Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp2183089ybz; Thu, 23 Apr 2020 13:07:30 -0700 (PDT) X-Google-Smtp-Source: APiQypIA8c6t1/I7Du16U6OrgklPgAPfUQY6EeGEfi5LthgLdIXumtzYQoIQl6wQRYTMqON85rQA X-Received: by 2002:a50:d596:: with SMTP id v22mr4169422edi.91.1587672450713; Thu, 23 Apr 2020 13:07:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587672450; cv=none; d=google.com; s=arc-20160816; b=phuhi+3WUv+0LIocge7Z+EE+68sTZQYCPKg9jJGVAgu60d96HHBSfpruIKbj+QwFD9 tqzFKbaM8+mTJoxYHi9BTLysEGq+p3syuDavvzkjCspNH8SpAo/PANaqsLfBsq4V4cLh S6rMFoZRWbB1wgm83pC1GAkKEzI4mq9yiFedMusDBNKKrragyR1FECxBFSNNdfthsWAD corpc+IIKeq4qjR1ifJCLqSs5K4Kk+tCMoP9+TdEdCwoa5EWYpVv4VNzsFafueHsrhTv Xh3n+41fNrIv7bGUpwxR1sZws6w59L4+pEnnRbW1FzdxhlBHCrZxa5gR/uCPdJARSNmD 6IQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=Ts3jOzhIOo/R/Y6m7BzLLng+JVm9b6YCDKdIYp/vOv4=; b=SduaGNy/ApmD6U+ZZ74XFI7pF2T2vlb6scxfcTKHspBLM0Cma9ptqzyLK0h4iA0pTH Z3MleJnFNOzsW7O6f+VSCOCyt+BJgV1erqQWBWvimIWUuPVRClrFiK3kM47/k7IuGBWv OlBzmlfatZMp7wecYigzxRXutE/dCIvrI5uiHuCjD7NCgIMFk5XaYFGhM4pZYTkKivli EGQQsddyC5pc26hlZv3sS3G+cskBndj+ul/7Qxk78K79ggCsTMZi7GGULvaiR2vKMA4D R8jSEFMFICimXCZ7QwUWE/7bZTi+fwasCPkKzBHI3eDwhR5HiormMzvbOhgzI9iJ5sJH VrgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ks5si1731231ejb.398.2020.04.23.13.07.06; Thu, 23 Apr 2020 13:07:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727030AbgDWUEU (ORCPT + 99 others); Thu, 23 Apr 2020 16:04:20 -0400 Received: from raptor.unsafe.ru ([5.9.43.93]:48382 "EHLO raptor.unsafe.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726419AbgDWUDq (ORCPT ); Thu, 23 Apr 2020 16:03:46 -0400 Received: from comp-core-i7-2640m-0182e6.redhat.com (ip-89-102-33-211.net.upcbroadband.cz [89.102.33.211]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by raptor.unsafe.ru (Postfix) with ESMTPSA id AD61420A03; Thu, 23 Apr 2020 20:03:40 +0000 (UTC) From: Alexey Gladkov To: LKML Cc: Kernel Hardening , Linux API , Linux FS Devel , Linux Security Module , Akinobu Mita , Alexander Viro , Alexey Dobriyan , Alexey Gladkov , Andrew Morton , Andy Lutomirski , Daniel Micay , Djalal Harouni , "Dmitry V . Levin" , "Eric W . Biederman" , Greg Kroah-Hartman , Ingo Molnar , "J . Bruce Fields" , Jeff Layton , Jonathan Corbet , Kees Cook , Linus Torvalds , Oleg Nesterov , David Howells Subject: [PATCH v13 2/8] Use proc_pid_ns() to get pid_namespace from the proc superblock Date: Thu, 23 Apr 2020 22:03:10 +0200 Message-Id: <20200423200316.164518-3-gladkov.alexey@gmail.com> X-Mailer: git-send-email 2.25.3 In-Reply-To: <20200423200316.164518-1-gladkov.alexey@gmail.com> References: <20200423200316.164518-1-gladkov.alexey@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.1 (raptor.unsafe.ru [5.9.43.93]); Thu, 23 Apr 2020 20:03:41 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org To get pid_namespace from the procfs superblock should be used a special helper. This will avoid errors when s_fs_info will change the type. Signed-off-by: Alexey Gladkov --- fs/locks.c | 4 ++-- security/tomoyo/realpath.c | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/fs/locks.c b/fs/locks.c index b8a31c1c4fff..399c5dbb72c4 100644 --- a/fs/locks.c +++ b/fs/locks.c @@ -2823,7 +2823,7 @@ static void lock_get_status(struct seq_file *f, struct file_lock *fl, { struct inode *inode = NULL; unsigned int fl_pid; - struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info; + struct pid_namespace *proc_pidns = proc_pid_ns(file_inode(f->file)); fl_pid = locks_translate_pid(fl, proc_pidns); /* @@ -2901,7 +2901,7 @@ static int locks_show(struct seq_file *f, void *v) { struct locks_iterator *iter = f->private; struct file_lock *fl, *bfl; - struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info; + struct pid_namespace *proc_pidns = proc_pid_ns(file_inode(f->file)); fl = hlist_entry(v, struct file_lock, fl_link); diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index bf38fc1b59b2..08b096e2f7e3 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c @@ -7,6 +7,7 @@ #include "common.h" #include +#include /** * tomoyo_encode2 - Encode binary string to ascii string. @@ -161,9 +162,10 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer, if (sb->s_magic == PROC_SUPER_MAGIC && *pos == '/') { char *ep; const pid_t pid = (pid_t) simple_strtoul(pos + 1, &ep, 10); + struct pid_namespace *proc_pidns = proc_pid_ns(d_inode(dentry)); if (*ep == '/' && pid && pid == - task_tgid_nr_ns(current, sb->s_fs_info)) { + task_tgid_nr_ns(current, proc_pidns)) { pos = ep - 5; if (pos < buffer) goto out; -- 2.25.3