| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 May 2016 16:29:07 +0800 From: Zhao Lei <zhaolei@...fujitsu.com> To: <linux-kernel@...r.kernel.org> CC: "'Eric W. Biederman'" <ebiederm@...ssion.com> Subject: RE: [PATCH 0/3] Write dump into container's filesystem for pipe_type core_pattern (Offline) Hi, Eric I rewrited patch to support code_dump in container according to your suggestion. Could you take a look of it, and give me your opinion in this version? Thanks Zhaolei > -----Original Message----- > From: Zhao Lei [mailto:zhaolei@...fujitsu.com] > Sent: Wednesday, May 11, 2016 9:27 AM > To: linux-kernel@...r.kernel.org > Cc: containers@...ts.linux-foundation.org; Eric W. Biederman > <ebiederm@...ssion.com>; Mateusz Guzik <mguzik@...hat.com>; > Kamezawa Hiroyuki <kamezawa.hiroyu@...fujitsu.com>; Zhao Lei > <zhaolei@...fujitsu.com> > Subject: [PATCH 0/3] Write dump into container's filesystem for pipe_type > core_pattern > > In current system, when we set core_pattern to a pipe, both pipe program > and program's output are in host's filesystem. > But when we set core_pattern to a file, the container will write dump > into container's filesystem. > > For example, when we set following core_pattern: > # echo "|/my_dump_pipe %s %c %p %u %g %t > e" >/proc/sys/kernel/core_pattern > and trigger a segment fault in a container, my_dump_pipe is searched from > host's filesystem, and it will write coredump into host's filesystem too. > > In a privileged container, user can destroy host system by following > command: > # # In a container > # echo "|/bin/dd of=/boot/vmlinuz" >/proc/sys/kernel/core_pattern > # make_dump > > Actually, all operation in a container should not change host's > environment, the container should use core_pattern as its private setting. > In detail, in core dump action: > 1: Search pipe program in container's fs namespace. > 2: Run pipe program in container's fs namespace to write coredump to it. > > I rewrited this patch from origional: > > http://www.gossamer-threads.com/lists/linux/kernel/2395715?do=post_view_ > flat > and changed the impliment way and function detail discussed in: > > http://www.gossamer-threads.com/lists/linux/kernel/2397602?nohighlight=1# > 2397602 > > Changes against previous impliment: > 1: Avoid forking thread from the crach process. > Suggested-by: Eric W. Biederman <ebiederm@...ssion.com> > 2: To keep compatibility with current code, if user hadn't change > core_pattern in container, the dump file will still write to > the host filesystem. > Suggested-by: Eric W. Biederman <ebiederm@...ssion.com> > > Zhao Lei (3): > [RFC] Save dump_root into pid_namespace > [RFC] Make dump_pipe thread possilbe to select the rootfs > [RFC] Write dump into container's filesystem for pipe_type > core_pattern > > fs/coredump.c | 19 ++++++++++++++++++- > fs/fs_struct.c | 25 ++++++++++++++++--------- > include/linux/fs_struct.h | 3 ++- > include/linux/kmod.h | 4 +++- > include/linux/pid_namespace.h | 3 +++ > include/linux/sched.h | 5 +++-- > init/do_mounts_initrd.c | 3 ++- > init/main.c | 4 ++-- > kernel/fork.c | 34 ++++++++++++++++++++-------------- > kernel/kmod.c | 13 ++++++++----- > kernel/kthread.c | 3 ++- > kernel/pid.c | 1 + > kernel/pid_namespace.c | 6 ++++++ > kernel/sysctl.c | 30 ++++++++++++++++++++++++++---- > lib/kobject_uevent.c | 3 ++- > security/keys/request_key.c | 2 +- > 16 files changed, 115 insertions(+), 43 deletions(-) > > -- > 1.8.5.1
Powered by blists - more mailing lists