Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1405306pxj; Sat, 29 May 2021 12:25:52 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwzAahzJPhOJeESxFj++KoGwz7SVCpwrygKxP+4xvbRnxzJlOvUC6YMX428eV6dUDFS0tT4 X-Received: by 2002:a6b:5a16:: with SMTP id o22mr11787480iob.63.1622316352609; Sat, 29 May 2021 12:25:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622316352; cv=none; d=google.com; s=arc-20160816; b=IsXZebg9uGLBKiOjwvE1y9ipPkyLoe6Mk/XmjQPktDF7YBxzoNbobXCH0F3CEIvDCV m6rNAeyrF2BBR62sVJFOCbWk1rM1UvQSC1qhL3Cnn+ZVsLxcwNvBFYPMFozXGhLOuPdo rKCiDFXgwdtTcCW5lrgNdM13+saheisClOnEY1sc8EByYusyjpMU5IDHn9m1otpqDJsA 62o+dnliTtPL7xHqLlHDUvFL8uc6Fo5I+9t3mvLwIKm4EYNHSDISMDyLd+3N896o7cLw V8lYC+xUZtjmz14/fqIGyJ4D0y5UL7yZTbNhy8/4yJPS57izN/OwE0LL69LMeJLVV7w8 Zutw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=4JV2W29y26pepLG4gekNYXoV2EP+6kk949X/NrDMyWs=; b=VLmmHyW1yMPY0uFu8K7HleErqu5mk9/JKWS8lbULkK0AQtVGhYCyWESH/YhhYMCgB6 5owGdI9GIeiZn0f1hSqsikzNggmPs8M9QdZBAmSmgJQG0xelPRO3sPmEgLCjcPPLUWvS ZBE7kfr8+DCHlyraJdwPfWCiILZslBbegAGi3js4EqlhxrAdGkwXRxXX5aBpRRnqBn8d vaaMMh0qmVOypwx20RMYC1upzE7UG90hncI0O4TJg4iIUPMUb0R4NEwC1vCRqqI7vOG/ FMxhTCJLav2k1QCbcU+abIAgcTcNay7fn91Jk34wrtPYdYj3okxvSdYmj/WRzXpEoMhq EaiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=JKM1zRuR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y10si7915427iom.14.2021.05.29.12.25.13; Sat, 29 May 2021 12:25:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=JKM1zRuR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229796AbhE2TQq (ORCPT + 99 others); Sat, 29 May 2021 15:16:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229718AbhE2TQq (ORCPT ); Sat, 29 May 2021 15:16:46 -0400 Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 775C4C061574; Sat, 29 May 2021 12:15:08 -0700 (PDT) Received: by mail-pl1-x629.google.com with SMTP id e7so1138061plj.7; Sat, 29 May 2021 12:15:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4JV2W29y26pepLG4gekNYXoV2EP+6kk949X/NrDMyWs=; b=JKM1zRuRupca+dp8XU2VFl9BlSLzntOr8wWJXSKnJ7SEsz6L1y449tyXvkd3DPM8fh U2N0aw1FuVz/4bmhhwI8X8OczdScQVWANE2H2CVUN/XFxIXzvpRIMEarGAgWNLxOlUZc YWup5xUXUqp/Y/DYP8FtmQUf5QJOMCmP3DJ3zwo9VqWDIXSgnJimp9LcPjQsZ8AdeETm 5yaktuR6h4bkQ/srUPVXZXxkkfE/vznIvlrAJ9FNjhimyvF6Lzv2PqRmKVG97tN+ZSYR sCuBoxG9RInyMdHy1zAt7pXr6I+mRHILoeXiSVyqlgavuBItyhiURNJLpt0p8D5sKNdo LGfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4JV2W29y26pepLG4gekNYXoV2EP+6kk949X/NrDMyWs=; b=S3b/118uPfim1djAeLtbC7/OhvCZ3igU82fMHGgoD1yRDt6QJgqqyzdEvxeR7XNEU0 ypdEsrCPd2WiIarv86We3/t6+plC7q2U2xQmAs/9D7CVxbjaoIbDojv5cOMwm1k0LlBq f4QYBH9U5bkQ5H7g0GxznoFi7l8A10rJyW4rmPeShp3pqqEwfCs1QbxqWo3FCQSQqz0V Y3fL3Ipe8HUeiQ/4K/HKDX1ayI+dBqo9Dr2AoPe0MePASNpKPvuuzLylwr5JTjCZBGa1 dJ5mqQyL77BuMYTr5Q3X8nDc6btYzMmo9yDH6QH3n6U5p5/cZPrOeAOvRHdKAdkD9PsK B80w== X-Gm-Message-State: AOAM531puBUZtDN0Vgnn8yg1+KOEoijRi1C/0wxGU3EfZhBjhhXfB+Qx gndZ88w9/i3Af1Xy7JGKq338hEudKC+xPWdA0xA= X-Received: by 2002:a17:90a:1141:: with SMTP id d1mr10987300pje.56.1622315707909; Sat, 29 May 2021 12:15:07 -0700 (PDT) MIME-Version: 1.0 References: <20210529060526.422987-1-changbin.du@gmail.com> In-Reply-To: <20210529060526.422987-1-changbin.du@gmail.com> From: Cong Wang Date: Sat, 29 May 2021 12:14:57 -0700 Message-ID: Subject: Re: [PATCH] net: fix oops in socket ioctl cmd SIOCGSKNS when NET_NS is disabled To: Changbin Du Cc: "David S. Miller" , Jakub Kici nski , Linux Kernel Network Developers , LKML , stable Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 28, 2021 at 11:08 PM Changbin Du wrote: > diff --git a/net/socket.c b/net/socket.c > index 27e3e7d53f8e..644b46112d35 100644 > --- a/net/socket.c > +++ b/net/socket.c > @@ -1149,11 +1149,15 @@ static long sock_ioctl(struct file *file, unsigned cmd, unsigned long arg) > mutex_unlock(&vlan_ioctl_mutex); > break; > case SIOCGSKNS: > +#ifdef CONFIG_NET_NS > err = -EPERM; > if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) > break; > > err = open_related_ns(&net->ns, get_net_ns); > +#else > + err = -ENOTSUPP; > +#endif I wonder if it is easier if we just reject ns->ops==NULL case in open_related_ns(). For 1) we can save an ugly #ifdef here; 2) drivers/net/tun.c has the same bugs. Something like this: diff --git a/fs/nsfs.c b/fs/nsfs.c index 800c1d0eb0d0..d63414604e99 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c @@ -152,6 +152,9 @@ int open_related_ns(struct ns_common *ns, int err; int fd; + if (!ns->ops) + return -EOPNOTSUPP; + fd = get_unused_fd_flags(O_CLOEXEC); if (fd < 0) return fd;