lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200306160020.orvb3frtsu2yvfe3@wittgenstein>
Date:   Fri, 6 Mar 2020 17:00:20 +0100
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     minyard@....org
Cc:     linux-kernel@...r.kernel.org, Corey Minyard <cminyard@...sta.com>,
        stable@...r.kernel.org, Adrian Reber <areber@...hat.com>,
        Oleg Nesterov <oleg@...hat.com>,
        Dmitry Safonov <0x7f454c46@...il.com>,
        Andrei Vagin <avagin@...il.com>
Subject: Re: [PATCH] pid: Fix error return value in some cases

On Fri, Mar 06, 2020 at 09:20:01AM -0600, minyard@....org wrote:
> From: Corey Minyard <cminyard@...sta.com>
> 
> Recent changes to alloc_pid() allow the pid number to be specified on
> the command line.  If set_tid_size is set, then the code scanning the
> levels will hard-set retval to -EPERM, overriding it's previous -ENOMEM
> value.
> 
> After the code scanning the levels, there are error returns that do not
> set retval, assuming it is still set to -ENOMEM.
> 
> In the first place, pid_ns_prepare_proc() returns its own error, just
> use that.
> 
> In the second place:
> 
> 	if (!(ns->pid_allocated & PIDNS_ADDING))
> 		goto out_unlock;
> 
> a return value of -ENOMEM is probably wrong, since that means that the
> namespace is in deletion while this happened.  -EINVAL is probably a
> better choice.
> 
> Fixes: 49cb2fc42ce4 "fork: extend clone3() to support setting a PID"
> Signed-off-by: Corey Minyard <cminyard@...sta.com>
> Cc: <stable@...r.kernel.org> # 5.5
> Cc: Adrian Reber <areber@...hat.com>
> Cc: Christian Brauner <christian.brauner@...ntu.com>
> Cc: Oleg Nesterov <oleg@...hat.com>
> Cc: Dmitry Safonov <0x7f454c46@...il.com>
> Cc: Andrei Vagin <avagin@...il.com>
> Cc: Christian Brauner <christian.brauner@...ntu.com>
> ---
>  kernel/pid.c | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/kernel/pid.c b/kernel/pid.c
> index 0f4ecb57214c..1921f7f4b236 100644
> --- a/kernel/pid.c
> +++ b/kernel/pid.c
> @@ -248,7 +248,8 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  	}
>  
>  	if (unlikely(is_child_reaper(pid))) {
> -		if (pid_ns_prepare_proc(ns))
> +		retval = pid_ns_prepare_proc(ns);
> +		if (retval)
>  			goto out_free;
>  	}
>  
> @@ -261,8 +262,10 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid,
>  
>  	upid = pid->numbers + ns->level;
>  	spin_lock_irq(&pidmap_lock);
> -	if (!(ns->pid_allocated & PIDNS_ADDING))
> +	if (!(ns->pid_allocated & PIDNS_ADDING)) {
> +		retval = -EINVAL;
>  		goto out_unlock;
> +	}
>  	for ( ; upid >= pid->numbers; --upid) {
>  		/* Make the PID visible to find_pid_ns. */
>  		idr_replace(&upid->ns->idr, pid, upid->nr);

Thanks for the patch.

We definitely regressed the ENOMEM return value case. But both of the
changes here are userspace visible and break assumptions. So I'd rather
just ensure that ENOMEM is returned in both cases like it was before.
In fact, ENOMEM is documented on the pid_namespace man page so we can't
really change it.
Btw, this is the same problem as we had with:

commit 35f71bc0a09a45924bed268d8ccd0d3407bc476f
Author: Michal Hocko <mhocko@...e.cz>
Date:   Thu Apr 16 12:47:38 2015 -0700

    fork: report pid reservation failure properly

So please restore just restore the old behavior. Can you add --base to
your next commit, please? Makes it easier for me to pick up.

Thanks!
Christian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