[PATCH 3/3] Make sure we free the struct socket of SOCK_DEAD sockets
danms at us.ibm.com
Mon Sep 14 12:31:02 PDT 2009
OL> This works well for the case of successful restart, but I suspect it
OL> doesn't cover two other cases:
OL> 1) Malicious user removes the SOCK_DEAD marking off a socket.
OL> 2) Restart fails after a socket is restored but before it is
OL> attached to a process.
Aww, come on... when are users ever malicious? :)
Okay, I think I can handle both of these with a carefully-crafted
obj->ops->drop() replacement. I don't want to get back to the
orphan-all-by-default situation because it becomes hard to ensure that
the socket object we later allocate receives proper treatment.
IBM Linux Technology Center
email: danms at us.ibm.com
More information about the Containers