196C313623@keescook>

On 3/3/20 6:29 AM, Kees Cook wrote:
> On Tue, Mar 03, 2020 at 04:54:34AM +0000, Bernd Edlinger wrote:
>> On 3/3/20 3:26 AM, Kees Cook wrote:
>>> On Mon, Mar 02, 2020 at 10:18:07PM +0000, Bernd Edlinger wrote:
>>>> [...]
>>>
>>> If I'm reading this patch correctly, this changes the lifetime of the
>>> cred_guard_mutex lock to be:
>>> 	- during prepare_bprm_creds()
>>> 	- from flush_old_exec() through install_exec_creds()
>>> Before, cred_guard_mutex was held from prepare_bprm_creds() through
>>> install_exec_creds().
> 
> BTW, I think the effect of this change (i.e. my paragraph above) should
> be distinctly called out in the commit log if this solution moves
> forward.
> 

Okay, will do.

>>> That means, for example, that check_unsafe_exec()'s documented invariant
>>> is violated:
>>>     /*
>>>      * determine how safe it is to execute the proposed program
>>>      * - the caller must hold ->cred_guard_mutex to protect against
>>>      *   PTRACE_ATTACH or seccomp thread-sync
>>>      */
>>
>> Oh, right, I haven't understood that hint...
> 
> I know no_new_privs is checked there, but I haven't studied the
> PTRACE_ATTACH part of that comment. If that is handled with the new
> check, this comment should be updated.
> 

Okay, I change that comment to:

/*
 * determine how safe it is to execute the proposed program
 * - the caller must have set ->cred_locked_in_execve to protect against
 *   PTRACE_ATTACH or seccomp thread-sync
 */

>>> I think it also means that the potentially multiple invocations
>>> of bprm_fill_uid() (via prepare_binprm() via binfmt_script.c and
>>> binfmt_misc.c) would be changing bprm->cred details (uid, gid) without
>>> a lock (another place where current's no_new_privs is evaluated).
>>
>> So no_new_privs can change from 0->1, but should not
>> when execve is running.
>>
>> As long as the calling thread is in execve it won't do this,
>> and the only other place, where it may set for other threads
>> is in seccomp_sync_threads, but that can easily be avoided see below.
> 
> Yeah, everything was fine until I had to go complicate things with
> TSYNC. ;) The real goal is making sure an exec cannot gain privs while
> later gaining a seccomp filter from an unpriv process. The no_new_privs
> flag was used to control this, but it required that the filter not get
> applied during exec.
> 
>>> Related, it also means that cred_guard_mutex is unheld for every
>>> invocation of search_binary_handler() (which can loop via the previously
>>> mentioned binfmt_script.c and binfmt_misc.c), if any of them have hidden
>>> dependencies on cred_guard_mutex. (Thought I only see bprm_fill_uid()
>>> currently.)
>>>
>>> For seccomp, the expectations about existing thread states risks races
>>> too. There are two locks held for TSYNC:
>>> - current->sighand->siglock is held to keep new threads from
>>>   appearing/disappearing, which would destroy filter refcounting and
>>>   lead to memory corruption.
>>
>> I don't understand what you mean here.
>> How can this lead to memory corruption?
> 
> Mainly this is a matter of how seccomp manages its filter hierarchy
> (since the filters are shared through process ancestry), so if a thread
> appears in the middle of TSYNC it may be racing another TSYNC and break
> ancestry, leading to bad reference counting on process death, etc.
> (Though, yes, with refcount_t now, things should never corrupt, just
> waste memory.)
> 

I assume for now, that the current->sighand->siglock held while iterating all
threads is sufficient here.

>>> - cred_guard_mutex is held to keep no_new_privs in sync with filters to
>>>   avoid no_new_privs and filter confusion during exec, which could
>>>   lead to exploitable setuid conditions (see below).
>>>
>>> Just racing a malicious thread during TSYNC is not a very strong
>>> example (a malicious thread could do lots of fun things to "current"
>>> before it ever got near calling TSYNC), but I think there is the risk
>>> of mismatched/confused states that we don't want to allow. One is a
>>> particularly bad state that could lead to privilege escalations (in the
>>> form of the old "sendmail doesn't check setuid" flaw; if a setuid process
>>> has a filter attached that silently fails a priv-dropping setuid call
>>> and continues execution with elevated privs, it can be tricked into
>>> doing bad things on behalf of the unprivileged parent, which was the
>>> primary goal of the original use of cred_guard_mutex with TSYNC[1]):
>>>
>>> thread A clones thread B
>>> thread B starts setuid exec
>>> thread A sets no_new_privs
>>> thread A calls seccomp with TSYNC
>>> thread A in seccomp_sync_threads() sets seccomp filter on self and thread B
>>> thread B passes check_unsafe_exec() with no_new_privs unset
>>> thread B reaches bprm_fill_uid() with no_new_privs unset and gains privs
>>> thread A still in seccomp_sync_threads() sets no_new_privs on thread B
>>> thread B finishes exec, now running with elevated privs, a filter chosen
>>>          by thread A, _and_ nnp set (which doesn't matter)
>>>
>>> With the original locking, thread B will fail check_unsafe_exec()
>>> because filter and nnp state are changed together, with "atomicity"
>>> protected by the cred_guard_mutex.
>>>
>>
>> Ah, good point, thanks!
>>
>> This can be fixed by checking current->signal->cred_locked_for_ptrace
>> while the cred_guard_mutex is locked, like this for instance:
>>
>> diff --git a/kernel/seccomp.c b/kernel/seccomp.c
>> index b6ea3dc..377abf0 100644
>> --- a/kernel/seccomp.c
>> +++ b/kernel/seccomp.c
>> @@ -342,6 +342,9 @@ static inline pid_t seccomp_can_sync_threads(void)
>>         BUG_ON(!mutex_is_locked(&current->signal->cred_guard_mutex));
>>         assert_spin_locked(&current->sighand->siglock);
>>  
>> +       if (current->signal->cred_locked_for_ptrace)
>> +               return -EAGAIN;
>> +
> 
> Hmm. I guess something like that could work. TSYNC expects to be able to
> report _which_ thread wrecked the call, though... I wonder if in_execve
> could be used to figure out the offending thread. Hm, nope, that would
> be outside of lock too (and all users are "current" right now, so the
> lock wasn't needed before).
> 

I could move that in_execve = 1 to prepare_bprm_creds, if it really matters,
but the caller will die quickly and cannot do anything with that information
when another thread executes execve, right?

>>         /* Validate all threads being eligible for synchronization. */
>>         caller = current;
>>         for_each_thread(caller, thread) {
>>
>>
>>> And this is just the bad state I _can_ see. I'm worried there are more...
>>>
>>> All this said, I do see a small similarity here to the work I did to
>>> stabilize stack rlimits (there was an ongoing problem with making multiple
>>> decisions for the bprm based on current's state -- but current's state
>>> was mutable during exec). For this, I saved rlim_stack to bprm and ignored
>>> current's copy until exec ended and then stored bprm's copy into current.
>>> If the only problem anyone can see here is the handling of no_new_privs,
>>> we might be able to solve that similarly, at least disentangling tsync/nnp
>>> from cred_guard_mutex.
>>>
>>
>> I still think that is solvable with using cred_locked_for_ptrace and
>> simply make the tsync fail if it would otherwise be blocked.
> 
> I wonder if we can find a better name than "cred_locked_for_ptrace"?
> Maybe "cred_unfinished" or "cred_locked_in_exec" or something?
> 

Yeah, I'd go with "cred_locked_in_execve".

> And the comment on bool cred_locked_for_ptrace should mention that
> access is only allowed under cred_guard_mutex lock.
> 

okay.

>>>> +	sig->cred_locked_for_ptrace = false;
> 
> This is redundant to the zalloc -- I think you can drop it (unless
> someone wants to keep it for clarify?)
> 

I'll remove that here and in init/init_task.c

> Also, I think cred_locked_for_ptrace needs checking deeper, in
> __ptrace_may_access(), not in ptrace_attach(), since LOTS of things make
> calls to ptrace_may_access() holding cred_guard_mutex, expecting that to
> be sufficient to see a stable version of the thread...
> 

No, these need to be addressed individually, but most users just want
to know if the current credentials are sufficient at this moment, but will
not change the credentials, as ptrace and TSYNC do. 

BTW: Not all users have cred_guard_mutex, see mm/migrate.c,
mm/mempolicy.c, kernel/futex.c, fs/proc/namespaces.c etc.
So adding an access to cred_locked_for_execve in ptrace_may_access is
probably not an option.

