Signed-off-by: Christian Brauner
---
ChangeLog v4->v5:
* patch added
ChangeLog v3->v4:
* patch not present
ChangeLog v2->v3:
* patch not present
ChangeLog v1->v2:
* patch not present
ChangeLog v0->v1:
* patch not present
---
fs/devpts/inode.c | 18 ++
1 f
On Tue, Mar 13, 2018 at 11:41:00AM -0500, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > Hey everyone,
> >
> > This is the fith iteration of this patch. Per-patch changes are
> > summarized in the individual patches:
>
> Acked-by: "Eric W. B
ices located outside the devpts mount without a
common ancestor directory:
mount -t devpts devpts /dev/pts
mount --bind /dev/pts/ptmx /ptmx
master = open("/ptmx", ...);
slave = ioctl(master, TIOCGPTPEER, ...);
in which case save path generation cannot be guaranteed.
Signed-off-by
Signed-off-by: Christian Brauner
---
ChangeLog v4->v5:
* patch added
ChangeLog v3->v4:
* patch not present
ChangeLog v2->v3:
* patch not present
ChangeLog v1->v2:
* patch not present
ChangeLog v0->v1:
* patch not present
---
fs/devpts/inode.c | 18 ++
1 f
This adds tests to check:
- bind-mounts from /dev/pts/ptmx to /dev/ptmx work
- non-standard mounts of devpts work
- bind-mounts of /dev/pts/ptmx to locations that do not resolve to a valid
slave pty path under the originating devpts mount fail
Signed-off-by: Christian Brauner
---
ChangeLog v4
correct handling of /dev/pts/ptmx
bind-mounts to /dev/ptmx and non-standard devpts mounts such as
mount -t devpts devpts /mnt
ChangeLog v1->v2:
* see individual patches
ChangeLog v0->v1:
* see individual patches
Christian Brauner (4):
devpts: hoist out check for DEVPTS_SUPER_MAGIC
Hoist the check whether we have already found a suitable devpts filesystem
out of devpts_ptmx_path() in preparation for the devpts bind-mount
resolution patch. This is a non-functional change.
Signed-off-by: Christian Brauner
---
ChangeLog v4->v5:
* dput() dentry
ChangeLog v3->v4:
*
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
Christian Brauner (7):
rtnetlink: add RTM_GETADDR2
ipv4: add RTM_GETADDR2
ipv6: add RTM_GET
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
net/core/rtnetlink.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/core/rtnetlink.c
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
net/phonet/pn_netlink.c | 25 +++--
1 file changed, 23 insertions(+), 2 dele
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
include/uapi/linux/rtnetlink.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/include
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
security/selinux/nlmsgtab.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
net/decnet/dn_dev.c | 25 +++--
1 file changed, 23 insertions(+), 2 dele
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
net/ipv6/addrconf.c | 30 --
1 file changed, 24 insertions(
59
[2]: https://lists.openwall.net/netdev/2018/09/25/75
[3]: https://lists.openwall.net/netdev/2018/09/26/166
Signed-off-by: Christian Brauner
Cc: David Ahern
Cc: Jiri Benc
Cc: Stephen Hemminger
---
net/ipv4/devinet.c | 24 +---
1 file changed, 21 insertions(+), 3 dele
On September 27, 2018 10:24:36 PM GMT+02:00, David Ahern
wrote:
>On 9/27/18 11:58 AM, Christian Brauner wrote:
>> Various userspace programs (e.g. iproute2) have sent RTM_GETADDR
>> requests with struct ifinfomsg. This is wrong and should have been
>> struct ifaddrmsg all
