From: Andrei Vagin <avagin@virtuozzo.com> To: David Howells <dhowells@redhat.com> Cc: viro@zeniv.linux.org.uk, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-afs@lists.infradead.org Subject: Re: [12/24] proc: Add fs_context support to procfs [ver #7] Date: Tue, 26 Jun 2018 00:27:38 -0700 [thread overview] Message-ID: <20180626072736.GA31860@outlook.office365.com> (raw) In-Reply-To: <20180626061320.GA12548@outlook.office365.com> [-- Attachment #1: Type: text/plain, Size: 3966 bytes --] On Mon, Jun 25, 2018 at 11:13:20PM -0700, Andrei Vagin wrote: > On Mon, Jun 18, 2018 at 08:34:50PM -0700, Andrei Vagin wrote: > > Hi David, > > > > We run CRIU tests for vfs/for-next, and today a few of these test failed. I > > found that the problem appears after this patch.. > > > > > int pid_ns_prepare_proc(struct pid_namespace *ns) > > > { > > > + struct proc_fs_context *ctx; > > > + struct fs_context *fc; > > > struct vfsmount *mnt; > > > + int ret; > > > + > > > + fc = vfs_new_fs_context(&proc_fs_type, NULL, 0, > > > + FS_CONTEXT_FOR_KERNEL_MOUNT); > > > + if (IS_ERR(fc)) > > > + return PTR_ERR(fc); > > > + > > > + ctx = container_of(fc, struct proc_fs_context, fc); > > > + if (ctx->pid_ns != ns) { > > > + put_pid_ns(ctx->pid_ns); > > > + get_pid_ns(ns); > > > + ctx->pid_ns = ns; > > > + } > > > + > > > + ret = vfs_get_tree(fc); > > > + if (ret < 0) { > > > + put_fs_context(fc); > > > + return ret; > > > + } > > > > > > - mnt = kern_mount_data(&proc_fs_type, ns, 0); > > Here ns->user_ns and get_current_cred()->user_ns are not always equal What do you think about the attached patch? > > > > + mnt = vfs_create_mount(fc); > > > + put_fs_context(fc); > > > if (IS_ERR(mnt)) > > > return PTR_ERR(mnt); > > > > > > #define _GNU_SOURCE > > #include <sys/types.h> > > #include <sched.h> > > #include <unistd.h> > > #include <stdio.h> > > #include <sys/mount.h> > > #include <sys/wait.h> > > #include <sys/stat.h> > > #include <fcntl.h> > > #include <stdlib.h> > > #include <grp.h> > > #include <linux/limits.h> > > > > > > #define NS_STACK_SIZE 4096 > > > > #define __stack_aligned__ __attribute__((aligned(16))) > > > > /* All arguments should be above stack, because it grows down */ > > struct ns_exec_args { > > char stack[NS_STACK_SIZE] __stack_aligned__; > > char stack_ptr[0]; > > int pfd[2]; > > }; > > > > static int ns_exec(void *_arg) > > { > > struct ns_exec_args *args = (struct ns_exec_args *) _arg; > > int ret; > > > > close(args->pfd[1]); > > if (read(args->pfd[0], &ret, sizeof(ret)) != sizeof(ret)) > > return -1; > > > > setsid(); > > > > if (setuid(0) || setgid(0) || setgroups(0, NULL)) { > > fprintf(stderr, "set*id failed: %m\n"); > > return -1; > > } > > > > if (mount("proc", "/mnt", "proc", MS_MGC_VAL | MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL)) { > > fprintf(stderr, "mount(/proc) failed: %m\n"); > > return -1; > > } > > > > return 0; > > } > > > > #define UID_MAP "0 100000 100000\n100000 200000 50000" > > #define GID_MAP "0 400000 50000\n50000 500000 100000" > > int main() > > { > > pid_t pid; > > int ret, status; > > struct ns_exec_args args; > > int flags; > > char pname[PATH_MAX]; > > int fd, pfd[2]; > > > > if (pipe(pfd)) > > return 1; > > > > args.pfd[0] = pfd[0]; > > args.pfd[1] = pfd[1]; > > > > flags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUTS | > > CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWUSER | SIGCHLD; > > > > pid = clone(ns_exec, args.stack_ptr, flags, &args); > > if (pid < 0) { > > fprintf(stderr, "clone() failed: %m\n"); > > exit(1); > > } > > > > > > snprintf(pname, sizeof(pname), "/proc/%d/uid_map", pid); > > fd = open(pname, O_WRONLY); > > if (fd < 0) { > > fprintf(stderr, "open(%s): %m\n", pname); > > exit(1); > > } > > if (write(fd, UID_MAP, sizeof(UID_MAP)) < 0) { > > fprintf(stderr, "write(" UID_MAP "): %m\n"); > > exit(1); > > } > > close(fd); > > > > snprintf(pname, sizeof(pname), "/proc/%d/gid_map", pid); > > fd = open(pname, O_WRONLY); > > if (fd < 0) { > > fprintf(stderr, "open(%s): %m\n", pname); > > exit(1); > > } > > if (write(fd, GID_MAP, sizeof(GID_MAP)) < 0) { > > fprintf(stderr, "write(" GID_MAP "): %m\n"); > > exit(1); > > } > > close(fd); > > > > if (write(pfd[1], &ret, sizeof(ret)) != sizeof(ret)) > > return 1; > > > > if (waitpid(pid, &status, 0) != pid) > > return 1; > > if (status) > > return 1; > > > > return 0; > > } > [-- Attachment #2: p --] [-- Type: text/plain, Size: 2765 bytes --] diff --git a/fs/fs_context.c b/fs/fs_context.c index 97e8c1dc4e3b..ad2db7504031 100644 --- a/fs/fs_context.c +++ b/fs/fs_context.c @@ -235,10 +235,11 @@ EXPORT_SYMBOL(generic_parse_monolithic); * another superblock (referred to by @reference) is supplied, may have * parameters such as namespaces copied across from that superblock. */ -struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, +struct fs_context *vfs_new_fs_context_userns(struct file_system_type *fs_type, struct dentry *reference, unsigned int sb_flags, - enum fs_context_purpose purpose) + enum fs_context_purpose purpose, + struct user_namespace *user_ns) { struct fs_context *fc; int ret; @@ -259,7 +260,7 @@ struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, fc->sb_flags |= SB_KERNMOUNT; /* Fallthrough */ case FS_CONTEXT_FOR_USER_MOUNT: - fc->user_ns = get_user_ns(fc->cred->user_ns); + fc->user_ns = get_user_ns(user_ns ? : fc->cred->user_ns); fc->net_ns = get_net(current->nsproxy->net_ns); break; case FS_CONTEXT_FOR_SUBMOUNT: diff --git a/fs/proc/root.c b/fs/proc/root.c index efbdc08a3c86..c832d67067d9 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -298,8 +298,8 @@ int pid_ns_prepare_proc(struct pid_namespace *ns) struct vfsmount *mnt; int ret; - fc = vfs_new_fs_context(&proc_fs_type, NULL, 0, - FS_CONTEXT_FOR_KERNEL_MOUNT); + fc = vfs_new_fs_context_userns(&proc_fs_type, NULL, 0, + FS_CONTEXT_FOR_KERNEL_MOUNT, ns->user_ns); if (IS_ERR(fc)) return PTR_ERR(fc); diff --git a/include/linux/fs_context.h b/include/linux/fs_context.h index 04ea338ff490..283212cda1ff 100644 --- a/include/linux/fs_context.h +++ b/include/linux/fs_context.h @@ -92,10 +92,19 @@ struct fs_context_operations { /* * fs_context manipulation functions. */ -extern struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, +extern struct fs_context *vfs_new_fs_context_userns(struct file_system_type *fs_type, struct dentry *reference, unsigned int ms_flags, - enum fs_context_purpose purpose); + enum fs_context_purpose purpose, + struct user_namespace *user_ns); +static inline struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, + struct dentry *reference, + unsigned int ms_flags, + enum fs_context_purpose purpose) +{ + return vfs_new_fs_context_userns(fs_type, reference, ms_flags, purpose, NULL); +} + extern struct fs_context *vfs_sb_reconfig(struct path *path, unsigned int ms_flags); extern struct fs_context *vfs_dup_fs_context(struct fs_context *src); extern int vfs_set_fs_source(struct fs_context *fc, const char *source, size_t len);
WARNING: multiple messages have this Message-ID (diff)
