All of lore.kernel.org
 help / color / mirror / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: Oleg Nesterov <oleg@redhat.com>
Cc: "Toralf Förster" <toralf.foerster@gmx.de>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	"Andrey Vagin" <avagin@openvz.org>,
	"Al Viro" <viro@zeniv.linux.org.uk>,
	"Linux NFS mailing list" <linux-nfs@vger.kernel.org>,
	"Stanislav Kinsbursky" <skinsbursky@parallels.com>,
	"J. Bruce Fields" <bfields@fieldses.org>
Subject: Re: fuzz tested user mode linux core dumps in fs/lockd/clntproc.c:131 (nfs in a netns utsns problems?)
Date: Mon, 29 Jul 2013 11:17:01 -0700	[thread overview]
Message-ID: <871u6hz0wy.fsf@xmission.com> (raw)
In-Reply-To: <20130729180301.GA27148@redhat.com> (Oleg Nesterov's message of "Mon, 29 Jul 2013 20:03:01 +0200")

Oleg Nesterov <oleg@redhat.com> writes:

> On 07/29, Eric W. Biederman wrote:
>>
>> So I really don't think using utsname() aka current->nsproxy->uts_ns
>> makes sense in nlmclnt_setlockargs.
>>
>> We most definitely have an inconsistency in nfs.
>
> I tend to agree, but can't really comment.

If I could justify another couple of hours I could write the patch and
justify it.  I have cgroups exploding around my ears however.

>> > Yes. And perhaps the patch which moves exit_task_namespaces() after
>> > exit_task_work() makes sense anyway (the patch I showed).
>> >
>> > (but if you change nlmclnt_setlockargs() then it is not 3.11 material).
>> >
>> > The original motivation for 8aac62706 was the leak reported by Andrey,
>> > but that leak should be also fixed by e7b2c406. "Move exit_task_namespaces()
>> > from exit_notify() to do_exit()" is still fine imho, the reason for
>> > exit_task_namespaces() from the middle of exit_notify() has gone away.
>> >
>> > But perhaps it would be better if work->func() could use ->nsproxy even
>> > if the task is PF_EXITING.
>>
>> So far there is nothing in the nfs code that would suggest allowing
>> work->func() being able to use ->nsproxy would make this code any
>> better.  I think that would just paper over the problem we are seeing
>> right now.
>
> I think you misunderstood my point.
>
> I fully agree if you change nlmclnt_setlockargs(). I am suggesting to
> move exit_task_namespaces() down after exit_task_work() as a separate
> change which perhaps makes sense by itself. Not to fix this problem,
> not for nfs, not for fput().
>
> Just to allow work->func() to play with ->nsproxy if needed. task_work
> has other users, not only fput().

So to clarify I see little evidence either way on the question of should
work->funk be able to use ->nsproxy if the task is PF_EXITING.  What
little evidence I see suggests that we are actually better off not being
able to access ->nsproxy.

Eric




  reply	other threads:[~2013-07-29 18:17 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-07-27 10:03 fuzz tested user mode linux core dumps in fs/lockd/clntproc.c:131 Toralf Förster
2013-07-27 13:18 ` [uml-devel] Fwd: " Toralf Förster
2013-07-27 17:00 ` Oleg Nesterov
2013-07-27 17:27   ` Oleg Nesterov
2013-07-28 15:26   ` Toralf Förster
2013-07-28 17:58     ` Oleg Nesterov
2013-07-28 18:56       ` [uml-devel] Fwd: " Toralf Förster
2013-07-28 18:56         ` Toralf Förster
2013-07-29  6:29       ` Andrew Vagin
2013-07-29 13:10         ` Oleg Nesterov
2013-07-29 14:27           ` Andrew Vagin
2013-07-29 14:51             ` Oleg Nesterov
2013-07-29 15:43               ` Andrey Vagin
2013-07-29  0:10   ` Eric W. Biederman
2013-07-29  0:32     ` Eric W. Biederman
2013-07-29 14:17       ` Oleg Nesterov
2013-07-29 17:42         ` fuzz tested user mode linux core dumps in fs/lockd/clntproc.c:131 (nfs in a netns utsns problems?) Eric W. Biederman
2013-07-29 18:03           ` Oleg Nesterov
2013-07-29 18:17             ` Eric W. Biederman [this message]
2013-07-30 21:12           ` J. Bruce Fields
2013-07-30 21:20             ` Myklebust, Trond
2013-09-22 17:03   ` fuzz tested user mode linux core dumps in fs/lockd/clntproc.c:131 Toralf Förster
2013-09-22 17:52     ` Oleg Nesterov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=871u6hz0wy.fsf@xmission.com \
    --to=ebiederm@xmission.com \
    --cc=avagin@openvz.org \
    --cc=bfields@fieldses.org \
    --cc=linux-nfs@vger.kernel.org \
    --cc=oleg@redhat.com \
    --cc=serge@hallyn.com \
    --cc=skinsbursky@parallels.com \
    --cc=toralf.foerster@gmx.de \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.