On Mon, Mar 25, 2019 at 07:39:25PM +0100, Jann Horn wrote:
> On Mon, Mar 25, 2019 at 5:21 PM Christian Brauner <christian@xxxxxxxxxx> wrote:
> > Let pidfd_send_signal() use pidfds retrieved via pidctl(). With this patch
> > pidfd_send_signal() becomes independent of procfs. This fullfils the
> > request made when we merged the pidfd_send_signal() patchset. The
> > pidfd_send_signal() syscall is now always available allowing for it to be
> > used by users without procfs mounted or even users without procfs support
> > compiled into the kernel.
> [...]
> > static bool access_pidfd_pidns(struct pid *pid)
> > {
> > + int ret;
> > struct pid_namespace *active = task_active_pid_ns(current);
> > struct pid_namespace *p = ns_of_pid(pid);
> >
> > - for (;;) {
> > - if (!p)
> > - return false;
> > - if (p == active)
> > - break;
> > - p = p->parent;
> > - }
> > + ret = pidnscmp(active, p);
> > + if (ret < 0)
> > + return false;
> >
> > return true;
> > }
>
> Nit, if we keep this function: "if (...) return false; return true;"
> seems like an antipattern to me. How about "return ret >= 0", or even
> "return pidnscmp(active, p) >= 0"?
Yip, sounds good.
