Received: by 10.223.185.116 with SMTP id b49csp1086754wrg;
        Wed, 21 Feb 2018 11:53:25 -0800 (PST)
X-Google-Smtp-Source: AH8x227sL20Jk/V4q4vHJbx49DX5fMI2qBNsI5WWImqe/6x7fE6pn9UPVyJyoazGuKUdwbl/cZUS
X-Received: by 10.99.181.28 with SMTP id y28mr3697452pge.222.1519242805576;
        Wed, 21 Feb 2018 11:53:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519242805; cv=none;
        d=google.com; s=arc-20160816;
        b=pwfaPE8ih/wcbgiQncVpS9qNxsOIlSwyBZ+/MhX1Mx2t4YbIImB1tA5BRjAQP51nir
         zsA89gOZq4Av8/BltequLqAMYApPAJhGoxcepfDAGWgc1aCrMo4/94y+sJuH3dRhq17i
         38jS9ZIFSFX4+jcVaGC2s10Zov1IiaRj6eZu9KQ0v2fB1RVU7zc70D8qZkuL68dmCwEL
         ZiKRf0+6JPfzwovUj6OWqN9WoUTpC445U5p3aPGx2PE6TbtCZZIigEQnvWI6TBnqbWaf
         XFoKxSD/+U0Wvh5vQrbYRxHWkSCP44eDcDxW/Vm7NIaFEzk+/oMmxUPuc/mJjckR0HUA
         2tGg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=EXmXMHw5bfFrWgmnhkZHwlkwEhvEYyAa8baiM0FE16Q=;
        b=STcLiKmcWqmVpbiVoDPeiMa815fruCQAXQPC8amWkOmllRyuA6pmN2o2x+ri/+Oo+X
         yYdZkYiFVURSRolrzi34e99rkYyRb6aN68DVQ612oPwXM7VXQ2d8sqWNKWZQ6B1hoqCM
         HLpY9pcT5fsd7cz8OrVbQ2olA1VCWQJ13kuTPg+NYwy6ulV/hZP7Jio80Touf5yskmHA
         boqYbvYKumQNzfO/lW38b0NL+vJ05i1RI8ovCyqJrqPUHUyhYg3KJvVjliWZB/NhCTjv
         6CtKmYSKrsmAgpbXbyV3n/P7iu0tYKFZs7NM+dyNdgxEiyCAKHnMtlPhIssvwmmFGGvL
         8shw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=kR2XAxWm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q128si115442pga.833.2018.02.21.11.53.10;
        Wed, 21 Feb 2018 11:53:25 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=kR2XAxWm;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1750998AbeBUTwg (ORCPT <rfc822;xuyizhaos@gmail.com> + 99 others);
        Wed, 21 Feb 2018 14:52:36 -0500
Received: from mail-io0-f171.google.com ([209.85.223.171]:45162 "EHLO
        mail-io0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750738AbeBUTwf (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Feb 2018 14:52:35 -0500
Received: by mail-io0-f171.google.com with SMTP id m22so3385072iob.12;
        Wed, 21 Feb 2018 11:52:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=EXmXMHw5bfFrWgmnhkZHwlkwEhvEYyAa8baiM0FE16Q=;
        b=kR2XAxWmoB/Bp1TBtDeW7ulvw8d8Rs9kSR78E9VfYduFiueeIdbZ8mB+D65oCLmTHG
         lXOf1HFK5Xo/mA12EyTOxl3O/MVNWwp2wCCSiZ5P2i8F61vNQrvBcNzzyudhZKTtvLQI
         MFmSc1d5bM1wS77ic9C92ZX4T8w9Zz1gSCRdYpeX+MKkR3dXshl886MxICvLBvSShgNo
         9DVOCjrhqWUQqD515FLgHNm5vl1LbRWU21axwBEKZCjmcjMneN6cazm1FZmIFoUvvEo0
         F1ODR4KosaU77aRUQKiFLejnFJzoypUymV8sdNUGTDJOUZT05RKQZtZA2B6AIspP5gQC
         eEwg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=EXmXMHw5bfFrWgmnhkZHwlkwEhvEYyAa8baiM0FE16Q=;
        b=CIziP77JCfWBeGvZp3uOCwFTCJiWlHQWAEeKb++4z55epJMzqocybDYBlpZFi6qIlJ
