Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp2305235pxf; Sat, 20 Mar 2021 10:58:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxVFr8E5u6Jjlz+lf8Jkb6uZtz9CSQL70hQYUQb1vhPqbRTjZn+61Yjma6jHlL0awB71KQv X-Received: by 2002:a05:6402:c11:: with SMTP id co17mr17084654edb.246.1616263125013; Sat, 20 Mar 2021 10:58:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616263125; cv=none; d=google.com; s=arc-20160816; b=rlaPcR8yF8c76g5n3ltf6iIzwIUwwfnSmfcZBlTpPzIkEVbdZMAAoteMXTX87/oVt5 aCMNz4k1LMGKZcljJiK/sD/5nSzbyLd5g2rkBzPm1AueUd15r/DG2nw6LYw4MdyWCZFW 2JUq24gVRjVQcHLJtiMlVhRBivQzMzYv84giwSSapx+2k9QO91P4JPdxUTPeHr5oXP32 NNozrlCUQNRfVI4j1R3bbaErNU1WyDFi/YvaroK8Ar7IigQuSqBrfzExw/IB7NZ+OWHK bHDNnyoDuUWo9uge3B7A/dai4K+JP0AZBpxY+HTBbRSF4TDvarcUeMrgAfUvfUv/uapW y8fw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=Qr5T61t0/jc8E3lWW0Exv0s6IfP06gKKY0jxUzzXYFU=; b=S6gKsWEvJlqN2+iEGAEd+KdSDejRW6HicHMtXMIjAUJ3WPrfaaDwMY3ZpvD8XtnK/z L0TGkWR9yWgZONzgBSy3Fdpb4pSPXoHmEofpLnqWmpTF+gXW486qTb6Hq9xMwmLIPjXw yHmKV28m9OMq//iHR0aMVxDKcfufr2bm7GTeTeHjvI+bafzVXcFkgRSiaEhUBEDxUmlV tntLHUbtD/dejUyRb5I80o2HFX0czeZPXjr2F9/7My7D8GeVpOeMgo1Y6rAPhZx/sv8z aOBB9jTM/fJDsqdo0k4xEFrjo+2nyddop2ZFqpbrduK7BwXa52HXl3wkNtrwG+4Ou0z5 hOiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=B1YmUmWw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g17si7000269eds.403.2021.03.20.10.58.22; Sat, 20 Mar 2021 10:58:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=B1YmUmWw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229769AbhCTR5Y (ORCPT + 99 others); Sat, 20 Mar 2021 13:57:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41292 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229618AbhCTR4z (ORCPT ); Sat, 20 Mar 2021 13:56:55 -0400 Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E044EC061574 for ; Sat, 20 Mar 2021 10:56:54 -0700 (PDT) Received: by mail-lj1-x230.google.com with SMTP id f16so15999773ljm.1 for ; Sat, 20 Mar 2021 10:56:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Qr5T61t0/jc8E3lWW0Exv0s6IfP06gKKY0jxUzzXYFU=; b=B1YmUmWwUaXDPggGJ6vO+ghH6m2Ri+VzWlR67wsIyPChLMY3pfeYm6CmkhLzQCmBVH wbn4OjdhGJAhSvzsDb7a6/uL53bKrmKp0tk1wGio11cxJb/4Sh1R2K8npAqo9Jz1+jk2 ridKCeAwmBRlqMigRH0RRKhcA0SWdEl78eQBM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Qr5T61t0/jc8E3lWW0Exv0s6IfP06gKKY0jxUzzXYFU=; b=fRgb7qo7ZME7gJHXArs90FpjzcQUmxZsqt4m+ql/NQw4nAN6mz2XxqqpZLyNWjPeVR WW7EUWo5Di9NarQC1b9uFzx2cayRTBkqDWv8kAkxHAhbmpGAdNXvu4DaNXT/fEOOtOOr FP+aUwiKvOG8dsGCfUi2bmcBJ9A2KAxjMKBKoL2jI/9birf1VQbe2FfGv/MEqXUxTTy5 CeA5xh5ZYXcbjWZ/U+50R5HLnYb86tPuojQXwP7wVhf3fUqbMKgt2RASwtZ97hLMFNRt HRsN6gMY/9ZeU/aLq7ElryBf1DjpSTDHYe5Cl8xUMxr4MYnkMMOnNbOiyon634nomPMH /IYQ== X-Gm-Message-State: AOAM532alxgR5HSjHQ7Gcr3bLgCSeyf2cqKP/8joLGGGPfGDx2s6fnFt byahptG9RHUKpV3YqFKP9GoZiqR1uEYszA== X-Received: by 2002:a2e:9b16:: with SMTP id u22mr4610134lji.184.1616263013265; Sat, 20 Mar 2021 10:56:53 -0700 (PDT) Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com. [209.85.167.49]) by smtp.gmail.com with ESMTPSA id l5sm983180lfc.137.2021.03.20.10.56.52 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 20 Mar 2021 10:56:52 -0700 (PDT) Received: by mail-lf1-f49.google.com with SMTP id g8so7795995lfv.12 for ; Sat, 20 Mar 2021 10:56:52 -0700 (PDT) X-Received: by 2002:a05:6512:3d1c:: with SMTP id d28mr3960217lfv.41.1616263012501; Sat, 20 Mar 2021 10:56:52 -0700 (PDT) MIME-Version: 1.0 References: <20210320153832.1033687-1-axboe@kernel.dk> <20210320153832.1033687-2-axboe@kernel.dk> In-Reply-To: From: Linus Torvalds Date: Sat, 20 Mar 2021 10:56:36 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/2] signal: don't allow sending any signals to PF_IO_WORKER threads To: "Eric W. Biederman" Cc: Jens Axboe , io-uring , Linux Kernel Mailing List , Oleg Nesterov , Stefan Metzmacher Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Mar 20, 2021 at 9:19 AM Eric W. Biederman wrote: > > The creds should be reasonably in-sync with the rest of the threads. It's not about credentials (despite the -EPERM). It's about the fact that kernel threads cannot handle signals, and then get caught in endless loops of "if (sigpending()) return -EAGAIN". For a normal user thread, that "return -EAGAIN" (or whatever) will end up returning an error to user space - and before it does that, it will go through the "oh, returning to user space, so handle signal" path. Which will clear sigpending etc. A thread that never returns to user space fundamentally cannot handle this. The sigpending() stays on forever, the signal never gets handled, the thread can't do anything. So delivering a signal to a kernel thread fundamentally cannot work (although we do have some threads that explicitly see "oh, if I was killed, I will exit" - think things like in-kernel nfsd etc). Linus