From: avagin@virtuozzo.com (Andrei Vagin) To: linux-security-module@vger.kernel.org Subject: [12/24] proc: Add fs_context support to procfs [ver #7] Date: Tue, 26 Jun 2018 00:27:38 -0700 [thread overview] Message-ID: <20180626072736.GA31860@outlook.office365.com> (raw) In-Reply-To: <20180626061320.GA12548@outlook.office365.com> On Mon, Jun 25, 2018 at 11:13:20PM -0700, Andrei Vagin wrote: > On Mon, Jun 18, 2018 at 08:34:50PM -0700, Andrei Vagin wrote: > > Hi David, > > > > We run CRIU tests for vfs/for-next, and today a few of these test failed. I > > found that the problem appears after this patch.. > > > > > int pid_ns_prepare_proc(struct pid_namespace *ns) > > > { > > > + struct proc_fs_context *ctx; > > > + struct fs_context *fc; > > > struct vfsmount *mnt; > > > + int ret; > > > + > > > + fc = vfs_new_fs_context(&proc_fs_type, NULL, 0, > > > + FS_CONTEXT_FOR_KERNEL_MOUNT); > > > + if (IS_ERR(fc)) > > > + return PTR_ERR(fc); > > > + > > > + ctx = container_of(fc, struct proc_fs_context, fc); > > > + if (ctx->pid_ns != ns) { > > > + put_pid_ns(ctx->pid_ns); > > > + get_pid_ns(ns); > > > + ctx->pid_ns = ns; > > > + } > > > + > > > + ret = vfs_get_tree(fc); > > > + if (ret < 0) { > > > + put_fs_context(fc); > > > + return ret; > > > + } > > > > > > - mnt = kern_mount_data(&proc_fs_type, ns, 0); > > Here ns->user_ns and get_current_cred()->user_ns are not always equal What do you think about the attached patch? > > > > + mnt = vfs_create_mount(fc); > > > + put_fs_context(fc); > > > if (IS_ERR(mnt)) > > > return PTR_ERR(mnt); > > > > > > #define _GNU_SOURCE > > #include <sys/types.h> > > #include <sched.h> > > #include <unistd.h> > > #include <stdio.h> > > #include <sys/mount.h> > > #include <sys/wait.h> > > #include <sys/stat.h> > > #include <fcntl.h> > > #include <stdlib.h> > > #include <grp.h> > > #include <linux/limits.h> > > > > > > #define NS_STACK_SIZE 4096 > > > > #define __stack_aligned__ __attribute__((aligned(16))) > > > > /* All arguments should be above stack, because it grows down */ > > struct ns_exec_args { > > char stack[NS_STACK_SIZE] __stack_aligned__; > > char stack_ptr[0]; > > int pfd[2]; > > }; > > > > static int ns_exec(void *_arg) > > { > > struct ns_exec_args *args = (struct ns_exec_args *) _arg; > > int ret; > > > > close(args->pfd[1]); > > if (read(args->pfd[0], &ret, sizeof(ret)) != sizeof(ret)) > > return -1; > > > > setsid(); > > > > if (setuid(0) || setgid(0) || setgroups(0, NULL)) { > > fprintf(stderr, "set*id failed: %m\n"); > > return -1; > > } > > > > if (mount("proc", "/mnt", "proc", MS_MGC_VAL | MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL)) { > > fprintf(stderr, "mount(/proc) failed: %m\n"); > > return -1; > > } > > > > return 0; > > } > > > > #define UID_MAP "0 100000 100000\n100000 200000 50000" > > #define GID_MAP "0 400000 50000\n50000 500000 100000" > > int main() > > { > > pid_t pid; > > int ret, status; > > struct ns_exec_args args; > > int flags; > > char pname[PATH_MAX]; > > int fd, pfd[2]; > > > > if (pipe(pfd)) > > return 1; > > > > args.pfd[0] = pfd[0]; > > args.pfd[1] = pfd[1]; > > > > flags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUTS | > > CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWUSER | SIGCHLD; > > > > pid = clone(ns_exec, args.stack_ptr, flags, &args); > > if (pid < 0) { > > fprintf(stderr, "clone() failed: %m\n"); > > exit(1); > > } > > > > > > snprintf(pname, sizeof(pname), "/proc/%d/uid_map", pid); > > fd = open(pname, O_WRONLY); > > if (fd < 0) { > > fprintf(stderr, "open(%s): %m\n", pname); > > exit(1); > > } > > if (write(fd, UID_MAP, sizeof(UID_MAP)) < 0) { > > fprintf(stderr, "write(" UID_MAP "): %m\n"); > > exit(1); > > } > > close(fd); > > > > snprintf(pname, sizeof(pname), "/proc/%d/gid_map", pid); > > fd = open(pname, O_WRONLY); > > if (fd < 0) { > > fprintf(stderr, "open(%s): %m\n", pname); > > exit(1); > > } > > if (write(fd, GID_MAP, sizeof(GID_MAP)) < 0) { > > fprintf(stderr, "write(" GID_MAP "): %m\n"); > > exit(1); > > } > > close(fd); > > > > if (write(pfd[1], &ret, sizeof(ret)) != sizeof(ret)) > > return 1; > > > > if (waitpid(pid, &status, 0) != pid) > > return 1; > > if (status) > > return 1; > > > > return 0; > > } > -------------- next part -------------- diff --git a/fs/fs_context.c b/fs/fs_context.c index 97e8c1dc4e3b..ad2db7504031 100644 --- a/fs/fs_context.c +++ b/fs/fs_context.c @@ -235,10 +235,11 @@ EXPORT_SYMBOL(generic_parse_monolithic); * another superblock (referred to by @reference) is supplied, may have * parameters such as namespaces copied across from that superblock. */ -struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, +struct fs_context *vfs_new_fs_context_userns(struct file_system_type *fs_type, struct dentry *reference, unsigned int sb_flags, - enum fs_context_purpose purpose) + enum fs_context_purpose purpose, + struct user_namespace *user_ns) { struct fs_context *fc; int ret; @@ -259,7 +260,7 @@ struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, fc->sb_flags |= SB_KERNMOUNT; /* Fallthrough */ case FS_CONTEXT_FOR_USER_MOUNT: - fc->user_ns = get_user_ns(fc->cred->user_ns); + fc->user_ns = get_user_ns(user_ns ? : fc->cred->user_ns); fc->net_ns = get_net(current->nsproxy->net_ns); break; case FS_CONTEXT_FOR_SUBMOUNT: diff --git a/fs/proc/root.c b/fs/proc/root.c index efbdc08a3c86..c832d67067d9 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -298,8 +298,8 @@ int pid_ns_prepare_proc(struct pid_namespace *ns) struct vfsmount *mnt; int ret; - fc = vfs_new_fs_context(&proc_fs_type, NULL, 0, - FS_CONTEXT_FOR_KERNEL_MOUNT); + fc = vfs_new_fs_context_userns(&proc_fs_type, NULL, 0, + FS_CONTEXT_FOR_KERNEL_MOUNT, ns->user_ns); if (IS_ERR(fc)) return PTR_ERR(fc); diff --git a/include/linux/fs_context.h b/include/linux/fs_context.h index 04ea338ff490..283212cda1ff 100644 --- a/include/linux/fs_context.h +++ b/include/linux/fs_context.h @@ -92,10 +92,19 @@ struct fs_context_operations { /* * fs_context manipulation functions. */ -extern struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, +extern struct fs_context *vfs_new_fs_context_userns(struct file_system_type *fs_type, struct dentry *reference, unsigned int ms_flags, - enum fs_context_purpose purpose); + enum fs_context_purpose purpose, + struct user_namespace *user_ns); +static inline struct fs_context *vfs_new_fs_context(struct file_system_type *fs_type, + struct dentry *reference, + unsigned int ms_flags, + enum fs_context_purpose purpose) +{ + return vfs_new_fs_context_userns(fs_type, reference, ms_flags, purpose, NULL); +} + extern struct fs_context *vfs_sb_reconfig(struct path *path, unsigned int ms_flags); extern struct fs_context *vfs_dup_fs_context(struct fs_context *src); extern int vfs_set_fs_source(struct fs_context *fc, const char *source, size_t len);
next prev parent reply other threads:[~2018-06-26 7:28 UTC|newest] Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-04-19 13:31 [PATCH 00/24] VFS: Introduce filesystem context [ver #7] David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 13:31 ` [PATCH 01/24] vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion " David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 13:31 ` [PATCH 02/24] VFS: Suppress MS_* flag defs within the kernel unless explicitly enabled " David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 13:31 ` [PATCH 03/24] VFS: Introduce the structs and doc for a filesystem context " David Howells 2018-04-19 13:31 ` David Howells 2018-04-23 3:36 ` Randy Dunlap 2018-04-23 3:36 ` Randy Dunlap 2018-05-01 14:29 ` David Howells 2018-05-01 14:29 ` David Howells 2018-05-01 15:31 ` Randy Dunlap 2018-05-01 15:31 ` Randy Dunlap 2018-04-19 13:31 ` [PATCH 04/24] VFS: Add LSM hooks for " David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 20:32 ` Paul Moore 2018-04-19 20:32 ` Paul Moore 2018-04-20 15:35 ` David Howells 2018-04-20 15:35 ` David Howells 2018-04-23 13:25 ` Stephen Smalley 2018-04-23 13:25 ` Stephen Smalley 2018-04-24 15:22 ` David Howells 2018-04-24 15:22 ` David Howells 2018-04-25 14:07 ` Stephen Smalley 2018-04-25 14:07 ` Stephen Smalley 2018-04-19 13:31 ` [PATCH 05/24] apparmor: Implement security hooks for the new mount API " David Howells 2018-04-19 13:31 ` David Howells 2018-05-04 0:10 ` John Johansen 2018-05-04 0:10 ` John Johansen 2018-05-11 12:20 ` David Howells 2018-05-11 12:20 ` David Howells 2018-05-11 12:20 ` David Howells 2018-04-19 13:31 ` [PATCH 06/24] tomoyo: " David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 13:31 ` [PATCH 07/24] smack: Implement filesystem context security hooks " David Howells 2018-04-19 13:31 ` David Howells 2018-04-19 13:31 ` [PATCH 08/24] VFS: Require specification of size of mount data for internal mounts " David Howells 2018-04-19 13:32 ` [PATCH 09/24] VFS: Implement a filesystem superblock creation/configuration context " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:32 ` [PATCH 10/24] VFS: Remove unused code after filesystem context changes " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:32 ` [PATCH 11/24] procfs: Move proc_fill_super() to fs/proc/root.c " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:32 ` [PATCH 12/24] proc: Add fs_context support to procfs " David Howells 2018-04-19 13:32 ` David Howells 2018-06-19 3:34 ` [12/24] " Andrei Vagin 2018-06-19 3:34 ` Andrei Vagin 2018-06-26 6:13 ` Andrei Vagin 2018-06-26 6:13 ` Andrei Vagin 2018-06-26 7:27 ` Andrei Vagin [this message] 2018-06-26 7:27 ` Andrei Vagin 2018-06-26 8:57 ` David Howells 2018-06-26 8:57 ` David Howells 2018-06-28 5:50 ` Andrei Vagin 2018-06-28 5:50 ` Andrei Vagin 2018-06-28 5:50 ` Andrei Vagin 2018-06-28 5:50 ` Andrei Vagin 2018-04-19 13:32 ` [PATCH 13/24] ipc: Convert mqueue fs to fs_context " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:32 ` [PATCH 14/24] cpuset: Use " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:32 ` [PATCH 15/24] kernfs, sysfs, cgroup, intel_rdt: Support " David Howells 2018-04-19 13:32 ` David Howells 2018-04-19 13:33 ` [PATCH 16/24] hugetlbfs: Convert to " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 17/24] VFS: Remove kern_mount_data() " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 18/24] VFS: Implement fsopen() to prepare for a mount " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 19/24] VFS: Implement fsmount() to effect a pre-configured " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 20/24] afs: Fix server record deletion " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 21/24] net: Export get_proc_net() " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 22/24] afs: Add fs_context support " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 23/24] afs: Implement namespacing " David Howells 2018-04-19 13:33 ` David Howells 2018-04-19 13:33 ` [PATCH 24/24] afs: Use fs_context to pass parameters over automount " David Howells 2018-04-19 13:33 ` David Howells
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20180626072736.GA31860@outlook.office365.com \ --to=avagin@virtuozzo.com \ --cc=dhowells@redhat.com \ --cc=linux-afs@lists.infradead.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-nfs@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=viro@zeniv.linux.org.uk \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.