From: sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org
To: serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org,
Pavel Emelianov <xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
Cc: Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>,
Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH 6/7]: Check for user-space mount of /dev/pts
Date: Mon, 24 Mar 2008 21:26:14 -0700 [thread overview]
Message-ID: <20080325042614.GF27864@us.ibm.com> (raw)
In-Reply-To: <20080325035904.GB27451-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
From: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH 6/7]: Check for user-space mount of /dev/pts
When the pts namespace is cloned, the /dev/pts is not useful unless it
is remounted from the user space.
If user-space clones pts namespace but does not remount /dev/pts, it
would end up using the /dev/pts mount from parent-pts-ns but allocate
the pts indices from current pts ns.
This patch (hack ?) prevents creation of PTYs in user space unless
user-space mounts /dev/pts.
(While this patch can be folded into others, keeping this separate
for now for easier review (and to highlight the hack :-)
Signed-off-by: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
---
fs/devpts/inode.c | 25 +++++++++++++++++++++++--
include/linux/devpts_fs.h | 20 +++++++++++++++++++-
2 files changed, 42 insertions(+), 3 deletions(-)
Index: 2.6.25-rc5-mm1/include/linux/devpts_fs.h
===================================================================
--- 2.6.25-rc5-mm1.orig/include/linux/devpts_fs.h 2008-03-24 20:08:33.000000000 -0700
+++ 2.6.25-rc5-mm1/include/linux/devpts_fs.h 2008-03-24 20:08:57.000000000 -0700
@@ -23,6 +23,7 @@ struct pts_namespace {
struct kref kref;
struct idr allocated_ptys;
struct vfsmount *mnt;
+ int user_mounted;
};
extern struct pts_namespace init_pts_ns;
@@ -30,6 +31,8 @@ extern struct pts_namespace init_pts_ns;
#define DEVPTS_SUPER_MAGIC 0x1cd1
static inline struct pts_namespace *pts_ns_from_inode(struct inode *inode)
{
+ struct pts_namespace *ns;
+
/*
* Need this bug-on for now to catch any cases in tty_open()
* or release_dev() I may have missed.
@@ -43,7 +46,22 @@ static inline struct pts_namespace *pts_
* should not need a lock here.
*/
- return (struct pts_namespace *)inode->i_sb->s_fs_info;
+ ns = (struct pts_namespace *)inode->i_sb->s_fs_info;
+
+ /*
+ * If user-space did not mount pts ns after cloning pts namespace,
+ * the child process would end up accessing devpts mount of the
+ * parent but use allocated_ptys from the cloned pts ns.
+ *
+ * This check prevents creating ptys unless user-space mounts
+ * devpts in the new pts namespace.
+ *
+ * Is there a cleaner way to prevent this ?
+ */
+ if (!ns->user_mounted)
+ return NULL;
+
+ return ns;
}
static inline struct pts_namespace *current_pts_ns(void)
Index: 2.6.25-rc5-mm1/fs/devpts/inode.c
===================================================================
--- 2.6.25-rc5-mm1.orig/fs/devpts/inode.c 2008-03-24 20:08:33.000000000 -0700
+++ 2.6.25-rc5-mm1/fs/devpts/inode.c 2008-03-24 20:08:57.000000000 -0700
@@ -201,8 +201,11 @@ static int devpts_get_sb(struct file_sys
if (IS_ERR(sb))
return PTR_ERR(sb);
- if (sb->s_root)
+ if (sb->s_root) {
+ if (!(flags & MS_KERNMOUNT))
+ ns->user_mounted = 1;
return simple_set_mnt(mnt, sb);
+ }
sb->s_flags = flags;
err = devpts_fill_super(sb, data, flags & MS_SILENT ? 1 : 0);
@@ -248,6 +251,10 @@ int devpts_new_index(struct pts_namespac
int index;
int idr_ret;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_new_index() without user_mount\n");
+ return -ENOSYS;
+ }
retry:
if (!idr_pre_get(&pts_ns->allocated_ptys, GFP_KERNEL)) {
return -ENOMEM;
@@ -273,7 +280,7 @@ retry:
void devpts_kill_index(struct pts_namespace *pts_ns, int idx)
{
-
+ BUG_ON(!pts_ns->user_mounted);
down(&allocated_ptys_lock);
idr_remove(&pts_ns->allocated_ptys, idx);
up(&allocated_ptys_lock);
@@ -293,6 +300,11 @@ int devpts_pty_new( struct pts_namespace
BUG_ON(driver->type != TTY_DRIVER_TYPE_PTY);
BUG_ON(driver->subtype != PTY_TYPE_SLAVE);
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_pty_new() without user_mount\n");
+ return -ENOSYS;
+ }
+
mnt = pts_ns->mnt;
root = mnt->mnt_root;
@@ -332,6 +344,11 @@ struct tty_struct *devpts_get_tty(struct
struct dentry *dentry;
struct tty_struct *tty;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_get_tty() without user_mount\n");
+ return ERR_PTR(-ENOSYS);
+ }
+
mnt = pts_ns->mnt;
dentry = get_node(mnt->mnt_root, number);
@@ -353,6 +370,10 @@ void devpts_pty_kill(struct pts_namespac
struct dentry *dentry;
struct dentry *root;
+ if (!pts_ns || !pts_ns->user_mounted) {
+ printk(KERN_ERR "devpts_pty_kill() without user_mount\n");
+ BUG_ON(1);
+ }
root = pts_ns->mnt->mnt_root;
dentry = get_node(root, number);
next prev parent reply other threads:[~2008-03-25 4:26 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-25 3:59 [PATCH 0/7][v2] Cloning PTS namespace sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325035904.GB27451-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 4:22 ` [PATCH 1/7] Propagate error code from devpts_pty_new sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:23 ` [PATCH 2/7]: Factor out PTY index allocation sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:24 ` [PATCH 3/7]: Enable multiple mounts of /dev/pts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 4/7] Implement get_pts_ns() and put_pts_ns() sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042507.GD27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:06 ` Serge E. Hallyn
2008-03-25 15:29 ` Serge E. Hallyn
[not found] ` <20080325152903.GF9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 18:44 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 5/7]: Determine pts_ns from a pty's inode sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042541.GE27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:17 ` Serge E. Hallyn
[not found] ` <20080325151705.GE9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 21:14 ` Serge E. Hallyn
[not found] ` <20080325211406.GA5817-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 2:03 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326020328.GA11747-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 2:50 ` Serge E. Hallyn
[not found] ` <20080326025038.GA24538-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 14:55 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326145521.GA24292-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:12 ` Serge E. Hallyn
[not found] ` <20080326151205.GA16621-6s5zFf/epYL1ENwx4SLHqw@public.gmane.org>
2008-03-26 15:18 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326151843.GA31568-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:43 ` Serge E. Hallyn
2008-03-25 4:26 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA [this message]
[not found] ` <20080325042614.GF27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 7:46 ` [PATCH 6/7]: Check for user-space mount of /dev/pts Pavel Emelyanov
2008-03-25 9:40 ` [Devel] " Alexey Dobriyan
2008-03-25 14:54 ` Serge E. Hallyn
[not found] ` <20080325145448.GC9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 17:25 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:27 ` [PATCH 7/7]: Enable cloning PTY namespaces sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 7:51 ` [PATCH 0/7][v2] Cloning PTS namespace Pavel Emelyanov
[not found] ` <47E8AEF3.4060406-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2008-03-25 14:42 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080325042614.GF27864@us.ibm.com \
--to=sukadev-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox