From: Serge Hallyn <serge.hallyn@canonical.com>
To: Stanislav Kinsbursky <skinsbursky@parallels.com>
Cc: akpm@linux-foundation.org, catalin.marinas@arm.com,
will.deacon@arm.com, dhowells@redhat.com,
manfred@colorfullife.com, hughd@google.com, jmorris@namei.org,
mtk.manpages@gmail.com, kosaki.motohiro@jp.fujitsu.com,
paulmck@linux.vnet.ibm.com, sds@tycho.nsa.gov, devel@openvz.org,
a.p.zijlstra@chello.nl, cmetcalf@tilera.com,
linux-driver@qlogic.com, ron.mercer@qlogic.com,
viro@zeniv.linux.org.uk, eparis@parisplace.org,
tglx@linutronix.de, jitendra.kalsaria@qlogic.com,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, ebiederm@xmission.com,
casey@schaufler-ca.com
Subject: Re: [PATCH v6 03/10] ipc: segment key change helper introduced
Date: Tue, 23 Oct 2012 11:19:58 -0500 [thread overview]
Message-ID: <20121023161958.GB9755@sergelap> (raw)
In-Reply-To: <20121015155951.28348.65427.stgit@localhost.localdomain>
Quoting Stanislav Kinsbursky (skinsbursky@parallels.com):
> This patch introduces existent segment key changing infrastructure.
> New function ipc_update_key() can be used change segment key, cuid, cgid
> values. It checks for that new key is not used (except IPC_PRIVATE) prior to
> set it on existent.
> To make this possible, added copying of this fields from user-space in
> __get_compat_ipc_perm() and __get_compat_ipc64_perm() functions. Also segment
> search by key and lock were splitted into different functions, because
> ipc_update_key() doesn't need to lock the segment during check that new key is
> not used.
>
> Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
> ---
> ipc/compat.c | 6 ++++++
> ipc/util.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++---
> ipc/util.h | 2 ++
> 3 files changed, 56 insertions(+), 3 deletions(-)
>
> diff --git a/ipc/compat.c b/ipc/compat.c
> index ad9518e..af30d13 100644
> --- a/ipc/compat.c
> +++ b/ipc/compat.c
> @@ -144,6 +144,9 @@ static inline int __get_compat_ipc64_perm(struct ipc64_perm *p64,
> err = __get_user(p64->uid, &up64->uid);
> err |= __get_user(p64->gid, &up64->gid);
> err |= __get_user(p64->mode, &up64->mode);
> + err |= __get_user(p64->cuid, &up64->cuid);
> + err |= __get_user(p64->cgid, &up64->cgid);
> + err |= __get_user(p64->key, &up64->key);
> return err;
> }
>
> @@ -155,6 +158,9 @@ static inline int __get_compat_ipc_perm(struct ipc64_perm *p,
> err = __get_user(p->uid, &up->uid);
> err |= __get_user(p->gid, &up->gid);
> err |= __get_user(p->mode, &up->mode);
> + err |= __get_user(p->cuid, &up->cuid);
> + err |= __get_user(p->cgid, &up->cgid);
> + err |= __get_user(p->key, &up->key);
> return err;
> }
>
> diff --git a/ipc/util.c b/ipc/util.c
> index 503946e..faae296 100644
> --- a/ipc/util.c
> +++ b/ipc/util.c
> @@ -173,7 +173,7 @@ void __init ipc_init_proc_interface(const char *path, const char *header,
> * @key: The key to find
> *
> * Requires ipc_ids.rw_mutex locked.
> - * Returns the LOCKED pointer to the ipc structure if found or NULL
> + * Returns the UNLOCKED pointer to the ipc structure if found or NULL
> * if not.
> * If key is found ipc points to the owning ipc structure
> */
> @@ -195,7 +195,6 @@ static struct kern_ipc_perm *ipc_findkey(struct ipc_ids *ids, key_t key)
> continue;
> }
>
> - ipc_lock_by_ptr(ipc);
> return ipc;
> }
>
> @@ -203,6 +202,27 @@ static struct kern_ipc_perm *ipc_findkey(struct ipc_ids *ids, key_t key)
> }
>
> /**
> + * ipc_findkey_locked - find and lock a key in an ipc identifier set
> + * @ids: Identifier set
> + * @key: The key to find
> + *
> + * Requires ipc_ids.rw_mutex locked.
> + * Returns the LOCKED pointer to the ipc structure if found or NULL
> + * if not.
> + * If key is found ipc points to the owning ipc structure
> + */
> +
> +static struct kern_ipc_perm *ipc_findkey_locked(struct ipc_ids *ids, key_t key)
> +{
> + struct kern_ipc_perm *ipc;
> +
> + ipc = ipc_findkey(ids, key);
> + if (ipc)
> + ipc_lock_by_ptr(ipc);
> + return ipc;
> +}
> +
> +/**
> * ipc_get_maxid - get the last assigned id
> * @ids: IPC identifier set
> *
> @@ -388,7 +408,7 @@ retry:
> * a new entry + read locks are not "upgradable"
> */
> down_write(&ids->rw_mutex);
> - ipcp = ipc_findkey(ids, params->key);
> + ipcp = ipc_findkey_locked(ids, params->key);
> if (ipcp == NULL) {
> /* key not used */
> if (!(flg & IPC_CREAT))
> @@ -755,6 +775,31 @@ int ipcget(struct ipc_namespace *ns, struct ipc_ids *ids,
> }
>
> /**
> + * ipc_update_key - update the key of an IPC.