However, one nice added value by this change is this:

void *thread(void *arg)
{
	ptrace(PTRACE_TRACEME, 0,0,0);
	return NULL;
}

int main(void)
{
	int pid = fork();

	if (!pid) {
		pthread_t pt;
		pthread_create(&pt, NULL, thread, NULL);
		pthread_join(pt, NULL);
		execlp("echo", "echo", "passed", NULL);
	}

	sleep(1000);
	ptrace(PTRACE_ATTACH, pid, 0,0);
	kill(pid, SIGCONT);
	return 0;
}

cat /proc/3812/stack 
[<0>] flush_old_exec+0xbf/0x760
[<0>] load_elf_binary+0x35a/0x16c0
[<0>] search_binary_handler+0x97/0x1d0
[<0>] __do_execve_file.isra.40+0x624/0x920
[<0>] __x64_sys_execve+0x49/0x60
[<0>] do_syscall_64+0x64/0x220
[<0>] entry_SYSCALL_64_after_hwframe+0x44/0xa9


> (I remain very nervous about weakening cred_guard_mutex without
> addressing the many many users...)
> 

They need to be looked at closely, that's pretty clear.
Most fall in the class, that just the current credentials need
to stay stable for a certain time.


Bernd.

  reply index

Thread overview: 203+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-01 11:27 [PATCH] " Bernd Edlinger
2020-03-01 15:13 ` Aleksa Sarai
2020-03-01 15:58   ` Christian Brauner
2020-03-01 17:46     ` Bernd Edlinger
2020-03-01 18:20       ` Christian Brauner
2020-03-01 17:24   ` Bernd Edlinger
2020-03-01 18:21 ` Jann Horn
2020-03-01 18:52   ` Christian Brauner
2020-03-01 19:00     ` Bernd Edlinger
2020-03-01 20:00     ` Jann Horn
2020-03-01 20:34       ` [PATCHv2] " Bernd Edlinger
2020-03-02  6:38         ` Eric W. Biederman
2020-03-02 15:43           ` Bernd Edlinger
2020-03-02 15:57             ` Eric W. Biederman
2020-03-02 16:02               ` Bernd Edlinger
2020-03-02 16:17                 ` Eric W. Biederman
2020-03-02 16:43                   ` Jann Horn
2020-03-02 17:01                     ` Bernd Edlinger
2020-03-02 17:37                       ` Jann Horn
2020-03-02 17:42                         ` christian
2020-03-02 18:08                           ` Jann Horn
2020-03-02 20:10                             ` [PATCHv3] " Bernd Edlinger
2020-03-02 20:28                               ` Bernd Edlinger
2020-03-02 17:13                   ` [PATCHv2] " Bernd Edlinger
2020-03-02 21:49                     ` Eric W. Biederman
2020-03-02 22:00                       ` Bernd Edlinger
2020-03-02 22:18                       ` [PATCHv4] " Bernd Edlinger
2020-03-03  2:26                         ` Kees Cook
2020-03-03  4:54                           ` Bernd Edlinger
2020-03-03  5:29                             ` Kees Cook
2020-03-03  8:08                               ` Bernd Edlinger [this message]
2020-03-03  8:34                                 ` Christian Brauner
2020-03-03  8:43                                   ` Christian Brauner
2020-03-04 15:30                                 ` Christian Brauner
2020-03-03  8:58                           ` Christian Brauner
2020-03-03 10:34                             ` Bernd Edlinger
2020-03-03 11:23                               ` Bernd Edlinger
2020-03-03 14:20                                 ` Christian Brauner
2020-03-03 13:02                             ` [PATCHv5] " Bernd Edlinger
2020-03-03 15:18                               ` Eric W. Biederman
2020-03-03 16:48                                 ` Bernd Edlinger
2020-03-03 17:01                                   ` Christian Brauner
2020-03-03 17:20                                     ` Christian Brauner
2020-03-03 20:08                                   ` Eric W. Biederman
2020-03-04 14:37                                     ` Bernd Edlinger
2020-03-04 16:33                                       ` Eric W. Biederman
2020-03-04 21:49                                         ` Bernd Edlinger
2020-03-04 21:56                                         ` [PATCHv6] " Bernd Edlinger
2020-03-05 18:36                                           ` Bernd Edlinger
2020-03-05 21:14                                             ` [PATCH 0/2] Infrastructure to allow fixing exec deadlocks Eric W. Biederman
2020-03-05 21:15                                               ` [PATCH 1/2] exec: Properly mark the point of no return Eric W. Biederman
2020-03-05 22:34                                                 ` Bernd Edlinger
2020-03-06  5:19                                                   ` Eric W. Biederman
2020-03-05 22:56                                                 ` Bernd Edlinger
2020-03-06  5:09                                                   ` Eric W. Biederman
2020-03-06 16:26                                                     ` Bernd Edlinger
2020-03-06 17:16                                                       ` Eric W. Biederman
2020-03-05 21:16                                               ` [PATCH 2/2] exec: Add a exec_update_mutex to replace cred_guard_mutex Eric W. Biederman
2020-03-05 21:51                                                 ` Bernd Edlinger
2020-03-06  5:17                                                   ` Eric W. Biederman
2020-03-06 11:46                                                     ` Bernd Edlinger
2020-03-06 21:18                                                       ` Eric W. Biederman
2020-03-06 19:16                                                     ` Bernd Edlinger
2020-03-06 21:58                                                       ` Eric W. Biederman
2020-03-06 22:29                                                         ` Eric W. Biederman
2020-03-07  1:03                                                           ` Eric W. Biederman
2020-03-08 12:58                                                             ` [PATCH] exec: make de_thread alloc new signal struct earlier Bernd Edlinger
2020-03-08 18:12                                                               ` Eric W. Biederman
2020-03-05 22:31                                               ` [PATCH 0/2] Infrastructure to allow fixing exec deadlocks Bernd Edlinger
2020-03-06  5:06                                                 ` Eric W. Biederman
2020-03-08 21:34                                               ` [PATCH 0/5] " Eric W. Biederman
2020-03-08 21:35                                                 ` [PATCH v2 1/5] exec: Only compute current once in flush_old_exec Eric W. Biederman
2020-03-09 13:56                                                   ` Bernd Edlinger
2020-03-09 17:34                                                     ` Eric W. Biederman
2020-03-09 17:56                                                       ` Bernd Edlinger
2020-03-09 19:27                                                         ` Bernd Edlinger
2020-03-10 20:17                                                   ` Kees Cook
2020-03-10 21:12                                                   ` Christian Brauner
2020-03-08 21:36                                                 ` [PATCH v2 2/5] exec: Factor unshare_sighand out of de_thread and call it separately Eric W. Biederman
2020-03-09 19:28                                                   ` Bernd Edlinger
2020-03-10 20:29                                                   ` Kees Cook
2020-03-10 20:34                                                     ` Bernd Edlinger
2020-03-10 20:57                                                       ` Kees Cook
2020-03-10 21:21                                                   ` Christian Brauner
2020-03-08 21:36                                                 ` [PATCH v2 3/5] exec: Move cleanup of posix timers on exec out of de_thread Eric W. Biederman
2020-03-09 19:30                                                   ` Bernd Edlinger
2020-03-09 19:59                                                   ` Christian Brauner
2020-03-09 20:06                                                     ` Eric W. Biederman
2020-03-09 20:17                                                       ` Christian Brauner
2020-03-09 20:48                                                         ` Eric W. Biederman
2020-03-10  8:55                                                           ` Christian Brauner
2020-03-10 18:52                                                             ` [PATCH] pidfd: Stop taking cred_guard_mutex Eric W. Biederman
2020-03-10 19:15                                                               ` Christian Brauner
2020-03-10 19:16                                                               ` Jann Horn
2020-03-10 19:27                                                                 ` Eric W. Biederman
2020-03-10 20:00                                                                   ` Jann Horn
2020-03-10 20:10                                                                     ` Jann Horn
2020-03-10 20:22                                                                       ` Bernd Edlinger
2020-03-11  6:11                                                                         ` Bernd Edlinger
2020-03-11 14:56                                                                           ` Jann Horn
2020-03-10 20:57                                                                       ` Eric W. Biederman
2020-03-10 21:29                                                                         ` Christian Brauner
2020-03-11 18:49                                                                         ` Kees Cook
2020-03-14  9:12                                                                           ` [PATCH] pidfd: Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 20:16                                                           ` [PATCH v2 3/5] exec: Move cleanup of posix timers on exec out of de_thread Kees Cook
2020-03-10 20:31                                                   ` Kees Cook
2020-03-10 20:57                                                   ` Jann Horn
2020-03-10 21:05                                                     ` Eric W. Biederman
2020-03-10 21:22                                                   ` Christian Brauner
2020-03-08 21:38                                                 ` [PATCH v2 4/5] exec: Move exec_mmap right after de_thread in flush_old_exec Eric W. Biederman
2020-03-09 19:34                                                   ` Bernd Edlinger
2020-03-09 19:45                                                     ` Eric W. Biederman
2020-03-09 19:52                                                       ` Bernd Edlinger
2020-03-09 19:58                                                         ` Eric W. Biederman
