Re: [PATCH 0/2] Revert "fs/exec: allow to unshare a time namespace on vfork+exec"

From: Kees Cook
Date: Tue Sep 13 2022 - 14:23:51 EST

Next message: Matthias Brugger: "Re: [PATCH v3 2/4] soc: mediatek: Add support of WAY_EN operations"
Previous message: Namhyung Kim: "Re: [PATCH 11/11] perf test: test_intel_pt.sh: Add per-thread test"
In reply to: Andrei Vagin: "Re: [PATCH 0/2] Revert "fs/exec: allow to unshare a time namespace on vfork+exec""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 13 Sep 2022 03:25:49 -0700, Andrei Vagin wrote:
> This reverts commits:
> 133e2d3e81de ("fs/exec: allow to unshare a time namespace on vfork+exec")
> 6342140db660 ("selftests/timens: add a test for vfork+exit")
>
> Alexey pointed out a few undesirable side effects of the reverted change.
> First, it doesn't take into account that CLONE_VFORK can be used with
> CLONE_THREAD. Second, a child process doesn't enter a target time name-space,
> if its parent dies before the child calls exec. It happens because the parent
> clears vfork_done.
>
> [...]

Applied to for-linus/execve, thanks!

[1/2] Revert "selftests/timens: add a test for vfork+exit"
https://git.kernel.org/kees/c/2b1e8921fc35
[2/2] Revert "fs/exec: allow to unshare a time namespace on vfork+exec"
https://git.kernel.org/kees/c/33a2d6bc3480

--
Kees Cook

Next message: Matthias Brugger: "Re: [PATCH v3 2/4] soc: mediatek: Add support of WAY_EN operations"
Previous message: Namhyung Kim: "Re: [PATCH 11/11] perf test: test_intel_pt.sh: Add per-thread test"
In reply to: Andrei Vagin: "Re: [PATCH 0/2] Revert "fs/exec: allow to unshare a time namespace on vfork+exec""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]