fix create_new_namespaces() return value
dup_mnt_ns() and clone_uts_ns() return NULL on failure. This is wrong, create_new_namespaces() uses ERR_PTR() to catch an error. This means that the subsequent create_new_namespaces() will hit BUG_ON() in copy_mnt_ns() or copy_utsname(). Modify create_new_namespaces() to also use the errors returned by the copy_*_ns routines and not to systematically return ENOMEM. [oleg@tv-sign.ru: better changelog] Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Cc: Serge E. Hallyn <serue@us.ibm.com> Cc: Badari Pulavarty <pbadari@us.ibm.com> Cc: Pavel Emelianov <xemul@openvz.org> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
3e733f071e
commit
467e9f4b50
|
@ -1451,7 +1451,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
|
||||||
|
|
||||||
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
|
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
|
||||||
if (!new_ns)
|
if (!new_ns)
|
||||||
return NULL;
|
return ERR_PTR(-ENOMEM);
|
||||||
|
|
||||||
atomic_set(&new_ns->count, 1);
|
atomic_set(&new_ns->count, 1);
|
||||||
INIT_LIST_HEAD(&new_ns->list);
|
INIT_LIST_HEAD(&new_ns->list);
|
||||||
|
@ -1465,7 +1465,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
|
||||||
if (!new_ns->root) {
|
if (!new_ns->root) {
|
||||||
up_write(&namespace_sem);
|
up_write(&namespace_sem);
|
||||||
kfree(new_ns);
|
kfree(new_ns);
|
||||||
return NULL;
|
return ERR_PTR(-ENOMEM);;
|
||||||
}
|
}
|
||||||
spin_lock(&vfsmount_lock);
|
spin_lock(&vfsmount_lock);
|
||||||
list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
|
list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
|
||||||
|
|
|
@ -58,30 +58,41 @@ static struct nsproxy *create_new_namespaces(int flags, struct task_struct *tsk,
|
||||||
struct fs_struct *new_fs)
|
struct fs_struct *new_fs)
|
||||||
{
|
{
|
||||||
struct nsproxy *new_nsp;
|
struct nsproxy *new_nsp;
|
||||||
|
int err;
|
||||||
|
|
||||||
new_nsp = clone_nsproxy(tsk->nsproxy);
|
new_nsp = clone_nsproxy(tsk->nsproxy);
|
||||||
if (!new_nsp)
|
if (!new_nsp)
|
||||||
return ERR_PTR(-ENOMEM);
|
return ERR_PTR(-ENOMEM);
|
||||||
|
|
||||||
new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
|
new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
|
||||||
if (IS_ERR(new_nsp->mnt_ns))
|
if (IS_ERR(new_nsp->mnt_ns)) {
|
||||||
|
err = PTR_ERR(new_nsp->mnt_ns);
|
||||||
goto out_ns;
|
goto out_ns;
|
||||||
|
}
|
||||||
|
|
||||||
new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
|
new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
|
||||||
if (IS_ERR(new_nsp->uts_ns))
|
if (IS_ERR(new_nsp->uts_ns)) {
|
||||||
|
err = PTR_ERR(new_nsp->uts_ns);
|
||||||
goto out_uts;
|
goto out_uts;
|
||||||
|
}
|
||||||
|
|
||||||
new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
|
new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
|
||||||
if (IS_ERR(new_nsp->ipc_ns))
|
if (IS_ERR(new_nsp->ipc_ns)) {
|
||||||
|
err = PTR_ERR(new_nsp->ipc_ns);
|
||||||
goto out_ipc;
|
goto out_ipc;
|
||||||
|
}
|
||||||
|
|
||||||
new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns);
|
new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns);
|
||||||
if (IS_ERR(new_nsp->pid_ns))
|
if (IS_ERR(new_nsp->pid_ns)) {
|
||||||
|
err = PTR_ERR(new_nsp->pid_ns);
|
||||||
goto out_pid;
|
goto out_pid;
|
||||||
|
}
|
||||||
|
|
||||||
new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
|
new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
|
||||||
if (IS_ERR(new_nsp->user_ns))
|
if (IS_ERR(new_nsp->user_ns)) {
|
||||||
|
err = PTR_ERR(new_nsp->user_ns);
|
||||||
goto out_user;
|
goto out_user;
|
||||||
|
}
|
||||||
|
|
||||||
return new_nsp;
|
return new_nsp;
|
||||||
|
|
||||||
|
@ -99,7 +110,7 @@ out_uts:
|
||||||
put_mnt_ns(new_nsp->mnt_ns);
|
put_mnt_ns(new_nsp->mnt_ns);
|
||||||
out_ns:
|
out_ns:
|
||||||
kfree(new_nsp);
|
kfree(new_nsp);
|
||||||
return ERR_PTR(-ENOMEM);
|
return ERR_PTR(err);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -34,7 +34,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
|
||||||
|
|
||||||
ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
|
ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
|
||||||
if (!ns)
|
if (!ns)
|
||||||
return NULL;
|
return ERR_PTR(-ENOMEM);
|
||||||
|
|
||||||
kref_init(&ns->kref);
|
kref_init(&ns->kref);
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
|
||||||
ns->root_user = alloc_uid(ns, 0);
|
ns->root_user = alloc_uid(ns, 0);
|
||||||
if (!ns->root_user) {
|
if (!ns->root_user) {
|
||||||
kfree(ns);
|
kfree(ns);
|
||||||
return NULL;
|
return ERR_PTR(-ENOMEM);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Reset current->user with a new one */
|
/* Reset current->user with a new one */
|
||||||
|
@ -53,7 +53,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
|
||||||
if (!new_user) {
|
if (!new_user) {
|
||||||
free_uid(ns->root_user);
|
free_uid(ns->root_user);
|
||||||
kfree(ns);
|
kfree(ns);
|
||||||
return NULL;
|
return ERR_PTR(-ENOMEM);
|
||||||
}
|
}
|
||||||
|
|
||||||
switch_uid(new_user);
|
switch_uid(new_user);
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
#include <linux/uts.h>
|
#include <linux/uts.h>
|
||||||
#include <linux/utsname.h>
|
#include <linux/utsname.h>
|
||||||
#include <linux/version.h>
|
#include <linux/version.h>
|
||||||
|
#include <linux/err.h>
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Clone a new ns copying an original utsname, setting refcount to 1
|
* Clone a new ns copying an original utsname, setting refcount to 1
|
||||||
|
@ -24,10 +25,11 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns)
|
||||||
struct uts_namespace *ns;
|
struct uts_namespace *ns;
|
||||||
|
|
||||||
ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
|
ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
|
||||||
if (ns) {
|
if (!ns)
|
||||||
memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
|
return ERR_PTR(-ENOMEM);
|
||||||
kref_init(&ns->kref);
|
|
||||||
}
|
memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
|
||||||
|
kref_init(&ns->kref);
|
||||||
return ns;
|
return ns;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue