Google Git
Sign in
kernel/pub/scm/linux/kernel/git/ebiederm/user-namespace/refs/tags/per-namespace-ipc-sysctls-for-v5.19
tag
5e98aa38364e186b436d825c0564161acc9b12ef
tagger
Eric W. Biederman <ebiederm@xmission.com>
Fri Jun 03 12:06:27 2022 -0500
object
38cd5b12b7854941ede1954cf5a2393eb94b5d37
These changes update the ipc sysctls so that they are fundamentally
per ipc namespace.  Previously these sysctls depended upon a hack to
simulate being per ipc namespace by looking up the ipc namespace in
read or write.  With this set of changes the ipc sysctls are
registered per ipc namespace and open looks up the ipc namespace.

Not only does this series of changes ensure the traditional binding at
open time happens, but it sets a foundation for being able to relax the
permission checks to allow a user namspace root to change the ipc sysctls
for an ipc namespace that the user namespace root requires.  To do this
requires the ipc namespace to be known at open time.

These changes were sent for v5.18[1] but were dropped because some
additional cleanups were requested.  Linus has given his nod[2] to the
cleanups so I hope enough cleanups are present this time.

[1] https://lkml.kernel.org/r/877d8kfmdp.fsf@email.froward.int.ebiederm.org
[2] https://lkml.kernel.org/r/CAHk-=whi2SzU4XT_FsdTCAuK2qtYmH+-hwi1cbSdG8zu0KXL=g@mail.gmail.com

Alexey Gladkov (6):
      ipc: Store mqueue sysctls in the ipc namespace
      ipc: Store ipc sysctls in the ipc namespace
      ipc: Use the same namespace to modify and validate
      ipc: Remove extra1 field abuse to pass ipc namespace
      ipc: Check permissions for checkpoint_restart sysctls at open time
      ipc: Remove extra braces

 include/linux/ipc_namespace.h |  37 +++++++-
 ipc/ipc_sysctl.c              | 205 +++++++++++++++++++++++++-----------------
 ipc/mq_sysctl.c               | 121 +++++++++++++------------
 ipc/mqueue.c                  |  10 +--
 ipc/namespace.c               |  10 +++
 5 files changed, 238 insertions(+), 145 deletions(-)

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
commit
38cd5b12b7854941ede1954cf5a2393eb94b5d37
[log] [tgz]
author
Alexey Gladkov <legion@kernel.org>
Tue May 03 15:39:57 2022 +0200
committer
Eric W. Biederman <ebiederm@xmission.com>
Tue May 03 17:25:58 2022 -0500
tree
42e3581cdf43ea97e3b062e04bc10befa5156dc5
parent
0889f44e281034e180daa6daf3e2d57c012452d4 [diff]
ipc: Remove extra braces

Fix coding style. In the previous commit, I added braces because,
in addition to changing .data, .extra1 also changed. Now this is not
needed.

Fixes: 1f5c135ee509 ("ipc: Store ipc sysctls in the ipc namespace")
Signed-off-by: Alexey Gladkov <legion@kernel.org>
Link: https://lkml.kernel.org/r/37687827f630bc150210f5b8abeeb00f1336814e.1651584847.git.legion@kernel.org
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
1 file changed
tree: 42e3581cdf43ea97e3b062e04bc10befa5156dc5
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README