Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries

From: Christian Brauner
Date: Thu Dec 09 2021 - 10:07:08 EST

Next message: Andy Shevchenko: "[PATCH v1 1/1] kernel.h: Include a note to discourage people from including it in headers"
Previous message: Akhil R: "[PATCH 2/2] i2c: tegra: Add SMBus block read and SMBus alert functions"
In reply to: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 09, 2021 at 03:47:00PM +0100, Michal Koutný wrote:
> On Thu, Dec 09, 2021 at 03:08:26PM +0100, Christian Brauner <christian.brauner@xxxxxxxxxx> wrote:
> > send_sig() isn't used that was changed in response to a review. I'm
> > confused.
>
> Sorry for ambiguity, I meant this instance [1].

Sure, seems good.

>
> > Kill and freeze only do time permission checking at open. Why would you
> > introduce another write time check?
>
> Let's have a cgroup G with tasks t1,...,tn (run by user u) and some
> monitoring tasks m1,...,mk belonging to a different user v != u.
>
> Currently u can kill also the tasks of v -- I'm not sure if that's
> intentional. My argument would apply if it wasn't -- it'd be suscebtible

That was discussed and is intentional and is supposed to mirror the
behavior of cgroup.freeze. Delegated killing was supposed to work and
was one use-case.

Next message: Andy Shevchenko: "[PATCH v1 1/1] kernel.h: Include a note to discourage people from including it in headers"
Previous message: Akhil R: "[PATCH 2/2] i2c: tegra: Add SMBus block read and SMBus alert functions"
In reply to: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Next in thread: Michal Koutný: "Re: [PATCH] exit: Retain nsproxy for exit_task_work() work entries"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]