Received: by 10.213.65.68 with SMTP id h4csp643088imn; Fri, 23 Mar 2018 12:21:12 -0700 (PDT) X-Google-Smtp-Source: AG47ELuKzFDyPtAyyDDZ5gx+xTe5QYt5aqZ3V66G23nHXKkBCfUt4THUZLG3sBQakESd8yIjFjYs X-Received: by 2002:a17:902:2e43:: with SMTP id q61-v6mr30174538plb.404.1521832872426; Fri, 23 Mar 2018 12:21:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521832872; cv=none; d=google.com; s=arc-20160816; b=kXGFyczGchmTQB4N+fS56i/Im92hvg2oIO9CtDiJ8E5c8S1FNqW9MvKk9xj+Jgr2UI M5Gs6dKw+ILBzVUlK74paE5vlVKmedeZ99O49XtGE8hHUKdGRDy93CeBG8k3AqMzBMNl vCCeAfHnmTv/HzbH21mpmpGKjhNBW9pFePtpqbj6/nP/+JaMwDuIjxGkbE4nA55rjwcj x7qLLGDd1jtgA+Cfqwl/Kpbe+j2eqwr5QDH453oId/rmOjBXutPDgmi80FR3fciRDZzn RsvzDyV7gufRSAvRS550GcpT3fKxOg/xtPurs3qRpZVY2TkGJUVPnOZMQ/Ng5OkihFLn bo5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:references:in-reply-to:message-id :date:cc:to:from:arc-authentication-results; bh=wJ+h42l+LmM6USNEkq/uRyfbQQ1r5oZnjzjKJ+H+QpE=; b=bftKIiKKkxFsjlKOYgLk4XLqS3hK5612+oZuZt9DbUoY8uqatz5j5C5/ty4KEslApZ shRJyJUPj4C84UakarmzbqaC7ihABKCmUTgf6H/dsdM14eNRlvcMTEOx0CGqa0h0JDng mEaqewuKlxoC10eETcy9EtHbzz7FOX+uxN2cEbi6VBxWExe/ItNGJbLWTZzzER161RDU QuGLmn4OgATcW/7EcvlDQp5YOtB43HudlJcDNF4RqEPJtwTCLeqEHvy3yNjlDcYnQorY E9eS120uy7eWdj6PeFZlziT7bhLm3xS7yr5AkHRy8zgYc/9hOcJa3NyyCUJ0zPabvCrW Psdw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t15si6128524pgu.114.2018.03.23.12.20.57; Fri, 23 Mar 2018 12:21:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752621AbeCWTSb (ORCPT + 99 others); Fri, 23 Mar 2018 15:18:31 -0400 Received: from out02.mta.xmission.com ([166.70.13.232]:50688 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752096AbeCWTS2 (ORCPT ); Fri, 23 Mar 2018 15:18:28 -0400 Received: from in01.mta.xmission.com ([166.70.13.51]) by out02.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1ezSCp-0007eM-MP; Fri, 23 Mar 2018 13:18:27 -0600 Received: from 97-119-121-173.omah.qwest.net ([97.119.121.173] helo=x220.int.ebiederm.org) by in01.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1ezSCe-00033I-Um; Fri, 23 Mar 2018 13:18:27 -0600 From: "Eric W. Biederman" To: Linux Containers Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, khlebnikov@yandex-team.ru, prakash.sangappa@oracle.com, luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com, serge.hallyn@ubuntu.com, esyr@redhat.com, jannh@google.com, linux-security-module@vger.kernel.org, Pavel Emelyanov , Nagarathnam Muthusamy , "Eric W. Biederman" Date: Fri, 23 Mar 2018 14:16:13 -0500 Message-Id: <20180323191614.32489-10-ebiederm@xmission.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <87vadmobdw.fsf_-_@xmission.com> References: <87vadmobdw.fsf_-_@xmission.com> X-XM-SPF: eid=1ezSCe-00033I-Um;;;mid=<20180323191614.32489-10-ebiederm@xmission.com>;;;hst=in01.mta.xmission.com;;;ip=97.119.121.173;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX188cbNSCC2nSs018HyuvWCZnmzUc3rUE0Y= X-SA-Exim-Connect-IP: 97.119.121.173 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa04.xmission.com X-Spam-Level: **** X-Spam-Status: No, score=4.1 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,FVGT_m_MULTI_ODD,TR_Symld_Words,TVD_RCVD_IP, T_TM2_M_HEADER_IN_MSG,T_TooManySym_01,T_TooManySym_02,T_TooManySym_03, T_TooManySym_04,T_TooManySym_05,XMNoVowels,XMSolicitRefs_0,XMSubLong autolearn=disabled version=3.4.1 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.0 