lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 15 Nov 2019 10:58:55 +0100
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     Oleg Nesterov <oleg@...hat.com>
Cc:     Andrei Vagin <avagin@...il.com>, Adrian Reber <areber@...hat.com>,
        Eric Biederman <ebiederm@...ssion.com>,
        Pavel Emelyanov <ovzxemul@...il.com>,
        Jann Horn <jannh@...gle.com>,
        Dmitry Safonov <0x7f454c46@...il.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        linux-kernel@...r.kernel.org, Mike Rapoport <rppt@...ux.ibm.com>,
        Radostin Stoyanov <rstoyanov1@...il.com>
Subject: Re: [PATCH v10 1/2] fork: extend clone3() to support setting a PID

On Fri, Nov 15, 2019 at 10:34:20AM +0100, Oleg Nesterov wrote:
> On 11/14, Andrei Vagin wrote:
> >
> > On Thu, Nov 14, 2019 at 03:27:06PM +0100, Adrian Reber wrote:
> > ...
> > > diff --git a/include/uapi/linux/sched.h b/include/uapi/linux/sched.h
> > > index 1d500ed03c63..2e649cfa07f4 100644
> > > --- a/include/uapi/linux/sched.h
> > > +++ b/include/uapi/linux/sched.h
> > ...
> > > @@ -174,24 +186,51 @@ struct pid *alloc_pid(struct pid_namespace *ns)
> > >  	pid->level = ns->level;
> > >
> > >  	for (i = ns->level; i >= 0; i--) {
> > > -		int pid_min = 1;
> > > +		int tid = 0;
> > > +
> > > +		if (set_tid_size) {
> > > +			tid = set_tid[ns->level - i];
> > > +			if (tid < 1 || tid >= pid_max)
> > > +				return ERR_PTR(-EINVAL);
> >
> > do we need to release pids what have been allocated on previous levels?
> 
> Heh ;) it is really amazing that nobody noticed this! Thanks Andrei.
> 
> > nr = -EINVAL;
> 
> retval = -EINVAL;
> 
> > goto out_free;

How do we feel about moving this into a separate helper like below?
Keeps the ugliness out of alloc_pid() itself.

Christian

diff --git a/kernel/pid.c b/kernel/pid.c
index eb32668997c6..d3dfd1bbebaf 100644
--- a/kernel/pid.c
+++ b/kernel/pid.c
@@ -157,6 +157,31 @@ void free_pid(struct pid *pid)
 	call_rcu(&pid->rcu, delayed_put_pid);
 }
 
+static int set_tid_next(pid_t *set_tid, size_t *size, int idx)
+{
+	int tid = 0;
+
+	if (*size) {
+		tid = set_tid[idx];
+		if (tid < 1 || tid >= pid_max)
+			return -EINVAL;
+
+		/*
+		 * Also fail if a PID != 1 is requested and
+		 * no PID 1 exists.
+		 */
+		if (tid != 1 && !tmp->child_reaper)
+			return -EINVAL;
+
+		if (!ns_capable(tmp->user_ns, CAP_SYS_ADMIN))
+			return -EPERM;
+
+		(*size)--;
+	}
+
+	return tid;
+}
+
 struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
 		      size_t set_tid_size)
 {
@@ -188,20 +213,10 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
 	for (i = ns->level; i >= 0; i--) {
 		int tid = 0;
 
-		if (set_tid_size) {
-			tid = set_tid[ns->level - i];
-			if (tid < 1 || tid >= pid_max)
-				return ERR_PTR(-EINVAL);
-			/*
-			 * Also fail if a PID != 1 is requested and
-			 * no PID 1 exists.
-			 */
-			if (tid != 1 && !tmp->child_reaper)
-				return ERR_PTR(-EINVAL);
-			if (!ns_capable(tmp->user_ns, CAP_SYS_ADMIN))
-				return ERR_PTR(-EPERM);
-			set_tid_size--;
-		}
+		retval = set_tid_next(set_tid, &set_tid_size, ns->level - i);
+		if (retval < 0)
+			goto out_free;
+		tid = retval;
 
 		idr_preload(GFP_KERNEL);
 		spin_lock_irq(&pidmap_lock);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