On Sat, Sep 29, 2018 at 08:34:50PM +1000, Aleksa Sarai wrote:
> The need for some sort of control over VFS's path resolution (to avoid
> malicious paths resulting in inadvertent breakouts) has been a very
> long-standing desire of many userspace applications. This patchset is a
> revival of Al Viro
ese
> are only enabled for the stat(2) family and the openat(2) family (the
> latter has its own brand of O_* flags with the same semantics). Ideally
> these flags would be supported by all *at(2) syscalls, but this will
> require adding flags arguments to many of them (and will be d
On Tue, Nov 27, 2018 at 09:23:49AM +0100, Pablo Neira Ayuso wrote:
> On Tue, Nov 27, 2018 at 03:20:45AM +0100, Christian Brauner wrote:
> > On Tue, Nov 27, 2018 at 01:20:47AM +0100, Pablo Neira Ayuso wrote:
> > > Hi,
> > >
> > > On Wed, Nov 07, 2018 at 02:48
On Mon, Nov 19, 2018 at 07:32:33AM -0800, Andy Lutomirski wrote:
> On Mon, Nov 19, 2018 at 2:33 AM Christian Brauner
> wrote:
> >
> > With this patch an open() call on /proc/ will give userspace a handle
> > to struct pid of the process associated with /proc/. This
On Mon, Nov 19, 2018 at 06:10:53PM +0100, Eugene Syromiatnikov wrote:
> On Mon, Nov 19, 2018 at 11:32:39AM +0100, Christian Brauner wrote:
> > diff --git a/arch/x86/entry/syscalls/syscall_32.tbl
> > b/arch/x86/entry/syscalls/syscall_32.tbl
> > index 3cf7b533b3d1..e637eab8
On Mon, Nov 19, 2018 at 07:59:24AM -0800, Daniel Colascione wrote:
> On Mon, Nov 19, 2018 at 2:32 AM, Christian Brauner
> wrote:
> > The kill() syscall operates on process identifiers. After a process has
> > exited its pid can be reused by another process. If a caller sends
On Mon, Nov 19, 2018 at 07:45:04AM -0800, Andy Lutomirski wrote:
> On Mon, Nov 19, 2018 at 2:33 AM Christian Brauner
> wrote:
> >
> > The kill() syscall operates on process identifiers. After a process has
> > exited its pid can be reused by another process. If a caller
On Mon, Nov 19, 2018 at 01:02:06PM -0600, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > On Mon, Nov 19, 2018 at 07:59:24AM -0800, Daniel Colascione wrote:
> >> You never addressed my comment on the previous patch about your use of
> >
> > Sorry, tha
On Tue, Nov 20, 2018 at 07:28:57AM +1100, Aleksa Sarai wrote:
> On 2018-11-19, Christian Brauner wrote:
> > + if (info) {
> > + ret = __copy_siginfo_from_user(sig, &kinfo, info);
> > + if (unlikely(ret))
> &g
On Mon, Nov 19, 2018 at 09:55:18PM +0100, Christian Brauner wrote:
> On Tue, Nov 20, 2018 at 07:28:57AM +1100, Aleksa Sarai wrote:
> > On 2018-11-19, Christian Brauner wrote:
> > > + if (info) {
> > > + ret = __copy_siginfo_from_user(sig, &kinfo, info);
&
On Tue, Nov 20, 2018 at 08:18:10AM +1100, Aleksa Sarai wrote:
> On 2018-11-19, Christian Brauner wrote:
> > On Tue, Nov 20, 2018 at 07:28:57AM +1100, Aleksa Sarai wrote:
> > > On 2018-11-19, Christian Brauner wrote:
> > > > + if (info)
On Tue, Nov 20, 2018 at 08:18:10AM +1100, Aleksa Sarai wrote:
> On 2018-11-19, Christian Brauner wrote:
> > On Tue, Nov 20, 2018 at 07:28:57AM +1100, Aleksa Sarai wrote:
> > > On 2018-11-19, Christian Brauner wrote:
> > > > + if (info)
On Mon, Nov 19, 2018 at 01:26:22PM -0800, Daniel Colascione wrote:
> On Mon, Nov 19, 2018 at 1:21 PM, Christian Brauner
> wrote:
> > That can be done without a loop by comparing the level counter for the
> > two pid namespaces.
