Bernd Edlinger <bernd.edlinger@xxxxxxxxxx> writes: > > I tried this with s/EACCESS/EACCES/. > > The test case in this patch is not fixed, but strace does not freeze, > at least with my setup where it did freeze repeatable. Thanks, That is what I was aiming at. So we have one method we can pursue to fix this in practice. > That is > obviously because it bypasses the cred_guard_mutex. But all other > process that access this file still freeze, and cannot be > interrupted except with kill -9. > > However that smells like a denial of service, that this > simple test case which can be executed by guest, creates a /proc/$pid/mem > that freezes any process, even root, when it looks at it. > I mean: "ln -s README /proc/$pid/mem" would be a nice bomb. Yes. Your the test case in your patch a variant of the original problem. I have been staring at this trying to understand the fundamentals of the original deeper problem. The current scope of cred_guard_mutex in exec is because being ptraced causes suid exec to act differently. So we need to know early if we are ptraced. If that case did not exist we could reduce the scope of the cred_guard_mutex in exec to where your patch puts the cred_change_mutex. I am starting to think reworking how we deal with ptrace and exec is the way to solve this problem. Eric
