| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Dec 2020 12:57:44 +0100
From: Christian Brauner <christian.brauner@...ntu.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] time namespace fixes for v5.11
Hi Linus,
Here are some time namespace fixes for v5.11.
/* Summary */
When time namespaces were introduced we missed to virtualize the "btime" field
in /proc/stat. This confuses tasks which are in another time namespace with a
virtualized boottime which is common in some container workloads. This pr
contains Michael's series to fix "btime" which Thomas asked me to take through
my tree.
To fix "btime" virtualization we simply subtract the offset of the time
namespace's boottime from btime before printing the stats. Note that since
start_boottime of processes are seconds since boottime and the boottime stamp
is now shifted according to the time namespace's offset, the offset of the time
namespace also needs to be applied before the process stats are given to
userspace. This avoids that processes shown by tools such as "ps" appear as
time travelers in the corresponding time namespace. Selftests are included to
verify that btime virtualization in /proc/stat works as expected.
The following changes since commit 3cea11cd5e3b00d91caf0b4730194039b45c5891:
Linux 5.10-rc2 (2020-11-01 14:43:51 -0800)
are available in the Git repository at:
git@...olite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/time-namespace-v5.11
for you to fetch changes up to 5c62634fc65101d350cbd47722fb76f02693059d:
namespace: make timens_on_fork() return nothing (2020-11-18 11:06:47 +0100)
/* Testing */
All patches are based on v5.10-rc2. All old and new tests are passing.
Please note that I missed to merge these fixes into my for-next branch and so
linux-next has not contained the commits in this pr.
I'm still sending this pr because these are fairly trivial bugfixes and have
seen vetting from multiple people. I have also now merged this tag into my
for-next branch so these commits will show up in linux-next soon. If you feel
more comfortable with this sitting in linux-next for a while please just ignore
this pr and I'll resend after rc1 has been released.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge 2c85ebc57b3e ("Linux 5.10").
Please consider pulling these changes from the signed time-namespace-v5.11 tag.
Thanks!
Christian
----------------------------------------------------------------
time-namespace-v5.11
----------------------------------------------------------------
Hui Su (1):
namespace: make timens_on_fork() return nothing
Michael Weiß (3):
timens: additional helper functions for boottime offset handling
fs/proc: apply the time namespace offset to /proc/stat btime
selftests/timens: added selftest for /proc/stat btime
fs/proc/array.c | 6 ++--
fs/proc/stat.c | 3 ++
include/linux/time_namespace.h | 28 ++++++++++++++--
kernel/nsproxy.c | 7 +---
kernel/time/namespace.c | 6 ++--
tools/testing/selftests/timens/procfs.c | 58 ++++++++++++++++++++++++++++++++-
6 files changed, 92 insertions(+), 16 deletions(-)
Powered by blists - more mailing lists