From: ebiederm@xmission.com (Eric W. Biederman)
To: Christian Brauner <christian.brauner@ubuntu.com>
Cc: linux-kernel@vger.kernel.org, serge@hallyn.com, tycho@tycho.ws,
Linux Containers <containers@lists.linux-foundation.org>
Subject: [PATCH 0/5] userns: bump idmap limits, fixes & tweaks
Date: Tue, 31 Oct 2017 18:46:32 -0500 [thread overview]
Message-ID: <871sliubhj.fsf_-_@xmission.com> (raw)
In-Reply-To: <20171024220441.10235-2-christian.brauner@ubuntu.com> (Christian Brauner's message of "Wed, 25 Oct 2017 00:04:41 +0200")
Christian I have looked through your code and I have found one real
issue and of things I want to twak
The real issue is reading nr_extents multiple times when reading a map.
That can introduce races that will allow walking past the end of the
array, if the first read is 0 but the second read is > 5.
I have also found a couple of tweaks that look like they are worth
implementing.
As all of these are very small and very straight forward I have
tested these and applied them all to my for-next branch
Eric W. Biederman (5):
userns: Don't special case a count of 0
userns: Simplify the user and group mapping functions
userns: Don't read extents twice in m_start
userns: Make map_id_down a wrapper for map_id_range_down
userns: Simplify insert_extent
kernel/user_namespace.c | 159 ++++++++++++++++--------------------------------
1 file changed, 51 insertions(+), 108 deletions(-)
next prev parent reply other threads:[~2017-10-31 23:46 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-24 22:04 [PATCH 1/2 v6] user namespace: use union in {g,u}idmap struct Christian Brauner
2017-10-24 22:04 ` [PATCH 2/2 v6] user namespaces: bump idmap limits to 340 Christian Brauner
[not found] ` <20171024220441.10235-2-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
2017-10-31 23:46 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Eric W. Biederman
2017-10-31 23:46 ` Eric W. Biederman [this message]
2017-10-31 23:47 ` [PATCH 1/5] userns: Don't special case a count of 0 Eric W. Biederman
2017-10-31 23:47 ` [PATCH 2/5] userns: Simplify the user and group mapping functions Eric W. Biederman
2017-10-31 23:48 ` [PATCH 3/5] userns: Don't read extents twice in m_start Eric W. Biederman
2017-11-01 8:31 ` Nikolay Borisov
2017-11-01 11:08 ` Eric W. Biederman
[not found] ` <87a806ntn0.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 13:05 ` Nikolay Borisov
2017-11-01 13:05 ` Peter Zijlstra
2017-11-01 17:00 ` Joe Perches
2017-11-01 13:05 ` Nikolay Borisov
2017-11-01 13:05 ` Peter Zijlstra
2017-11-01 16:31 ` Christian Brauner
[not found] ` <20171101130539.j5bxmhs2trqurrr2-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
2017-11-01 14:01 ` Christian Brauner
2017-11-01 14:01 ` Christian Brauner
[not found] ` <20171101140144.zwe7cq7iv2xudwp4-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-11-01 14:16 ` Peter Zijlstra
2017-11-01 14:16 ` Peter Zijlstra
[not found] ` <20171101141654.fr4rs2m5cygouktb-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
2017-11-01 16:29 ` Christian Brauner
2017-11-01 16:29 ` Christian Brauner
2017-11-01 16:31 ` Christian Brauner
2017-11-01 17:00 ` Joe Perches
[not found] ` <1509555601.31043.44.camel-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org>
2017-11-01 17:20 ` Eric W. Biederman
2017-11-01 17:20 ` Eric W. Biederman
[not found] ` <87h8udj4p7.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 18:15 ` Peter Zijlstra
2017-11-01 18:15 ` Peter Zijlstra
[not found] ` <143adb61-fb8e-fc1b-396b-b18836e68766-IBi9RG/b67k@public.gmane.org>
2017-11-01 11:08 ` Eric W. Biederman
[not found] ` <87k1zaswu6.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 8:31 ` Nikolay Borisov
2017-10-31 23:48 ` [PATCH 4/5] userns: Make map_id_down a wrapper for map_id_range_down Eric W. Biederman
[not found] ` <871sliubhj.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-10-31 23:47 ` [PATCH 1/5] userns: Don't special case a count of 0 Eric W. Biederman
2017-10-31 23:47 ` [PATCH 2/5] userns: Simplify the user and group mapping functions Eric W. Biederman
2017-10-31 23:48 ` [PATCH 3/5] userns: Don't read extents twice in m_start Eric W. Biederman
2017-10-31 23:48 ` [PATCH 4/5] userns: Make map_id_down a wrapper for map_id_range_down Eric W. Biederman
2017-10-31 23:49 ` [PATCH 5/5] userns: Simplify insert_extent Eric W. Biederman
2017-11-01 10:51 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Christian Brauner
2017-10-31 23:49 ` [PATCH 5/5] userns: Simplify insert_extent Eric W. Biederman
2017-11-01 10:51 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Christian Brauner
2017-11-01 11:15 ` Eric W. Biederman
[not found] ` <87tvyemeqe.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 13:31 ` Christian Brauner
2017-11-01 13:31 ` Christian Brauner
[not found] ` <CAPP7u0WDVv0pAAFEuzL2c9Y-wVg0xG36jyH-eok=GV-r6UewZg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-11-01 11:15 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871sliubhj.fsf_-_@xmission.com \
--to=ebiederm@xmission.com \
--cc=christian.brauner@ubuntu.com \
--cc=containers@lists.linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=tycho@tycho.ws \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.