Re: [PATCH 3/3] exec: Transform exec_update_mutex into a rw_semaphore

From: Peter Zijlstra
Date: Mon Dec 07 2020 - 04:16:03 EST

Next message: Mel Gorman: "[RFC PATCH 0/4] Reduce worst-case scanning of runqueues in select_idle_sibling"
Previous message: Viresh Kumar: "Re: [PATCH V3 2/2] thermal: cpufreq_cooling: Reuse sched_cpu_util() for SMP platforms"
In reply to: Eric W. Biederman: "Re: [PATCH 3/3] exec: Transform exec_update_mutex into a rw_semaphore"
Next in thread: Peter Zijlstra: "Re: [PATCH 3/3] exec: Transform exec_update_mutex into a rw_semaphore"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Dec 05, 2020 at 12:05:32PM -0600, Eric W. Biederman wrote:
> I am trying to understand why the permission check is there.

It's about observability, is task A allowed to observe state of task B?

By installing a perf event on another task, we can very accurately tell
what it's doing, and isn't fundamentally different from attaching a
debugger (ie. ptrace).

Therefore we chose to use the same security checks. As is good custom,
one does security checks early.

Then Jann came and observed that race against execve mucking with privs,
and we got to hold that mutex across lots.

That patch I proposed earlier should solve that all.

Next message: Mel Gorman: "[RFC PATCH 0/4] Reduce worst-case scanning of runqueues in select_idle_sibling"
Previous message: Viresh Kumar: "Re: [PATCH V3 2/2] thermal: cpufreq_cooling: Reuse sched_cpu_util() for SMP platforms"
In reply to: Eric W. Biederman: "Re: [PATCH 3/3] exec: Transform exec_update_mutex into a rw_semaphore"
Next in thread: Peter Zijlstra: "Re: [PATCH 3/3] exec: Transform exec_update_mutex into a rw_semaphore"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]