1. 27 Jan, 2013 4 commits
    • Eric W. Biederman's avatar
      userns: Allow the userns root to mount of devpts · ec2aa8e8
      Eric W. Biederman authored
      - The context in which devpts is mounted has no effect on the creation
        of ptys as the /dev/ptmx interface has been used by unprivileged
        users for many years.
      
      - Only support unprivileged mounts in combination with the newinstance
        option to ensure that mounting of /dev/pts in a user namespace will
        not allow the options of an existing mount of devpts to be modified.
      
      - Create /dev/pts/ptmx as the root user in the user namespace that
        mounts devpts so that it's permissions to be changed.
      Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      ec2aa8e8
    • Eric W. Biederman's avatar
      userns: Recommend use of memory control groups. · e11f0ae3
      Eric W. Biederman authored
      In the help text describing user namespaces recommend use of memory
      control groups.  In many cases memory control groups are the only
      mechanism there is to limit how much memory a user who can create
      user namespaces can use.
      Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
      e11f0ae3
    • Eric W. Biederman's avatar
      userns: Allow any uid or gid mappings that don't overlap. · 0bd14b4f
      Eric W. Biederman authored
      When I initially wrote the code for /proc/<pid>/uid_map.  I was lazy
      and avoided duplicate mappings by the simple expedient of ensuring the
      first number in a new extent was greater than any number in the
      previous extent.
      
      Unfortunately that precludes a number of valid mappings, and someone
      noticed and complained.  So use a simple check to ensure that ranges
      in the mapping extents don't overlap.
      Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      0bd14b4f
    • Eric W. Biederman's avatar
      userns: Avoid recursion in put_user_ns · c61a2810
      Eric W. Biederman authored
      When freeing a deeply nested user namespace free_user_ns calls
      put_user_ns on it's parent which may in turn call free_user_ns again.
      When -fno-optimize-sibling-calls is passed to gcc one stack frame per
      user namespace is left on the stack, potentially overflowing the
      kernel stack.  CONFIG_FRAME_POINTER forces -fno-optimize-sibling-calls
      so we can't count on gcc to optimize this code.
      
      Remove struct kref and use a plain atomic_t.  Making the code more
      flexible and easier to comprehend.  Make the loop in free_user_ns
      explict to guarantee that the stack does not overflow with
      CONFIG_FRAME_POINTER enabled.
      
      I have tested this fix with a simple program that uses unshare to
      create a deeply nested user namespace structure and then calls exit.
      With 1000 nesteuser namespaces before this change running my test
      program causes the kernel to die a horrible death.  With 10,000,000
      nested user namespaces after this change my test program runs to
      completion and causes no harm.
      Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
      Pointed-out-by: default avatarVasily Kulikov <segoon@openwall.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      c61a2810
  2. 27 Dec, 2012 1 commit
  3. 26 Dec, 2012 3 commits
    • Eric W. Biederman's avatar
      f2fs: Don't assign e_id in f2fs_acl_from_disk · 48c6d121
      Eric W. Biederman authored
      With user namespaces enabled building f2fs fails with:
      
       CC      fs/f2fs/acl.o
      fs/f2fs/acl.c: In function ‘f2fs_acl_from_disk’:
      fs/f2fs/acl.c:85:21: error: ‘struct posix_acl_entry’ has no member named ‘e_id’
      make[2]: *** [fs/f2fs/acl.o] Error 1
      make[2]: Target `__build' not remade because of errors.
      
      e_id is a backwards compatibility field only used for file systems
      that haven't been converted to use kuids and kgids.  When the posix
      acl tag field is neither ACL_USER nor ACL_GROUP assigning e_id is
      unnecessary.  Remove the assignment so f2fs will build with user
      namespaces enabled.
      
      Cc: Namjae Jeon <namjae.jeon@samsung.com>
      Cc: Amit Sahrawat <a.sahrawat@samsung.com>
      Acked-by: default avatarJaegeuk Kim <jaegeuk.kim@samsung.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      48c6d121
    • Eric W. Biederman's avatar
      proc: Allow proc_free_inum to be called from any context · dfb2ea45
      Eric W. Biederman authored
      While testing the pid namespace code I hit this nasty warning.
      
