From: ebiederm@xmission.com (Eric W. Biederman)
To: Andrei Vagin <avagin@virtuozzo.com>
Cc: "Michael Kerrisk \(man-pages\)" <mtk.manpages@gmail.com>,
"Serge E. Hallyn" <serge@hallyn.com>, <linux-api@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
Andrey Vagin <avagin@openvz.org>,
James Bottomley <James.Bottomley@hansenpartnership.com>,
"W. Trevor King" <wking@tremily.us>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Jonathan Corbet <corbet@lwn.net>
Subject: Re: [PATCH 2/2] nsfs: Add an ioctl() to return creator UID of a userns
Date: Thu, 22 Dec 2016 20:23:49 +1300 [thread overview]
Message-ID: <87zijoh1fe.fsf@xmission.com> (raw)
In-Reply-To: <20161221031315.GB20983@outlook.office365.com> (Andrei Vagin's message of "Tue, 20 Dec 2016 19:13:16 -0800")
Andrei Vagin <avagin@virtuozzo.com> writes:
> On Mon, Dec 19, 2016 at 03:38:35PM +0100, Michael Kerrisk (man-pages) wrote:
>> @@ -174,6 +175,11 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl,
>> return open_related_ns(ns, ns->ops->get_parent);
>> case NS_GET_NSTYPE:
>> return ns->ops->type;
>> + case NS_GET_CREATOR_UID:
>> + if (ns->ops->type != CLONE_NEWUSER)
>> + return -EINVAL;
>> + user_ns = container_of(ns, struct user_namespace, ns);
>> + return from_kuid_munged(current_user_ns(), user_ns->owner);
>
> uid_t is "unsigned int", ioctl() returns long, so it may be hard to
> distinguish user id-s from errors on x32.
Very good point.
> off-topic: What is about user_ns->group? I can't find where it is
> used...
Over design. I put it in because I thought it might be useful. It turns
out it never was used so we can clean things up and remove it. The
group has never been exposed to userspace so no one will care.
Eric
prev parent reply other threads:[~2016-12-22 7:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <fdce894d-8385-b4b4-da3c-6282a7e4ecba@gmail.com>
2016-12-19 14:38 ` [PATCH 1/2] nsfs: Add an ioctl() to return the namespace type Michael Kerrisk (man-pages)
2016-12-19 14:38 ` [PATCH 2/2] nsfs: Add an ioctl() to return creator UID of a userns Michael Kerrisk (man-pages)
2016-12-21 3:13 ` Andrei Vagin
2016-12-22 7:17 ` Michael Kerrisk (man-pages)
2016-12-22 7:23 ` Eric W. Biederman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zijoh1fe.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=avagin@openvz.org \
--cc=avagin@virtuozzo.com \
--cc=corbet@lwn.net \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=serge@hallyn.com \
--cc=viro@zeniv.linux.org.uk \
--cc=wking@tremily.us \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).