| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Sep 2022 10:27:53 -0500
From: "Eric W. Biederman" <ebiederm@...ssion.com>
To: Alexey Gladkov <legion@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linux Containers <containers@...ts.linux.dev>,
Andrew Morton <akpm@...ux-foundation.org>,
Christian Brauner <brauner@...nel.org>,
Kees Cook <keescook@...omium.org>,
Manfred Spraul <manfred@...orfullife.com>
Subject: Re: [PATCH v1 2/3] sysctl: Allow to change limits for posix
messages queues
Alexey Gladkov <legion@...nel.org> writes:
> All parameters of posix messages queues (queues_max/msg_max/msgsize_max)
> end up being limited by RLIMIT_MSGQUEUE. The code in mqueue_get_inode is
> where that limiting happens.
>
> The RLIMIT_MSGQUEUE is bound to the user namespace and is counted
> hierarchically.
>
> We can allow root in the user namespace to modify the posix messages
> queues parameters.
This looks good from 10,000 feet. But the same nits with setting
mode in mq_permissions as in ipc_set_permissions in your other patch.
Eric
> Signed-off-by: Alexey Gladkov <legion@...nel.org>
> ---
> ipc/mq_sysctl.c | 36 ++++++++++++++++++++++++++++++++++++
> 1 file changed, 36 insertions(+)
>
> diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c
> index fbf6a8b93a26..39dcf086b7c2 100644
> --- a/ipc/mq_sysctl.c
> +++ b/ipc/mq_sysctl.c
> @@ -12,6 +12,7 @@
> #include <linux/stat.h>
> #include <linux/capability.h>
> #include <linux/slab.h>
> +#include <linux/cred.h>
>
> static int msg_max_limit_min = MIN_MSGMAX;
> static int msg_max_limit_max = HARD_MSGMAX;
> @@ -76,8 +77,43 @@ static int set_is_seen(struct ctl_table_set *set)
> return ¤t->nsproxy->ipc_ns->mq_set == set;
> }
>
> +static int mq_permissions(struct ctl_table_header *head, struct ctl_table *table)
> +{
> + struct ipc_namespace *ns =
> + container_of(head->set, struct ipc_namespace, mq_set);
> +
> + if (ns->user_ns != &init_user_ns) {
> + kuid_t ns_root_uid = make_kuid(ns->user_ns, 0);
> + kgid_t ns_root_gid = make_kgid(ns->user_ns, 0);
> +
> + if (uid_valid(ns_root_uid) && uid_eq(current_euid(), ns_root_uid))
> + return table->mode >> 6;
> +
> + if (gid_valid(ns_root_gid) && in_egroup_p(ns_root_gid))
> + return table->mode >> 3;
> + }
> +
> + return table->mode;
> +}
> +
> +static void mq_set_ownership(struct ctl_table_header *head,
> + struct ctl_table *table,
> + kuid_t *uid, kgid_t *gid)
> +{
> + struct ipc_namespace *ns =
> + container_of(head->set, struct ipc_namespace, mq_set);
> +
> + kuid_t ns_root_uid = make_kuid(ns->user_ns, 0);
> + kgid_t ns_root_gid = make_kgid(ns->user_ns, 0);
> +
> + *uid = uid_valid(ns_root_uid) ? ns_root_uid : GLOBAL_ROOT_UID;
> + *gid = gid_valid(ns_root_gid) ? ns_root_gid : GLOBAL_ROOT_GID;
> +}
> +
> static struct ctl_table_root set_root = {
> .lookup = set_lookup,
> + .permissions = mq_permissions,
> + .set_ownership = mq_set_ownership,
> };
>
> bool setup_mq_sysctls(struct ipc_namespace *ns)
Powered by blists - more mailing lists