From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EE7EBC54EE9 for ; Sun, 11 Sep 2022 15:12:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BE76080012; Sun, 11 Sep 2022 11:12:38 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B978980008; Sun, 11 Sep 2022 11:12:38 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A37A980012; Sun, 11 Sep 2022 11:12:38 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 917DD80008 for ; Sun, 11 Sep 2022 11:12:38 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 6683D1C65E8 for ; Sun, 11 Sep 2022 15:12:38 +0000 (UTC) X-FDA: 79900146396.16.5419EE5 Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by imf27.hostedemail.com (Postfix) with ESMTP id 19C8A400DC for ; Sun, 11 Sep 2022 15:12:37 +0000 (UTC) Received: by mail-pj1-f49.google.com with SMTP id m3so5781179pjo.1 for ; Sun, 11 Sep 2022 08:12:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date; bh=ZcxumOMOxR8h0dhZ+ethDLl0FdJsx3OvZDg1SpCAq40=; b=a9W9mPQvUBOCJ+6Ik7k6JVXho46WN0XWo71pLbJ2u2kRHcsG/UqFFXkJuKDqyZNP5i eQb+/xp0SaGZXLSonyMFmGHso66NzbP3lWnNvONotX7P2v0aKul4tURdbxP2gzWgCQMM TSUE07wKNc4hZhsu8rzzzSOeCUmqNZaQEaw/U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date; bh=ZcxumOMOxR8h0dhZ+ethDLl0FdJsx3OvZDg1SpCAq40=; b=EyoP0CqgIFuaXhXyF//5ru7DJeW8NPO/MGhZmnGQGJL07xZQBhrn+jQzsNjpxyWvCZ OA5Nfhgpq92VnBYCeAW1Uyu1+BdNiemBqlQU4vDotYU4PZPxmrwE36H65zJhwc8EHjDC 4D0k1ISgmFo50i9k2TtLe66aP2Q+7XtdieYd1j3gWJEZihzHK2I4sPCCbYzgkx5cw1QG mv+CeolLXcBQC1O7QO38iJxCHmyzkHZEKbobEWd/8siBNxB99GRg8XGuaPDDC+3bxSwP KlcI6ihprL8ZUrGSuU80NPiGzQgIg48HwKoIxrM4JIoZSY+3KpPiyD4ZopkZZWhxAWr+ gw6Q== X-Gm-Message-State: ACgBeo3UXzrkV4R7VS1VVLvIBtdqNf0BLxHJAzXd4GEMauyN86qFtEnp WOapwQmVKt4lwIQd6mbeCbYJ3Q== X-Google-Smtp-Source: AA6agR75NLnh0FEwXwA71OEbUMCL2lUEwtoOwNyM6CP2+MC20LBiQKeC846IXaZpTvD7Ul9Zk2yZLQ== X-Received: by 2002:a17:90b:4a43:b0:202:7706:73d7 with SMTP id lb3-20020a17090b4a4300b00202770673d7mr16015103pjb.137.1662909156997; Sun, 11 Sep 2022 08:12:36 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i29-20020aa796fd000000b00538056de6ecsm3464959pfq.52.2022.09.11.08.12.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 11 Sep 2022 08:12:36 -0700 (PDT) Date: Sun, 11 Sep 2022 08:12:35 -0700 From: Kees Cook To: Christian Brauner Cc: "Eric W. Biederman" , Andrei Vagin , Alexey Izbyshev , Florian Weimer , Dmitry Safonov <0x7f454c46@gmail.com>, linux-kernel@vger.kernel.org, linux-mm@kvack.org Subject: Re: Potentially undesirable interactions between vfork() and time namespaces Message-ID: <202209110810.F7352A26@keescook> References: <87czcfhsme.fsf@email.froward.int.ebiederm.org> <874jxkcfoa.fsf@email.froward.int.ebiederm.org> <20220908081003.sjuerd5wiyge4jos@wittgenstein> <87v8pxa51n.fsf@email.froward.int.ebiederm.org> <20220909075158.ed4linrpwwabxabl@wittgenstein> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220909075158.ed4linrpwwabxabl@wittgenstein> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1662909158; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZcxumOMOxR8h0dhZ+ethDLl0FdJsx3OvZDg1SpCAq40=; b=locxrdn8iJSsM1y5LPbDZhDTg7rJ9PE/VS1V2GFRHPIpZ7TJCPhr+JYK8XHfz8wXu1jPn5 vGh8W6QZ3Orl4+9w0MQqw5Re+BgDmqcLuTgvjnmcVEzpBciOSi/RUO0K1ruKEte/PGGvh8 RThFqSL+thL1NkcMLQLIR0ct0qY3kwc= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=a9W9mPQv; spf=pass (imf27.hostedemail.com: domain of keescook@chromium.org designates 209.85.216.49 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662909158; a=rsa-sha256; cv=none; b=OD7I5+hbw4OBvvzVzwywFLVnuRBJSqNsvMg+Ea3xyBkb48MRMlc8VEW7a0RirEtvh6MgBG CJt3A2X6xTfx6G0CTBVFn1JdsKP30G+3acmyE5w7Av2v8JSiNClVde3EL3DUWqNgIWx8ri lSsGhS6TGn4FLRMp0xayvywrn2cQJUo= X-Rspam-User: X-Stat-Signature: f1skihrwxtpexzefu7os1md3t9wcq6rt X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 19C8A400DC Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=a9W9mPQv; spf=pass (imf27.hostedemail.com: domain of keescook@chromium.org designates 209.85.216.49 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org X-HE-Tag: 1662909157-797903 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000173, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 09, 2022 at 09:51:58AM +0200, Christian Brauner wrote: > As stated above the proposed exec behavior we currently clearly emulate > in userspace. So that part is fine. It's not clear to me yet what the right solution is from this thread so far... what's needed for v6.0 release (since we're quickly running out of release candidates)? -- Kees Cook