[Devel] Re: [PATCH] Masquerade sender information
Cedric Le Goater
clg at fr.ibm.com
Fri Nov 2 07:05:48 PDT 2007
Eric W. Biederman wrote:
> sukadev at us.ibm.com writes:
>
>> +static void masquerade_sender(struct task_struct *t, struct sigqueue *q)
>> +{
>> + /*
>> + * If the sender does not have a pid_t in the receiver's active
>> + * pid namespace, set si_pid to 0 and pretend signal originated
>> + * from the kernel.
>> + */
>> + if (!pid_ns_equal(t)) {
>> + q->info.si_pid = 0;
>> + q->info.si_uid = 0;
>> + q->info.si_code = SI_KERNEL;
>> + }
>> +}
>
> It looks like we are hooked in the right place. However the way we
> are handling this appears wrong.
>
> First. If we have an si_code that does not use si_pid then we should
> not be changing si_pid, because the structure is a union and that field
> is not always a pid value.
>
>
> My gut feel says the code should be something like:
>
> switch (q->info->si_code & __SI_MASK) {
> case __SI_KILL:
> case __SI_CHILD:
> case __SI_RT:
> case __MESQ:
> q->info->si_pid = task_pid_nr_ns(current, t->nsproxy->pid_ns);
> break;
> }
IMHO, it should be
q->info->si_pid = 0.
we're trying to cover the case where the sender does not have a pid_t in
the receiver's active pid namespace.
C.
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list