From: ebiederm@xmission.com (Eric W. Biederman)
To: Nikolay Borisov <nborisov@suse.com>
Cc: Christian Brauner <christian.brauner@ubuntu.com>,
Linux Containers <containers@lists.linux-foundation.org>,
tycho@tycho.ws, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/5] userns: Don't read extents twice in m_start
Date: Wed, 01 Nov 2017 06:08:35 -0500 [thread overview]
Message-ID: <87a806ntn0.fsf@xmission.com> (raw)
In-Reply-To: <143adb61-fb8e-fc1b-396b-b18836e68766@suse.com> (Nikolay Borisov's message of "Wed, 1 Nov 2017 10:31:25 +0200")
Nikolay Borisov <nborisov@suse.com> writes:
> On 1.11.2017 01:48, Eric W. Biederman wrote:
>>
>> This is important so reading /proc/<pid>/{uid_map,gid_map,projid_map} while
>> the map is being written does not do strange things.
>>
>> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
>> ---
>> kernel/user_namespace.c | 6 ++++--
>> 1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
>> index 563a2981d7c7..4f7e357ac1e2 100644
>> --- a/kernel/user_namespace.c
>> +++ b/kernel/user_namespace.c
>> @@ -683,11 +683,13 @@ static void *m_start(struct seq_file *seq, loff_t *ppos,
>> struct uid_gid_map *map)
>> {
>> loff_t pos = *ppos;
>> + unsigned extents = map->nr_extents;
>> + smp_rmb();
>
> Barriers need to be paired to work correctly as well as have explicit
> comments describing the pairing as per kernel coding style. Checkpatch
> will actually produce warning for that particular memory barrier.
So please look at the code and read the comment. The fact the barrier
was not in m_start earlier is strictly speaking a bug.
In practice except for a very narrow window when this data is changing
the one time it can, this code does not matter at all.
As for checkpatch I have sympathy for it, checkpatch has a hard job,
but I won't listen to checkpatch when it is wrong.
If you have additional cleanups you would like to make in this area
please send patches.
Eric
>>
>> - if (pos >= map->nr_extents)
>> + if (pos >= extents)
>> return NULL;
>>
>> - if (map->nr_extents <= UID_GID_MAP_MAX_BASE_EXTENTS)
>> + if (extents <= UID_GID_MAP_MAX_BASE_EXTENTS)
>> return &map->extent[pos];
>>
>> return &map->forward[pos];
>>
next prev parent reply other threads:[~2017-11-01 11:08 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-24 22:04 [PATCH 1/2 v6] user namespace: use union in {g,u}idmap struct Christian Brauner
2017-10-24 22:04 ` [PATCH 2/2 v6] user namespaces: bump idmap limits to 340 Christian Brauner
2017-10-31 23:46 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Eric W. Biederman
2017-10-31 23:47 ` [PATCH 1/5] userns: Don't special case a count of 0 Eric W. Biederman
2017-10-31 23:47 ` [PATCH 2/5] userns: Simplify the user and group mapping functions Eric W. Biederman
2017-10-31 23:48 ` [PATCH 3/5] userns: Don't read extents twice in m_start Eric W. Biederman
2017-11-01 8:31 ` Nikolay Borisov
[not found] ` <143adb61-fb8e-fc1b-396b-b18836e68766-IBi9RG/b67k@public.gmane.org>
2017-11-01 11:08 ` Eric W. Biederman
2017-11-01 11:08 ` Eric W. Biederman [this message]
2017-11-01 13:05 ` Nikolay Borisov
2017-11-01 13:05 ` Peter Zijlstra
[not found] ` <20171101130539.j5bxmhs2trqurrr2-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
2017-11-01 14:01 ` Christian Brauner
2017-11-01 14:01 ` Christian Brauner
[not found] ` <20171101140144.zwe7cq7iv2xudwp4-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-11-01 14:16 ` Peter Zijlstra
2017-11-01 14:16 ` Peter Zijlstra
[not found] ` <20171101141654.fr4rs2m5cygouktb-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
2017-11-01 16:29 ` Christian Brauner
2017-11-01 16:29 ` Christian Brauner
2017-11-01 16:31 ` Christian Brauner
2017-11-01 16:31 ` Christian Brauner
[not found] ` <87a806ntn0.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 13:05 ` Nikolay Borisov
2017-11-01 13:05 ` Peter Zijlstra
2017-11-01 17:00 ` Joe Perches
2017-11-01 17:00 ` Joe Perches
[not found] ` <1509555601.31043.44.camel-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org>
2017-11-01 17:20 ` Eric W. Biederman
2017-11-01 17:20 ` Eric W. Biederman
[not found] ` <87h8udj4p7.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 18:15 ` Peter Zijlstra
2017-11-01 18:15 ` Peter Zijlstra
[not found] ` <87k1zaswu6.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 8:31 ` Nikolay Borisov
2017-10-31 23:48 ` [PATCH 4/5] userns: Make map_id_down a wrapper for map_id_range_down Eric W. Biederman
[not found] ` <871sliubhj.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-10-31 23:47 ` [PATCH 1/5] userns: Don't special case a count of 0 Eric W. Biederman
2017-10-31 23:47 ` [PATCH 2/5] userns: Simplify the user and group mapping functions Eric W. Biederman
2017-10-31 23:48 ` [PATCH 3/5] userns: Don't read extents twice in m_start Eric W. Biederman
2017-10-31 23:48 ` [PATCH 4/5] userns: Make map_id_down a wrapper for map_id_range_down Eric W. Biederman
2017-10-31 23:49 ` [PATCH 5/5] userns: Simplify insert_extent Eric W. Biederman
2017-11-01 10:51 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Christian Brauner
2017-10-31 23:49 ` [PATCH 5/5] userns: Simplify insert_extent Eric W. Biederman
2017-11-01 10:51 ` [PATCH 0/5] userns: bump idmap limits, fixes & tweaks Christian Brauner
[not found] ` <CAPP7u0WDVv0pAAFEuzL2c9Y-wVg0xG36jyH-eok=GV-r6UewZg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-11-01 11:15 ` Eric W. Biederman
2017-11-01 11:15 ` Eric W. Biederman
[not found] ` <87tvyemeqe.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-11-01 13:31 ` Christian Brauner
2017-11-01 13:31 ` Christian Brauner
[not found] ` <20171024220441.10235-2-christian.brauner-GeWIH/nMZzLQT0dZR+AlfA@public.gmane.org>
2017-10-31 23:46 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a806ntn0.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=christian.brauner@ubuntu.com \
--cc=containers@lists.linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nborisov@suse.com \
--cc=tycho@tycho.ws \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.