| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110923172235.GB4065@sergelap> Date: Fri, 23 Sep 2011 12:22:35 -0500 From: "Serge E. Hallyn" <serge.hallyn@...onical.com> To: Alan Stern <stern@...land.harvard.edu> Cc: "Serge E. Hallyn" <serge@...lyn.com>, Greg KH <greg@...ah.com>, Oleg Nesterov <oleg@...hat.com>, lkml <linux-kernel@...r.kernel.org>, richard@....at, Andrew Morton <akpm@...gle.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Tejun Heo <tj@...nel.org>, linux-usb@...r.kernel.org Subject: Re: [PATCH resend] user namespace: usb: make usb urbs user namespace aware (v2) Quoting Alan Stern (stern@...land.harvard.edu): > On Fri, 23 Sep 2011, Serge E. Hallyn wrote: > > > Quoting Alan Stern (stern@...land.harvard.edu): > > > On Fri, 23 Sep 2011, Serge E. Hallyn wrote: > > > > > > > (re-sending to Cc: Greg and linux-usb) > > > > > > > > Add to the dev_state and alloc_async structures the user namespace > > > > corresponding to the uid and euid. Pass these to kill_pid_info_as_uid(), > > > > which can then implement a proper, user-namespace-aware uid check. > > > > > > > > Changelog: > > > > Sep 20: Per Oleg's suggestion: Instead of caching and passing user namespace, > > > > uid, and euid each separately, pass a struct cred. > > > > > > This should be broken up into two separate patches: One to add > > > kill_pid_info_as_cred() and the other to modify the usbfs driver. > > > > It seems like that would make the first patch harder to review (since > > it won't just show the changes from kill_pid_info_as_uid to > > kill_pid_info_as_cred), but I'll go ahead and split it up. I assume > > kill_pid_info_as_uid should be removed in a third patch? > > No, what I meant was that all the changes to /kernel/signal.c should be > in one patch and all the changes to drivers/usb/core/devio.c should be > in a second patch. But doing that in two patches would not be bisect-safe. > You did check to make sure there are no other references to > kill_pid_info_as_uid() in the kernel? Yup. > > > > if (signr) > > > > - kill_pid_info_as_uid(sinfo.si_signo, &sinfo, pid, uid, > > > > - euid, secid); > > > > + kill_pid_info_as_cred(sinfo.si_signo, &sinfo, pid, cred, secid); > > > > > > This continues a bug that already exists in the current code. Once > > > ps->lock is released, there is no guarantee that the async structure > > > will still exist. It may already have been freed, and the reference to > > > > Yikes. That makes sense. I'll fix that for the cred and the pid as well > > then? > > Right. Ok. thanks, -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists