diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-11 21:34:47 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-11 21:34:47 -0400 |
| commit | dd198ce7141aa8dd9ffcc9549de422fb055508de (patch) | |
| tree | 86ad8e0e74b0a1cb8cc62a621e2946334733a402 /arch/tile | |
| parent | 89fd915c402113528750353ad6de9ea68a787e5c (diff) | |
| parent | 076a9bcacfc7ccbc2b3fdf3bd490718f6b182419 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace updates from Eric Biederman:
"Life has been busy and I have not gotten half as much done this round
as I would have liked. I delayed it so that a minor conflict
resolution with the mips tree could spend a little time in linux-next
before I sent this pull request.
This includes two long delayed user namespace changes from Kirill
Tkhai. It also includes a very useful change from Serge Hallyn that
allows the security capability attribute to be used inside of user
namespaces. The practical effect of this is people can now untar
tarballs and install rpms in user namespaces. It had been suggested to
generalize this and encode some of the namespace information
information in the xattr name. Upon close inspection that makes the
things that should be hard easy and the things that should be easy
more expensive.
Then there is my bugfix/cleanup for signal injection that removes the
magic encoding of the siginfo union member from the kernel internal
si_code. The mips folks reported the case where I had used FPE_FIXME
me is impossible so I have remove FPE_FIXME from mips, while at the
same time including a return statement in that case to keep gcc from
complaining about unitialized variables.
I almost finished the work to get make copy_siginfo_to_user a trivial
copy to user. The code is available at:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git neuter-copy_siginfo_to_user-v3
But I did not have time/energy to get the code posted and reviewed
before the merge window opened.
I was able to see that the security excuse for just copying fields
that we know are initialized doesn't work in practice there are buggy
initializations that don't initialize the proper fields in siginfo. So
we still sometimes copy unitialized data to userspace"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
Introduce v3 namespaced file capabilities
mips/signal: In force_fcr31_sig return in the impossible case
signal: Remove kernel interal si_code magic
fcntl: Don't use ambiguous SIG_POLL si_codes
prctl: Allow local CAP_SYS_ADMIN changing exe_file
security: Use user_namespace::level to avoid redundant iterations in cap_capable()
userns,pidns: Verify the userns for new pid namespaces
signal/testing: Don't look for __SI_FAULT in userspace
signal/mips: Document a conflict with SI_USER with SIGFPE
signal/sparc: Document a conflict with SI_USER with SIGFPE
signal/ia64: Document a conflict with SI_USER with SIGFPE
signal/alpha: Document a conflict with SI_USER for SIGTRAP
Diffstat (limited to 'arch/tile')
| -rw-r--r-- | arch/tile/include/uapi/asm/siginfo.h | 4 | ||||
| -rw-r--r-- | arch/tile/kernel/compat_signal.c | 18 | ||||
| -rw-r--r-- | arch/tile/kernel/traps.c | 2 |
3 files changed, 11 insertions, 13 deletions
diff --git a/arch/tile/include/uapi/asm/siginfo.h b/arch/tile/include/uapi/asm/siginfo.h index 56d661bb010b..e83f931aa1f0 100644 --- a/arch/tile/include/uapi/asm/siginfo.h +++ b/arch/tile/include/uapi/asm/siginfo.h | |||
| @@ -26,8 +26,8 @@ | |||
| 26 | /* | 26 | /* |
| 27 | * Additional Tile-specific SIGILL si_codes | 27 | * Additional Tile-specific SIGILL si_codes |
| 28 | */ | 28 | */ |
| 29 | #define ILL_DBLFLT (__SI_FAULT|9) /* double fault */ | 29 | #define ILL_DBLFLT 9 /* double fault */ |
| 30 | #define ILL_HARDWALL (__SI_FAULT|10) /* user networks hardwall violation */ | 30 | #define ILL_HARDWALL 10 /* user networks hardwall violation */ |
