lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20121105163810.GJ14789@redhat.com>
Date:	Mon, 5 Nov 2012 11:38:11 -0500
From:	Aristeu Rozanski <aris@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	linux-fsdevel@...r.kernel.org,
	"Serge E. Hallyn" <serge@...lyn.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Al Viro <viro@...iv.linux.org.uk>,
	Linux Containers <containers@...ts.linux-foundation.org>
Subject: [PATCH] coredump: run the coredump helper using the same namespace
 as the dead process

/proc/sys/kernel/core_pattern can be used to specify a userspace helper
to handle core files and it currently runs in the root namespace.
This patch allows the helper to run in the same namespace in a step
towards letting containers setting their own helpers.

Cc: "Serge E. Hallyn" <serge@...lyn.com>
Cc: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Al Viro <viro@...iv.linux.org.uk>
Signed-off-by: Aristeu Rozanski <aris@...hat.com>

diff --git a/fs/coredump.c b/fs/coredump.c
index ce47379..fa14ea1 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -455,6 +455,19 @@ static int umh_pipe_setup(struct subprocess_info *info, struct cred *new)
 	/* and disallow core files too */
 	current->signal->rlim[RLIMIT_CORE] = (struct rlimit){1, 1};
 
+	/*
+	 * We want to run the helper within the same namespace. Since we
+	 * already forked, current here is using init_nsproxy and the usage
+	 * was already accounted. switch_task_namespace() will revert that
+	 * but we need to bump the dead process' nsproxy before calling the
+	 * the helper. Once it exits, the dead process' nsproxy usage will be
+	 * decremented as part of normal process exit.
+	 */
+	if (current->nsproxy != cp->nsproxy) {
+		get_nsproxy(cp->nsproxy);
+		switch_task_namespaces(current, cp->nsproxy);
+	}
+
 	return err;
 }
 
@@ -482,6 +495,8 @@ void do_coredump(siginfo_t *siginfo, struct pt_regs *regs)
 		 * by any locks.
 		 */
 		.mm_flags = mm->flags,
+		/* we run the helper in the same namespace */
+		.nsproxy = current->nsproxy,
 	};
 
 	audit_core_dumps(siginfo->si_signo);
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
index cfcc6bf..45113e6 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -63,6 +63,7 @@ struct coredump_params {
 	struct file *file;
 	unsigned long limit;
 	unsigned long mm_flags;
+	struct nsproxy *nsproxy;
 };
 
 /*
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