From: Pavel Emelianov <xemul@openvz.org>
To: Andrew Morton <akpm@osdl.org>
Cc: Sukadev Bhattiprolu <sukadev@us.ibm.com>,
Serge Hallyn <serue@us.ibm.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Linux Containers <containers@lists.osdl.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Kirill Korotaev <dev@openvz.org>
Subject: [PATCH 8/16] Masquerade the siginfo when sending a pid to a foreign namespace
Date: Fri, 06 Jul 2007 12:07:37 +0400 [thread overview]
Message-ID: <468DF849.9080404@openvz.org> (raw)
In-Reply-To: <468DF6F7.1010906@openvz.org>
When user send signal from (say) init namespace to any task in a sub
namespace the siginfo struct must not carry the sender's pid value, as
this value may refer to some task in the destination namespace and thus
may confuse the application.
The consensus was to pretend in this case as if it is the kernel who
sends the signal.
The pid_ns_accessible() call is introduced to check this pid-to-ns
accessibility.
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
---
include/linux/pid.h | 10 ++++++++++
kernel/signal.c | 34 ++++++++++++++++++++++++++++------
2 files changed, 38 insertions(+), 6 deletions(-)
diff -upr linux-2.6.22-rc4-mm2.orig/include/linux/pid.h linux-2.6.22-rc4-mm2-2/include/linux/pid.h
--- linux-2.6.22-rc4-mm2.orig/include/linux/pid.h 2007-06-14 12:14:29.000000000 +0400
+++ linux-2.6.22-rc4-mm2-2/include/linux/pid.h 2007-07-04 19:00:38.000000000 +0400
@@ -83,6 +89,16 @@ extern void FASTCALL(detach_pid(struct t
return nr;
}
+/*
+ * checks whether the pid actually lives in the namespace ns, i.e. it was
+ * created in this namespace or it was moved there.
+ */
+
+static inline int pid_ns_accessible(struct pid_namespace *ns, struct pid *pid)
+{
+ return pid->numbers[pid->level].ns == ns;
+}
+
#define do_each_pid_task(pid, type, task) \
do { \
struct hlist_node *pos___; \
diff -upr linux-2.6.22-rc4-mm2.orig/kernel/signal.c linux-2.6.22-rc4-mm2-2/kernel/signal.c
--- linux-2.6.22-rc4-mm2.orig/kernel/signal.c 2007-07-04 19:00:38.000000000 +0400
+++ linux-2.6.22-rc4-mm2-2/kernel/signal.c 2007-07-04 19:00:38.000000000 +0400
@@ -1124,13 +1124,31 @@ EXPORT_SYMBOL_GPL(kill_pid_info_as_uid);
* is probably wrong. Should make it like BSD or SYSV.
*/
-static int kill_something_info(int sig, struct siginfo *info, int pid)
+static inline void masquerade_siginfo(struct pid_namespace *src_ns,
+ struct pid *tgt_pid, struct siginfo *info)
+{
+ if (tgt_pid != NULL && !pid_ns_accessible(src_ns, tgt_pid)) {
+ /*
+ * current namespace is not seen from the taks we
+ * want to send the signal to, so pretend as if it
+ * is the kernel who does this to avoid pid messing
+ * by the target
+ */
+
+ info->si_pid = 0;
+ info->si_code = SI_KERNEL;
+ }
+}
+
+static int kill_something_info(int sig, struct siginfo *info, int pid_nr)
{
int ret;
+ struct pid *pid;
+
rcu_read_lock();
- if (!pid) {
+ if (!pid_nr) {
ret = kill_pgrp_info(sig, info, task_pgrp(current));
- } else if (pid == -1) {
+ } else if (pid_nr == -1) {
int retval = 0, count = 0;
struct task_struct * p;
@@ -1145,10 +1163,14 @@ static int kill_something_info(int sig,
}
read_unlock(&tasklist_lock);
ret = count ? retval : -ESRCH;
- } else if (pid < 0) {
- ret = kill_pgrp_info(sig, info, find_pid(-pid));
+ } else if (pid_nr < 0) {
+ pid = find_vpid(-pid_nr);
+ masquerade_siginfo(current->nsproxy->pid_ns, pid, info);
+ ret = kill_pgrp_info(sig, info, pid);
} else {
- ret = kill_pid_info(sig, info, find_pid(pid));
+ pid = find_vpid(pid_nr);
+ masquerade_siginfo(current->nsproxy->pid_ns, pid, info);
