Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753798AbcDTEtz (ORCPT <rfc822;w@1wt.eu>);
	Wed, 20 Apr 2016 00:49:55 -0400
Received: from mail-ig0-f196.google.com ([209.85.213.196]:36428 "EHLO
	mail-ig0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753011AbcDTEtx (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 20 Apr 2016 00:49:53 -0400
MIME-Version: 1.0
In-Reply-To: <CALYGNiOHRrhhdQawRO_XMK98_F9XaEY9ejjxgsC+GnKMn+jQRQ@mail.gmail.com>
References: <878u0s3orx.fsf_-_@x220.int.ebiederm.org>
	<CA+55aFwv7d8XfeN8KvYaVcSs7V9XoHtS-1cqtkG4gF4yJwB5nA@mail.gmail.com>
	<87twjcorwg.fsf@x220.int.ebiederm.org>
	<20160409140909.42315e6d@lxorguk.ukuu.org.uk>
	<83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com>
	<87bn5ij0x1.fsf@x220.int.ebiederm.org>
	<78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com>
	<CA+55aFyB7y8TfQ=_EvMAFONS6oSPs=uY88f+S6n_QWh4MkKTHg@mail.gmail.com>
	<FC521A3F-4BEB-427E-AE8E-CA54C0128AA3@zytor.com>
	<CA+55aFw62q5bjNiK7Q9dEQQEDZs5fbUxNPxDq376OZJ6JKT=Rg@mail.gmail.com>
	<CALCETrUZ=QVZbTCr3gvhSd2-j_U4R02y5fCxbddG_HsQdnuBkw@mail.gmail.com>
	<CA+55aFzs00iDkYhvFCq=AZMVcNL0+oZT4SeimTeVurJq=5ZS3A@mail.gmail.com>
	<CALCETrUQ_Oad61dYvPpYFxDBT++jhZoAT3e4n4yiu22iTNcxNQ@mail.gmail.com>
	<CALCETrUJ_KuGJoVxuUjWGCNHBNs5Vk8E68MtsWoTdURJ+=iJnQ@mail.gmail.com>
	<CA+55aFzchGpOp0R0RjM6Bsk23GWp1t76fgFi8q6FZQndHq5EtA@mail.gmail.com>
	<570D4781.3070600@zytor.com>
	<877ffyzy1j.fsf_-_@x220.int.ebiederm.org>
	<alpine.LFD.2.20.1604161105040.30857@i7>
	<87twixgsnq.fsf@x220.int.ebiederm.org>
	<CA+55aFyOv3jUOsC-JbfeqM-Rs1z1a+QEt2EejpTf-9EfXdttdg@mail.gmail.com>
	<87oa95gevf.fsf_-_@x220.int.ebiederm.org>
	<CALYGNiOHRrhhdQawRO_XMK98_F9XaEY9ejjxgsC+GnKMn+jQRQ@mail.gmail.com>
Date: Tue, 19 Apr 2016 21:49:52 -0700
X-Google-Sender-Auth: T0jcuOOGjCggYz_zTygpOl0EjuE
Message-ID: <CA+55aFxKxU89GvfUFahn-LG8vf4OpP069De3qOVaR_un-961gQ@mail.gmail.com>
Subject: Re: [PATCH] devpts: Make each mount of devpts an independent filesystem.
From: Linus Torvalds <torvalds@linux-foundation.org>
To: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Andy Lutomirski <luto@amacapital.net>, security@debian.org,
        "security@kernel.org" <security@kernel.org>,
        Al Viro <viro@zeniv.linux.org.uk>,
        "security@ubuntu.com >> security" <security@ubuntu.com>,
        Peter Hurley <peter@hurleysoftware.com>,
        Serge Hallyn <serge.hallyn@ubuntu.com>, Willy Tarreau <w@1wt.eu>,
        Aurelien Jarno <aurelien@aurel32.net>,
        One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>,
        Jann Horn <jann@thejh.net>, Greg KH <greg@kroah.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jiri Slaby <jslaby@suse.com>, Florian Weimer <fw@deneb.enyo.de>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 893
Lines: 21

On Tue, Apr 19, 2016 at 9:36 PM, Konstantin Khlebnikov <koct9i@gmail.com> wrote:
> On Wed, Apr 20, 2016 at 6:04 AM, Eric W. Biederman
>>
>> The kernel.pty.reserve sysctl is neutered with no way currently
>> implemented to be able to use the reserved ptys.
>
> I think we could convert this into reserve for init user namespace,
> ssh in host will work even if containers eaten all ptys.

Yes. That's basically how it effectively worked before (ie everything
but the initial non-newinstance devpts mount would be limited to the
non-reserved numbers).

We required the non-init namespaces to do a newinstance mount, so the
whole test for "newinstance" was effectively the same thing as just
checking for the init namespace from a security standpoint.

And in fact, rewriting it in that form (ie checking for init_ns) would
just make it much more obvious what the intent it.

              Linus