> >
> >>
> >> And you can
is applied to the wrong git tree, please drop us a note to
> help improve the system]
>
> url:
> https://github.com/0day-ci/linux/commits/Christian-Brauner/proc-allow-signaling-processes-via-file-descriptors/20181120-063836
> config: riscv-tinyconfig (attached as .config)
&g
o provide backwards
> compatibility for non-container use-cases.
>
> The etherpad notes are at [2] (look at "Dynamically Allocated Binder
> Devices" section)
>
> Christian Brauner will be sending out more details.
Ok, sorry for the delay I got caught up in other work
On Mon, Nov 19, 2018 at 04:27:49PM -0800, Andy Lutomirski wrote:
> On Mon, Nov 19, 2018 at 3:07 PM Tycho Andersen wrote:
> > > These tools also care about ioctls. Adding a system call is a pain,
> > > but the solution is to make adding system calls less of a pain, not to
> > > permanently make the
On Mon, Nov 19, 2018 at 10:59:12PM -0600, Eric W. Biederman wrote:
> Daniel Colascione writes:
>
> > On Mon, Nov 19, 2018 at 1:37 PM Christian Brauner
> > wrote:
> >>
> >> On Mon, Nov 19, 2018 at 01:26:22PM -0800, Daniel Colascione wrote:
> >>
Signed-off-by: Christian Brauner
---
man2/procfd_signal.2 | 208 +++
1 file changed, 208 insertions(+)
create mode 100644 man2/procfd_signal.2
diff --git a/man2/procfd_signal.2 b/man2/procfd_signal.2
new file mode 100644
index 0..889bb426f
close(fd);
exit(EXIT_FAILURE);
}
close(fd);
exit(EXIT_SUCCESS);
}
[1]: https://lkml.org/lkml/2018/11/18/130
Cc: "Eric W. Biederman"
Cc: Serge Hallyn
Cc: Jann Horn
Cc: Kees Cook
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg N
On November 29, 2018 9:59:52 AM GMT+13:00, Florian Weimer
wrote:
>* Christian Brauner:
>
>> +.\" Copyright (C) 2018 Christian Brauner
>
>The text seems to be largely derived from rt_sigqueueinfo, so I'm not
>sure if this appropriate here.
>
>> +the n
On Wed, Nov 28, 2018 at 11:45:34AM -1000, Joey Pabalinas wrote:
> On Mon, Nov 19, 2018 at 11:32:39AM +0100, Christian Brauner wrote:
> > + if (info) {
> > + ret = __copy_siginfo_from_user(sig, &kinfo, info);
> > + if (unlikely(ret))
> > +
On November 30, 2018 5:54:18 AM GMT+13:00, Andy Lutomirski
wrote:
>
>
>> On Nov 29, 2018, at 4:28 AM, Florian Weimer
>wrote:
>>
>> Disclaimer: I'm looking at this patch because Christian requested it.
>> I'm not a kernel developer.
>>
>
On Thu, Nov 29, 2018 at 11:22:58AM -0800, Andy Lutomirski wrote:
> On Thu, Nov 29, 2018 at 11:17 AM Christian Brauner
> wrote:
> >
> > On November 30, 2018 5:54:18 AM GMT+13:00, Andy Lutomirski
> > wrote:
> > >
> > >
> > >> O
On Thu, Nov 29, 2018 at 10:02:13PM +0100, Arnd Bergmann wrote:
> On Thu, Nov 29, 2018 at 9:14 PM Andy Lutomirski wrote:
> > > On Nov 29, 2018, at 11:55 AM, Christian Brauner
> > > wrote:
> > >> On Thu, Nov 29, 2018 at 11:22:58AM -0800, Andy Lutomirski wrote:
&
On Thu, Nov 29, 2018 at 11:13:57PM -0600, Eric W. Biederman wrote:
> Arnd Bergmann writes:
>
> > On Thu, Nov 29, 2018 at 9:14 PM Andy Lutomirski wrote:
> >> > On Nov 29, 2018, at 11:55 AM, Christian Brauner
> >> > wrote:
> >> >> On Thu, Nov
ic W. Biederman"
Cc: Serge Hallyn
Cc: Jann Horn
Cc: Kees Cook
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg Nesterov
Cc: Aleksa Sarai
Cc: Al Viro
Signed-off-by: Christian Brauner
---
fs/proc/base.c | 33 +
include/uapi/linux/procfd.h | 11
full airing,
> > as not everyone can attend these conferences.
