On 10/04, Oleg Nesterov wrote: > > No changes in compiled code. The patch adds the new helper, si_fromuser() > and changes check_kill_permission() to use this helper. > > The real effect of this patch is that from now we "officially" consider > SEND_SIG_NOINFO signal as "from user-space" signals. This is already true > if we look at the code which uses SEND_SIG_NOINFO, except __send_signal() > has another opinion - see the next patch. > > The naming of these special SEND_SIG_XXX siginfo's is really bad imho. > From __send_signal()'s pov they mean > > SEND_SIG_NOINFO from user To clarify, "from user" for SEND_SIG_NOINFO/SI_USER mean: sent by kernel on behalf of some process. We should check permissions, sub-namespace, we should fill si_pid/uid, etc. Oleg. _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
