lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <875zc8kxyg.fsf@x220.int.ebiederm.org>
Date:   Wed, 03 Jun 2020 09:47:51 -0500
From:   ebiederm@...ssion.com (Eric W. Biederman)
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] proc changes for v5.8-rc1


Please pull the proc-linus branch from the git tree:

   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git proc-linus

   HEAD: 9d78edeaec759f997c303f286ecd39daee166f2a proc: proc_pid_ns takes super_block as an argument

This branch has 4 sets of changes:

      proc: modernize proc to support multiple private instances
      proc: Ensure we see the exit of each process tid exactly
      Removing has_group_leader_pid
      posix-cpu-timers: Use pids not tasks in lookup

Alexey updated proc so each mount of proc uses a new superblock.  This
allows people to actually use mount options with proc with no fear of
messing up another mount of proc.  Given the kernel's internal mounts of
proc for things like uml this was a real problem, and resulted in
Android's hidepid mount options being ignored and introducing security
issues.

The rest of the changes are small cleanups and fixes that came out of my
work to allow this change to proc.  In essence it is swapping the pids
in de_thread during exec which revoves a special case the code had to
handle.  Then updating the code to stop handling that special case.

Alexey Gladkov (9):
      proc: modernize proc to support multiple private instances
      proc: rename struct proc_fs_info to proc_fs_opts
      proc: allow to mount many instances of proc in one pid namespace
      proc: instantiate only pids that we can ptrace on 'hidepid=4' mount option
      proc: add option to mount only a pids subset
      docs: proc: add documentation for "hidepid=4" and "subset=pid" options and new mount behavior
      proc: use human-readable values for hidepid
      proc: use named enums for better readability
      Use proc_pid_ns() to get pid_namespace from the proc superblock
      proc: proc_pid_ns takes super_block as an argument

Eric W. Biederman (14):
      proc: Use PIDTYPE_TGID in next_tgid
      rculist: Add hlists_swap_heads_rcu
      proc: Ensure we see the exit of each process tid exactly once
      proc: Ensure we see the exit of each process tid exactly
      posix-cpu-timer: Tidy up group_leader logic in lookup_task
      posix-cpu-timer:  Unify the now redundant code in lookup_task
      exec: Remove BUG_ON(has_group_leader_pid)
      signal: Remove has_group_leader_pid
      posix-cpu-timers: Extend rcu_read_lock removing task_struct references
      posix-cpu-timers: Replace cpu_timer_pid_type with clock_pid_type
      posix-cpu-timers: Replace __get_task_for_clock with pid_for_clock
      Removing has_group_leader_pid
      posix-cpu-timers: Use pids not tasks in lookup

Oleg Nesterov (1):
      remove the no longer needed pid_alive() check in __task_pid_nr_ns()

 Documentation/filesystems/proc.rst                 |  92 ++++++++++++---
 fs/exec.c                                          |   6 +-
 fs/locks.c                                         |   4 +-
 fs/proc/array.c                                    |   2 +-
 fs/proc/base.c                                     |  74 ++++++------
 fs/proc/generic.c                                  |   9 ++
 fs/proc/inode.c                                    |  30 ++++-
 fs/proc/root.c                                     | 131 ++++++++++++++++-----
 fs/proc/self.c                                     |   8 +-
 fs/proc/thread_self.c                              |   8 +-
 fs/proc_namespace.c                                |  14 +--
 include/linux/pid.h                                |   1 +
 include/linux/pid_namespace.h                      |  12 --
 include/linux/proc_fs.h                            |  32 ++++-
 include/linux/rculist.h                            |  21 ++++
 include/linux/sched/signal.h                       |  11 --
 kernel/fork.c                                      |   2 +-
 kernel/pid.c                                       |  22 +++-
 kernel/time/posix-cpu-timers.c                     | 111 ++++++++---------
 net/ipv6/ip6_flowlabel.c                           |   2 +-
 security/tomoyo/realpath.c                         |   4 +-
 tools/testing/selftests/proc/.gitignore            |   2 +
 tools/testing/selftests/proc/Makefile              |   2 +
 .../testing/selftests/proc/proc-fsconfig-hidepid.c |  50 ++++++++
 .../testing/selftests/proc/proc-multiple-procfs.c  |  48 ++++++++
 25 files changed, 492 insertions(+), 206 deletions(-)

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