> >
> > On Sun, Nov 18, 2018 at 3:17 AM, Christian Brauner
> > wrote:
> > > With this patch an open() call on /proc/ will give userspace a handle
> > > to struct pid of the process associate
On Sun, Nov 18, 2018 at 10:07:31AM -0800, Daniel Colascione wrote:
> On Sun, Nov 18, 2018 at 9:41 AM, Christian Brauner
> wrote:
> > On Sun, Nov 18, 2018 at 07:38:09AM -0800, Andy Lutomirski wrote:
> >> On Sun, Nov 18, 2018 at 5:59 AM Daniel Colascione
> >> wrote
On Sun, Nov 18, 2018 at 11:44:19AM -0800, Daniel Colascione wrote:
> On Sun, Nov 18, 2018 at 11:05 AM, Aleksa Sarai wrote:
> > On 2018-11-18, Daniel Colascione wrote:
> >> > Here's my point: if we're really going to make a new API to manipulate
> >> > processes by their fd, I think we should have
On Sun, Nov 18, 2018 at 01:28:41PM -0700, Andy Lutomirski wrote:
>
>
> > On Nov 18, 2018, at 12:44 PM, Daniel Colascione wrote:
> >
>
> >
> > That is, I'm proposing an API that looks like this:
> >
> > int process_kill(int procfs_dfd, int signo, const union sigval value)
> >
> > If, later,
On Sun, Nov 18, 2018 at 12:54:10PM -0800, Daniel Colascione wrote:
> On Sun, Nov 18, 2018 at 12:43 PM, Christian Brauner
> wrote:
> > On Sun, Nov 18, 2018 at 01:28:41PM -0700, Andy Lutomirski wrote:
> >>
> >>
> >> > On Nov 18, 2018, at
On Sun, Nov 18, 2018 at 10:23:36PM +0100, Christian Brauner wrote:
> On Sun, Nov 18, 2018 at 12:54:10PM -0800, Daniel Colascione wrote:
> > On Sun, Nov 18, 2018 at 12:43 PM, Christian Brauner
> > wrote:
> > > On Sun, Nov 18, 2018 at 01:28:41PM -070
On Sun, Nov 18, 2018 at 04:31:22PM -0800, Daniel Colascione wrote:
> On Sun, Nov 18, 2018 at 1:30 PM, Christian Brauner
> wrote:
> > On Sun, Nov 18, 2018 at 10:23:36PM +0100, Christian Brauner wrote:
> >> On Sun, Nov 18, 2018 at 12:54:10PM -0800, Daniel Colascione wrote:
Signed-off-by: Christian Brauner
---
Changelog:
v1:
- patch introduced
---
man2/procfd_signal.2 | 147 +++
1 file changed, 147 insertions(+)
create mode 100644 man2/procfd_signal.2
diff --git a/man2/procfd_signal.2 b/man2/procfd_signal.2
new file mode
exit(EXIT_FAILURE);
}
close(fd);
exit(EXIT_SUCCESS);
}
Thanks!
Christian
Christian Brauner (2):
proc: get process file descriptor from /proc/
signal: add procfd_signal() syscall
procfd_signal.2: document procfd_signal syscall
arch/x86/entry/syscalls/syscall_32
maintainable solution.
