From: "Thomas Weißschuh" <linux@weissschuh.net>
To: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
Paolo Abeni <pabeni@redhat.com>,
Dmitry Torokhov <dmitry.torokhov@gmail.com>,
"Eric W. Biederman" <ebiederm@xmission.com>
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
"Luis Chamberlain" <mcgrof@kernel.org>,
"Joel Granados" <j.granados@samsung.com>,
"Thomas Weißschuh" <linux@weissschuh.net>
Subject: [PATCH] net: always initialize sysctl ownership
Date: Fri, 15 Mar 2024 17:20:31 +0100 [thread overview]
Message-ID: <20240315-sysctl-net-ownership-v1-1-2b465555a292@weissschuh.net> (raw)
The sysctl core does not initialize these fields when the set_ownership
callback is present.
So always do it in the callback.
Fixes: e79c6a4fc923 ("net: make net namespace sysctls belong to container's owner")
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
---
net/sysctl_net.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index 051ed5f6fc93..03e320ddacc9 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -62,12 +62,10 @@ static void net_ctl_set_ownership(struct ctl_table_header *head,
kgid_t ns_root_gid;
ns_root_uid = make_kuid(net->user_ns, 0);
- if (uid_valid(ns_root_uid))
- *uid = ns_root_uid;
+ *uid = uid_valid(ns_root_uid) ? ns_root_uid : GLOBAL_ROOT_UID;
ns_root_gid = make_kgid(net->user_ns, 0);
- if (gid_valid(ns_root_gid))
- *gid = ns_root_gid;
+ *gid = gid_valid(ns_root_gid) ? ns_root_gid : GLOBAL_ROOT_GID;
}
static struct ctl_table_root net_sysctl_root = {
---
base-commit: e5eb28f6d1afebed4bb7d740a797d0390bd3a357
change-id: 20240315-sysctl-net-ownership-bc4e17eaeea6
Best regards,
--
Thomas Weißschuh <linux@weissschuh.net>
next reply other threads:[~2024-03-15 16:20 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20240315162041eucas1p1b9254ef7e70f21b24b88d0999c34e9bd@eucas1p1.samsung.com>
2024-03-15 16:20 ` Thomas Weißschuh [this message]
2024-03-16 0:39 ` [PATCH] net: always initialize sysctl ownership Kuniyuki Iwashima
2024-03-19 13:21 ` Joel Granados
2024-03-19 14:47 ` Paolo Abeni
2024-03-19 13:07 ` Joel Granados
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240315-sysctl-net-ownership-v1-1-2b465555a292@weissschuh.net \
--to=linux@weissschuh.net \
--cc=davem@davemloft.net \
--cc=dmitry.torokhov@gmail.com \
--cc=ebiederm@xmission.com \
--cc=edumazet@google.com \
--cc=j.granados@samsung.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.