TVD_RCVD_IP Message was received from an IP address * 1.5 XMNoVowels Alpha-numberic number with no vowels * 1.5 TR_Symld_Words too many words that have symbols inside * 0.7 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa04 1397; Body=1 Fuz1=1 Fuz2=1] * 0.1 XMSolicitRefs_0 Weightloss drug * 0.0 T_TooManySym_04 7+ unique symbols in subject * 0.0 T_TooManySym_03 6+ unique symbols in subject * 0.4 FVGT_m_MULTI_ODD Contains multiple odd letter combinations * 0.0 T_TooManySym_01 4+ unique symbols in subject * 0.0 T_TooManySym_02 5+ unique symbols in subject * 0.0 T_TooManySym_05 8+ unique symbols in subject X-Spam-DCC: XMission; sa04 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ****;Linux Containers X-Spam-Relay-Country: X-Spam-Timing: total 10346 ms - load_scoreonly_sql: 0.08 (0.0%), signal_user_changed: 4.4 (0.0%), b_tie_ro: 3.3 (0.0%), parse: 1.21 (0.0%), extract_message_metadata: 15 (0.1%), get_uri_detail_list: 3.7 (0.0%), tests_pri_-1000: 6 (0.1%), tests_pri_-950: 1.48 (0.0%), tests_pri_-900: 1.24 (0.0%), tests_pri_-400: 37 (0.4%), check_bayes: 36 (0.3%), b_tokenize: 13 (0.1%), b_tok_get_all: 13 (0.1%), b_comp_prob: 3.0 (0.0%), b_tok_touch_all: 4.5 (0.0%), b_finish: 0.62 (0.0%), tests_pri_0: 614 (5.9%), check_dkim_signature: 1.25 (0.0%), check_dkim_adsp: 4.9 (0.0%), tests_pri_500: 9662 (93.4%), poll_dns_idle: 9652 (93.3%), rewrite_mail: 0.00 (0.0%) Subject: [REVIEW][PATCH 10/11] ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Today msg_lspid and msg_lrpid are remembered in the pid namespace of the creator and the processes that last send or received a sysvipc message. If you have processes in multiple pid namespaces that is just wrong. The process ids reported will not make the least bit of sense. This fix is slightly more susceptible to a performance problem than the related fix for System V shared memory. By definition the pids are updated by msgsnd and msgrcv, the fast path of System V message queues. The only concern over the previous implementation is the incrementing and decrementing of the pid reference count. As that is the only difference and multiple updates by of the task_tgid by threads in the same process have been shown in af_unix sockets to create a cache line ping-pong between cpus of the same processor. In this case I don't expect cache lines holding pid reference counts to ping pong between cpus. As senders and receivers update different pids there is a natural separation there. Further if multiple threads of the same process either send or receive messages the pid will be updated to the same value and ipc_update_pid will avoid the reference count update. Which means in the common case I expect msg_lspid and msg_lrpid to remain constant, and reference counts not to be updated when messages are sent. In rare cases it may be possible to trigger the issue which was observed for af_unix sockets, but it will require multiple processes with multiple threads to be either sending or receiving messages. It just does not feel likely that anyone would do that in practice. This change updates msgctl(..., IPC_STAT, ...) to return msg_lspid and msg_lrpid in the pid namespace of the process calling stat. This change also updates cat /proc/sysvipc/msg to return print msg_lspid and msg_lrpid in the pid namespace of the process that opened the proc file. Fixes: b488893a390e ("pid namespaces: changes to show virtual ids to user") Signed-off-by: "Eric W. Biederman" --- ipc/msg.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/ipc/msg.c b/ipc/msg.c index af5a963306c4..825ad585a6ff 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -52,8 +52,8 @@ struct msg_queue { unsigned long q_cbytes; /* current number of bytes on queue */ unsigned long q_qnum; /* number of messages in queue */ unsigned long q_qbytes; /* max number of bytes on queue */ - pid_t q_lspid; /* pid of last msgsnd */ - pid_t q_lrpid; /* last receive pid */ + struct pid *q_lspid; /* pid of last msgsnd */ + struct pid *q_lrpid; /* last receive pid */ struct list_head q_messages; struct list_head q_receivers; @@ -154,7 +154,7 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params) msq->q_ctime = ktime_get_real_seconds(); msq->q_cbytes = msq->q_qnum = 0; msq->q_qbytes = ns->msg_ctlmnb; - msq->q_lspid = msq->q_lrpid = 0; + msq->q_lspid = msq->q_lrpid = NULL; INIT_LIST_HEAD(&msq->q_messages); INIT_LIST_HEAD(&msq->q_receivers); INIT_LIST_HEAD(&msq->q_senders); @@ -267,6 +267,8 @@ static void freeque(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) free_msg(msg); } atomic_sub(msq->q_cbytes, &ns->msg_bytes); + ipc_update_pid(&msq->q_lspid, NULL); + ipc_update_pid(&msq->q_lrpid, NULL); ipc_rcu_putref(&msq->q_perm, msg_rcu_free); } @@ -536,8 +538,8 @@ static int msgctl_stat(struct ipc_namespace *ns, int msqid, p->msg_cbytes = msq->q_cbytes; p->msg_qnum = msq->q_qnum; p->msg_qbytes = msq->q_qbytes; - p->msg_lspid = msq->q_lspid; - p->msg_lrpid = msq->q_lrpid; + p->msg_lspid = pid_vnr(msq->q_lspid); + p->msg_lrpid = pid_vnr(msq->q_lrpid); ipc_unlock_object(&msq->q_perm); rcu_read_unlock(); @@ -741,7 +743,7 @@ static inline int pipelined_send(struct msg_queue *msq, struct msg_msg *msg, wake_q_add(wake_q, msr->r_tsk); WRITE_ONCE(msr->r_msg, ERR_PTR(-E2BIG)); } else { - msq->q_lrpid = task_pid_vnr(msr->r_tsk); + ipc_update_pid(&msq->q_lrpid, task_pid(msr->r_tsk)); msq->q_rtime = get_seconds(); wake_q_add(wake_q, msr->r_tsk); @@ -842,7 +844,7 @@ static long do_msgsnd(int msqid, long mtype, void __user *mtext, } - msq->q_lspid = task_tgid_vnr(current); + ipc_update_pid(&msq->q_lspid, task_tgid(current)); msq->q_stime = get_seconds(); if (!pipelined_send(msq, msg, &wake_q)) { @@ -1060,7 +1062,7 @@ static long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp, in list_del(&msg->m_list); msq->q_qnum--; msq->q_rtime = get_seconds(); - msq->q_lrpid = task_tgid_vnr(current); + ipc_update_pid(&msq->q_lrpid, task_tgid(current)); msq->q_cbytes -= msg->m_ts; atomic_sub(msg->m_ts, &ns->msg_bytes); atomic_dec(&ns->msg_hdrs); @@ -1202,6 +1204,7 @@ void msg_exit_ns(struct ipc_namespace *ns) #ifdef CONFIG_PROC_FS static int sysvipc_msg_proc_show(struct seq_file *s, void *it) { + struct pid_namespace *pid_ns = ipc_seq_pid_ns(s); struct user_namespace *user_ns = seq_user_ns(s); struct kern_ipc_perm *ipcp = it; struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); @@ -1213,8 +1216,8 @@ static int sysvipc_msg_proc_show(struct seq_file *s, void *it) msq->q_perm.mode, msq->q_cbytes, msq->q_qnum, - msq->q_lspid, - msq->q_lrpid, + pid_nr_ns(msq->q_lspid, pid_ns), + pid_nr_ns(msq->q_lrpid, pid_ns), from_kuid_munged(user_ns, msq->q_perm.uid), from_kgid_munged(user_ns, msq->q_perm.gid), from_kuid_munged(user_ns, msq->q_perm.cuid), -- 2.14.1