[1]: https://lkml.org/lkml/2018/10/30/118
Cc: "Eric W. Biederman"
Cc: Serge Hallyn
Cc: Jann Horn
Cc: Kees Cook
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg Nesterov
Cc: Aleksa Sarai
Cc: Al Viro
Signed-off-by: Christian Brauner
---
Changelog:
v1:
- re
Cc: Jann Horn
Cc: Kees Cook
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg Nesterov
Cc: Aleksa Sarai
Cc: Al Viro
Signed-off-by: Christian Brauner
---
Changelog:
v1:
- patch introduced
---
arch/x86/entry/syscalls/syscall_32.tbl | 1 +
arch/x86/entry/syscalls/syscall_64.tbl | 1 +
On November 12, 2018 8:45:07 AM PST, Todd Kjos wrote:
>+christ...@brauner.io +Martijn Coenen
>
>Christian,
>
>Does this patch work for your container use-cases? If not, please
>comment on this thread. Let's discuss at LPC this week.
I have not received an answer to my questions in the last versio
;
Cc: Kees Cook
Cc: Serge Hallyn
Cc: Jann Horn
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg Nesterov
Cc: Aleksa Sarai
Cc: Al Viro
Cc: Florian Weimer
Signed-off-by: Christian Brauner
---
Changelog:
v3:
- add __copy_siginfo_from_user_generic() to avoid adding compat syscalls
- s/procfd_s
On Wed, Dec 05, 2018 at 12:20:43PM -0600, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > The kill() syscall operates on process identifiers (pid). After a process
> > has exited its pid can be reused by another process. If a caller sends a
> > signal to a r
On Wed, Dec 05, 2018 at 09:01:45PM +0100, Greg KH wrote:
> On Tue, Dec 04, 2018 at 02:12:39PM +0100, Christian Brauner wrote:
> > As discussed at Linux Plumbers Conference 2018 in Vancouver [1] this is the
> > implementation of binderfs. If you want to skip reading and just see h
On Wed, Dec 05, 2018 at 03:24:08PM -0800, Kees Cook wrote:
> On Wed, Dec 5, 2018 at 12:53 PM Christian Brauner
> wrote:
> > On Wed, Dec 05, 2018 at 12:20:43PM -0600, Eric W. Biederman wrote:
> > > Christian Brauner writes:
> > > > [1]: https://lkml.o
/lkml/20181203180224.fkvw4kajtbvru...@brauner.io/
[11]:
https://lore.kernel.org/lkml/f53d6d38-3521-4c20-9034-5af447df6...@amacapital.net/
[12]: https://lore.kernel.org/lkml/87zhtjn8ck@xmission.com/
Cc: Arnd Bergmann
Cc: "Eric W. Biederman"
Cc: Serge Hallyn
Cc: Jann Horn
Cc: Andy Luto
On Thu, Dec 06, 2018 at 01:30:19PM +0100, Florian Weimer wrote:
> * Christian Brauner:
>
> > /* zombies */
> > Zombies can be signaled just as any other process. No special error will be
> > reported since a zombie state is an unreliable state (cf. [3]).
>
> I sti
On December 7, 2018 4:01:19 AM GMT+13:00, ebied...@xmission.com wrote:
>Christian Brauner writes:
>
>> The kill() syscall operates on process identifiers (pid). After a
>process
>> has exited its pid can be reused by another process. If a caller
>sends a
>> signal
On Thu, Dec 06, 2018 at 11:24:28AM -0600, Eric W. Biederman wrote:
> Daniel Colascione writes:
>
> > On Thu, Dec 6, 2018 at 7:02 AM Eric W. Biederman
> > wrote:
> >>
> >> Christian Brauner writes:
> >>
> >> > The kill() syscall operates
On Thu, Dec 06, 2018 at 03:04:03PM +0100, Greg KH wrote:
> On Wed, Dec 05, 2018 at 10:42:06PM +0100, Christian Brauner wrote:
> > On Wed, Dec 05, 2018 at 09:01:45PM +0100, Greg KH wrote:
> > > > /* binder-control */
> > > > Each new binderfs instance comes with
On December 7, 2018 7:56:44 AM GMT+13:00, Florian Weimer
wrote:
>* Andy Lutomirski:
>
>>> I suppose that's fine. Or alternatively, when thread group support
>is
>>> added, introduce a flag that applications have to use to enable it,
>so
>>> that they can probe for support by checking support for
On Thu, Dec 06, 2018 at 01:17:24PM -0600, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > On December 7, 2018 4:01:19 AM GMT+13:00, ebied...@xmission.com wrote:
> >>Christian Brauner writes:
> >>
> >>> The kill() syscall operates on proc
On Thu, Dec 06, 2018 at 02:29:13PM -0600, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > On Thu, Dec 06, 2018 at 01:17:24PM -0600, Eric W. Biederman wrote:
> >> Christian Brauner writes:
> >>
> >> > On December 7, 2018 4:01:19
On Thu, Dec 06, 2018 at 03:46:53PM -0600, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> >> Your intention is to add the thread case to support pthreads once the
> >> process case is sorted out. So this is something that needs to be made
> >> clear.