2020-03-09 20:03                                                           ` Bernd Edlinger
2020-03-09 20:35                                                             ` Eric W. Biederman
2020-03-10 20:44                                                   ` Kees Cook
2020-03-10 21:20                                                     ` Eric W. Biederman
2020-03-10 20:47                                                   ` Kees Cook
2020-03-10 21:09                                                     ` Eric W. Biederman
2020-03-08 21:38                                                 ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Eric W. Biederman
2020-03-09 13:45                                                   ` Bernd Edlinger
2020-03-09 17:40                                                     ` Eric W. Biederman
2020-03-09 18:01                                                       ` Bernd Edlinger
2020-03-09 18:10                                                         ` Eric W. Biederman
2020-03-09 18:24                                                           ` Eric W. Biederman
2020-03-09 18:36                                                             ` Eric W. Biederman
2020-03-09 18:47                                                               ` Bernd Edlinger
2020-03-09 19:02                                                                 ` Eric W. Biederman
2020-03-09 19:24                                                                   ` Bernd Edlinger
2020-03-09 19:35                                                                     ` Eric W. Biederman
2020-03-09 19:39                                                                     ` Eric W. Biederman
2020-03-10 13:43                                                                       ` [PATCH 0/4] Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 15:35                                                                         ` Eric W. Biederman
2020-03-10 17:44                                                                           ` [PATCH 0/4] Use new infrastructure in more simple cases Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 1/4] kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve Bernd Edlinger
2020-03-10 19:01                                                                             ` Eric W. Biederman
2020-03-10 19:42                                                                               ` Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 2/4] proc: " Bernd Edlinger
2020-03-11 18:59                                                                             ` Kees Cook
2020-03-11 19:10                                                                             ` Kees Cook
2020-03-11 19:38                                                                               ` Bernd Edlinger
2020-03-10 17:45                                                                           ` [PATCH 3/4] proc: io_accounting: " Bernd Edlinger
2020-03-10 19:06                                                                             ` Eric W. Biederman
2020-03-10 20:19                                                                               ` Bernd Edlinger
2020-03-10 21:25                                                                                 ` Eric W. Biederman
2020-03-11 19:08                                                                             ` Kees Cook
2020-03-11 19:48                                                                               ` Bernd Edlinger
2020-03-11 19:48                                                                               ` Eric W. Biederman
2020-03-10 17:45                                                                           ` [PATCH 4/4] perf: " Bernd Edlinger
2020-03-10 13:43                                                                       ` [PATCH 1/4] exec: Fix a deadlock in ptrace Bernd Edlinger
2020-03-10 15:13                                                                         ` Eric W. Biederman
2020-03-10 15:17                                                                           ` Bernd Edlinger
2020-03-10 21:00                                                                         ` Kees Cook
2020-03-10 13:44                                                                       ` [PATCH 2/4] selftests/ptrace: add test cases for dead-locks Bernd Edlinger
2020-03-10 21:36                                                                         ` Kees Cook
2020-03-10 22:41                                                                         ` Dmitry V. Levin
2020-03-10 13:44                                                                       ` [PATCH 3/4] mm: docs: Fix a comment in process_vm_rw_core Bernd Edlinger
2020-03-11 18:53                                                                         ` Kees Cook
2020-03-10 13:44                                                                       ` [PATCH 4/4] kernel: doc: remove outdated comment cred.c Bernd Edlinger
2020-03-11 18:54                                                                         ` Kees Cook
2020-03-09 19:33                                                                   ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Dmitry V. Levin
2020-03-09 19:42                                                                     ` Eric W. Biederman
2020-03-10 20:55                                                                   ` Kees Cook
2020-03-10 21:02                                                                     ` Eric W. Biederman
2020-03-10 21:21                                                   ` Jann Horn
2020-03-10 21:30                                                     ` Eric W. Biederman
2020-03-10 23:21                                                       ` Jann Horn
2020-03-11  0:15                                                         ` Eric W. Biederman
2020-03-11  6:33                                                           ` Bernd Edlinger
2020-03-11 16:29                                                             ` Eric W. Biederman
2020-03-11 13:18                                                   ` Qian Cai
2020-03-12 10:27                                                   ` Kirill Tkhai
2020-03-12 12:24                                                     ` Eric W. Biederman
2020-03-12 13:45                                                       ` Kirill Tkhai
2020-03-12 14:38                                                         ` Eric W. Biederman
2020-03-12 15:23                                                           ` Kirill Tkhai
2020-03-13  1:05                                                           ` Bernd Edlinger
2020-03-13  9:13                                                             ` Kirill Tkhai
2020-03-14  9:11                                                               ` [PATCH v3 " Bernd Edlinger
2020-03-17  8:56                                                                 ` Kirill Tkhai
2020-03-17 21:53                                                                   ` Bernd Edlinger
2020-03-18 12:22                                                                     ` Kirill Tkhai
2020-03-18 20:06                                                                       ` Bernd Edlinger
2020-03-19  7:13                                                                         ` Kirill Tkhai
2020-03-19  7:19                                                                           ` Bernd Edlinger
2020-03-19  9:11                                                                           ` [PATCH v4 3/5] " Bernd Edlinger
2020-03-19  9:13                                                                             ` Bernd Edlinger
2020-03-19  9:19                                                                               ` Greg Kroah-Hartman
2020-03-19  9:20                                                                                 ` Bernd Edlinger
2020-03-21 22:53                                                                                 ` Bernd Edlinger
2020-03-14  9:12                                                               ` [PATCH 0/2] exec: Fix dead-lock in de_thread with ptrace_attach Bernd Edlinger
2020-03-14  9:12                                                               ` [PATCH 1/2] " Bernd Edlinger
2020-03-14  9:13                                                               ` [PATCH 2/2] doc: Update documentation of ->exec_*_mutex Bernd Edlinger
2020-03-14  9:57                                                               ` [PATCH v2 5/5] exec: Add a exec_update_mutex to replace cred_guard_mutex Bernd Edlinger
2020-03-14 10:02                                                                 ` Bernd Edlinger
2020-03-17  8:58                                                                   ` Kirill Tkhai
2020-03-09 13:58                                                 ` [PATCH 0/5] Infrastructure to allow fixing exec deadlocks Bernd Edlinger
2020-03-03 16:50                                 ` [PATCHv5] exec: Fix a deadlock in ptrace Christian Brauner
2020-03-02 12:28         ` [PATCHv2] " Oleg Nesterov
2020-03-02 15:56           ` Bernd Edlinger
2020-03-02  7:47       ` [PATCH] " Christian Brauner
2020-03-02  7:48         ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=AM6PR03MB5170A15099986CEC3189F251E4E40@AM6PR03MB5170.eurprd03.prod.outlook.com \
    --to=bernd.edlinger@hotmail.de \
    --cc=aarcange@redhat.com \
    --cc=adobriyan@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=anshuman.khandual@arm.com \
    --cc=avagin@gmail.com \
    --cc=bigeasy@linutronix.de \
    --cc=christian.brauner@ubuntu.com \
    --cc=christian@kellner.me \
    --cc=corbet@lwn.net \
    --cc=cyphar@cyphar.com \
    --cc=david@redhat.com \
    --cc=dhowells@redhat.com \
    --cc=duyuyang@gmail.com \
    --cc=ebiederm@xmission.com \
    --cc=frederic@kernel.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=jamorris@linux.microsoft.com \
    --cc=jannh@google.com \
    --cc=jgg@ziepe.ca \
    --cc=keescook@chromium.org \
    --cc=ldv@altlinux.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mingo@kernel.org \
    --cc=oleg@redhat.com \
    --cc=peterz@infradead.org \
    --cc=shakeelb@google.com \
    --cc=stable@vger.kernel.org \
    --cc=tglx@linutronix.de \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git