Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp235246iog; Wed, 15 Jun 2022 00:56:12 -0700 (PDT) X-Google-Smtp-Source: AGRyM1v9q33uTKYZNzajndJ3CBpxDUekF3D8baLCug2/q/qTPZMXaWr2Y/HR/z3GkGwVIz9hoigt X-Received: by 2002:a17:90b:4c07:b0:1e8:2961:e318 with SMTP id na7-20020a17090b4c0700b001e82961e318mr8763847pjb.151.1655279771963; Wed, 15 Jun 2022 00:56:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655279771; cv=none; d=google.com; s=arc-20160816; b=kaNVUtsshqlRU8MEZxb5WHDFuzhlsELmwhjCpqU8QiiH39mBThpJ+8qIEniNq7px4Y CVev948CSYjH328wuLmJias8uRgmxdDuMJNG58L4IfHGfcLJaB+RuTmHYvF1JZ86wxq+ Xn5W5AQ1xHcYVC0XfZC0/AGPJSlroI0ysIKGYzkpGewHzxJb5ixilqT2c+9sO1PewDjV TwitVofdRwR+4HDF6VLuUWohQXu69dwbH77FCxEOl4P6yfGtjoqYwUToqIDupiZuDa6s tW3xolElQ/LIloXiDGFxG342eGiYdYXnFl+DqGGW1pX6TCP080NwOhVxJVZ8RtkBMfRf 2n6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=pTEN2x9+WUQxvEz4mYhFwJlLwC14hZMgZcahSDrx6Vs=; b=nLBchxrU2LmISJbc2cvjNzbqj2g1T4uafY+cUzJubH8Ye1OJQWj54PEMkQF1dNbmHA BlrQSNfHTfhJSXwndGgZyrri70ymmtR5OLSdoFMAOfxFzQHhrPb+ykI++hc/qzikj2RW OZNd7XPSTUaot3cXjDVa36fn33opvJgGTb5amhNbTSoQRL41bYzjU4tCcE/1AhGDWUfy uf0ep5bYEymcuj8VyLEm9i+DiPoY2BrdOEBxkZ9Nr0y0Q/mjBxi56PihggAP4AEgetDS C1tD64fNSYBFNWXwP0i6CxZsISPpAwfynlPIkNThA0/kvnnBGe96AX1sGbCWK9njb+Kq SM6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=RvOGNKRR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id pb5-20020a17090b3c0500b001df6ce033fasi1624640pjb.57.2022.06.15.00.55.59; Wed, 15 Jun 2022 00:56:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=RvOGNKRR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343616AbiFOHiK (ORCPT + 99 others); Wed, 15 Jun 2022 03:38:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232409AbiFOHiI (ORCPT ); Wed, 15 Jun 2022 03:38:08 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F80E2FFD6 for ; Wed, 15 Jun 2022 00:38:07 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 29EB2B81C77 for ; Wed, 15 Jun 2022 07:38:06 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0F388C34115; Wed, 15 Jun 2022 07:38:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1655278684; bh=pnJOadH0YoVYYLx7ob0PUxPv2n/UnPgyF8EolnCZrbY=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=RvOGNKRRwXhGy2FvnDnMyyiJiDF8bAs6H34OrzJlqLwvtNizOdtmDrEs09uRlG1+t NtdGkOxBtCfc1q7/7FKQ8AeyKzIwID/6CkjxKgN2le0Gd01dtDo57qiUdCr7PfrvWF jnEMGPHkHFCq4/+V+hF21ZtjN5r3wbFOlDLV2l+y5k7mIM5ahtcEWAfmvgm5TUWAKS 8HQUDnR8ZeEjdzzjMyMsPBEXK6+gn0M1AVzHRJS2b4U9zPjnCmk+gY6JVw6zYoUE+5 aN5Wf0f92EEgFpIswA50vKygBlA3kzt3L7zlub5AMLYYnyy6ZRuC/DtpAO4clfqIBp w77byS+JdT4Mw== Date: Wed, 15 Jun 2022 09:37:59 +0200 From: Christian Brauner To: Andrei Vagin Cc: linux-kernel@vger.kernel.org, Dmitry Safonov <0x7f454c46@gmail.com>, Florian Weimer , linux-mm@kvack.org, Eric Biederman , Kees Cook Subject: Re: [PATCH 1/2] fs/exec: allow to unshare a time namespace on vfork+exec Message-ID: <20220615073759.ps63einipnptgpnk@wittgenstein> References: <20220613060723.197407-1-avagin@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20220613060723.197407-1-avagin@gmail.com> X-Spam-Status: No, score=-8.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jun 12, 2022 at 11:07:22PM -0700, Andrei Vagin wrote: > Right now, a new process can't be forked in another time namespace > if it shares mm with its parent. It is prohibited, because each time > namespace has its own vvar page that is mapped into a process address > space. > > When a process calls exec, it gets a new mm and so it could be "legal" > to switch time namespace in that case. This was not implemented and > now if we want to do this, we need to add another clone flag to not > break backward compatibility. > > We don't have any user requests to switch times on exec except the > vfork+exec combination, so there is no reason to add a new clone flag. > As for vfork+exec, this should be safe to allow switching timens with > the current clone flag. Right now, vfork (CLONE_VFORK | CLONE_VM) fails > if a child is forked into another time namespace. With this change, > vfork creates a new process in parent's timens, and the following exec > does the actual switch to the target time namespace. > > Suggested-by: Florian Weimer > Signed-off-by: Andrei Vagin > --- Looks good, Acked-by: Christian Brauner (Microsoft)