From b801f1e22c23c259d6a2c955efddd20370de19a6 Mon Sep 17 00:00:00 2001 From: "Michael Kerrisk (man-pages)" Date: Fri, 3 Apr 2020 14:11:39 +0200 Subject: [PATCH 1/3] time/namespace: Fix time_for_children symlink Looking at the contents of the /proc/PID/ns/time_for_children symlink shows an anomaly: $ ls -l /proc/self/ns/* |awk '{print $9, $10, $11}' ... /proc/self/ns/pid -> pid:[4026531836] /proc/self/ns/pid_for_children -> pid:[4026531836] /proc/self/ns/time -> time:[4026531834] /proc/self/ns/time_for_children -> time_for_children:[4026531834] /proc/self/ns/user -> user:[4026531837] ... The reference for 'time_for_children' should be a 'time' namespace, just as the reference for 'pid_for_children' is a 'pid' namespace. In other words, the above time_for_children link should read: /proc/self/ns/time_for_children -> time:[4026531834] Fixes: 769071ac9f20 ("ns: Introduce Time Namespace") Signed-off-by: Michael Kerrisk Signed-off-by: Thomas Gleixner Reviewed-by: Dmitry Safonov Acked-by: Christian Brauner Acked-by: Andrei Vagin Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/a2418c48-ed80-3afe-116e-6611cb799557@gmail.com --- kernel/time/namespace.c | 1 + 1 file changed, 1 insertion(+) diff --git a/kernel/time/namespace.c b/kernel/time/namespace.c index e6ba064ce773..3b30288793fe 100644 --- a/kernel/time/namespace.c +++ b/kernel/time/namespace.c @@ -447,6 +447,7 @@ const struct proc_ns_operations timens_operations = { const struct proc_ns_operations timens_for_children_operations = { .name = "time_for_children", + .real_ns_name = "time", .type = CLONE_NEWTIME, .get = timens_for_children_get, .put = timens_put, From eeec26d5da8248ea4e240b8795bb4364213d3247 Mon Sep 17 00:00:00 2001 From: Dmitry Safonov Date: Mon, 6 Apr 2020 18:13:42 +0100 Subject: [PATCH 2/3] time/namespace: Add max_time_namespaces ucount Michael noticed that userns limit for number of time namespaces is missing. Furthermore, time namespace introduced UCOUNT_TIME_NAMESPACES, but didn't introduce an array member in user_table[]. It would make array's initialisation OOB write, but by luck the user_table array has an excessive empty member (all accesses to the array are limited with UCOUNT_COUNTS - so it silently reuses the last free member. Fixes user-visible regression: max_inotify_instances by reason of the missing UCOUNT_ENTRY() has limited max number of namespaces instead of the number of inotify instances. Fixes: 769071ac9f20 ("ns: Introduce Time Namespace") Reported-by: Michael Kerrisk (man-pages) Signed-off-by: Dmitry Safonov Signed-off-by: Thomas Gleixner Acked-by: Andrei Vagin Acked-by: Vincenzo Frascino Cc: stable@kernel.org Link: https://lkml.kernel.org/r/20200406171342.128733-1-dima@arista.com --- Documentation/admin-guide/sysctl/user.rst | 6 ++++++ kernel/ucount.c | 1 + 2 files changed, 7 insertions(+) diff --git a/Documentation/admin-guide/sysctl/user.rst b/Documentation/admin-guide/sysctl/user.rst index 650eaa03f15e..c45824589339 100644 --- a/Documentation/admin-guide/sysctl/user.rst +++ b/Documentation/admin-guide/sysctl/user.rst @@ -65,6 +65,12 @@ max_pid_namespaces The maximum number of pid namespaces that any user in the current user namespace may create. +max_time_namespaces +=================== + + The maximum number of time namespaces that any user in the current + user namespace may create. + max_user_namespaces =================== diff --git a/kernel/ucount.c b/kernel/ucount.c index a53cc2b4179c..29c60eb4ec9b 100644 --- a/kernel/ucount.c +++ b/kernel/ucount.c @@ -69,6 +69,7 @@ static struct ctl_table user_table[] = { UCOUNT_ENTRY("max_net_namespaces"), UCOUNT_ENTRY("max_mnt_namespaces"), UCOUNT_ENTRY("max_cgroup_namespaces"), + UCOUNT_ENTRY("max_time_namespaces"), #ifdef CONFIG_INOTIFY_USER UCOUNT_ENTRY("max_inotify_instances"), UCOUNT_ENTRY("max_inotify_watches"), From 0f538e3e712a517bd351607de50cd298102c7c08 Mon Sep 17 00:00:00 2001 From: Jan Kara Date: Tue, 7 Apr 2020 17:46:43 +0200 Subject: [PATCH 3/3] ucount: Make sure ucounts in /proc/sys/user don't regress again Commit 769071ac9f20 "ns: Introduce Time Namespace" broke reporting of inotify ucounts (max_inotify_instances, max_inotify_watches) in /proc/sys/user because it has added UCOUNT_TIME_NAMESPACES into enum ucount_type but didn't properly update reporting in kernel/ucount.c:setup_userns_sysctls(). This problem got fixed in commit eeec26d5da82 "time/namespace: Add max_time_namespaces ucount". Add BUILD_BUG_ON to catch a similar problem in the future. Signed-off-by: Jan Kara Signed-off-by: Thomas Gleixner Acked-by: Andrei Vagin Link: https://lkml.kernel.org/r/20200407154643.10102-1-jack@suse.cz --- kernel/ucount.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/ucount.c b/kernel/ucount.c index 29c60eb4ec9b..11b1596e2542 100644 --- a/kernel/ucount.c +++ b/kernel/ucount.c @@ -82,6 +82,8 @@ bool setup_userns_sysctls(struct user_namespace *ns) { #ifdef CONFIG_SYSCTL struct ctl_table *tbl; + + BUILD_BUG_ON(ARRAY_SIZE(user_table) != UCOUNT_COUNTS + 1); setup_sysctl_set(&ns->set, &set_root, set_is_seen); tbl = kmemdup(user_table, sizeof(user_table), GFP_KERNEL); if (tbl) {