lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <YdjAAK4AtsUDv5vw@slm.duckdns.org>
Date:   Fri, 7 Jan 2022 12:34:40 -1000
From:   Tejun Heo <tj@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, cgroups@...r.kernel.org
Subject: [GIT PULL] cgroup fixes for v5.16-rc8

Hello, Linus.

Sorry about the late pull request. I ended up staying offline longer than
planned. This pull request contains the cgroup.procs permission check fixes
so that they use the credentials at the time of open rather than write,
which also fixes the cgroup namespace lifetime bug.

While the changes seem safe to me and they tested fine, this is on the
invasive side for a pull request this late, so please feel free to ignore.
I'll include them when the merge window opens.

Thanks and happy new year.

The following changes since commit 75acfdb6fd922598a408a0d864486aeb167c1a97:

  Merge tag 'net-5.16-final' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net (2022-01-05 14:08:56 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git for-5.16-fixes

for you to fetch changes up to bf35a7879f1dfb0d050fe779168bcf25c7de66f5:

  selftests: cgroup: Test open-time cgroup namespace usage for migration checks (2022-01-06 11:02:29 -1000)

----------------------------------------------------------------
Tejun Heo (6):
      cgroup: Use open-time credentials for process migraton perm checks
      cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
      cgroup: Use open-time cgroup namespace for process migration perm checks
      selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644
      selftests: cgroup: Test open-time credential usage for migration checks
      selftests: cgroup: Test open-time cgroup namespace usage for migration checks

 kernel/cgroup/cgroup-internal.h              |  19 +++
 kernel/cgroup/cgroup-v1.c                    |  33 +++---
 kernel/cgroup/cgroup.c                       |  88 +++++++++-----
 tools/testing/selftests/cgroup/cgroup_util.c |   2 +-
 tools/testing/selftests/cgroup/test_core.c   | 165 +++++++++++++++++++++++++++
 5 files changed, 263 insertions(+), 44 deletions(-)

-- 
tejun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