On Thu, Dec 06, 2018 at 11:39:48PM +0100, Christian Brauner wrote:
> On Thu, Dec 06, 2018 at 03:46:53PM -0600, Eric W. Biederman wrote:
> > Christian Brauner writes:
> >
> > >> Your intention is to add the thread case to support pthreads once the
> > >>
t; >
> > > > On Fri, Dec 07, 2018 at 12:17:45AM +0100, Christian Brauner wrote:
> > > > > On Thu, Dec 06, 2018 at 11:39:48PM +0100, Christian Brauner wrote:
> > > > > > On Thu, Dec 06, 2018 at 03:46:53PM -0600, Eric W. Biederman wrote:
> > >
T_FAILURE);
}
printf("Allocated new binder device with major %d, minor %d, and "
"name %s\n", device.major, device.minor,
device.name);
exit(EXIT_SUCCESS);
}
/* Demo */
A demo of how binderfs works can be found under [2].
[1
to address. I
hope this will be sufficient for you to get behind the patch.
The relevant section in the commit message is titled:
/* sending signals to threads (tid) and process groups (pgid) */
Thanks!
Christian
Christian Brauner (1):
signal: add pidfd_send_signal() syscall
arch/x86/entr
ueb_du-o3q0tdw4ub_ojmvd...@mail.gmail.com/
[18]: https://lore.kernel.org/lkml/20181206222746.gb9...@mail.hallyn.com/
Cc: "Eric W. Biederman"
Cc: Jann Horn
Cc: Andy Lutomirsky
Cc: Andrew Morton
Cc: Oleg Nesterov
Cc: Al Viro
Cc: Florian Weimer
Signed-off-by: Christian Brauner
On Mon, Oct 29, 2018 at 10:44 PM Kees Cook wrote:
>
> On Mon, Oct 29, 2018 at 7:58 AM, Christian Brauner
> wrote:
> > On Wed, Oct 17, 2018 at 12:33:20AM +0200, Christian Brauner wrote:
> >> Hey,
> >>
> >> Here is v3 of this patchset. Changelogs are in t
On December 1, 2018 5:35:45 AM GMT+13:00, Andy Lutomirski
wrote:
>On Fri, Nov 30, 2018 at 3:41 AM Arnd Bergmann wrote:
>> siginfo_t as it is now still has a number of other downsides, and
>Andy in
>> particular didn't like the idea of having three new variants on x86
>> (depending on how you cou
On December 1, 2018 11:09:58 AM GMT+13:00, Arnd Bergmann wrote:
>On Fri, Nov 30, 2018 at 5:36 PM Andy Lutomirski
>wrote:
>>
>> On Fri, Nov 30, 2018 at 3:41 AM Arnd Bergmann wrote:
>> > siginfo_t as it is now still has a number of other downsides, and
>Andy in
>> > particular didn't like the idea
On December 1, 2018 12:12:53 PM GMT+13:00, Arnd Bergmann wrote:
>On Sat, Dec 1, 2018 at 12:05 AM Daniel Colascione
>wrote:
>> On Fri, Nov 30, 2018 at 2:26 PM Christian Brauner
> wrote:
>> > On December 1, 2018 11:09:58 AM GMT+13:00, Arnd Bergmann
> wrote:
>> >
libc after all.
Thanks for doing this and sorry for the late reply.
I missed that mail.
>
>* Christian Brauner:
>
>> diff --git a/arch/x86/entry/syscalls/syscall_32.tbl
>b/arch/x86/entry/syscalls/syscall_32.tbl
>> index 3cf7b533b3d1..3f27ffd8ae87 100644
>> --- a/arch/x
On December 1, 2018 12:46:22 PM GMT+13:00, Andy Lutomirski
wrote:
>On Fri, Nov 30, 2018 at 3:40 PM Christian Brauner
> wrote:
>>
>> On December 1, 2018 12:12:53 PM GMT+13:00, Arnd Bergmann
> wrote:
>> >On Sat, Dec 1, 2018 at 12:05 AM Daniel Colascione
>
>>
On November 30, 2018 10:40:49 AM GMT+13:00, Arnd Bergmann wrote:
>On Thu, Nov 29, 2018 at 10:35 PM Christian Brauner
> wrote:
>> On Thu, Nov 29, 2018 at 10:02:13PM +0100, Arnd Bergmann wrote:
>> > On Thu, Nov 29, 2018 at 9:14 PM Andy Lutomirski
> wrote:
>> >
On December 1, 2018 9:51:18 PM GMT+13:00, Arnd Bergmann wrote:
>On Sat, Dec 1, 2018 at 12:54 AM Andy Lutomirski
>wrote:
>> On Fri, Nov 30, 2018 at 2:10 PM Arnd Bergmann wrote:
>> > On Fri, Nov 30, 2018 at 5:36 PM Andy Lutomirski
>wrote:
>> > > On Fri, Nov 30, 2018 at 3:41 AM Arnd Bergmann
>wro
On December 2, 2018 4:52:37 AM GMT+13:00, Andy Lutomirski
wrote:
>
>
>> On Dec 1, 2018, at 7:28 AM, Eric W. Biederman
>wrote:
>>
>>
>> It just occurs to me that the simple way to implement
>> procfd_sigqueueinfo info is like:
>>
>> int copy_siginfo_from_user_any(kernel_siginfo_t *info, siginf
On Sat, Dec 01, 2018 at 09:28:47AM -0600, Eric W. Biederman wrote:
>
> It just occurs to me that the simple way to implement
> procfd_sigqueueinfo info is like:
>
> int copy_siginfo_from_user_any(kernel_siginfo_t *info, siginfo_t *uinfo)
> {
> #ifdef CONFIG_COMPAT
> if (in_compat_syscall)
>
On Sat, Dec 01, 2018 at 12:52:24PM +1300, Christian Brauner wrote:
> On November 30, 2018 1:28:15 AM GMT+13:00, Florian Weimer
> wrote:
> >Disclaimer: I'm looking at this patch because Christian requested it.
> >I'm not a kernel developer.
>
> Given all your ex
On Mon, Dec 03, 2018 at 05:57:51PM +0100, Florian Weimer wrote:
> * Christian Brauner:
>
> > Ok, I finally have access to source code again. Scratch what I said above!
> > I looked at the code and tested it. If the process has exited but not
> > yet waited upon aka is a z
ot;name suffix %d\n", device.major, device.minor,
device.suffix);
exit(EXIT_SUCCESS);
}
/* Demo */
A demo of how binderfs works can be found under [2].
[1]: https://goo.gl/JL2tfX
[2]: https://asciinema.org/a/zYUCqL7OySASWK9S2yVFq2sxM
Cc: Martijn Coenen
Cc: Todd Kjos
Cc
On Tue, Dec 04, 2018 at 01:55:10PM +0100, Florian Weimer wrote:
> * Christian Brauner:
>
> > On Mon, Dec 03, 2018 at 05:57:51PM +0100, Florian Weimer wrote:
> >> * Christian Brauner:
> >>
> >> > Ok, I finally have access to source code again. Scratch wha
On Mon, Jun 25, 2018 at 06:34:19PM +0200, Jann Horn wrote:
> The old code would hold the userns_state_mutex indefinitely if
> memdup_user_nul stalled due to e.g. a userfault region. Prevent that by
> moving the memdup_user_nul in front of the mutex_lock().
