lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20110220222853.GA2960@mail.hallyn.com>
Date:	Sun, 20 Feb 2011 22:28:53 +0000
From:	"Serge E. Hallyn" <serge@...lyn.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	"Serge E. Hallyn" <serge.hallyn@...onical.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	James Morris <jmorris@...ei.org>,
	Kees Cook <kees.cook@...onical.com>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Michael Kerrisk <mtk.manpages@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: +
 userns-add-a-user_namespace-as-creator-owner-of-uts_namespace.patch added
 to -mm tree

Quoting Oleg Nesterov (oleg@...hat.com):
> > Subject: userns: add a user_namespace as creator/owner of uts_namespace
> > From: "Serge E. Hallyn" <serge@...lyn.com>
> 
> Minor nit... feel free to ignore, but can't resist.
> 
> --- a/kernel/nsproxy.c~userns-add-a-user_namespace-as-creator-owner-of-uts_namespace
> +++ a/kernel/nsproxy.c
> @@ -74,6 +74,11 @@ static struct nsproxy *create_new_namesp
>  		err = PTR_ERR(new_nsp->uts_ns);
>  		goto out_uts;
>  	}
> +	if (new_nsp->uts_ns != tsk->nsproxy->uts_ns) {
> +		put_user_ns(new_nsp->uts_ns->user_ns);
> +		new_nsp->uts_ns->user_ns = task_cred_xxx(tsk, user)->user_ns;
> +		get_user_ns(new_nsp->uts_ns->user_ns);
> +	}
> 
> Looks correct, but confusing imho.
> 
> "new_nsp->uts_ns != tsk->nsproxy->uts_ns" is a bit strange way to
> check "flags & CLONE_NEWUTS", no?
> 
> And since copy_utsname() already checks CLONE_NEWUTS, can't we move
> this code into copy_utsname() or clone_uts_ns() ?

Yup.  I had only found the bug this addresses very late so sort of
felt I should keep it as an obvious band-aid for now.  I've got a
lot of feedback to address on this set (!), and I'll do this more
cleanly as well.

Thanks for taking a look, Oleg.

-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