      [  176.262617] ------------[ cut here ]------------
      [  176.263388] WARNING: at /home/eric/projects/linux/linux-userns-devel/kernel/softirq.c:160 local_bh_enable_ip+0x7a/0xa0()
      [  176.265145] Hardware name: Bochs
      [  176.265677] Modules linked in:
      [  176.266341] Pid: 742, comm: bash Not tainted 3.7.0userns+ #18
      [  176.266564] Call Trace:
      [  176.266564]  [<ffffffff810a539f>] warn_slowpath_common+0x7f/0xc0
      [  176.266564]  [<ffffffff810a53fa>] warn_slowpath_null+0x1a/0x20
      [  176.266564]  [<ffffffff810ad9ea>] local_bh_enable_ip+0x7a/0xa0
      [  176.266564]  [<ffffffff819308c9>] _raw_spin_unlock_bh+0x19/0x20
      [  176.266564]  [<ffffffff8123dbda>] proc_free_inum+0x3a/0x50
      [  176.266564]  [<ffffffff8111d0dc>] free_pid_ns+0x1c/0x80
      [  176.266564]  [<ffffffff8111d195>] put_pid_ns+0x35/0x50
      [  176.266564]  [<ffffffff810c608a>] put_pid+0x4a/0x60
      [  176.266564]  [<ffffffff8146b177>] tty_ioctl+0x717/0xc10
      [  176.266564]  [<ffffffff810aa4d5>] ? wait_consider_task+0x855/0xb90
      [  176.266564]  [<ffffffff81086bf9>] ? default_spin_lock_flags+0x9/0x10
      [  176.266564]  [<ffffffff810cab0a>] ? remove_wait_queue+0x5a/0x70
      [  176.266564]  [<ffffffff811e37e8>] do_vfs_ioctl+0x98/0x550
      [  176.266564]  [<ffffffff810b8a0f>] ? recalc_sigpending+0x1f/0x60
      [  176.266564]  [<ffffffff810b9127>] ? __set_task_blocked+0x37/0x80
      [  176.266564]  [<ffffffff810ab95b>] ? sys_wait4+0xab/0xf0
      [  176.266564]  [<ffffffff811e3d31>] sys_ioctl+0x91/0xb0
      [  176.266564]  [<ffffffff810a95f0>] ? task_stopped_code+0x50/0x50
      [  176.266564]  [<ffffffff81939199>] system_call_fastpath+0x16/0x1b
      [  176.266564] ---[ end trace 387af88219ad6143 ]---
      
      It turns out that spin_unlock_bh(proc_inum_lock) is not safe when
      put_pid is called with another spinlock held and irqs disabled.
      
      For now take the easy path and use spin_lock_irqsave(proc_inum_lock)
      in proc_free_inum and spin_loc_irq in proc_alloc_inum(proc_inum_lock).
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      dfb2ea45
    • Eric W. Biederman's avatar
      pidns: Stop pid allocation when init dies · c876ad76
      Eric W. Biederman authored
      Oleg pointed out that in a pid namespace the sequence.
      - pid 1 becomes a zombie
      - setns(thepidns), fork,...
      - reaping pid 1.
      - The injected processes exiting.
      
      Can lead to processes attempting access their child reaper and
      instead following a stale pointer.
      
      That waitpid for init can return before all of the processes in
      the pid namespace have exited is also unfortunate.
      
      Avoid these problems by disabling the allocation of new pids in a pid
      namespace when init dies, instead of when the last process in a pid
      namespace is reaped.
      Pointed-out-by: default avatarOleg Nesterov <oleg@redhat.com>
      Reviewed-by: default avatarOleg Nesterov <oleg@redhat.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      c876ad76
  4. 25 Dec, 2012 1 commit
  5. 22 Dec, 2012 8 commits
    • Linus Torvalds's avatar
      Linux 3.8-rc1 · a49f0d1e
      Linus Torvalds authored
      a49f0d1e
    • Linus Torvalds's avatar
      Merge git://www.linux-watchdog.org/linux-watchdog · 4fe19a13
      Linus Torvalds authored
      Pull watchdog updates from Wim Van Sebroeck:
       "This includes some fixes and code improvements (like
        clk_prepare_enable and clk_disable_unprepare), conversion from the
        omap_wdt and twl4030_wdt drivers to the watchdog framework, addition
        of the SB8x0 chipset support and the DA9055 Watchdog driver and some
        OF support for the davinci_wdt driver."
      
      * git://www.linux-watchdog.org/linux-watchdog: (22 commits)
        watchdog: mei: avoid oops in watchdog unregister code path
        watchdog: Orion: Fix possible null-deference in orion_wdt_probe
        watchdog: sp5100_tco: Add SB8x0 chipset support
        watchdog: davinci_wdt: add OF support
        watchdog: da9052: Fix invalid free of devm_ allocated data
        watchdog: twl4030_wdt: Change TWL4030_MODULE_PM_RECEIVER to TWL_MODULE_PM_RECEIVER
        watchdog: remove depends on CONFIG_EXPERIMENTAL
        watchdog: Convert dev_printk(KERN_<LEVEL> to dev_<level>(
        watchdog: DA9055 Watchdog driver
        watchdog: omap_wdt: eliminate goto
        watchdog: omap_wdt: delete redundant platform_set_drvdata() calls
        watchdog: omap_wdt: convert to devm_ functions
        watchdog: omap_wdt: convert to new watchdog core
        watchdog: WatchDog Timer Driver Core: fix comment
        watchdog: s3c2410_wdt: use clk_prepare_enable and clk_disable_unprepare
        watchdog: imx2_wdt: Select the driver via ARCH_MXC
        watchdog: cpu5wdt.c: add missing del_timer call
        watchdog: hpwdt.c: Increase version string
        watchdog: Convert twl4030_wdt to watchdog core
        davinci_wdt: preparation for switch to common clock framework
        ...
      4fe19a13
    • Linus Torvalds's avatar
      Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6 · 769cb858
      Linus Torvalds authored
      Pull CIFS fixes from Steve French:
       "Misc small cifs fixes"
      
      * 'for-next' of git://git.samba.org/sfrench/cifs-2.6:
        cifs: eliminate cifsERROR variable
        cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use
        cifs: fix double-free of "string" in cifs_parse_mount_options
      769cb858
    • Linus Torvalds's avatar
      Merge tag 'dm-3.8-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm · b49249d1
      Linus Torvalds authored
      Pull dm update from Alasdair G Kergon:
       "Miscellaneous device-mapper fixes, cleanups and performance
        improvements.
      