>
> Note: This changes the error preceden
On Tue, Jun 26, 2018 at 04:06:45PM +0200, Jann Horn wrote:
> On Tue, Jun 26, 2018 at 3:08 PM Christian Brauner
> wrote:
> >
> > On Mon, Jun 25, 2018 at 06:34:19PM +0200, Jann Horn wrote:
> > > The old code would hold the userns_state_mutex indefinitely if
> > >
ged userns mounts, and Smack will deny the writes for
> any user without global CAP_MAC_ADMIN, so loosening the
> capability check in commoncap is safe in this respect as well.
Acked-by: Christian Brauner
>
> Signed-off-by: Seth Forshee
> Acked-by: Serge Hallyn
Note, I ju
ADMIN in any namespace which is privileged
> towards the userns which originally mounted the filesystem.
Acked-by: Christian Brauner
>
> Signed-off-by: Seth Forshee
> Acked-by: "Eric W. Biederman"
> Acked-by: Serge Hallyn
Note, I just talked to Serge. This should be Acke
On Wed, May 23, 2018 at 06:25:38PM -0500, Eric W. Biederman wrote:
> From: Seth Forshee
>
> The user in control of a super block should be allowed to freeze
> and thaw it. Relax the restrictions on the FIFREEZE and FITHAW
> ioctls to require CAP_SYS_ADMIN in s_user_ns.
Acke
On Thu, May 24, 2018 at 11:45:06AM -0500, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > On Wed, May 23, 2018 at 06:25:36PM -0500, Eric W. Biederman wrote:
> >> Superblock level remounts are currently restricted to global
> >> CAP_SYS_ADMIN, as is the pa
gt; nodes to represent things on disk.
Excellent.
Acked-by: Christian Brauner
>
> Signed-off-by: "Eric W. Biederman"
> ---
> fs/namei.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/fs/namei.c b/fs/namei.c
> index 942c1f096f6b..203
finding the potential gotcha's and putting up with my
> semi-paranoid feedback.
Ok, took me a little longer to reason about this.
Acked-by: Christian Brauner
>
> Inspired-by: Seth Forshee
> Acked-by: Seth Forshee
> Signed-off-by: Eric W. Biederman
> ---
>
>
> > Signed-off-by: "Eric W. Biederman"
>
> Acked-by: Seth Forshee
Acked-by: Christian Brauner
From: Christian Brauner
Hey,
This is v1 of this patchset. All changes from v0 to v1 are non-functional.
Specifically, the commit messages and justification have been extended as
requested by Linus and Al.
This little series does the following:
- unify the definition of constants in statfs.h
ff-by: Christian Brauner
---
v0->v1:
* non-functional changes: extend commit message
---
include/linux/statfs.h | 26 +-
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/include/linux/statfs.h b/include/linux/statfs.h
index 3142e98546ac..b336c04e793c 1006
file descriptors to mountpoints are
passed between processes that are inspected via fstatvfs().
A mountpoint is considered ST_PRIVATE iff and it is neither ST_SLAVE nor
ST_SHARED.
Signed-off-by: Christian Brauner
---
v0->v1:
* non-functional changes: extend commit message
---
fs/
cific mountpoints.
Signed-off-by: Christian Brauner
---
v0->v1:
* non-functional changes: extend commit message
---
fs/statfs.c| 10 +-
include/linux/statfs.h | 1 +
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/fs/statfs.c b/fs/statfs.c
index 2fc6
where file descriptors to mountpoints
are passed between processes that are inspected via fstatvfs().
Signed-off-by: Christian Brauner
---
v0->v1:
* non-functional changes: extend commit message
---
fs/statfs.c| 2 ++
include/linux/statfs.h | 1 +
2 files changed, 3 insertions(+)
di
101 - 200 of 1959 matches
Mail list logo
