On Tue, Dec 02, 2008 at 11:59:04AM -0800, Sukadev Bhattiprolu wrote: > Bastian Blank [bastian@xxxxxxxxxxxx] wrote: > | sys_rt_sigqueueinfo disallows setting si_code to any value which > | describes kernel signals from userspace. So using SI_FROMUSER should be > | sufficient. > SI_ASYNCIO qualifies as SI_FROMUSER() even when it originates from > kernel (usb/core/devio.c async_completed())... SI_ASYNCIO currently qualifies as user signal, it is sent in the context of the pid issuing the async io request. It is never used as a kernel originated signal in any way. The code sending it even seems to do a full permission check. If you think this is wrong, maybe this should be fixed first. > If we know that it came from rt_sigqueueinfo(), we can safely check > the namespace. If it came from driver we should skip the ns check. If it have a sender pid attached, this should be checked. > Yes, (Eric Biederman, Dec 2007) > https://lists.linux-foundation.org/pipermail/containers/2007-December/009152.html > Oleg Nesterov, Aug 2007: > http://marc.info/?l=linux-kernel&m=118753610515859 > I had sent out a summary of the above attempts to Containers list recently: > https://lists.linux-foundation.org/pipermail/containers/2008-November/013991.html Okay. > | Please add a complete comment to the function which describes the > | function. And don't us "it" for not defined entities. > Ah, I see the problem now. The 't' refers to the task parameter - how > about changing comment to: No, I meant a real comment, defining the complete behaviour, each parameter with constraints and the possible return values. Bastian -- Insufficient facts always invite danger. -- Spock, "Space Seed", stardate 3141.9 _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers