lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 14 May 2014 16:34:49 -0500
From:	Seth Forshee <seth.forshee@...onical.com>
To:	linux-kernel@...r.kernel.org
Cc:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jens Axboe <axboe@...nel.dk>, Arnd Bergmann <arnd@...db.de>,
	Eric Biederman <ebiederm@...ssion.com>,
	Serge Hallyn <serge.hallyn@...onical.com>,
	lxc-devel@...ts.linuxcontainers.org,
	Seth Forshee <seth.forshee@...onical.com>
Subject: [RFC PATCH 01/11] driver core: Assign owning user namespace to devices

Adds a member to struct device named ns to indicate the user
namespace which "owns" a device, which would generally indicate
that root in that namespace is priveleged toward the device. It
will also be used for future devtmpfs to determine which
namespace's mount the device will appear in. This defaults to
init_user_ns. An ns_global flag is also added to struct device,
which indicates the device should appear in all devtmpfs mounts.

Also adds a helper interface, dev_set_ns(), for changing the
namespace which a device has been assigned to.

Signed-off-by: Seth Forshee <seth.forshee@...onical.com>
---
 drivers/base/core.c    |  3 +++
 include/linux/device.h | 13 +++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/drivers/base/core.c b/drivers/base/core.c
index 20da3ad1696b..1da05f1319fa 100644
--- a/drivers/base/core.c
+++ b/drivers/base/core.c
@@ -26,6 +26,7 @@
 #include <linux/pm_runtime.h>
 #include <linux/netdevice.h>
 #include <linux/sysfs.h>
+#include <linux/user_namespace.h>
 
 #include "base.h"
 #include "power/power.h"
@@ -661,6 +662,7 @@ void device_initialize(struct device *dev)
 	INIT_LIST_HEAD(&dev->devres_head);
 	device_pm_init(dev);
 	set_dev_node(dev, -1);
+	dev->ns = get_user_ns(&init_user_ns);
 }
 EXPORT_SYMBOL_GPL(device_initialize);
 
@@ -1211,6 +1213,7 @@ void device_del(struct device *dev)
 	 */
 	if (platform_notify_remove)
 		platform_notify_remove(dev);
+	put_user_ns(dev->ns);
 	kobject_uevent(&dev->kobj, KOBJ_REMOVE);
 	cleanup_device_parent(dev);
 	kobject_del(&dev->kobj);
diff --git a/include/linux/device.h b/include/linux/device.h
index d1d1c055b48e..41a4ba33b13b 100644
--- a/include/linux/device.h
+++ b/include/linux/device.h
@@ -27,6 +27,7 @@
 #include <linux/ratelimit.h>
 #include <linux/uidgid.h>
 #include <linux/gfp.h>
+#include <linux/user_namespace.h>
 #include <asm/device.h>
 
 struct device;
@@ -704,9 +705,12 @@ struct acpi_dev_node {
  * 		gone away. This should be set by the allocator of the
  * 		device (i.e. the bus driver that discovered the device).
  * @iommu_group: IOMMU group the device belongs to.
+ * @ns:		User namespace which "owns" this device.
  *
  * @offline_disabled: If set, the device is permanently online.
  * @offline:	Set after successful invocation of bus type's .offline().
+ * @ns_global:	Set to make device appear in devtmpfs for all user
+ *		namespaces.
  *
  * At the lowest level, every device in a Linux system is represented by an
  * instance of struct device. The device structure contains the information
@@ -780,8 +784,11 @@ struct device {
 	void	(*release)(struct device *dev);
 	struct iommu_group	*iommu_group;
 
+	struct user_namespace	*ns;
+
 	bool			offline_disabled:1;
 	bool			offline:1;
+	bool			ns_global:1;
 };
 
 static inline struct device *kobj_to_dev(struct kobject *kobj)
@@ -804,6 +811,12 @@ static inline const char *dev_name(const struct device *dev)
 extern __printf(2, 3)
 int dev_set_name(struct device *dev, const char *name, ...);
 
+static inline void dev_set_ns(struct device *dev, struct user_namespace *ns)
+{
+	put_user_ns(dev->ns);
+	dev->ns = get_user_ns(ns);
+}
+
 #ifdef CONFIG_NUMA
 static inline int dev_to_node(struct device *dev)
 {
-- 
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