From: Pavel Emelyanov <xemul-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
To: sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org
Cc: Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>,
Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Subject: Re: [PATCH 6/7]: Check for user-space mount of /dev/pts
Date: Tue, 25 Mar 2008 10:46:55 +0300 [thread overview]
Message-ID: <47E8ADEF.7000609@openvz.org> (raw)
In-Reply-To: <20080325042614.GF27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org wrote:
> From: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> Subject: [PATCH 6/7]: Check for user-space mount of /dev/pts
>
> When the pts namespace is cloned, the /dev/pts is not useful unless it
> is remounted from the user space.
>
> If user-space clones pts namespace but does not remount /dev/pts, it
> would end up using the /dev/pts mount from parent-pts-ns but allocate
> the pts indices from current pts ns.
>
> This patch (hack ?) prevents creation of PTYs in user space unless
> user-space mounts /dev/pts.
>
> (While this patch can be folded into others, keeping this separate
> for now for easier review (and to highlight the hack :-)
>
> Signed-off-by: Sukadev Bhattiprolu <sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> ---
> fs/devpts/inode.c | 25 +++++++++++++++++++++++--
> include/linux/devpts_fs.h | 20 +++++++++++++++++++-
> 2 files changed, 42 insertions(+), 3 deletions(-)
>
> Index: 2.6.25-rc5-mm1/include/linux/devpts_fs.h
> ===================================================================
[snip]
> ===================================================================
> --- 2.6.25-rc5-mm1.orig/fs/devpts/inode.c 2008-03-24 20:08:33.000000000 -0700
> +++ 2.6.25-rc5-mm1/fs/devpts/inode.c 2008-03-24 20:08:57.000000000 -0700
> @@ -201,8 +201,11 @@ static int devpts_get_sb(struct file_sys
> if (IS_ERR(sb))
> return PTR_ERR(sb);
>
> - if (sb->s_root)
> + if (sb->s_root) {
> + if (!(flags & MS_KERNMOUNT))
> + ns->user_mounted = 1;
What if user space umounts this back? Won't this break?
Thanks,
Pavel
next prev parent reply other threads:[~2008-03-25 7:46 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-25 3:59 [PATCH 0/7][v2] Cloning PTS namespace sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325035904.GB27451-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 4:22 ` [PATCH 1/7] Propagate error code from devpts_pty_new sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:23 ` [PATCH 2/7]: Factor out PTY index allocation sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:24 ` [PATCH 3/7]: Enable multiple mounts of /dev/pts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 4/7] Implement get_pts_ns() and put_pts_ns() sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042507.GD27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:06 ` Serge E. Hallyn
2008-03-25 15:29 ` Serge E. Hallyn
[not found] ` <20080325152903.GF9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 18:44 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:25 ` [PATCH 5/7]: Determine pts_ns from a pty's inode sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042541.GE27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 15:17 ` Serge E. Hallyn
[not found] ` <20080325151705.GE9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 21:14 ` Serge E. Hallyn
[not found] ` <20080325211406.GA5817-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 2:03 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326020328.GA11747-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 2:50 ` Serge E. Hallyn
[not found] ` <20080326025038.GA24538-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-26 14:55 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326145521.GA24292-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:12 ` Serge E. Hallyn
[not found] ` <20080326151205.GA16621-6s5zFf/epYL1ENwx4SLHqw@public.gmane.org>
2008-03-26 15:18 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080326151843.GA31568-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-26 15:43 ` Serge E. Hallyn
2008-03-25 4:26 ` [PATCH 6/7]: Check for user-space mount of /dev/pts sukadev-r/Jw6+rmf7HQT0dZR+AlfA
[not found] ` <20080325042614.GF27864-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2008-03-25 7:46 ` Pavel Emelyanov [this message]
2008-03-25 9:40 ` [Devel] " Alexey Dobriyan
2008-03-25 14:54 ` Serge E. Hallyn
[not found] ` <20080325145448.GC9561-6s5zFf/epYLPQpwDFJZrxKsjOiXwFzmk@public.gmane.org>
2008-03-25 17:25 ` sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 4:27 ` [PATCH 7/7]: Enable cloning PTY namespaces sukadev-r/Jw6+rmf7HQT0dZR+AlfA
2008-03-25 7:51 ` [PATCH 0/7][v2] Cloning PTS namespace Pavel Emelyanov
[not found] ` <47E8AEF3.4060406-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>
2008-03-25 14:42 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47E8ADEF.7000609@openvz.org \
--to=xemul-gefaqzzx7r8dnm+yrofe0a@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=sukadev-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox