Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp1020536pxm;
        Wed, 23 Feb 2022 16:06:38 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxRzVFxWz9Ayr/66XQW1HmjIBuaDRZY9AnVh+JMKw03uy2tGtMJoBy/Isu0WmQHWPUDWadY
X-Received: by 2002:a63:e215:0:b0:373:9dd6:4b99 with SMTP id q21-20020a63e215000000b003739dd64b99mr179029pgh.561.1645661197750;
        Wed, 23 Feb 2022 16:06:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1645661197; cv=none;
        d=google.com; s=arc-20160816;
        b=yOvyI8t1vcPsAXfI+9tDLwrYi+NlucPycUu4v4EybiTTOFRZ3fNATtxpU+pfVyrKdz
         UD5LGG5amHonBNRkeXPwnI97oRTGz+7T4oWXpAcFicqzlt5cAogiRcVtaePTCWLKrnRf
         1sOAGZIunQ9YWe74LY+lhyBryXU/WyAf0Pp7aJR/QDjgDwk8Kn0/77Au7/LAw+x3fE0/
         WNnIjCc2Nc/SScyAeSzesyyvDlbY6wybRfFUiT9MD5ODgGhhmBV+AHbZOVLKc26EXL8Z
         0Ryf9C/Ibt6GlWqPtHZEBQYTRnzsF6SiyF9GBLzWN65OtAgYT35gX73MJYclnUmlWfqh
         esuQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=BINvMWFOT7xvxvViQT8D36POQ4xMkDFjgZSnWEqMKQk=;
        b=iSW4kEbv3g1iBFrGkhxGVkXaCpmQdZJsdrFyrcJ49BL4yU3kaOnz5CNbES2MzgaihZ
         CTbH1OLtT2hX2FwCZ/x3pX4Yk7u+4li+2eYM/ehUsGlPn77tq+vZMnJzn2isQPfo2dXu
         Ymm0uVgRTVA8a1ywZ0Ke8/62i3ECk570t4bWTsmI8HnGKJUAv6XkydYG1m8JvRbKiwoC
         R2HTdvnpOBupUXAKXR4PVdwxf8wyalMeeclYiM7+FPOZCAnWiAtqSBBq04SJGJfUQcmy
         luVVzRr3z0evCX4q+rGmcLnAZOmHiH24UCEv7ukHoBtskY6XmOUk3wDBHa/r5G+dXxp4
         XD4A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id n13si1105769plf.196.2022.02.23.16.06.10;
        Wed, 23 Feb 2022 16:06:37 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S244785AbiBWXYl (ORCPT <rfc822;android.linux@gmail.com>
        + 99 others); Wed, 23 Feb 2022 18:24:41 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47436 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235909AbiBWXYk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 23 Feb 2022 18:24:40 -0500
Received: from zeniv-ca.linux.org.uk (zeniv-ca.linux.org.uk [IPv6:2607:5300:60:148a::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6636F4BFFB;
        Wed, 23 Feb 2022 15:24:11 -0800 (PST)
Received: from viro by zeniv-ca.linux.org.uk with local (Exim 4.94.2 #2 (Red Hat Linux))
        id 1nN0zQ-004Ozy-UT; Wed, 23 Feb 2022 23:24:09 +0000
Date:   Wed, 23 Feb 2022 23:24:08 +0000
From:   Al Viro <viro@zeniv.linux.org.uk>
To:     Levi Yun <ppbuk5246@gmail.com>
Cc:     keescook@chromium.org, ebiederm@xmission.com,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs/exec.c: Avoid a race in formats
Message-ID: <YhbCGDzlTWp2OJzI@zeniv-ca.linux.org.uk>
References: <20220223231752.52241-1-ppbuk5246@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220223231752.52241-1-ppbuk5246@gmail.com>
Sender: Al Viro <viro@ftp.linux.org.uk>
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Feb 24, 2022 at 08:17:52AM +0900, Levi Yun wrote:
> Suppose a module registers its own binfmt (custom) and formats is like:
> 
> +---------+    +----------+    +---------+
> | custom  | -> |  format1 | -> | format2 |
> +---------+    +----------+    +---------+
> 
> and try to call unregister_binfmt with custom NOT in __exit stage.

Explain, please.  Why would anyone do that?  And how would such
module decide when it's safe to e.g. dismantle data structures
used by methods of that binfmt, etc.?

Could you give more detailed example?  Because it looks like
papering over an inherently unsafe use of binfmt interfaces...