        Of particular note:
         - Disable broken WRITE SAME support in all targets except linear and
           striped.  Use it when kcopyd is zeroing blocks.
         - Remove several mempools from targets by moving the data into the
           bio's new front_pad area(which dm calls 'per_bio_data').
         - Fix a race in thin provisioning if discards are misused.
         - Prevent userspace from interfering with the ioctl parameters and
           use kmalloc for the data buffer if it's small instead of vmalloc.
         - Throttle some annoying error messages when I/O fails."
      
      * tag 'dm-3.8-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm: (36 commits)
        dm stripe: add WRITE SAME support
        dm: remove map_info
        dm snapshot: do not use map_context
        dm thin: dont use map_context
        dm raid1: dont use map_context
        dm flakey: dont use map_context
        dm raid1: rename read_record to bio_record
        dm: move target request nr to dm_target_io
        dm snapshot: use per_bio_data
        dm verity: use per_bio_data
        dm raid1: use per_bio_data
        dm: introduce per_bio_data
        dm kcopyd: add WRITE SAME support to dm_kcopyd_zero
        dm linear: add WRITE SAME support
        dm: add WRITE SAME support
        dm: prepare to support WRITE SAME
        dm ioctl: use kmalloc if possible
        dm ioctl: remove PF_MEMALLOC
        dm persistent data: improve improve space map block alloc failure message
        dm thin: use DMERR_LIMIT for errors
        ...
      b49249d1
    • J. Bruce Fields's avatar
      Revert "nfsd: warn on odd reply state in nfsd_vfs_read" · 10532b56
      J. Bruce Fields authored
      This reverts commit 79f77bf9.
      
      This is obviously wrong, and I have no idea how I missed seeing the
      warning in testing: I must just not have looked at the right logs.  The
      caller bumps rq_resused/rq_next_page, so it will always be hit on a
      large enough read.
      Reported-by: default avatarDave Jones <davej@redhat.com>
      Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      10532b56
    • Linus Torvalds's avatar
      Merge tag 'rdma-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband · 184e2516
      Linus Torvalds authored
      Pull more infiniband changes from Roland Dreier:
       "Second batch of InfiniBand/RDMA changes for 3.8:
         - cxgb4 changes to fix lookup engine hash collisions
         - mlx4 changes to make flow steering usable
         - fix to IPoIB to avoid pinning dst reference for too long"
      
      * tag 'rdma-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
        RDMA/cxgb4: Fix bug for active and passive LE hash collision path
        RDMA/cxgb4: Fix LE hash collision bug for passive open connection
        RDMA/cxgb4: Fix LE hash collision bug for active open connection
        mlx4_core: Allow choosing flow steering mode
        mlx4_core: Adjustments to Flow Steering activation logic for SR-IOV
        mlx4_core: Fix error flow in the flow steering wrapper
        mlx4_core: Add QPN enforcement for flow steering rules set by VFs
        cxgb4: Add LE hash collision bug fix path in LLD driver
        cxgb4: Add T4 filter support
        IPoIB: Call skb_dst_drop() once skb is enqueued for sending
      184e2516
    • Linus Torvalds's avatar
      Merge tag 'asm-generic' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic · 0264405b
      Linus Torvalds authored
      Pull asm-generic cleanup from Arnd Bergmann:
       "These are a few cleanups for asm-generic:
      
         - a set of patches from Lars-Peter Clausen to generalize asm/mmu.h
           and use it in the architectures that don't need any special
           handling.
         - A patch from Will Deacon to remove the {read,write}s{b,w,l} as
           discussed during the arm64 review
         - A patch from James Hogan that helps with the meta architecture
           series."
      
      * tag 'asm-generic' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:
        xtensa: Use generic asm/mmu.h for nommu
        h8300: Use generic asm/mmu.h
        c6x: Use generic asm/mmu.h
        asm-generic/mmu.h: Add support for FDPIC
        asm-generic/mmu.h: Remove unused vmlist field from mm_context_t
        asm-generic: io: remove {read,write} string functions
        asm-generic/io.h: remove asm/cacheflush.h include
      0264405b
    • Kukjin Kim's avatar
      ARM: dts: fix duplicated build target and alphabetical sort out for exynos · 7e65df38
      Kukjin Kim authored
      Commit db5b0ae0 ("Merge tag 'dt' of git://git.kernel.org/.../arm-soc")
      causes a duplicated build target.  This patch fixes it and sorts out the
      build target alphabetically so that we can recognize something wrong
      easily.
      
      Cc: Olof Johansson <olof@lixom.net>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarKukjin Kim <kgene.kim@samsung.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7e65df38
  6. 21 Dec, 2012 23 commits