         SXWKHHMrKTr1fjUFVzn6qk54ctZd+/UazYmyaEXZQBK6+CXTHYzuD81fmUISQ8wqK+jc
         EjjLY7hSXdjrUCcCwo2q4A5erpEtHG+Tinteh1L0c5DMhyu+EgjPtArn9JW4/0RMSruo
         3Of/mW58OnEL+wu2yK0xlpBDCU3Yz8UDGDvk1Q94kqqRPNtkofkJg3jRz1OhGQXuftxQ
         yA7692eXZwCwwRz55cV3kpbei6GnejXF0H8C6vMvBXJA/jFGPLtMsTgy2k4z0y6kbcOu
         3TuA==
X-Gm-Message-State: APf1xPAcWGZccgeyCqcpjVJJlZcdGP5yXr8S1ddPY/C8sr/vjNBYoSe+
        F6T33Mozerut5kjEvN1zBlrx8aTJFVjLOUK1Psc=
X-Received: by 10.107.10.155 with SMTP id 27mr5910776iok.259.1519242754176;
 Wed, 21 Feb 2018 11:52:34 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.135.221 with HTTP; Wed, 21 Feb 2018 11:52:33 -0800 (PST)
In-Reply-To: <20180221182104.GI3231@tassilo.jf.intel.com>
References: <20180215182208.35003-2-joe.konno@linux.intel.com>
 <6680a760-eb30-4daf-2dad-a9628f1c15a8@kernel.org> <20180220211849.fqjb6rdmypl6opir@agluck-desk>
 <CA+55aFzjyB=E+=q-W9oYZ7Py7nJwm8YQHFjfbWTib6wvkP9B_A@mail.gmail.com>
 <20180220233008.55rfm7zw62hrao5p@agluck-desk> <CA+55aFy8JMLjpDk+sU6pirSZdVqqHtw5oocDAEC7wcHuo5Vssw@mail.gmail.com>
 <3908561D78D1C84285E8C5FCA982C28F7B37DE1B@ORSMSX110.amr.corp.intel.com>
 <CA+55aFwKsa6bq5SUD6wKv8znGcxqjLCPh33a3DkbnUkSfd68Yw@mail.gmail.com>
 <CAKv+Gu--iHii9SxE7RMZKdVdLvQPPGo0wdCzG30xW0+7dakbmw@mail.gmail.com>
 <CA+55aFx4Q7AzCM5mDwga6_LteNUBWQsT6nKJMjn8JcriS3ExuQ@mail.gmail.com> <20180221182104.GI3231@tassilo.jf.intel.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Wed, 21 Feb 2018 11:52:33 -0800
X-Google-Sender-Auth: 0M1s4uRWixnZBS5V2lUwi6_uW3c
Message-ID: <CA+55aFytF4-B8pV5+aoNUi8ZpeSpsTdik23_Ltq9=Vu-MH=JAA@mail.gmail.com>
Subject: Re: [PATCH 1/2] fs/efivarfs: restrict inode permissions
To:     Andi Kleen <ak@linux.intel.com>
Cc:     Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        "Luck, Tony" <tony.luck@intel.com>,
        Joe Konno <joe.konno@linux.intel.com>,
        "linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jeremy Kerr <jk@ozlabs.org>,
        Matthew Garrett <mjg59@google.com>,
        Peter Jones <pjones@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        James Bottomley <james.bottomley@hansenpartnership.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Feb 21, 2018 at 10:21 AM, Andi Kleen <ak@linux.intel.com> wrote:
>
> How about uid name spaces? Someone untrusted in a container could
> create a lot of uids and switch between them.

Anybody who does that deserves whatever the hell they get.

You can already blow out a lot of other resources that way. If you can
create users indiscriminately enough, you can bypass most other
resource limits too.

If you think containers protect against security issues from untrusted
users, I have a bridge to sell you.

              Linus