On Tue, Mar 05, 2024 at 01:43:14AM -0800, Kees Cook wrote: > On Mon, Mar 04, 2024 at 03:39:02PM -0800, Jakub Kicinski wrote: > > On Mon, 4 Mar 2024 15:14:04 -0800 Kees Cook wrote: > > > > Ugh, I'm guessing vfork() "eats" the signal, IOW grandchild signals, > > > > child exits? vfork() and signals.. I'd rather leave to Kees || Mickael. > > > > > > Oh no, that does seem bad. Since Mickaël is also seeing weird issues, > > > can we drop the vfork changes for now? > > > > Seems doable, but won't be a simple revert. "drop" means we'd need > > to bring ->step back. More or less go back to v3. > > I think we have to -- other CIs are now showing the most of seccomp > failing now. (And I can confirm this now -- I had only tested seccomp > on earlier versions of the series.) Sorry for the trouble, I found and fixed the vfork issues. I tested with seccomp and Landlock. You can find a dedicated branch here (with some Reviewed-by and Acked-by removed because of the changes): https://git.kernel.org/pub/scm/linux/kernel/git/mic/linux.git/log/?h=kselftest-xfail-fix Jakub, please send a v5 series with this updated patch and your exit/_exit fixes. > > -- > Kees Cook >
