lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <02721E5E-6962-4699-86A5-EF5CFC787284@oracle.com>
Date:	Thu, 11 Sep 2008 12:39:39 -0400
From:	Chuck Lever <chuck.lever@...cle.com>
To:	Cedric Le Goater <clg@...ibm.com>
Cc:	"Eric W. Biederman" <ebiederm@...ssion.com>,
	"Serge E. Hallyn" <serue@...ibm.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Trond Myklebust <trond.myklebust@....uio.no>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Linux Containers <containers@...ts.osdl.org>,
	Linux NFS Mailing List <linux-nfs@...r.kernel.org>
Subject: Re: [RFC][PATCH] sunrpc: fix oops in rpc_create() when the mount namespace is unshared

Cedric-

On Sep 11, 2008, at Sep 11, 2008, 5:02 AM, Cedric Le Goater wrote:
>> The conservative play is to always force use of the initial namespace
>> and to deny creation of mounts that would use different  
>> namespaces.  In part
>> because the initial version of the namespace always exists.  Which  
>> means
>> as relates to Cedrics initial patch we would still need to know which
>> mounts should cause us to use a different uts namespace so we can  
>> deny
>> them.
>
> I will send the initial patch which forces use of the initial  
> namespace because
> it does fix a real oops.

Today's patch looks reasonable to me.  I would add a FIXME comment in  
net/sunrpc/clnt.c near the site of the fix.

> Then, I should be able to find some time to work on improving the  
> uts namespace
> checks when NFS mounts are done.

As a final note, I don't think this is an issue only for NFS mounts.   
The problem is with how AUTH_SYS RPC credentials are formed.

cl_nodename is a copy of utsname kept in the rpc_clnt structure for  
efficiency.  I think the auth_unix code has to be more sensitive to  
which utsname is "in effect" for each RPC request.  We probably can't  
use the same utsname for all RPC requests for the life of an RPC  
client.  And since RPC credentials are cached, we should be more  
careful about which cached credential is selected.

-- 
Chuck Lever
chuck[dot]lever[at]oracle[dot]com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