From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman) Subject: Re: [CFT] Can I get some Tested-By's on this series? Date: Mon, 15 Dec 2014 14:11:59 -0600 Message-ID: <8761dcwu40.fsf@x220.int.ebiederm.org> References: <87ppbtn4mv.fsf@x220.int.ebiederm.org> <87a92xn2io.fsf@x220.int.ebiederm.org> <87r3w8liw4.fsf@x220.int.ebiederm.org> <87iohklfvj.fsf_-_@x220.int.ebiederm.org> <87mw6vh31e.fsf_-_@x220.int.ebiederm.org> <20141210224822.GG20012@ubuntumail> <87lhmcy2et.fsf@x220.int.ebiederm.org> <20141212220840.GF22091@castiana.ipv6.teksavvy.com> <8761dgze56.fsf@x220.int.ebiederm.org> <20141215193838.GB28375@ubuntumail> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: In-Reply-To: <20141215193838.GB28375@ubuntumail> (Serge Hallyn's message of "Mon, 15 Dec 2014 19:38:38 +0000") List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: Serge Hallyn Cc: linux-man , Kees Cook , Richard Weinberger , Linux Containers , Josh Triplett , stable , Andy Lutomirski , Kenton Varda , LSM , Michael Kerrisk-manpages , Linux API , Casey Schaufler , Andrew Morton , "linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" List-Id: containers.vger.kernel.org U2VyZ2UgSGFsbHluIDxzZXJnZS5oYWxseW5AdWJ1bnR1LmNvbT4gd3JpdGVzOgoKPiBRdW90aW5n IEVyaWMgVy4gQmllZGVybWFuIChlYmllZGVybUB4bWlzc2lvbi5jb20pOgo+PiBTdMOpcGhhbmUg R3JhYmVyIDxzdGdyYWJlckB1YnVudHUuY29tPiB3cml0ZXM6Cj4+IAo+PiA+IE9uIEZyaSwgRGVj IDEyLCAyMDE0IGF0IDAzOjM4OjE4UE0gLTA2MDAsIEVyaWMgVy4gQmllZGVybWFuIHdyb3RlOgo+ PiA+PiBTZXJnZSBIYWxseW4gPHNlcmdlLmhhbGx5bkB1YnVudHUuY29tPiB3cml0ZXM6Cj4+ID4+ IAo+PiA+PiA+IFF1b3RpbmcgRXJpYyBXLiBCaWVkZXJtYW4gKGViaWVkZXJtQHhtaXNzaW9uLmNv bSk6Cj4+ID4+ID4+IAo+PiA+PiA+PiBXaWxsIHBlb3BsZSBwbGVhc2UgdGVzdCB0aGVzZSBwYXRj aGVzIHdpdGggdGhlaXIgY29udGFpbmVyIHByb2plY3Q/Cj4+ID4+ID4+IAo+PiA+PiA+PiBUaGVz ZSBjaGFuZ2VzIGJyZWFrIGNvbnRhaW5lciB1c2Vyc3BhY2UgKGhvcGVmdWxseSBpbiBhIG1pbmlt YWwgd2F5KSBpZgo+PiA+PiA+PiBJIGNvdWxkIGhhdmUgdGhhdCBjb25maXJtZWQgYnkgdGVzdGlu ZyBJIHdvdWxkIHJlYWxseSBhcHByZWNpYXRlIGl0LiAgSQo+PiA+PiA+PiByZWFsbHkgZG9uJ3Qg d2FudCB0byBzZW5kIG91dCBhIGJ1ZyBmaXggdGhhdCBhY2NpZGVudGFsbHkgYnJlYWtzCj4+ID4+ ID4+IHVzZXJzcGFjZSBhZ2Fpbi4KPj4gPj4gPj4gCj4+ID4+ID4+IFRoZSBvbmx5IGlzc3VlIHNv cnQgb2YgdW5kZXIgZGlzY3Vzc2lvbiBpcyBpZiB0aGVyZSBpcyBhIGJldHRlciBuYW1lIGZvcgo+ PiA+PiA+PiAvcHJvYy88cGlkPi9zZXRncm91cHMsIGFuZCB0aGUgbmFtZSBvZiB0aGUgZmlsZSB3 aWxsIG5vdCBhZmZlY3QgdGhlCj4+ID4+ID4+IGZ1bmN0aW9uYWxpdHkgb2YgdGhlIHBhdGNoc2V0 Lgo+PiA+PiA+PiAKPj4gPj4gPj4gV2l0aCB0aGUgY29kZSByZXZpZXdlZCBhbmQgd3JpdHRlbiBp biBzaW1wbGUgb2J2aW91c2x5IGNvcnJlY3QsIGVhc2lseQo+PiA+PiA+PiByZXZpZXdhYmxlIHdh eXMgSSBhbSBob3BpbmcvcGxhbm5pbmcgdG8gc2VuZCB0aGlzIHRvIExpbnVzIEFTQVAuCj4+ID4+ ID4+IAo+PiA+PiA+PiBFcmljCj4+ID4+ID4KPj4gPj4gPiBJcyB0aGVyZSBhIGdpdCB0cmVlIHdl IGNhbiBjbG9uZT8KPj4gPj4gCj4+ID4+IEhhdmUgZWl0aGVyIG9mIHlvdSBiZWVuIGFibGUgdG8g Y2hlY2sgdG8gc2VlIGlmIGFueSBvZiBteSBjaGFuZ2VzCj4+ID4+IGFmZmVjdHMgbHhjPwo+PiA+ PiAKPj4gPj4gSSBhbSB0cnlpbmcgdG8gZ2F1Z2UgaG93IGhhcmQgYW5kIGhvdyBmYXN0IEkgc2hv dWxkIHB1c2ggdG8gTGludXMuICBseGMKPj4gPj4gYmVpbmcgdGhlIGxhcmdlc3QgYWRvcHRlciBv ZiB1bnByaXZpbGVnZWQgdXNlciBuYW1lc3BhY2VzIGZvciBnZW5lcmFsCj4+ID4+IHB1cnBvc2Ug Y29udGFpbmVycy4KPj4gPj4gCj4+ID4+IEkgZXhwZWN0IHlvdSBqdXN0IGNhbGwgbmV3dWlkbWFw IGFuZCBuZXdnaWRtYXAgYW5kIGRvbid0IGFjdHVhbGx5IGNhcmUKPj4gPj4gYWJvdXQgbm90IGJl aW5nIGFibGUgdG8gc2V0IGdpZF9tYXAgd2l0aG91dCBwcml2aWxlZ2UuICBCdXQgSSByZWFsbHkK Pj4gPj4gd2FudCB0byBhdm9pZCBwdXNoaW5nIGEgc2VjdXJpdHkgZml4IGFuZCB0aGVuIGJlaW5n IHN1cnByaXNlZCB0aGF0Cj4+ID4+IHRoaW5ncyBsaWtlIGx4YyBicmVhay4KPj4gPj4gCj4+ID4+ IEVyaWMKPj4gPgo+PiA+IEhpIEVyaWMsCj4+ID4KPj4gPiBJJ3ZlIHVuZm9ydHVuYXRlbHkgYmVl biBwcmV0dHkgYnVzeSB0aGlzIHdlZWsgYXMgSSB3YXMgKHdlbGwsIHN0aWxsIGFtKQo+PiA+IHRy YXZlbGxpbmcgdG8gU291dGggQWZyaWNhIGZvciBhIG1lZXRpbmcuIEkgZG9uJ3QgaGF2ZSBhIGZ1 bGwga2VybmVsCj4+ID4gdHJlZSBhcm91bmQgaGVyZSBhbmQgYSBmdWxsIGdpdCBjbG9uZSBpc24n dCByZWFsbHkgZG9hYmxlIG92ZXIgdGhlIGtpbmQKPj4gPiBvZiBJbnRlcm5ldCBJJ3ZlIGdvdCBo ZXJlIDopCj4+ID4KPj4gPiBIb3BlZnVsbHkgU2VyZ2UgY2FuIGdpdmUgaXQgYSBxdWljayB0cnks IG90aGVyd2lzZSBJIHNob3VsZCBiZSBhYmxlIHRvCj4+ID4gZG8gc29tZSB0ZXN0cyBvbiBUdWVz ZGF5IHdoZW4gSSdtIGJhY2sgaG9tZS4KPj4gCj4+IEkgdGhvdWdodCBTZXJnZSB3YXMgZ29pbmcg dG8gYnV0IEkgaGF2ZW4ndCBoZWFyZCB5ZXQgc28gSSBhbSBwcm9kZGluZyA7LSkKPgo+IE9rLCB0 aGFua3MgLSB5ZXMsIHVucHJpdmlsZWdlZCBseGMgaXMgd29ya2luZyBmaW5lIHdpdGggeW91ciBr ZXJuZWxzLgo+IEp1c3QgdG8gYmUgc3VyZSBJIHdhcyB0ZXN0aW5nIHRoZSByaWdodCB0aGluZyBJ IGFsc28gdGVzdGVkIHVzaW5nCj4gbXkgdW5wcml2aWxlZ2VkIG5zZXhlYyB0ZXN0Y2FzZXMsIGFu ZCB0aGV5IGZhaWxlZCBvbiBzZXRncm91cC9zZXRnaWQKPiBhcyBub3cgZXhwZWN0ZWQsIGFuZCBz dWNjZWVkZWQgdGhlcmUgd2l0aG91dCB5b3VyIHBhdGNoZXMuCgpUaGFua3MuCgpTZXJnZSB1bmxl c3MgeW91IG9iamVjdCB3aWxsIGFkZCB5b3VyIFRlc3RlZC1CeSB0byBteSBwdWxsIG1lc3NhZ2Ug dG8gTGludXMuCgpNaW5vciBxdWVzdGlvbiBkbyB5b3UgcnVucHJpdmlsZWdlZCBuc2V4ZWMgdGVz dCBjYXNlcyB0ZXN0IHRvIHNlZSBpZiB0aGUKd3JpdGUgdG8gZ2lkX21hcCBzdWNjZWVkcz8gIEkg d291bGQgaGF2ZSBleHBlY3RlZCB0aGUgZ2lkX21hcCB3cml0ZSB0bwpmYWlsIGJlZm9yZSB0aGUg c2V0Z3JvdXBzIHNldGdpZCBzeXN0ZW0gY2FsbHMgY2FtZSBpbnRvIHBsYXkuCgpFcmljCgpfX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpDb250YWluZXJzIG1h aWxpbmcgbGlzdApDb250YWluZXJzQGxpc3RzLmxpbnV4LWZvdW5kYXRpb24ub3JnCmh0dHBzOi8v