From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754048AbdEQXsl (ORCPT <rfc822;w@1wt.eu>);
        Wed, 17 May 2017 19:48:41 -0400
Received: from out02.mta.xmission.com ([166.70.13.232]:57931 "EHLO
        out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752156AbdEQXsi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 17 May 2017 19:48:38 -0400
From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Linux Containers <containers@lists.linux-foundation.org>,
        <linux-kernel@vger.kernel.org>, Vovo Yang <vovoy@google.com>,
        Guenter Roeck <linux@roeck-us.net>,
        Kirill Tkhai <ktkhai@virtuozzo.com>, Oleg Nesterov <oleg@redhat.com>
Date: Wed, 17 May 2017 18:42:08 -0500
Message-ID: <87inkz82zz.fsf@xmission.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-XM-SPF: eid=1dB8gG-000569-Fn;;;mid=<87inkz82zz.fsf@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=97.121.81.159;;;frm=ebiederm@xmission.com;;;spf=neutral
X-XM-AID: U2FsdGVkX19EO+VSxWIuNsh4AABhDnZnpoQoKLKwiBU=
X-SA-Exim-Connect-IP: 97.121.81.159
X-SA-Exim-Mail-From: ebiederm@xmission.com
X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
        *  0.0 TVD_RCVD_IP Message was received from an IP address
        *  0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
        *      [score: 0.5000]
        * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC
        *      [sa06 1397; Body=1 Fuz1=1 Fuz2=1]
        *  1.0 XMSubMetaSx_00 1+ Sexy Words
        *  0.0 T_TooManySym_01 4+ unique symbols in subject
        *  1.2 XMSubMetaSxObfu_03 Obfuscated Sexy Noun-People
X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 
X-Spam-Combo: **;Linus Torvalds <torvalds@linux-foundation.org>
X-Spam-Relay-Country: 
X-Spam-Timing: total 272 ms - load_scoreonly_sql: 0.05 (0.0%),
        signal_user_changed: 3.1 (1.1%), b_tie_ro: 2.2 (0.8%), parse: 0.75 (0.3%),
        extract_message_metadata: 3.1 (1.1%), get_uri_detail_list: 1.33 (0.5%),
        tests_pri_-1000: 4.5 (1.6%), tests_pri_-950: 1.58 (0.6%), tests_pri_-900:
        1.16 (0.4%), tests_pri_-400: 19 (7.0%), check_bayes: 18 (6.6%), b_tokenize: 6
        (2.3%), b_tok_get_all: 5 (2.0%), b_comp_prob: 1.82 (0.7%), b_tok_touch_all:
        2.7 (1.0%), b_finish: 0.71 (0.3%), tests_pri_0: 225 (82.7%),
        check_dkim_signature: 0.53 (0.2%), check_dkim_adsp: 3.2 (1.2%),
        tests_pri_500: 5 (1.9%), rewrite_mail: 0.00 (0.0%)
Subject: [GIT PULL] pid namespace fixes for v4.12-rc2
X-Spam-Flag: No
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


Linus,

Please pull the for-linus branch from the git tree:

   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus

   HEAD: 3fd37226216620c1a468afa999739d5016fbc349 pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()


These are two bugs that turn out to have simple fixes that were reported
during the merge window.  Both of these issues have existed for a while
and it just happens that they both were reported at almost the same
time.

Eric W. Biederman (1):
      pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes

Kirill Tkhai (1):
      pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()

 kernel/fork.c          | 8 ++++++--
 kernel/pid_namespace.c | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 06d759ab4c62..aa1076c5e4a9 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1845,11 +1845,13 @@ static __latent_entropy struct task_struct *copy_process(
 	*/
 	recalc_sigpending();
 	if (signal_pending(current)) {
-		spin_unlock(&current->sighand->siglock);
-		write_unlock_irq(&tasklist_lock);
 		retval = -ERESTARTNOINTR;
 		goto bad_fork_cancel_cgroup;
 	}
+	if (unlikely(!(ns_of_pid(pid)->nr_hashed & PIDNS_HASH_ADDING))) {
+		retval = -ENOMEM;
+		goto bad_fork_cancel_cgroup;
+	}
 
 	if (likely(p->pid)) {
 		ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
@@ -1907,6 +1909,8 @@ static __latent_entropy struct task_struct *copy_process(
 	return p;
 
 bad_fork_cancel_cgroup:
+	spin_unlock(&current->sighand->siglock);
+	write_unlock_irq(&tasklist_lock);
 	cgroup_cancel_fork(p);
 bad_fork_free_pid:
 	cgroup_threadgroup_change_end(current);
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index d1f3e9f558b8..74a5a7255b4d 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -277,7 +277,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
 	 * if reparented.
 	 */
 	for (;;) {
-		set_current_state(TASK_UNINTERRUPTIBLE);
+		set_current_state(TASK_INTERRUPTIBLE);
 		if (pid_ns->nr_hashed == init_pids)
 			break;
 		schedule();


Eric