Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp4282220ybc; Fri, 15 Nov 2019 02:02:07 -0800 (PST) X-Google-Smtp-Source: APXvYqzEpKaUJ8ng54kXFP0nSmVFT9uxbQpBZbfzGNWr899mfcoMtcngLw3O8Ph4mJJhX3cB3W/t X-Received: by 2002:a1c:2d4b:: with SMTP id t72mr14606945wmt.112.1573812127175; Fri, 15 Nov 2019 02:02:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573812127; cv=none; d=google.com; s=arc-20160816; b=pokGBqHPA6/YFItpSidpmDfZ7g58PDBIknJaelvPyOQDLrPXTM+BOgvgPT97xSFCSg 76iwJsLelbFmm0YdqqJFyGOcmd0QSwtHFYVqosSinXa1g328KNk4I9uixKee7t66MOIB 3LgqlSpk5X4fLgeLzhRWOGxXMK8ELREm8QEnicT6VdqKFE6Xmcjy5ny3Q7QgI3Rxx8Z2 u5VhNk6iqrxzY08caayzMqtMQu3iCFes1eBuYtTPKkGWUtmDO5i4XpbVEvZp+Huj3Fp0 vLzBt9oI8YJRShZ1WD6+uxRoFTljFTFXexDLcLrRcmmqM2HkD8i1rKTZc3JbNKWntgFi CTSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=9NeEdMw0AbYmpGJ0RdcBTuMenc+pV3ZgbH97tYEixk8=; b=pAJNWezSLRT9OLhHYoT2J2kxzYWnuP1uNooOXnMcdBjGF7HKLmBNOwc0zn34GMSjLZ qTeRK7Xdj0rMvdXuJqs5K9VGv/hP74SNXHZopIc1Ji3P/+6EL+oXL8/CuEzHxX3CDsGJ GYFY4+DI6KdTu4JoDpM3xiYU1Ek1Ij9wjJjO51Kydh2ZRBU4x4EwBNmmb3omFPIQZfg+ u+9bw3vptwCfZ7I0P3rooWPneF/VPfKti8/XdNGDCj/Vx7BhObKGT/5YotpzoWSixwaG uDK6wlLtbee6sGb2O8HBduzAFdxxpYL4JYuxprL2JQv/UVfDcHM1n60XoBSoo6/3JX5b vU0Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w57si6375197eda.78.2019.11.15.02.01.41; Fri, 15 Nov 2019 02:02:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727427AbfKOJ7M (ORCPT + 99 others); Fri, 15 Nov 2019 04:59:12 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:41416 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727337AbfKOJ7L (ORCPT ); Fri, 15 Nov 2019 04:59:11 -0500 Received: from [213.220.153.21] (helo=wittgenstein) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1iVYNU-0003Ej-4T; Fri, 15 Nov 2019 09:58:56 +0000 Date: Fri, 15 Nov 2019 10:58:55 +0100 From: Christian Brauner To: Oleg Nesterov Cc: Andrei Vagin , Adrian Reber , Eric Biederman , Pavel Emelyanov , Jann Horn , Dmitry Safonov <0x7f454c46@gmail.com>, Rasmus Villemoes , linux-kernel@vger.kernel.org, Mike Rapoport , Radostin Stoyanov Subject: Re: [PATCH v10 1/2] fork: extend clone3() to support setting a PID Message-ID: <20191115095854.4vr6bgfz6ny5zbpd@wittgenstein> References: <20191114142707.1608679-1-areber@redhat.com> <20191114191538.GC171963@gmail.com> <20191115093419.GA25528@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20191115093419.GA25528@redhat.com> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 15, 2019 at 10:34:20AM +0100, Oleg Nesterov wrote: > On 11/14, Andrei Vagin wrote: > > > > On Thu, Nov 14, 2019 at 03:27:06PM +0100, Adrian Reber wrote: > > ... > > > diff --git a/include/uapi/linux/sched.h b/include/uapi/linux/sched.h > > > index 1d500ed03c63..2e649cfa07f4 100644 > > > --- a/include/uapi/linux/sched.h > > > +++ b/include/uapi/linux/sched.h > > ... > > > @@ -174,24 +186,51 @@ struct pid *alloc_pid(struct pid_namespace *ns) > > > pid->level = ns->level; > > > > > > for (i = ns->level; i >= 0; i--) { > > > - int pid_min = 1; > > > + int tid = 0; > > > + > > > + if (set_tid_size) { > > > + tid = set_tid[ns->level - i]; > > > + if (tid < 1 || tid >= pid_max) > > > + return ERR_PTR(-EINVAL); > > > > do we need to release pids what have been allocated on previous levels? > > Heh ;) it is really amazing that nobody noticed this! Thanks Andrei. > > > nr = -EINVAL; > > retval = -EINVAL; > > > goto out_free; How do we feel about moving this into a separate helper like below? Keeps the ugliness out of alloc_pid() itself. Christian diff --git a/kernel/pid.c b/kernel/pid.c index eb32668997c6..d3dfd1bbebaf 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -157,6 +157,31 @@ void free_pid(struct pid *pid) call_rcu(&pid->rcu, delayed_put_pid); } +static int set_tid_next(pid_t *set_tid, size_t *size, int idx) +{ + int tid = 0; + + if (*size) { + tid = set_tid[idx]; + if (tid < 1 || tid >= pid_max) + return -EINVAL; + + /* + * Also fail if a PID != 1 is requested and + * no PID 1 exists. + */ + if (tid != 1 && !tmp->child_reaper) + return -EINVAL; + + if (!ns_capable(tmp->user_ns, CAP_SYS_ADMIN)) + return -EPERM; + + (*size)--; + } + + return tid; +} + struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid, size_t set_tid_size) { @@ -188,20 +213,10 @@ struct pid *alloc_pid(struct pid_namespace *ns, pid_t *set_tid, for (i = ns->level; i >= 0; i--) { int tid = 0; - if (set_tid_size) { - tid = set_tid[ns->level - i]; - if (tid < 1 || tid >= pid_max) - return ERR_PTR(-EINVAL); - /* - * Also fail if a PID != 1 is requested and - * no PID 1 exists. - */ - if (tid != 1 && !tmp->child_reaper) - return ERR_PTR(-EINVAL); - if (!ns_capable(tmp->user_ns, CAP_SYS_ADMIN)) - return ERR_PTR(-EPERM); - set_tid_size--; - } + retval = set_tid_next(set_tid, &set_tid_size, ns->level - i); + if (retval < 0) + goto out_free; + tid = retval; idr_preload(GFP_KERNEL); spin_lock_irq(&pidmap_lock);