From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753100AbbCQCpL (ORCPT ); Mon, 16 Mar 2015 22:45:11 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:43972 "EHLO out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752168AbbCQCpI (ORCPT ); Mon, 16 Mar 2015 22:45:08 -0400 X-Sasl-enc: sEd34XX9H8wIbbHPAFT5hQPVpGCUOackk/exC6I7/msK 1426560304 Subject: [RFC PATCH v4 00/12] Second attempt at contained helper execution From: Ian Kent To: Kernel Mailing List Cc: David Howells , Oleg Nesterov , Trond Myklebust , "J. Bruce Fields" , Benjamin Coddington , Al Viro , Jeff Layton , "Eric W. Biederman" Date: Tue, 17 Mar 2015 10:44:49 +0800 Message-ID: <20150317022308.24592.35785.stgit@pluto.fritz.box> User-Agent: StGit/0.17-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Here is another update to the attempt at contained helper execution. The main change is I've tried to incorporate Oleg's suggestions of directly constructing the namespaces rather than using the open/setns approach and the addition of a namespace hash store. I'm not particularly happy with this so far as there are a bunch of ref counted objects and I've almost certainly got that wrong. But also there are object lifetime problems, some I'm aware of and for sure others I'm not. Also there is the integrity of the thread runner process. I haven't performed a double fork on thread execution, it might be painful to implement, so the thread runner might end up with the wrong namespace setup if an error occurs. Anyway, I've decided to stop spinning my wheels with this and post an update in the hope that others can offer suggestions to help and, of course, point out things I've missed. The other change has been to the nfs and KEYS patches. I've introduced the ability to get a token that can be used to save namespace information for later execution and I've attempted to use that for persistent namespace execution, as was discussed previously. I'm not at all sure I've done this in a sensible way but the token does need to be accessible at helper execution time which is why I've done it this way. I definitely need advice here too. --- Ian Kent (12): nsproxy - make create_new_namespaces() non-static kmod - rename call_usermodehelper() flags parameter vfs - move mnt_namespace definition to linux/mount.h kmod - add namespace aware thread runner kmod - teach call_usermodehelper() to use a namespace kmod - add namespace info store kmod - add call_usermodehelper_ns() nfsd - use namespace if not executing in init namespace nfs - cache_lib use namespace if not executing in init namespace nfs - objlayout use namespace if not executing in init namespace KEYS - use correct memory allocation flag in call_usermodehelper_keys() KEYS: exec request-key within the requesting task's init namespace fs/mount.h | 12 - fs/nfs/cache_lib.c | 7 + fs/nfs/objlayout/objlayout.c | 7 + fs/nfsd/netns.h | 3 fs/nfsd/nfs4recover.c | 48 +++- fs/nfsd/nfsctl.c | 6 + include/linux/key.h | 3 include/linux/kmod.h | 56 +++++ include/linux/mount.h | 14 + include/linux/nsproxy.h | 3 include/linux/sunrpc/cache.h | 2 kernel/kmod.c | 465 ++++++++++++++++++++++++++++++++++++++++-- kernel/nsproxy.c | 2 net/sunrpc/cache.c | 5 security/keys/gc.c | 2 security/keys/key.c | 4 security/keys/request_key.c | 39 +++- 17 files changed, 620 insertions(+), 58 deletions(-) -- Ian