Re: [PATCH 2/2] pidfd: add pidfdfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Fri, 23 Feb 2024 at 13:26, Christian Brauner <brauner@xxxxxxxxxx> wrote:
> So, the immediate fix separate from the selinux policy update is to fix
> dbus-broker which we've done now:

Why is that code then continuing the idiocy of doing different things
for different error conditions?

IOW, it causes user space failure when that code doesn't fall back to
"don't do pidfd", but then it continues the crazy habit of treating
*some* error returns as "fallback to not use pidfd" and other errors
as "fail user space".

That was the fundamental bug with special-casing EINVAL in the first
place, and the above "fix" continues the braindamage.

Did nobody learn anything?

Also, honestly, if this breaks existing setups, then we should fix the
kernel anyway. Changing things from the old anonymous inodes to the
new pidfs inodes should *not* have caused any LSM denial issues.

You used the same pointer to dbus-broker for the LSM changes, but I
really don't think this should have required LSM changes in the first
place. Your reaction to "my kernel change caused LSM to barf" should
have made you go "let's fix the kernel so that LSM _doesn't_ barf".

Maybe by making pidfs look exactly like anonfs to LSM. Since I don't
see the LSM change, I'm not actually sure exactly what LSM even
reacted to in that switch-over.


[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux