Received: by 10.213.65.68 with SMTP id h4csp638310imn; Fri, 23 Mar 2018 12:13:49 -0700 (PDT) X-Google-Smtp-Source: AG47ELsYq08PYzTYQB4znC3hy1sPReg7fCst8T0GWTray4Ee7sqixWRrB67wZ0e0DekouJPwDLcq X-Received: by 10.167.131.199 with SMTP id j7mr24662797pfn.99.1521832429783; Fri, 23 Mar 2018 12:13:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521832429; cv=none; d=google.com; s=arc-20160816; b=vtqZEWaSl3BllD8uTxsbM8AhbOM1okHZqaiPYbUVRHiPoq55YMMUuxC0GroWACQrpz Ihg2GFpgHi0I4L4J1hJ0oYTJTWhMjYpRb8x8KIcLiyjCNyN2e5ACLKx5NyL+7QHZHeLm 9X1ETspPmT6Etn91BO03iOXuxtmmVk0ijSNLxk/vu7Jj+b3+wDZ3sdjb8twe6D2z6HnC 9WTu310m2Sagqz7gyPBpW9WLPZYhvbeBCekmQKQ6lM03RtqEOHVHQjU+EU9t/UlyQpLC 99oFUyEpJtvV8Debq47F2VWIZWTEzY5nO7/lScyDbuIcGVdJrY6YtUQ1gYxTNiAZoE/H iujA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from :arc-authentication-results; bh=hJjB6KFn58yTfFjF493/yv4ZS9i4NYCyxCqgi5qcmH0=; b=ycn74EJyYKQ2uOTZcYZz8oKlx9IO4xGO5KpF/S3iFQerEtJ2C5zbWH+61cYL1wLGr1 l1ylD/RkwPNhsaYFpZpMJ/7+71HNUDDDXcoXigizMqM+S3tY+I8OtjWiarWPXwF1mpU+ M+t5ufpFxPMlgR10bwLtb64XKKtzWOPZHYuffY95a98MRfrDBQxVNravPOeWka2rKWdI nKlgestVK0skxNeeRT6aUSjvuskPnsJjOJBVeRhMsSgMn/7iQ/Wy9wyJhUHhgWJ/bikQ Uxx1hwkM9oIramGuZX+NxKtCavLHP1YkDjADahqpbtxWN6Su3d8TvL/xWjbmji/DKz9L ahqQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y22si7053666pfm.357.2018.03.23.12.13.35; Fri, 23 Mar 2018 12:13:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752305AbeCWTM1 (ORCPT + 99 others); Fri, 23 Mar 2018 15:12:27 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:38150 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751997AbeCWTMX (ORCPT ); Fri, 23 Mar 2018 15:12:23 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1ezS6v-0003DN-87; Fri, 23 Mar 2018 13:12:21 -0600 Received: from 97-119-121-173.omah.qwest.net ([97.119.121.173] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1ezS6u-0003RW-GQ; Fri, 23 Mar 2018 13:12:21 -0600 From: ebiederm@xmission.com (Eric W. Biederman) To: Linux Containers Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, khlebnikov@yandex-team.ru, prakash.sangappa@oracle.com, luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com, serge.hallyn@ubuntu.com, esyr@redhat.com, jannh@google.com, linux-security-module@vger.kernel.org, Pavel Emelyanov , Nagarathnam Muthusamy References: <1520875093-18174-1-git-send-email-nagarathnam.muthusamy@oracle.com> <87vadzqqq6.fsf@xmission.com> <990e88fa-ab50-9645-b031-14e1afbf7ccc@oracle.com> <877eqejowd.fsf@xmission.com> <3a46a03d-e4dd-59b6-e25f-0020be1b1dc9@oracle.com> <87a7v2z2qa.fsf@xmission.com> Date: Fri, 23 Mar 2018 14:11:23 -0500 In-Reply-To: <87a7v2z2qa.fsf@xmission.com> (Eric W. Biederman's message of "Tue, 20 Mar 2018 19:33:49 -0500") Message-ID: <87vadmobdw.fsf_-_@xmission.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1ezS6u-0003RW-GQ;;;mid=<87vadmobdw.fsf_-_@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=97.119.121.173;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+HUW0WzLjMq2RIl2kmFx/6hMspRguewWg= X-SA-Exim-Connect-IP: 97.119.121.173 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa06.xmission.com X-Spam-Level: ** X-Spam-Status: No, score=2.8 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,TR_Symld_Words,TVD_RCVD_IP,XMNoVowels autolearn=disabled version=3.4.1 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 1.5 XMNoVowels Alpha-numberic number with no vowels * 1.5 TR_Symld_Words too many words that have symbols inside * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: **;Linux Containers