lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87h7132xl2.fsf@email.froward.int.ebiederm.org>
Date:   Mon, 19 Sep 2022 10:27:53 -0500
From:   "Eric W. Biederman" <ebiederm@...ssion.com>
To:     Alexey Gladkov <legion@...nel.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Linux Containers <containers@...ts.linux.dev>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Christian Brauner <brauner@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Manfred Spraul <manfred@...orfullife.com>
Subject: Re: [PATCH v1 2/3] sysctl: Allow to change limits for posix
 messages queues

Alexey Gladkov <legion@...nel.org> writes:

> All parameters of posix messages queues (queues_max/msg_max/msgsize_max)
> end up being limited by RLIMIT_MSGQUEUE. The code in mqueue_get_inode is
> where that limiting happens.
>
> The RLIMIT_MSGQUEUE is bound to the user namespace and is counted
> hierarchically.
>
> We can allow root in the user namespace to modify the posix messages
> queues parameters.

This looks good from 10,000 feet.  But the same nits with setting
mode in mq_permissions as in ipc_set_permissions in your other patch.

Eric

> Signed-off-by: Alexey Gladkov <legion@...nel.org>
> ---
>  ipc/mq_sysctl.c | 36 ++++++++++++++++++++++++++++++++++++
>  1 file changed, 36 insertions(+)
>
> diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c
> index fbf6a8b93a26..39dcf086b7c2 100644
> --- a/ipc/mq_sysctl.c
> +++ b/ipc/mq_sysctl.c
> @@ -12,6 +12,7 @@
>  #include <linux/stat.h>
>  #include <linux/capability.h>
>  #include <linux/slab.h>
> +#include <linux/cred.h>
>  
>  static int msg_max_limit_min = MIN_MSGMAX;
>  static int msg_max_limit_max = HARD_MSGMAX;
> @@ -76,8 +77,43 @@ static int set_is_seen(struct ctl_table_set *set)
>  	return &current->nsproxy->ipc_ns->mq_set == set;
>  }
>  
> +static int mq_permissions(struct ctl_table_header *head, struct ctl_table *table)
> +{
> +	struct ipc_namespace *ns =
> +		container_of(head->set, struct ipc_namespace, mq_set);
> +
> +	if (ns->user_ns != &init_user_ns) {
> +		kuid_t ns_root_uid = make_kuid(ns->user_ns, 0);
> +		kgid_t ns_root_gid = make_kgid(ns->user_ns, 0);
> +
> +		if (uid_valid(ns_root_uid) && uid_eq(current_euid(), ns_root_uid))
> +			return  table->mode >> 6;
> +
> +		if (gid_valid(ns_root_gid) && in_egroup_p(ns_root_gid))
> +			return table->mode >> 3;
> +	}
> +
> +	return table->mode;
> +}
> +
> +static void mq_set_ownership(struct ctl_table_header *head,
> +			     struct ctl_table *table,
> +			     kuid_t *uid, kgid_t *gid)
> +{
> +	struct ipc_namespace *ns =
> +		container_of(head->set, struct ipc_namespace, mq_set);
> +
> +	kuid_t ns_root_uid = make_kuid(ns->user_ns, 0);
> +	kgid_t ns_root_gid = make_kgid(ns->user_ns, 0);
> +
> +	*uid = uid_valid(ns_root_uid) ? ns_root_uid : GLOBAL_ROOT_UID;
> +	*gid = gid_valid(ns_root_gid) ? ns_root_gid : GLOBAL_ROOT_GID;
> +}
> +
>  static struct ctl_table_root set_root = {
>  	.lookup = set_lookup,
> +	.permissions = mq_permissions,
> +	.set_ownership = mq_set_ownership,
>  };
>  
>  bool setup_mq_sysctls(struct ipc_namespace *ns)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