bGlzdHMubGludXhmb3VuZGF0aW9uLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2NvbnRhaW5lcnM= From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751004AbaLOUOj (ORCPT ); Mon, 15 Dec 2014 15:14:39 -0500 Received: from out03.mta.xmission.com ([166.70.13.233]:43520 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750778AbaLOUOg convert rfc822-to-8bit (ORCPT ); Mon, 15 Dec 2014 15:14:36 -0500 From: ebiederm@xmission.com (Eric W. Biederman) To: Serge Hallyn Cc: =?utf-8?Q?St=C3=A9phane?= Graber , Richard Weinberger , Andy Lutomirski , linux-man , Kees Cook , Linux API , Linux Containers , Josh Triplett , stable , "linux-kernel\@vger.kernel.org" , Kenton Varda , LSM , Michael Kerrisk-manpages , Casey Schaufler , Andrew Morton References: <87ppbtn4mv.fsf@x220.int.ebiederm.org> <87a92xn2io.fsf@x220.int.ebiederm.org> <87r3w8liw4.fsf@x220.int.ebiederm.org> <87iohklfvj.fsf_-_@x220.int.ebiederm.org> <87mw6vh31e.fsf_-_@x220.int.ebiederm.org> <20141210224822.GG20012@ubuntumail> <87lhmcy2et.fsf@x220.int.ebiederm.org> <20141212220840.GF22091@castiana.ipv6.teksavvy.com> <8761dgze56.fsf@x220.int.ebiederm.org> <20141215193838.GB28375@ubuntumail> Date: Mon, 15 Dec 2014 14:11:59 -0600 In-Reply-To: <20141215193838.GB28375@ubuntumail> (Serge Hallyn's message of "Mon, 15 Dec 2014 19:38:38 +0000") Message-ID: <8761dcwu40.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT X-XM-AID: U2FsdGVkX1+AeeaEgkMjTQQyac+kgmeEEd4i5BzMu04= X-SA-Exim-Connect-IP: 97.121.85.189 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject * 1.0 T_XMDrugObfuBody_08 obfuscated drug references X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ;Serge Hallyn X-Spam-Relay-Country: X-Spam-Timing: total 13291 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 4.3 (0.0%), b_tie_ro: 3.3 (0.0%), parse: 1.36 (0.0%), extract_message_metadata: 16 (0.1%), get_uri_detail_list: 2.1 (0.0%), tests_pri_-1000: 6 (0.0%), tests_pri_-950: 1.40 (0.0%), tests_pri_-900: 1.11 (0.0%), tests_pri_-400: 28 (0.2%), check_bayes: 26 (0.2%), b_tokenize: 8 (0.1%), b_tok_get_all: 10 (0.1%), b_comp_prob: 3.0 (0.0%), b_tok_touch_all: 2.7 (0.0%), b_finish: 0.64 (0.0%), tests_pri_0: 297 (2.2%), tests_pri_500: 12932 (97.3%), poll_dns_idle: 12916 (97.2%), rewrite_mail: 0.00 (0.0%) Subject: Re: [CFT] Can I get some Tested-By's on this series? X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Wed, 24 Sep 2014 11:00:52 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Serge Hallyn writes: > Quoting Eric W. Biederman (ebiederm@xmission.com): >> Stéphane Graber writes: >> >> > On Fri, Dec 12, 2014 at 03:38:18PM -0600, Eric W. Biederman wrote: >> >> Serge Hallyn writes: >> >> >> >> > Quoting Eric W. Biederman (ebiederm@xmission.com): >> >> >> >> >> >> Will people please test these patches with their container project? >> >> >> >> >> >> These changes break container userspace (hopefully in a minimal way) if >> >> >> I could have that confirmed by testing I would really appreciate it. I >> >> >> really don't want to send out a bug fix that accidentally breaks >> >> >> userspace again. >> >> >> >> >> >> The only issue sort of under discussion is if there is a better name for >> >> >> /proc//setgroups, and the name of the file will not affect the >> >> >> functionality of the patchset. >> >> >> >> >> >> With the code reviewed and written in simple obviously correct, easily >> >> >> reviewable ways I am hoping/planning to send this to Linus ASAP. >> >> >> >> >> >> Eric >> >> > >> >> > Is there a git tree we can clone? >> >> >> >> Have either of you been able to check to see if any of my changes >> >> affects lxc? >> >> >> >> I am trying to gauge how hard and how fast I should push to Linus. lxc >> >> being the largest adopter of unprivileged user namespaces for general >> >> purpose containers. >> >> >> >> I expect you just call newuidmap and newgidmap and don't actually care >> >> about not being able to set gid_map without privilege. But I really >> >> want to avoid pushing a security fix and then being surprised that >> >> things like lxc break. >> >> >> >> Eric >> > >> > Hi Eric, >> > >> > I've unfortunately been pretty busy this week as I was (well, still am) >> > travelling to South Africa for a meeting. I don't have a full kernel >> > tree around here and a full git clone isn't really doable over the kind >> > of Internet I've got here :) >> > >> > Hopefully Serge can give it a quick try, otherwise I should be able to >> > do some tests on Tuesday when I'm back home. >> >> I thought Serge was going to but I haven't heard yet so I am prodding ;-) > > Ok, thanks - yes, unprivileged lxc is working fine with your kernels. > Just to be sure I was testing the right thing I also tested using > my unprivileged nsexec testcases, and they failed on setgroup/setgid > as now expected, and succeeded there without your patches. Thanks. Serge unless you object will add your Tested-By to my pull message to Linus. Minor question do you runprivileged nsexec test cases test to see if the write to gid_map succeeds? I would have expected the gid_map write to fail before the setgroups setgid system calls came into play. Eric