+ ret = kill_pid_info(sig, info, pid);
}
rcu_read_unlock();
return ret;
next prev parent reply other threads:[~2007-07-06 8:09 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-06 8:01 [PATCH 0/16] Pid namespaces Pavel Emelianov
2007-07-06 8:03 ` [PATCH 1/16] Round up the API Pavel Emelianov
2007-07-09 20:18 ` Cedric Le Goater
2007-07-10 6:40 ` Pavel Emelianov
2007-07-10 7:34 ` Andrew Morton
2007-07-06 8:03 ` [PATCH 2/16] Miscelaneous preparations for namespaces Pavel Emelianov
2007-07-09 20:22 ` Cedric Le Goater
2007-07-10 6:42 ` Pavel Emelianov
2007-07-06 8:04 ` [PATCH 3/16] Introduce MS_KERNMOUNT flag Pavel Emelianov
2007-07-06 8:05 ` [PATCH 4/16] Change data structures for pid namespaces Pavel Emelianov
2007-07-09 20:25 ` Cedric Le Goater
2007-07-10 4:32 ` sukadev
2007-07-10 7:04 ` Pavel Emelianov
2007-07-10 12:07 ` Cedric Le Goater
2007-07-06 8:05 ` [PATCH 5/16] Make proc be mountable from different " Pavel Emelianov
2007-07-06 8:06 ` [PATCH 6/16] Helpers to obtain pid numbers Pavel Emelianov
2007-07-10 5:18 ` sukadev
2007-07-10 6:49 ` Pavel Emelianov
2007-07-06 8:07 ` [PATCH 7/16] Helpers to find the task by its numerical ids Pavel Emelianov
2007-07-10 4:00 ` sukadev
2007-07-10 6:47 ` Pavel Emelianov
2007-07-06 8:07 ` Pavel Emelianov [this message]
2007-07-10 4:18 ` [PATCH 8/16] Masquerade the siginfo when sending a pid to a foreign namespace sukadev
2007-07-10 6:56 ` Pavel Emelianov
2007-07-06 8:08 ` [PATCH 9/16] Make proc_flust_task to flush entries from multiple proc trees Pavel Emelianov
2007-07-06 8:08 ` [PATCH 10/16] Changes in copy_process() to work with pid namespaces Pavel Emelianov
2007-07-12 0:21 ` sukadev
2007-07-06 8:09 ` [PATCH 11/16] Add support for multiple kmem caches for pids Pavel Emelianov
2007-07-06 8:10 ` [PATCH 12/16] Reference counting of pid naspaces by pids Pavel Emelianov
2007-07-06 8:10 ` [PATCH 13/16] Switch to operating with pid_numbers instead of pids Pavel Emelianov
2007-07-25 0:36 ` sukadev
2007-07-25 10:07 ` Pavel Emelyanov
2007-07-25 19:13 ` sukadev
2007-07-26 6:42 ` Pavel Emelyanov
2007-07-06 8:11 ` [PATCH 14/16] Make pid namespaces clonnable Pavel Emelianov
2007-07-06 8:13 ` [PATCH 15/16] Changes to show virtual ids to user Pavel Emelianov
2007-07-06 8:16 ` [PATCH 16/16] Remove already unneeded memners from struct pid Pavel Emelianov
2007-07-06 16:26 ` [PATCH 0/16] Pid namespaces Dave Hansen
2007-07-09 5:58 ` Pavel Emelianov
2007-07-09 19:58 ` Dave Hansen
2007-07-09 12:02 ` Herbert Poetzl
2007-07-09 13:16 ` Pavel Emelianov
2007-07-09 19:52 ` Herbert Poetzl
2007-07-09 20:12 ` Cedric Le Goater
2007-07-10 6:59 ` Pavel Emelianov
2007-07-09 17:46 ` Badari Pulavarty
2007-07-09 20:06 ` Cedric Le Goater
2007-07-09 23:00 ` Badari Pulavarty
2007-07-10 7:05 ` Pavel Emelianov
2007-07-10 11:30 ` Pavel Emelianov
2007-07-10 12:05 ` Daniel Lezcano
2007-07-10 13:03 ` Pavel Emelianov
2007-07-10 20:34 ` Badari Pulavarty
2007-07-10 13:06 ` Pavel Emelianov
2007-07-10 20:33 ` Badari Pulavarty
2007-07-09 21:42 ` sukadev
2007-07-10 0:29 ` sukadev
2007-07-10 9:41 ` Pavel Emelianov
2007-07-10 13:08 ` Pavel Emelianov
2007-07-10 4:26 ` sukadev
2007-07-10 7:02 ` Pavel Emelianov
2007-07-11 1:16 ` Matt Mackall
2007-07-11 6:39 ` Pavel Emelianov
2007-07-11 15:14 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=468DF849.9080404@openvz.org \
--to=xemul@openvz.org \
--cc=akpm@osdl.org \
--cc=containers@lists.osdl.org \
--cc=dev@openvz.org \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=serue@us.ibm.com \
--cc=sukadev@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox