2007-09-14 14:57:53

by Alexey Dobriyan

[permalink] [raw]
Subject: [PATCH] Fix UTS corruption during clone(CLONE_NEWUTS)

struct utsname is copied from master one without any exclusion.

Here is sample output from one proggie doing

sethostname("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
sethostname("bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");

and another

clone(,, CLONE_NEWUTS, ...)
uname()


hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaabbbbb'
hostname = 'bbbaaaaaaaaaaaaaaaaaaaaaaaaaaa'
hostname = 'aaaaaaaabbbbbbbbbbbbbbbbbbbbbb'
hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaaabbbb'
hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaabb'
hostname = 'aaabbbbbbbbbbbbbbbbbbbbbbbbbbb'
hostname = 'bbbbbbbbbbbbbbbbaaaaaaaaaaaaaa'

Hostname is sometimes corrupted.

Yes, even _the_ simplest namespace activity had bug in it. :-(

Signed-off-by: Alexey Dobriyan <[email protected]>
---

kernel/utsname.c | 2 ++
1 file changed, 2 insertions(+)

--- a/kernel/utsname.c
+++ b/kernel/utsname.c
@@ -28,7 +28,9 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns)
if (!ns)
return ERR_PTR(-ENOMEM);

+ down_read(&uts_sem);
memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
+ up_read(&uts_sem);
kref_init(&ns->kref);
return ns;
}


2007-09-14 20:02:26

by Serge E. Hallyn

[permalink] [raw]
Subject: Re: [PATCH] Fix UTS corruption during clone(CLONE_NEWUTS)

Quoting Alexey Dobriyan ([email protected]):
> struct utsname is copied from master one without any exclusion.
>
> Here is sample output from one proggie doing
>
> sethostname("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
> sethostname("bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
>
> and another
>
> clone(,, CLONE_NEWUTS, ...)
> uname()
>
>
> hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaabbbbb'
> hostname = 'bbbaaaaaaaaaaaaaaaaaaaaaaaaaaa'
> hostname = 'aaaaaaaabbbbbbbbbbbbbbbbbbbbbb'
> hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaaabbbb'
> hostname = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaabb'
> hostname = 'aaabbbbbbbbbbbbbbbbbbbbbbbbbbb'
> hostname = 'bbbbbbbbbbbbbbbbaaaaaaaaaaaaaa'
>
> Hostname is sometimes corrupted.
>
> Yes, even _the_ simplest namespace activity had bug in it. :-(
>
> Signed-off-by: Alexey Dobriyan <[email protected]>

picking my jaw up off the floor just long enough to type

Signed-off-by: Serge Hallyn <[email protected]>

and limp away in shame

thanks Alexey,
-serge

> ---
>
> kernel/utsname.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> --- a/kernel/utsname.c
> +++ b/kernel/utsname.c
> @@ -28,7 +28,9 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns)
> if (!ns)
> return ERR_PTR(-ENOMEM);
>
> + down_read(&uts_sem);
> memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
> + up_read(&uts_sem);
> kref_init(&ns->kref);
> return ns;
> }
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/