From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <linux-kernel@vger.kernel.org> ,
Linux Containers <containers@lists.linux.dev>
Subject: [GIT PULL] ucounts: Count rlimits in each user namespace
Date: Mon, 28 Jun 2021 17:35:22 -0500 [thread overview]
Message-ID: <87fsx1vcr9.fsf@disp2133> (raw)
Linus,
Please pull the for-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus
HEAD: 5e6b8a50a7cec5686ee2c4bda1d49899c79a7eae cred: add missing return error code when set_cred_ucounts() failed
This is the work mainly by Alexey Gladkov to limit rlimits to the
rlimits of the user that created a user namespace, and to allow users to
have stricter limits on the resources created within a user namespace.
There is a more detailed changelog from Alexey in the merge commit
9b624988221b ("ucounts: Count rlimits in each user namespace")
---
Alexey Gladkov (9):
Increase size of ucounts to atomic_long_t
Add a reference to ucounts for each cred
Use atomic_t for ucounts reference counting
Reimplement RLIMIT_NPROC on top of ucounts
Reimplement RLIMIT_MSGQUEUE on top of ucounts
Reimplement RLIMIT_SIGPENDING on top of ucounts
Reimplement RLIMIT_MEMLOCK on top of ucounts
kselftests: Add test to check for rlimit changes in different user namespaces
ucounts: Set ucount_max to the largest positive value the type can hold
Eric W. Biederman (2):
ucounts: Count rlimits in each user namespace
ucounts: Silence warning in dec_rlimit_ucounts
Yang Yingliang (1):
cred: add missing return error code when set_cred_ucounts() failed
fs/exec.c | 6 +-
fs/hugetlbfs/inode.c | 16 +-
fs/proc/array.c | 2 +-
include/linux/cred.h | 4 +
include/linux/hugetlb.h | 4 +-
include/linux/mm.h | 4 +-
include/linux/sched/user.h | 7 -
include/linux/shmem_fs.h | 2 +-
include/linux/signal_types.h | 4 +-
include/linux/user_namespace.h | 31 +++-
ipc/mqueue.c | 40 ++---
ipc/shm.c | 26 ++--
kernel/cred.c | 51 ++++++-
kernel/exit.c | 2 +-
kernel/fork.c | 18 ++-
kernel/signal.c | 25 ++--
kernel/sys.c | 14 +-
kernel/ucount.c | 116 +++++++++++----
kernel/user.c | 3 -
kernel/user_namespace.c | 9 +-
mm/memfd.c | 4 +-
mm/mlock.c | 22 ++-
mm/mmap.c | 4 +-
mm/shmem.c | 10 +-
tools/testing/selftests/Makefile | 1 +
tools/testing/selftests/rlimits/.gitignore | 2 +
tools/testing/selftests/rlimits/Makefile | 6 +
tools/testing/selftests/rlimits/config | 1 +
.../testing/selftests/rlimits/rlimits-per-userns.c | 161 +++++++++++++++++++++
29 files changed, 468 insertions(+), 127 deletions(-)
WARNING: multiple messages have this Message-ID (diff)
From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <linux-kernel@vger.kernel.org>,
Linux Containers <containers@lists.linux.dev>
Subject: [GIT PULL] ucounts: Count rlimits in each user namespace
Date: Mon, 28 Jun 2021 17:35:22 -0500 [thread overview]
Message-ID: <87fsx1vcr9.fsf@disp2133> (raw)
Linus,
Please pull the for-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus
HEAD: 5e6b8a50a7cec5686ee2c4bda1d49899c79a7eae cred: add missing return error code when set_cred_ucounts() failed
This is the work mainly by Alexey Gladkov to limit rlimits to the
rlimits of the user that created a user namespace, and to allow users to
have stricter limits on the resources created within a user namespace.
