From: sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org
To: serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org,
Pavel Emelianov <xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
Cc: Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>,
Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH 6/7]: Check for user-space mount of /dev/pts
Date: Mon, 24 Mar 2008 21:26:14 -0700 [thread overview]
Message-ID: <20080325042614.GF27864@us.ibm.com> (raw)
In-Reply-To: <20080325035904.GB27451-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
From: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH 6/7]: Check for user-space mount of /dev/pts
When the pts namespace is cloned, the /dev/pts is not useful unless it
is remounted from the user space.
If user-space clones pts namespace but does not remount /dev/pts, it
would end up using the /dev/pts mount from parent-pts-ns but allocate
the pts indices from current pts ns.
This patch (hack ?) prevents creation of PTYs in user space unless
user-space mounts /dev/pts.
(While this patch can be folded into others, keeping this separate
for now for easier review (and to highlight the hack :-)
Signed-off-by: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
---
fs/devpts/inode.c | 25 +++++++++++++++++++++++--
include/linux/devpts_fs.h | 20 +++++++++++++++++++-
2 files changed, 42 insertions(+), 3 deletions(-)
Index: 2.6.25-rc5-mm1/include/linux/devpts_fs.h
===================================================================
--- 2.6.25-rc5-mm1.orig/include/linux/devpts_fs.h 2008-03-24 20:08:33.000000000 -0700
+++ 2.6.25-rc5-mm1/include/linux/devpts_fs.h 2008-03-24 20:08:57.000000000 -0700
@@ -23,6 +23,7 @@ struct pts_namespace {
struct kref kref;
struct idr allocated_ptys;
struct vfsmount *mnt;
+ int user_mounted;
};
extern struct pts_namespace init_pts_ns;
@@ -30,6 +31,8 @@ extern struct pts_namespace init_pts_ns;
#define DEVPTS_SUPER_MAGIC 0x1cd1
static inline struct pts_namespace *pts_ns_from_inode(struct inode *inode)
{
+ struct pts_namespace *ns;
+
/*
* Need this bug-on for now to catch any cases in tty_open()
* or release_dev() I may have missed.
@@ -43,7 +46,22 @@ static inline struct pts_namespace *pts_
* should not need a lock here.
*/
- return (struct pts_namespace *)inode->i_sb->s_fs_info;
+ ns = (struct pts_namespace *)inode->i_sb->s_fs_info;
+
+ /*
+ * If user-space did not mount pts ns after cloning pts namespace,
+ * the child process would end up accessing devpts mount of the
+ * parent but use allocated_ptys from the cloned pts ns.
+ *
+ * This check prevents creating ptys unless user-space mounts
+ * devpts in the new pts namespace.
+ *
+ * Is there a cleaner way to prevent this ?
+ */
+ if (!ns->user_mounted)
+ return NULL;
+
+ return ns;
}
static inline struct pts_namespace *current_pts_ns(void)
Index: 2.6.25-rc5-mm1/fs/devpts/inode.c
===================================================================
--- 2.6.25-rc5-mm1.orig/fs/devpts/inode.c 2008-03-24 20:08:33.000000000 -0700
+++ 2.6.25-rc5-mm1/fs/devpts/inode.c 2008-03-24 20:08:57.000000000 -0700
@@ -201,8 +201,11 @@ static int devpts_get_sb(struct file_sys
if (IS_ERR(sb))
return PTR_ERR(sb);
- if (sb->s_root)
+ if (sb->s_root) {
+ if (!(flags & MS_KERNMOUNT))
+ ns->user_mounted = 1;
return simple_set_mnt(mnt, sb);
+ }
sb->s_flags = flags;
err = devpts_fill_super(sb, data, flags & MS_SILENT ? 1 : 0);
@@ -248,6 +251,10 @@ int devpts_new_index(struct pts_namespac
int index;
int idr_ret;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_new_index() without user_mount\n");
+ return -ENOSYS;
+ }
retry:
if (!idr_pre_get(&pts_ns->allocated_ptys, GFP_KERNEL)) {
return -ENOMEM;
@@ -273,7 +280,7 @@ retry:
void devpts_kill_index(struct pts_namespace *pts_ns, int idx)
{
-
+ BUG_ON(!pts_ns->user_mounted);
down(&allocated_ptys_lock);
idr_remove(&pts_ns->allocated_ptys, idx);
up(&allocated_ptys_lock);
@@ -293,6 +300,11 @@ int devpts_pty_new( struct pts_namespace
BUG_ON(driver->type != TTY_DRIVER_TYPE_PTY);
BUG_ON(driver->subtype != PTY_TYPE_SLAVE);
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_pty_new() without user_mount\n");
+ return -ENOSYS;
+ }
+
mnt = pts_ns->mnt;
root = mnt->mnt_root;
@@ -332,6 +344,11 @@ struct tty_struct *devpts_get_tty(struct
struct dentry *dentry;
struct tty_struct *tty;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_get_tty() without user_mount\n");
+ return ERR_PTR(-ENOSYS);
+ }
+
mnt = pts_ns->mnt;
dentry = get_node(mnt->mnt_root, number);
@@ -353,6 +370,10 @@ void devpts_pty_kill(struct pts_namespac
struct dentry *dentry;
struct dentry *root;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_pty_kill() without user_mount\n");
+ BUG_ON(1);
+ }
root = pts_ns->mnt->mnt_root;
dentry = get_node(root, number);
next prev parent reply other threads:[~2008-03-25 4:26 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-25 3:59 [PATCH 0/7][v2] Cloning PTS namespace sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325035904.GB27451-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 4:22 ` [PATCH 1/7] Propagate error code from devpts_pty_new sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:23 ` [PATCH 2/7]: Factor out PTY index allocation sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:24 ` [PATCH 3/7]: Enable multiple mounts of /dev/pts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 4/7] Implement get_pts_ns() and put_pts_ns() sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042507.GD27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:06 ` Serge E. Hallyn
2008-03-25 15:29 ` Serge E. Hallyn
[not found] ` <20080325152903.GF9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 18:44 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 5/7]: Determine pts_ns from a pty's inode sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042541.GE27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:17 ` Serge E. Hallyn
[not found] ` <20080325151705.GE9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 21:14 ` Serge E. Hallyn
[not found] ` <20080325211406.GA5817-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 2:03 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326020328.GA11747-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 2:50 ` Serge E. Hallyn
[not found] ` <20080326025038.GA24538-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 14:55 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326145521.GA24292-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:12 ` Serge E. Hallyn
[not found] ` <20080326151205.GA16621-6s5zFf/epYL1ENwx4SLHqw@public.gmane.org>
2008-03-26 15:18 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326151843.GA31568-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:43 ` Serge E. Hallyn
2008-03-25 4:26 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA [this message]
[not found] ` <20080325042614.GF27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 7:46 ` [PATCH 6/7]: Check for user-space mount of /dev/pts Pavel Emelyanov
2008-03-25 9:40 ` [Devel] " Alexey Dobriyan
2008-03-25 14:54 ` Serge E. Hallyn
[not found] ` <20080325145448.GC9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 17:25 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:27 ` [PATCH 7/7]: Enable cloning PTY namespaces sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 7:51 ` [PATCH 0/7][v2] Cloning PTS namespace Pavel Emelyanov
[not found] ` <47E8AEF3.4060406-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2008-03-25 14:42 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080325042614.GF27864@us.ibm.com \
--to=sukadev-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.