lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20181115225427.GA25874@kroah.com>
Date:   Thu, 15 Nov 2018 14:54:27 -0800
From:   "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     chouryzhou <chouryzhou@...cent.com>,
        "tkjos@...gle.com" <tkjos@...gle.com>,
        "arve@...roid.com" <arve@...roid.com>,
        "tkjos@...roid.com" <tkjos@...roid.com>,
        "dave@...olabs.net" <dave@...olabs.net>,
        "devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH V4] binder: ipc namespace support for android binder

On Thu, Nov 15, 2018 at 02:33:49PM -0800, Andrew Morton wrote:
> On Mon, 12 Nov 2018 09:37:51 +0000 chouryzhou(周威) <chouryzhou@...cent.com> wrote:
> 
> > Currently android's binder is not isolated by ipc namespace. Since binder 
> > is a form of IPC and therefore should be tied to ipc namespace. With this 
> > patch, we can run multiple instances of  android container on one host.
> > 
> > This patch move "binder_procs" and "binder_context" into ipc_namespace,
> > driver will find the context from it when opening. For debugfs, binder_proc
> > is namespace-aware, but not for binder dead nodes, binder_stats and 
> > binder_transaction_log_entry (we added ipc inum to trace it).
> > 
> > ...
> >
> >  drivers/android/binder.c      | 133 ++++++++++++++++++++++++++++++++----------
> >  include/linux/ipc_namespace.h |  15 +++++
> >  ipc/namespace.c               |  10 +++-
> >  3 files changed, 125 insertions(+), 33 deletions(-)
> 
> Well, it's mainly an android patch so I suggest this be taken via the
> android tree.
> 
> Acked-by: Andrew Morton <akpm@...ux-foundation.org>
> 

A number of us have talked about this in the plumbers Android track, and
a different proposal for how to solve this has been made that should be
much more resiliant.  So I will drop this patch from my queue and wait
for the patches based on the discussions we had there.

I think there's some notes/slides on the discussion online somewhere,
but it hasn't been published as the conference is still happening,
otherwise I would link to it here...

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