Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3153045pxj; Mon, 31 May 2021 22:04:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJywFGpKh622S4cbrTjmtgliXEW1icvlXvYkx1bEOHwygoOXMgDOwX3BJqGZ+/R7u+EV+7ge X-Received: by 2002:a17:906:b84f:: with SMTP id ga15mr13793080ejb.372.1622523880134; Mon, 31 May 2021 22:04:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622523880; cv=none; d=google.com; s=arc-20160816; b=RwqKQRUOTgBa5Skhp53zyJF85+9cI5O5AivIKEC9WEQBqDgF54M1sHf1arUhDIz9Sj z1e3B2tYqSHsEIZ3IAj4YuTPBlpCf2i1Xul5XpPdLEF4ulIhJqoPiW/bk2RHm2vj2m79 TPxS0UFATRaiqPfDxnEFuvxtHPEAdAWAZCHQUWH2Plsa1v4ueH0/W+AGX97xCjiLtKBF aGHlqPTnolK7p3+ovGcZ89mV2myRQyQ7kxbVK7izYEygWQ58ij6oGiGLZPpyzVufpsrR Ky+r2IkkPlfxcrmWi+TDV7ewLaHd4MWZvQUCw9L2yUIfC1UjaQowkxJFrCS6RnDTpxwv d0HQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=YnIR0RODlKJnnmHoelVCPupbdrpw+4l3TyQadzapw1g=; b=xpK/Uzrsrb88u4DLWO1TKIK+JYmIblLj3cN6DCU89gr8TNVwj5qavDPLaQEItwQRCU DkSeqKLnyiPLFsNOIMu4kdanbxSRpm3dI6nWvqpXZCpB1Pk5lm0b5/CLL+0CuWSj6Vhp yzBhjq9Lp1+OWovvKgp89kFhMKgTAY/7aBxY59PTxvNoOj42jdpNLPhzcYvS+TKgybk4 Gxg5L1qIAGkqM1ye6hGNEldWC6Rp4maJQyp9tyUvn3RH5FKcRj3PZ2h/zU9WdqZIK57C qNwoDUR1gbBXuP24QWO81+YrwqBFBe5efcfCXWS6B2I8QZ6ktcAoFlhU86n+iYrdWjdy HjDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Inbx6eGf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y28si19019ejk.356.2021.05.31.22.04.17; Mon, 31 May 2021 22:04:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Inbx6eGf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232879AbhFAFDK (ORCPT + 99 others); Tue, 1 Jun 2021 01:03:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:50940 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230170AbhFAFDK (ORCPT ); Tue, 1 Jun 2021 01:03:10 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 23A576102A; Tue, 1 Jun 2021 05:01:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1622523689; bh=oQlazZST/xTVF4xaTCspIjwCZZNAdsOrYEBHpFSLUMs=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Inbx6eGf8uuOhQpwvwOY2NdQNf4FEQvyhePt97HJPaBu+P7lDcMo97U3y77wQdtLs U68yCi02NBh5197AT/2PMfcB0HNQb729i9LSwNkhfA+r/HC13kE9z/lMaA1qtbLeZA 4rcorJ3nQn69RNdpiKD0kQX8UgAydFSziuyZnbVOA/AboAZBoaw7WTHGI8VtiIPOxb oQrCUCVKWhQ/8Xt3zpwg8wQM6jw2N9kW6pXnm0FDpfb2Cwue5cRmw0EGSisGbQzVOa 204Y/snDAT2adrZeA8BUDBLl9fl1F3iDOYnf5ziuyjt5aNPL4lVdc1PxJhULJSCByz vGUSMNZnjiGjA== Date: Mon, 31 May 2021 22:01:28 -0700 From: Jakub Kicinski To: Changbin Du Cc: Alexander Viro , "David S. Miller" , netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, stable@vger.kernel.org, Cong Wang , David Laight Subject: Re: [PATCH] nsfs: fix oops when ns->ops is not provided Message-ID: <20210531220128.26c0cb36@kicinski-fedora-PC1C0HJN.hsd1.ca.comcast.net> In-Reply-To: <20210531153410.93150-1-changbin.du@gmail.com> References: <20210531153410.93150-1-changbin.du@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 31 May 2021 23:34:10 +0800 Changbin Du wrote: > We should not create inode for disabled namespace. A disabled namespace > sets its ns->ops to NULL. Kernel could panic if we try to create a inode > for such namespace. > > Here is an example oops in socket ioctl cmd SIOCGSKNS when NET_NS is > disabled. Kernel panicked wherever nsfs trys to access ns->ops since the > proc_ns_operations is not implemented in this case. > > [7.670023] Unable to handle kernel NULL pointer dereference at virtual address 00000010 > [7.670268] pgd = 32b54000 > [7.670544] [00000010] *pgd=00000000 > [7.671861] Internal error: Oops: 5 [#1] SMP ARM > [7.672315] Modules linked in: > [7.672918] CPU: 0 PID: 1 Comm: systemd Not tainted 5.13.0-rc3-00375-g6799d4f2da49 #16 > [7.673309] Hardware name: Generic DT based system > [7.673642] PC is at nsfs_evict+0x24/0x30 > [7.674486] LR is at clear_inode+0x20/0x9c > > So let's reject such request for disabled namespace. > > Signed-off-by: Changbin Du > Cc: > Cc: Cong Wang > Cc: Jakub Kicinski > Cc: David Laight > --- > fs/nsfs.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/fs/nsfs.c b/fs/nsfs.c > index 800c1d0eb0d0..6c055eb7757b 100644 > --- a/fs/nsfs.c > +++ b/fs/nsfs.c > @@ -62,6 +62,10 @@ static int __ns_get_path(struct path *path, struct ns_common *ns) > struct inode *inode; > unsigned long d; > > + /* In case the namespace is not actually enabled. */ > + if (!ns->ops) > + return -EOPNOTSUPP; > + > rcu_read_lock(); > d = atomic_long_read(&ns->stashed); > if (!d) I'm not sure why we'd pick runtime checks for something that can be perfectly easily solved at compilation time. Networking should not be asking for FDs for objects which don't exist.