On Thu, Mar 22, 2018 at 12:19:59AM -0500, Eric W. Biederman wrote: > Jeff Layton <jlayton@xxxxxxxxxx> writes: > > > From: Jeff Layton <jlayton@xxxxxxxxxx> > > > > POSIX mandates that open fds and their associated file locks should be > > preserved across an execve. This works, unless the process is > > multithreaded at the time that execve is called. > > Would this perhaps work better if we moved unshare_files to after or > inside of de_thread. That would remove any cases where fd->count is > 1 > simply because you are multi-threaded. It would only leave the strange > cases where files struct is shared between different processes. So during the probing of binfmts, etc. the descriptor table would be modifiable by other threads? flush_old_exec() is far too late in execve()...
