On 11/26, Lukasz Pawelczyk wrote: > > My understanding is that while we have to use task_nsproxy()
task_nsproxy() has already gone... probably this doesn't matter but which kernel version ? > task's nsproxy and check whether it's NULL, for the 'current' we don't > have to and it's expected not to be NULL. Well, unless exit_task_namespaces() was called ;) > There seem to be no crash currently because of this, but with other LSM > modules or in future there might be. This is the backtrace: Confused... backtrace of what? did kernel crash or what? > 0 smk_tskacc (task=0xffff88003b0b92e0, obj_known=0x2 <irq_stack_union+2>, > mode=2, a=0xffff88003be53dd8) at security/smack/smack_access.c:261 > 1 0xffffffff8130e2aa in smk_curacc (obj_known=<optimized out>, > mode=<optimized out>, a=<optimized out>) at security/smack/smack_access.c:318 > 2 0xffffffff8130a50d in smack_task_kill (p=0xffff88003b0b92e0, > info=<optimized out>, sig=<optimized out>, secid=<optimized out>) at > security/smack/smack_lsm.c:2071 I do not know this code, so could you please tell more? How/wher smk_tskacc() uses ->nsproxy? smack_access.c:261 leads to the comment header above smk_curacc() in my tree, so this tells me nothing. > --- a/kernel/exit.c > +++ b/kernel/exit.c > @@ -751,7 +751,6 @@ void do_exit(long code) > exit_fs(tsk); > if (group_dead) > disassociate_ctty(1); > - exit_task_namespaces(tsk); > exit_task_work(tsk); > exit_thread(); > > @@ -773,6 +772,13 @@ void do_exit(long code) > flush_ptrace_hw_breakpoint(tsk); > > exit_notify(tsk, group_dead); > + > + /* > + * This should be after all things that pottentially require > + * process's namespaces (e.g. capability checks). > + */ > + exit_task_namespaces(tsk); > + > proc_exit_connector(tsk); Well, we can probably move exit_task_namespaces() down (perhaps we even want to move it after exit_task_work). But I am not sure about exit_notify(), in this case free_nsproxy() can be called when the caller is already reaped. In any case, please more details? Oleg. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
