Received: by 10.213.65.68 with SMTP id h4csp717836imn; Fri, 23 Mar 2018 14:23:07 -0700 (PDT) X-Google-Smtp-Source: AG47ELuxRkiVdiGlp/B6nDYcMzXBqps0PsKDUkAEI/TWgJVvqdvUREeDmXNgG2vd72nzrxbmCxEu X-Received: by 10.99.122.22 with SMTP id v22mr4117187pgc.300.1521840187360; Fri, 23 Mar 2018 14:23:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521840187; cv=none; d=google.com; s=arc-20160816; b=xqe3SxZsj5sXQSWkSJ2Dy8g7z6/xvtth0HrbQzrnnQOF+RBqAIDq7JKK21F+ebb7ZG GYgEaFnFb+gtS/pLHvVR7w3QkXsm62kCMY2qYlzeY9sAci5QyNCSBIea0LXJWE49f9tj AGsXvk+qJPSsRUet2ihAk18aHXXhKt7z7DkT9HCqraMeiCa85kFu0RMCCi40njSHlmzL vjbDaDdDkr4C8mDS90yEFXCnaLDgsT2mcK6hP0QRAgrllmXmT59Xy5LhzMkIfK/uVgtt 5Rc82MVCj5ZZNLa+jC45o0OLHnA1a/MpvlUuOuFn+XJhvaQbHX2JjHP5MmGOYAmnY6jP nqNQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:organization:from:references:cc:to:subject :dkim-signature:arc-authentication-results; bh=higCV99PnNCNc7VbS2f/QtiqKCCCzTGPdyriPS1sC/o=; b=dL9iJ/Hmkp41eAYi4TmVSa2aPFHtI3EnVCTmZvIfinGK5yHrBsvq2HMTzFPsaGg611 6kao8CQv3xJAdO90dopOw4paY+SVZr7J1HveUaks21XAm3dmjyDJxAv58cyZtDKRb/YJ Ljzgcjy28oRR0MCRAbj33hvZnCxq3AFTDJy72/TPWGX61rEZbLAlZqUEbZJh+cLcciGN kI4RUIIeUIipqf/Dg0tIzDjON30qCu9Jedpo/tzYg8VR6eYXtyp5mMF789v7ezyfCj9F MNGgFRSGCCP/Thoxj+g7h/ilX+C8Sp3L1VPyHq0pGhgWCQEwygod1zNZeY6gFtVOKOD3 u74Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=Zj+1E4Th; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z5-v6si9101962plo.727.2018.03.23.14.22.52; Fri, 23 Mar 2018 14:23:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=Zj+1E4Th; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751899AbeCWVWB (ORCPT + 99 others); Fri, 23 Mar 2018 17:22:01 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:48416 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751471AbeCWVV7 (ORCPT ); Fri, 23 Mar 2018 17:21:59 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w2NLGddn016196; Fri, 23 Mar 2018 21:21:20 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=higCV99PnNCNc7VbS2f/QtiqKCCCzTGPdyriPS1sC/o=; b=Zj+1E4ThfWfJl+OYqKRY/m7YSooOTN8ERTr4xvn7SsBJIeip6bJEqhCs8sHeBTYETJm1 DfeEj4Y2KkxPn/owajkU1qPOmRv/xU4IrACl5s9WqTVr/x9LcmpROq0XilaAfD0kNaNK DekiIe8+YGH7C2uFrwrou+EhKbE0vhARn5PO6gy0YJQI3pPzY0qHpyoK1vmmnKcQuyTl uTbHNu8kjT2878t5P3EfFX/oQphc1KsxWkGE8cP0zzKwTMbyfP0gWIjuAPRzr/JYWrME Jkgmvyg7ggJVoXFAnxr3oE9dLEx3S0Qm3KZWWzjC6kNt8RWq1Ah9Ee/neoCcozWwlRuH DQ== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by userp2130.oracle.com with ESMTP id 2gw9bv81ku-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 23 Mar 2018 21:21:20 +0000 Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w2NLLJxX022850 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 23 Mar 2018 21:21:19 GMT Received: from abhmp0010.oracle.com (abhmp0010.oracle.com [141.146.116.16]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w2NLLI1t026530; Fri, 23 Mar 2018 21:21:18 GMT Received: from [10.209.243.63] (/10.209.243.63) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 23 Mar 2018 14:21:18 -0700 Subject: Re: [REVIEW][PATCH 10/11] ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces To: "Eric W. Biederman" , Linux Containers Cc: linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, khlebnikov@yandex-team.ru, prakash.sangappa@oracle.com, luto@kernel.org, akpm@linux-foundation.org, oleg@redhat.com, serge.hallyn@ubuntu.com, esyr@redhat.com, jannh@google.com, linux-security-module@vger.kernel.org, Pavel Emelyanov References: <87vadmobdw.fsf_-_@xmission.com> <20180323191614.32489-10-ebiederm@xmission.com> From: NAGARATHNAM MUTHUSAMY Organization: Oracle Corporation Message-ID: Date: Fri, 23 Mar 2018 14:21:16 -0700 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <20180323191614.32489-10-ebiederm@xmission.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8841 signatures=668695 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=2 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803230239 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/23/2018 12:16 PM, Eric W. Biederman wrote: > Today msg_lspid and msg_lrpid are remembered in the pid namespace of > the creator and the processes that last send or received a sysvipc > message. If you have processes in multiple pid namespaces that is > just wrong. The process ids reported will not make the least bit of > sense. > > This fix is slightly more susceptible to a performance problem than > the related fix for System V shared memory. By definition the pids > are updated by msgsnd and msgrcv, the fast path of System V message > queues. The only concern over the previous implementation is the > incrementing and decrementing of the pid reference count. As that is > the only difference and multiple updates by of the task_tgid by > threads in the same process have been shown in af_unix sockets to > create a cache line ping-pong between cpus of the same processor. > > In this case I don't expect cache lines holding pid reference counts > to ping pong between cpus. As senders and receivers update different > pids there is a natural separation there. Further if multiple threads > of the same process either send or receive messages the pid will be > updated to the same value and ipc_update_pid will avoid the reference > count update. > > Which means in the common case I expect msg_lspid and msg_lrpid to > remain constant, and reference counts not to be updated when messages > are sent. > > In rare cases it may be possible to trigger the issue which was > observed for af_unix sockets, but it will require multiple processes > with multiple threads to be either sending or receiving messages. It > just does not feel likely that anyone would do that in practice. > > This change updates msgctl(..., IPC_STAT, ...) to return msg_lspid and > msg_lrpid in the pid namespace of the process calling stat. > > This change also updates cat /proc/sysvipc/msg to return print msg_lspid > and msg_lrpid in the pid namespace of the process that opened the proc > file. > > Fixes: b488893a390e ("pid namespaces: changes to show virtual ids to user") > Signed-off-by: "Eric W. Biederman" Thanks! Reviewed-by: Nagarathnam Muthusamy > --- > ipc/msg.c | 23 +++++++++++++---------- > 1 file changed, 13 insertions(+), 10 deletions(-) > > diff --git a/ipc/msg.c b/ipc/msg.c > index af5a963306c4..825ad585a6ff 100644 > --- a/ipc/msg.c > +++ b/ipc/msg.c > @@ -52,8 +52,8 @@ struct msg_queue { > unsigned long q_cbytes; /* current number of bytes on queue */ > unsigned long q_qnum; /* number of messages in queue */ > unsigned long q_qbytes; /* max number of bytes on queue */ > - pid_t q_lspid; /* pid of last msgsnd */ > - pid_t q_lrpid; /* last receive pid */ > + struct pid *q_lspid; /* pid of last msgsnd */ > + struct pid *q_lrpid; /* last receive pid */ > > struct list_head q_messages; > struct list_head q_receivers; > @@ -154,7 +154,7 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params) > msq->q_ctime = ktime_get_real_seconds(); > msq->q_cbytes = msq->q_qnum = 0; > msq->q_qbytes = ns->msg_ctlmnb; > - msq->q_lspid = msq->q_lrpid = 0; > + msq->q_lspid = msq->q_lrpid = NULL; > INIT_LIST_HEAD(&msq->q_messages); > INIT_LIST_HEAD(&msq->q_receivers); > INIT_LIST_HEAD(&msq->q_senders); > @@ -267,6 +267,8 @@ static void freeque(struct ipc_namespace *ns, struct kern_ipc_perm *ipcp) > free_msg(msg); > } > atomic_sub(msq->q_cbytes, &ns->msg_bytes); > + ipc_update_pid(&msq->q_lspid, NULL); > + ipc_update_pid(&msq->q_lrpid, NULL); > ipc_rcu_putref(&msq->q_perm, msg_rcu_free); > } > > @@ -536,8 +538,8 @@ static int msgctl_stat(struct ipc_namespace *ns, int msqid, > p->msg_cbytes = msq->q_cbytes; > p->msg_qnum = msq->q_qnum; > p->msg_qbytes = msq->q_qbytes; > - p->msg_lspid = msq->q_lspid; > - p->msg_lrpid = msq->q_lrpid; > + p->msg_lspid = pid_vnr(msq->q_lspid); > + p->msg_lrpid = pid_vnr(msq->q_lrpid); > > ipc_unlock_object(&msq->q_perm); > rcu_read_unlock(); > @@ -741,7 +743,7 @@ static inline int pipelined_send(struct msg_queue *msq, struct msg_msg *msg, > wake_q_add(wake_q, msr->r_tsk); > WRITE_ONCE(msr->r_msg, ERR_PTR(-E2BIG)); > } else { > - msq->q_lrpid = task_pid_vnr(msr->r_tsk); > + ipc_update_pid(&msq->q_lrpid, task_pid(msr->r_tsk)); > msq->q_rtime = get_seconds(); > > wake_q_add(wake_q, msr->r_tsk); > @@ -842,7 +844,7 @@ static long do_msgsnd(int msqid, long mtype, void __user *mtext, > > } > > - msq->q_lspid = task_tgid_vnr(current); > + ipc_update_pid(&msq->q_lspid, task_tgid(current)); > msq->q_stime = get_seconds(); > > if (!pipelined_send(msq, msg, &wake_q)) { > @@ -1060,7 +1062,7 @@ static long do_msgrcv(int msqid, void __user *buf, size_t bufsz, long msgtyp, in > list_del(&msg->m_list); > msq->q_qnum--; > msq->q_rtime = get_seconds(); > - msq->q_lrpid = task_tgid_vnr(current); > + ipc_update_pid(&msq->q_lrpid, task_tgid(current)); > msq->q_cbytes -= msg->m_ts; > atomic_sub(msg->m_ts, &ns->msg_bytes); > atomic_dec(&ns->msg_hdrs); > @@ -1202,6 +1204,7 @@ void msg_exit_ns(struct ipc_namespace *ns) > #ifdef CONFIG_PROC_FS > static int sysvipc_msg_proc_show(struct seq_file *s, void *it) > { > + struct pid_namespace *pid_ns = ipc_seq_pid_ns(s); > struct user_namespace *user_ns = seq_user_ns(s); > struct kern_ipc_perm *ipcp = it; > struct msg_queue *msq = container_of(ipcp, struct msg_queue, q_perm); > @@ -1213,8 +1216,8 @@ static int sysvipc_msg_proc_show(struct seq_file *s, void *it) > msq->q_perm.mode, > msq->q_cbytes, > msq->q_qnum, > - msq->q_lspid, > - msq->q_lrpid, > + pid_nr_ns(msq->q_lspid, pid_ns), > + pid_nr_ns(msq->q_lrpid, pid_ns), > from_kuid_munged(user_ns, msq->q_perm.uid), > from_kgid_munged(user_ns, msq->q_perm.gid), > from_kuid_munged(user_ns, msq->q_perm.cuid),