There is a more detailed changelog from Alexey in the merge commit
9b624988221b ("ucounts: Count rlimits in each user namespace")
---
Alexey Gladkov (9):
Increase size of ucounts to atomic_long_t
Add a reference to ucounts for each cred
Use atomic_t for ucounts reference counting
Reimplement RLIMIT_NPROC on top of ucounts
Reimplement RLIMIT_MSGQUEUE on top of ucounts
Reimplement RLIMIT_SIGPENDING on top of ucounts
Reimplement RLIMIT_MEMLOCK on top of ucounts
kselftests: Add test to check for rlimit changes in different user namespaces
ucounts: Set ucount_max to the largest positive value the type can hold
Eric W. Biederman (2):
ucounts: Count rlimits in each user namespace
ucounts: Silence warning in dec_rlimit_ucounts
Yang Yingliang (1):
cred: add missing return error code when set_cred_ucounts() failed
fs/exec.c | 6 +-
fs/hugetlbfs/inode.c | 16 +-
fs/proc/array.c | 2 +-
include/linux/cred.h | 4 +
include/linux/hugetlb.h | 4 +-
include/linux/mm.h | 4 +-
include/linux/sched/user.h | 7 -
include/linux/shmem_fs.h | 2 +-
include/linux/signal_types.h | 4 +-
include/linux/user_namespace.h | 31 +++-
ipc/mqueue.c | 40 ++---
ipc/shm.c | 26 ++--
kernel/cred.c | 51 ++++++-
kernel/exit.c | 2 +-
kernel/fork.c | 18 ++-
kernel/signal.c | 25 ++--
kernel/sys.c | 14 +-
kernel/ucount.c | 116 +++++++++++----
kernel/user.c | 3 -
kernel/user_namespace.c | 9 +-
mm/memfd.c | 4 +-
mm/mlock.c | 22 ++-
mm/mmap.c | 4 +-
mm/shmem.c | 10 +-
tools/testing/selftests/Makefile | 1 +
tools/testing/selftests/rlimits/.gitignore | 2 +
tools/testing/selftests/rlimits/Makefile | 6 +
tools/testing/selftests/rlimits/config | 1 +
.../testing/selftests/rlimits/rlimits-per-userns.c | 161 +++++++++++++++++++++
29 files changed, 468 insertions(+), 127 deletions(-)
next reply other threads:[~2021-06-28 22:57 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-28 22:35 Eric W. Biederman [this message]
2021-06-28 22:35 ` [GIT PULL] ucounts: Count rlimits in each user namespace Eric W. Biederman
2021-06-29 3:47 ` Linus Torvalds
2021-06-29 15:04 ` Eric W. Biederman
2021-06-29 15:51 ` Eric W. Biederman
2021-06-29 16:34 ` Linus Torvalds
2021-06-29 16:42 ` Eric W. Biederman
2021-06-29 17:09 ` Eric W. Biederman
2021-07-01 16:41 ` Alexey Gladkov
2021-07-01 20:05 ` Eric W. Biederman
2021-06-29 17:17 ` Alexey Gladkov
2021-06-29 18:07 ` Linus Torvalds
2021-06-29 20:20 ` Alexey Gladkov
2021-06-29 20:33 ` Linus Torvalds
2021-06-29 21:22 ` Alexey Gladkov
2021-07-02 17:54 ` [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak Alexey Gladkov
2021-07-02 22:13 ` Linus Torvalds
2021-07-07 16:50 ` Alexey Gladkov
2021-07-07 17:23 ` Linus Torvalds
2021-07-08 10:33 ` [PATCH v2] " Alexey Gladkov
2021-07-08 18:44 ` Linus Torvalds
2021-07-08 11:00 ` [PATCH] ucounts: " Alexey Gladkov
2021-06-29 3:50 ` [GIT PULL] ucounts: Count rlimits in each user namespace pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87fsx1vcr9.fsf@disp2133 \
--to=ebiederm@xmission.com \
--cc=containers@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.