X-Spam-Relay-Country: X-Spam-Timing: total 307 ms - load_scoreonly_sql: 0.07 (0.0%), signal_user_changed: 3.4 (1.1%), b_tie_ro: 2.3 (0.8%), parse: 1.21 (0.4%), extract_message_metadata: 4.6 (1.5%), get_uri_detail_list: 2.2 (0.7%), tests_pri_-1000: 4.2 (1.4%), tests_pri_-950: 1.26 (0.4%), tests_pri_-900: 1.07 (0.3%), tests_pri_-400: 24 (7.9%), check_bayes: 23 (7.5%), b_tokenize: 8 (2.6%), b_tok_get_all: 8 (2.5%), b_comp_prob: 2.4 (0.8%), b_tok_touch_all: 3.1 (1.0%), b_finish: 0.68 (0.2%), tests_pri_0: 254 (82.8%), check_dkim_signature: 0.55 (0.2%), check_dkim_adsp: 3.0 (1.0%), tests_pri_500: 4.3 (1.4%), rewrite_mail: 0.00 (0.0%) Subject: [REVIEW][PATCH 00/11] ipc: Fixing the pid namespace support X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org While discussing a proposal by Nagarathnam Muthusamy I realized that the ipc namespace has never been given proper pid namespace support. In particular if objects in a single ipc namespace are accessed from different pid namespaces they will return the wrong pids. Then when trying to test this I discovered that definitions that are only used in msg.c, sem.c, and shm.c are included in linux/sched.h resulting in what should be simple local modifications requring nearly a full kernel rebuild. So this patchset does several things. - Changes the types that are passed into the security hooks to struct kern_ipc_perm because that is all the security hooks use. - Moves definitions from include/{msg,sem,shm}.h into ipc/{msg,sem,shm}.c So the code can be modified without excessive development time. - Instead of storing pids as intergers stores struct pid * instead. I took a careful look to see if it seems likely the performance regression in credential passing that af_unix experienced after a similar conversion would be likely, but I don't see it. So I think the biggest concern is if someone in the last 10 years has come to depend on the buggy behavior. If either the performance is problematic or the there are regression caused by the change in behavior we can revert. Still I would like to see this fixed and I plan on merging this code. Eric W. Biederman (11): sem/security: Pass kern_ipc_perm not sem_array into the sem security hooks shm/security: Pass kern_ipc_perm not shmid_kernel into the shm security hooks msg/security: Pass kern_ipc_perm not msg_queue into the msg_queue security hooks sem: Move struct sem and struct sem_array into ipc/sem.c shm: Move struct shmid_kernel into ipc/shm.c msg: Move struct msg_queue into ipc/msg.c ipc: Move IPCMNI from include/ipc.h into ipc/util.h ipc/util: Helpers for making the sysvipc operations pid namespace aware ipc/shm: Fix shmctl(..., IPC_STAT, ...) between pid namespaces. ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces ipc/sem: Fix semctl(..., GETPID, ...) between pid namespaces include/linux/ipc.h | 2 - include/linux/lsm_hooks.h | 32 ++++++++-------- include/linux/msg.h | 18 --------- include/linux/security.h | 67 ++++++++++++++++----------------- include/linux/sem.h | 40 +------------------- include/linux/shm.h | 23 ------------ ipc/msg.c | 54 ++++++++++++++++++--------- ipc/sem.c | 73 ++++++++++++++++++++++++++---------- ipc/shm.c | 60 +++++++++++++++++++++--------- ipc/util.c | 9 +++++ ipc/util.h | 12 ++++++ security/security.c | 32 ++++++++-------- security/selinux/hooks.c | 92 +++++++++++++++++++++++----------------------- security/smack/smack_lsm.c | 68 +++++++++++++++++----------------- 14 files changed, 297 insertions(+), 285 deletions(-) Eric