Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp1668892ybi; Sun, 16 Jun 2019 10:15:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqzzvR7dA9MpNm5MQyOVjKQRuoNf6HiB9nQA6v+Lz5am/Y2pMQyMZ3ncBXHPFreRhCaoBQYt X-Received: by 2002:a62:585:: with SMTP id 127mr106978037pff.231.1560705314258; Sun, 16 Jun 2019 10:15:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560705314; cv=none; d=google.com; s=arc-20160816; b=EwRbRfMFw04P7re2vsiTG+dl4jb6pMGyJQHlIvTrI/XFkUw37Rb3iOmn88oGySII8p SfiPcr9tZFj2IckfUo/wgaaGg6YMrwF8y5VUQ8TnV6rn0GUtYye5SaH7DurlX9OAK7Ra ywPNHHMbK/c+Yxquy6cRgaHKONzbBXQI6EikRSmdnKZsF3SEAXZrYyWIdXlLSQqh7NO8 oUdsj20IiFrxyc/ru/lj6aEDpVZLg+17Cc1FoHEHhIzVrZ1N7AVHa+zqOZVpwrW3CGdE z/HOVUdALEpF/MJ7SxwF9WvkUhjAOl/lmb43ZxzoTk4408QUlgfXqGUroMYubGmu07Wx 0bpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=X4WrkjaQQpTlNjMoovx5rY40SD+a9Kp8afFJnM+fxs8=; b=BD9sOw3uWUlVKPhPjPhvQaOZB73DFI/JUkA59sJ0yCf5g7972Hx3DH/8IN9kff+o9m DfCYZ7twVtp50EncV54Q32xWdTXNUTHE/MBHL+C4M+VUU0h1BYD7o3bf5H7IC1f7yaWU Smf0RjDpcojBqMFpm5Ia21Jjam5z4WOWD8MN1ZdDeWd061C2xQWtH3hROsl0/9S5f/pr QjxI8l5MyLTFpszz7f+DwnSl2VMJktPG92w1MMX5y2fJlVZZXDkMR79GhY+gvVspqW3R vO3gnBvea0ABnoQGouFsDArbUGi12Nms3E7/6MTbe04MjqscDwb68ubWncgM4O13jsNI mGJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=DtBTpHDx; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a26si8752476pfh.147.2019.06.16.10.14.48; Sun, 16 Jun 2019 10:15:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=DtBTpHDx; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726267AbfFPROo (ORCPT + 99 others); Sun, 16 Jun 2019 13:14:44 -0400 Received: from mail-io1-f67.google.com ([209.85.166.67]:41425 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725895AbfFPROo (ORCPT ); Sun, 16 Jun 2019 13:14:44 -0400 Received: by mail-io1-f67.google.com with SMTP id w25so16235330ioc.8; Sun, 16 Jun 2019 10:14:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=X4WrkjaQQpTlNjMoovx5rY40SD+a9Kp8afFJnM+fxs8=; b=DtBTpHDxVxOt6zVeqDkWmoLKrJvKKvlWytU3DSb5/ZSiXl+/GarLsfhGOsI6Pcn5ra GnfkKgJx3VCEcKFn/yeXmTIdvisj1Id7d4a77IVLU3J8O08ruqLOX8wU20skBO2JkTLm Evwp1+BKfbLnXv2plxC4a/RfZZ8Rm4KvwfqJFCC7aM9JptlI62Emd//AWbsTsaa6hDd8 5AJL4twEvTNC6MvcVg6lAP3LP88o1Wu3Y0znNnzYt5E7Ly2190Qz4TnuvLPZgZRPMCP1 Kga65S72qqbFLX6jh/cnVjvFIIeYrsuEkfgsmdUm5qMnHM3VCBgcMKeo8cMwE3i5AwTA vNhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=X4WrkjaQQpTlNjMoovx5rY40SD+a9Kp8afFJnM+fxs8=; b=H+wTOCHZs04e4/F2q2Pm3BmFLdWZwJzig20GxNMjsQOnd+UbhB1cW+3iIA/IfiPnPh 2ZmdPFOz4FxzgNisbwZ6AUTsglwbFgBlyh8JoFOSMVrq77pofAqXI2y1NocdNK81+/IQ jjWkHBOzFhRi6ui/gHZuv0lJtuKiq5eyScoDwbgoQ5smWTjyCo6hcBvGkfAJdrrHqsf/ GRT7FGokM5WaI8IBi/fc6oIJ39l2HpePADMPrKoWZ2ZiKbQbW9JGPeqLnn2QsQx9asG+ xadeDKZkjvxaEeDAYbwY5P4g1cGkHDxIwIkq+saBfP+MZaEz814SWjmtGHg8xXbgzfCb iZew== X-Gm-Message-State: APjAAAU9s6FvdfI8Vn2qHERpbCvc+Eu33rBJi/DoiU1fNdSAk9kkVmvT RB9dsQI8vuuVobdGQa9EjxiYxX9VYIvfP8U54qs= X-Received: by 2002:a5e:8618:: with SMTP id