On 6/10/21 11:36 PM, Andrew Morton wrote: > On Thu, 10 Jun 2021 09:31:42 +0200 Bernd Edlinger <bernd.edlinger@xxxxxxxxxx> wrote: > >> This introduces signal->unsafe_execve_in_progress, >> which is used to fix the case when at least one of the >> sibling threads is traced, and therefore the trace >> process may dead-lock in ptrace_attach, but de_thread >> will need to wait for the tracer to continue execution. > > Deadlocks are serious. Is this exploitable by unprivileged userspace? > Yes, in theory: You need a program doing things like the second test case in vmaccess.c and if the parent (also unprivileged) does simply not call PTRACE_ATTACH and not waitpid. This is an unprivileged process. Now if A kernel process would try the PTRACE_ATTACH from the test case it would freeze until the parent process calls waitpid, which it would not do in this scenario. >> Signed-off-by: Bernd Edlinger <bernd.edlinger@xxxxxxxxxx> > > Was a -stable backport considered? > > Yes, maybe after some time. Thanks Bernd.
