LinuxLists.cc - [PATCH] Fix user namespace leak

2021-10-14 18:41:30

Subject: [PATCH] Fix user namespace leak

Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from nfs4idmap struct instead of cred")
Signed-off-by: Alexey Gladkov <[email protected]>
---
fs/nfs/nfs4idmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 8d8aba305ecc..f331866dd418 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -487,7 +487,7 @@ nfs_idmap_new(struct nfs_client *clp)
err_destroy_pipe:
rpc_destroy_pipe_data(idmap->idmap_pipe);
err:
- get_user_ns(idmap->user_ns);
+ put_user_ns(idmap->user_ns);
kfree(idmap);
return error;
}
--
2.33.0

2021-10-16 15:11:08

by Eric W. Biederman

[permalink] [raw]

Subject: Re: [PATCH] Fix user namespace leak

Alexey Gladkov <[email protected]> writes:

> Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from nfs4idmap struct instead of cred")
> Signed-off-by: Alexey Gladkov <[email protected]>

Reviewed-by: "Eric W. Biederman" <[email protected]>

nfs folks do you want to pick this up?

> ---
> fs/nfs/nfs4idmap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
> index 8d8aba305ecc..f331866dd418 100644
> --- a/fs/nfs/nfs4idmap.c
> +++ b/fs/nfs/nfs4idmap.c
> @@ -487,7 +487,7 @@ nfs_idmap_new(struct nfs_client *clp)
> err_destroy_pipe:
> rpc_destroy_pipe_data(idmap->idmap_pipe);
> err:
> - get_user_ns(idmap->user_ns);
> + put_user_ns(idmap->user_ns);
> kfree(idmap);
> return error;
> }

2021-10-18 01:37:53

by Trond Myklebust

[permalink] [raw]

Subject: Re: [PATCH] Fix user namespace leak

On Fri, 2021-10-15 at 09:43 -0500, Eric W. Biederman wrote:
> Alexey Gladkov <[email protected]> writes:
>
> > Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from
> > nfs4idmap struct instead of cred")
> > Signed-off-by: Alexey Gladkov <[email protected]>
>
> Reviewed-by: "Eric W. Biederman" <[email protected]>
>
> nfs folks do you want to pick this up?

It is in my testing branch,

>
> > ---
> > fs/nfs/nfs4idmap.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
> > index 8d8aba305ecc..f331866dd418 100644
> > --- a/fs/nfs/nfs4idmap.c
> > +++ b/fs/nfs/nfs4idmap.c
> > @@ -487,7 +487,7 @@ nfs_idmap_new(struct nfs_client *clp)
> > err_destroy_pipe:
> >         rpc_destroy_pipe_data(idmap->idmap_pipe);
> > err:
> > -       get_user_ns(idmap->user_ns);
> > +       put_user_ns(idmap->user_ns);
> >         kfree(idmap);
> >         return error;
> > }

--
Trond Myklebust
Linux NFS client maintainer, Hammerspace
[email protected]