Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp6901958ybi;
        Thu, 1 Aug 2019 00:03:28 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwXPCpXDwLPrvLKvEVgM0yp8mVYfG63um8hkVNGEh0ytz1092pJOlD2S+uyKN0eocAxhT4l
X-Received: by 2002:a17:902:a60d:: with SMTP id u13mr125401370plq.144.1564643007994;
        Thu, 01 Aug 2019 00:03:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1564643007; cv=none;
        d=google.com; s=arc-20160816;
        b=WjJwOlhAAqpWA5vvMa0iK7v4j7KXgPdhRPKVZFBcyIyrrnqwpoYLTdTBF2UrnadN5v
         fHYRggecEfeXfhiHvwnihwJ0bQZHnZb7emVS9AT4j1Sg0leaSDh0NLwPrG7kg3wy4jSr
         aGub0Hj9CXtc+DM40ASKXRdv+vk19x+g3vGd9eXDr6Qu0umuRphYWRB9O2EDv1Y4gR/W
         BXtqeYXfOxaok7G+ffARpFxfjQanVSHjJshSdgSNr1PUMqpcnsm6hBZdH0srJKhLa5aZ
         /aUISePwYXBMy2XJPBSszDRP25T15TETK8BG6mo4lT5IZQuuJyohaGjG3FinFYmyZXdh
         7lIg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=ozFucRbZD8OBBGZBE4hYWQ4SG/fcjk+RIQ7mU8/LnlI=;
        b=kvcQPumTx9ACnTh0G+HtuQs9hJA8s6aJKth3fu2YZxdPMefzKx73Sadx4Wl0WSIRve
         H4PU5jmYeMOLWJjjCNqSh0PQRVRx+uFL1XHLhukQCWbN6DyNShWswK5SwmYgdW1btyQm
         kNzRQ6LLRCR6zWbd4VEU6MBh951Pu+4lHis7xH3H/h9TWhldv1KT9XnApJZT+1eoJgC9
         dcoM/tUZEuKsa5YYhRfDsxT/mXQ5TSY8SvQvT0CTrXQ+GpzQMKb/hYktdU2wNha9xxZr
         WFrehPYoT+wp1yY893HG3j1kiXU7j4DywJBhOR0GQGG3R1QTTFErlHiu7MZrZt/fN6K0
         oL8A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=10OoK6vV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v27si35204618pgn.14.2019.08.01.00.03.13;
        Thu, 01 Aug 2019 00:03:27 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=10OoK6vV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728065AbfHAFaA (ORCPT <rfc822;ablacktshirt@gmail.com>
        + 99 others); Thu, 1 Aug 2019 01:30:00 -0400
Received: from mail.kernel.org ([198.145.29.99]:44046 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726514AbfHAF37 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 1 Aug 2019 01:29:59 -0400
Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id B195E21773
        for <linux-kernel@vger.kernel.org>; Thu,  1 Aug 2019 05:29:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1564637399;
        bh=FqipvXd82HolAbu3Pa+FA938ekh3l6I5gKhcjjB/BwM=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=10OoK6vV447j7lOnfoghBTaufVjOqdgbCIFwLQaUN2QDnhCNq/Hbc9PYANALBN0q2
         yoEiJcEFLenNizt4CoWmhalqyJwE4bbbaNjgrLi1xipY0J7hffyxhOEvB/CdP/Dpt8
         KnAtTT/dyaVe7HTpDu8tYrbptimUiHl/HPl3cr9Q=
Received: by mail-wm1-f48.google.com with SMTP id w9so2749049wmd.1
        for <linux-kernel@vger.kernel.org>; Wed, 31 Jul 2019 22:29:58 -0700 (PDT)
X-Gm-Message-State: APjAAAVpw25Lg6biHt4D0LEEVeYgneg9KRyF5BL5YEjE7N3EVItbxr2O
        QIMzfj+TLDJR+NIZLM+V7PfAka4CsluGQmgkpVYHMA==
X-Received: by 2002:a1c:9a53:: with SMTP id c80mr52974634wme.173.1564637397150;
 Wed, 31 Jul 2019 22:29:57 -0700 (PDT)
MIME-Version: 1.0
References: <20190729215758.28405-1-dima@arista.com> <20190729215758.28405-2-dima@arista.com>
In-Reply-To: <20190729215758.28405-2-dima@arista.com>
From:   Andy Lutomirski <luto@kernel.org>
Date:   Wed, 31 Jul 2019 22:29:45 -0700
X-Gmail-Original-Message-ID: <CALCETrWHEcaG9gZe6ACt5H1H+P8D0RobrJ_bf4Wf9ts40NMM9w@mail.gmail.com>
Message-ID: <CALCETrWHEcaG9gZe6ACt5H1H+P8D0RobrJ_bf4Wf9ts40NMM9w@mail.gmail.com>
Subject: Re: [PATCHv5 01/37] ns: Introduce Time Namespace
To:     Dmitry Safonov <dima@arista.com>
Cc:     LKML <linux-kernel@vger.kernel.org>,
        Dmitry Safonov <0x7f454c46@gmail.com>,
        Andrei Vagin <avagin@openvz.org>,
        Adrian Reber <adrian@lisas.de>,
        Andy Lutomirski <luto@kernel.org>,
        Arnd Bergmann <arnd@arndb.de>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Cyrill Gorcunov <gorcunov@openvz.org>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Jann Horn <jannh@google.com>, Jeff Dike <jdike@addtoit.com>,
        Oleg Nesterov <oleg@redhat.com>,
        Pavel Emelyanov <xemul@virtuozzo.com>,
        Shuah Khan <shuah@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Vincenzo Frascino <vincenzo.frascino@arm.com>,
        Linux Containers <containers@lists.linux-foundation.org>,
        criu@openvz.org, Linux API <linux-api@vger.kernel.org>,
        X86 ML <x86@kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Jul 29, 2019 at 2:58 PM Dmitry Safonov <dima@arista.com> wrote:
>
> From: Andrei Vagin <avagin@openvz.org>
>
> Time Namespace isolates clock values.

> +static int timens_install(struct nsproxy *nsproxy, struct ns_common *new)
> +{
> +       struct time_namespace *ns = to_time_ns(new);
> +
> +       if (!thread_group_empty(current))
> +               return -EINVAL;

You also need to check for other users of the mm.

> +
> +       if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) ||
> +           !ns_capable(current_user_ns(), CAP_SYS_ADMIN))
> +               return -EPERM;
> +
> +       get_time_ns(ns);
> +       get_time_ns(ns);
> +       put_time_ns(nsproxy->time_ns);
> +       put_time_ns(nsproxy->time_ns_for_children);
> +       nsproxy->time_ns = ns;
> +       nsproxy->time_ns_for_children = ns;
> +       ns->initialized = true;

I really really wish that setns() took an explicit flag for "change
now" or "change for children", since the semantics are different.  Oh
well.