> + * @in: the permission given as input.
> + * @out: the permission of the ipc to set.
> + *
> + * Common routine called by sys_shmctl(), sys_semctl(). sys_msgctl().
> + */
> +int ipc_update_key(struct ipc_ids *ids, struct ipc64_perm *in,
> + struct kern_ipc_perm *out)
> +{
> +
> + if (in->key && out->key != in->key) {
> + /*
> + * Check for existent segment with the same key.
> + * Note: ipc_ids.rw_mutex is taken for write already.
> + */
> + if (ipc_findkey(ids, in->key))
> + return -EEXIST;
> + }
> + out->cuid = in->cuid;
> + out->cgid = in->cgid;
> + out->key = in->key;
> + return 0;
> +}
> +
> +/**
> * ipc_update_perm - update the permissions of an IPC.
> * @in: the permission given as input.
> * @out: the permission of the ipc to set.
> diff --git a/ipc/util.h b/ipc/util.h
> index 3a9e558..271bded 100644
> --- a/ipc/util.h
> +++ b/ipc/util.h
> @@ -126,6 +126,8 @@ struct kern_ipc_perm *ipc_lock(struct ipc_ids *, int);
>
> void kernel_to_ipc64_perm(struct kern_ipc_perm *in, struct ipc64_perm *out);
> void ipc64_perm_to_ipc_perm(struct ipc64_perm *in, struct ipc_perm *out);
> +int ipc_update_key(struct ipc_ids *ids, struct ipc64_perm *in,
> + struct kern_ipc_perm *out);
> int ipc_update_perm(struct ipc64_perm *in, struct kern_ipc_perm *out);
> struct kern_ipc_perm *ipcctl_pre_down(struct ipc_namespace *ns,
> struct ipc_ids *ids, int id, int cmd,
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2012-10-23 16:19 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-15 15:59 [PATCH v6 00/10] IPC: checkpoint/restore in userspace enhancements Stanislav Kinsbursky
2012-10-15 15:59 ` [PATCH v6 01/10] ipc: remove forced assignment of selected message Stanislav Kinsbursky
2012-10-23 15:54 ` Serge Hallyn
2012-10-15 15:59 ` [PATCH v6 02/10] ipc: "use key as id" functionality for resource get system call introduced Stanislav Kinsbursky
2012-10-15 19:39 ` Eric W. Biederman
2012-10-15 19:47 ` Eric W. Biederman
2012-10-15 15:59 ` [PATCH v6 03/10] ipc: segment key change helper introduced Stanislav Kinsbursky
2012-10-23 16:19 ` Serge Hallyn [this message]
2012-10-15 15:59 ` [PATCH v6 04/10] ipc: add new SHM_SET command for sys_shmctl() call Stanislav Kinsbursky
2012-10-15 19:00 ` Ben Hutchings
2012-10-23 16:27 ` Serge Hallyn
2012-10-15 16:00 ` [PATCH v6 05/10] ipc: add new MSG_SET command for sys_msgctl() call Stanislav Kinsbursky
2012-10-23 16:29 ` Serge Hallyn
2012-10-15 16:00 ` [PATCH v6 06/10] glge driver: rename internal SEM_SET macro to SEM_INIT Stanislav Kinsbursky
2012-10-15 18:28 ` Ben Hutchings
2012-10-23 16:32 ` Serge Hallyn
2012-10-15 16:00 ` [PATCH v6 07/10] ipc: add new SEM_SET command for sys_semctl() call Stanislav Kinsbursky
2012-10-23 16:34 ` Serge Hallyn
2012-10-15 16:00 ` [PATCH v6 08/10] IPC: message queue receive cleanup Stanislav Kinsbursky
2012-10-15 20:03 ` Ben Hutchings
2012-10-15 16:00 ` [PATCH v6 09/10] IPC: message queue copy feature introduced Stanislav Kinsbursky
2012-10-23 16:39 ` Serge Hallyn
2012-10-15 16:00 ` [PATCH v6 10/10] test: IPC message queue copy feture test Stanislav Kinsbursky
2012-10-15 19:23 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121023161958.GB9755@sergelap \
--to=serge.hallyn@canonical.com \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=casey@schaufler-ca.com \
--cc=catalin.marinas@arm.com \
--cc=cmetcalf@tilera.com \
--cc=devel@openvz.org \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=eparis@parisplace.org \
--cc=hughd@google.com \
--cc=jitendra.kalsaria@qlogic.com \
--cc=jmorris@namei.org \
--cc=kosaki.motohiro@jp.fujitsu.com \
--cc=linux-driver@qlogic.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=manfred@colorfullife.com \
--cc=mtk.manpages@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=paulmck@linux.vnet.ibm.com \
--cc=ron.mercer@qlogic.com \
--cc=sds@tycho.nsa.gov \
--cc=skinsbursky@parallels.com \
--cc=tglx@linutronix.de \
--cc=viro@zeniv.linux.org.uk \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).