z24mr72484671ioj.174.1560705283278; Sun, 16 Jun 2019 10:14:43 -0700 (PDT) MIME-Version: 1.0 References: <20180429104412.22445-1-christian.brauner@ubuntu.com> <20180429104412.22445-3-christian.brauner@ubuntu.com> <875zp5rbpf.fsf@xmission.com> <20190616165027.prdbshnipwphqtis@gmail.com> In-Reply-To: <20190616165027.prdbshnipwphqtis@gmail.com> From: Dmitry Torokhov Date: Sun, 16 Jun 2019 10:14:32 -0700 Message-ID: Subject: Re: [PATCH net-next 2/2 v5] netns: restrict uevents To: Christian Brauner Cc: "Eric W. Biederman" , "David S. Miller" , netdev , lkml , avagin@virtuozzo.com, ktkhai@virtuozzo.com, "Serge E. Hallyn" , Greg Kroah-Hartman Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Christian, On Sun, Jun 16, 2019 at 9:50 AM Christian Brauner wrote: > > Hey Dmitry, > > Crostini on ChromeOS is making heavy use of this patchset and of LXD. So > reverting this almost 1.5 years after the fact will regress all of > Google's ChromeOS Crostini users, and all LXD/LXC users. > > LXD and Crostini by using LXD (through Concierge/Tremplin etc. [2]) are > using this whole series e.g. when hotplugging usb devices into the > container. > > When a usb hotplug happens, LXD will receive the relevant uevent and > will forward it to the container. Any process listening on a uevent > socket inside the container will now be able to see it. > > Now, to talk briefly about solutions: > From what I gather from talking to the ChromeOS guys and from your > ChromeOS bugtracker and recent patchsets to ARC you are moving your > Android workloads into Crostini? So like Eric said this seems like a new > feature you're implementing. No, I am talking about ARC, not Crostini here. > > If you need to be able to listen to uevents inside of a user namespace > and plan on using Crostini going forward then you can have Crostini > forward battery uevents to the container. The logic for doing this can > be found in the LXD codebase (cf. [3]). It's pretty simple. If you want > to go this route I'm happy to guide you. :) > Note, both options are a version of what Eric suggested in his last > paragraph! > > What astonishes me is that healthd couldn't have possibly received > battery uevents for a long time even if Android already was run in user > namespaces prior to the new feature you're working on and the healthd I > see in master is not even using uevents anymore (cf. [8]) but rather is > using sysfs it seems. :) > Before that healthd was using (cf. [7]) > > uevent_kernel_multicast_recv() > | > -> uevent_kernel_multicast_uid_recv > > the latter containing the check > > if (cred->uid != 0) { > /* ignoring netlink message from non-root user */ > goto out; > } > > Before my patchset here the uevents sent out came with cred->uid == INVALID_UID > and so healthd never received those events until very recently. I see. OK, let me try digging into this to figure out what exactly changed. Thanks. -- Dmitry