| 31 | #undef NSIGILL | 31 | #undef NSIGILL |
| 32 | #define NSIGILL 10 | 32 | #define NSIGILL 10 |
| 33 | 33 | ||
diff --git a/arch/tile/kernel/compat_signal.c b/arch/tile/kernel/compat_signal.c index 0e863f1ee08c..971d87a1d8cf 100644 --- a/arch/tile/kernel/compat_signal.c +++ b/arch/tile/kernel/compat_signal.c | |||
| @@ -64,7 +64,7 @@ int copy_siginfo_to_user32(struct compat_siginfo __user *to, const siginfo_t *fr | |||
| 64 | 3 ints plus the relevant union member. */ | 64 | 3 ints plus the relevant union member. */ |
| 65 | err = __put_user(from->si_signo, &to->si_signo); | 65 | err = __put_user(from->si_signo, &to->si_signo); |
| 66 | err |= __put_user(from->si_errno, &to->si_errno); | 66 | err |= __put_user(from->si_errno, &to->si_errno); |
| 67 | err |= __put_user((short)from->si_code, &to->si_code); | 67 | err |= __put_user(from->si_code, &to->si_code); |
| 68 | 68 | ||
| 69 | if (from->si_code < 0) { | 69 | if (from->si_code < 0) { |
| 70 | err |= __put_user(from->si_pid, &to->si_pid); | 70 | err |= __put_user(from->si_pid, &to->si_pid); |
| @@ -77,28 +77,26 @@ int copy_siginfo_to_user32(struct compat_siginfo __user *to, const siginfo_t *fr | |||
| 77 | */ | 77 | */ |
| 78 | err |= __put_user(from->_sifields._pad[0], | 78 | err |= __put_user(from->_sifields._pad[0], |
| 79 | &to->_sifields._pad[0]); | 79 | &to->_sifields._pad[0]); |
| 80 | switch (from->si_code >> 16) { | 80 | switch (siginfo_layout(from->si_signo, from->si_code)) { |
| 81 | case __SI_FAULT >> 16: | 81 | case SIL_FAULT: |
| 82 | break; | 82 | break; |
| 83 | case __SI_CHLD >> 16: | 83 | case SIL_CHLD: |
| 84 | err |= __put_user(from->si_utime, &to->si_utime); | 84 | err |= __put_user(from->si_utime, &to->si_utime); |
| 85 | err |= __put_user(from->si_stime, &to->si_stime); | 85 | err |= __put_user(from->si_stime, &to->si_stime); |
| 86 | err |= __put_user(from->si_status, &to->si_status); | 86 | err |= __put_user(from->si_status, &to->si_status); |
| 87 | /* FALL THROUGH */ | 87 | /* FALL THROUGH */ |
| 88 | default: | 88 | default: |
| 89 | case __SI_KILL >> 16: | 89 | case SIL_KILL: |
| 90 | err |= __put_user(from->si_uid, &to->si_uid); | 90 | err |= __put_user(from->si_uid, &to->si_uid); |
| 91 | break; | 91 | break; |
| 92 | case __SI_POLL >> 16: | 92 | case SIL_POLL: |
| 93 | err |= __put_user(from->si_fd, &to->si_fd); | 93 | err |= __put_user(from->si_fd, &to->si_fd); |
| 94 | break; | 94 | break; |
| 95 | case __SI_TIMER >> 16: | 95 | case SIL_TIMER: |
| 96 | err |= __put_user(from->si_overrun, &to->si_overrun); | 96 | err |= __put_user(from->si_overrun, &to->si_overrun); |
| 97 | err |= __put_user(from->si_int, &to->si_int); | 97 | err |= __put_user(from->si_int, &to->si_int); |
| 98 | break; | 98 | break; |
| 99 | /* This is not generated by the kernel as of now. */ | 99 | case SIL_RT: |
| 100 | case __SI_RT >> 16: | ||
| 101 | case __SI_MESGQ >> 16: | ||
| 102 | err |= __put_user(from->si_uid, &to->si_uid); | 100 | err |= __put_user(from->si_uid, &to->si_uid); |
| 103 | err |= __put_user(from->si_int, &to->si_int); | 101 | err |= __put_user(from->si_int, &to->si_int); |
| 104 | break; | 102 | break; |
diff --git a/arch/tile/kernel/traps.c b/arch/tile/kernel/traps.c index 54804866f238..9b08c6055f15 100644 --- a/arch/tile/kernel/traps.c +++ b/arch/tile/kernel/traps.c | |||
| @@ -188,7 +188,7 @@ static int special_ill(tile_bundle_bits bundle, int *sigp, int *codep) | |||
| 188 | 188 | ||
| 189 | /* Make it the requested signal. */ | 189 | /* Make it the requested signal. */ |
| 190 | *sigp = sig; | 190 | *sigp = sig; |
| 191 | *codep = code | __SI_FAULT; | 191 | *codep = code; |
| 192 | return 1; | 192 | return 1; |
| 193 | } | 193 | } |
| 194 | 194 | ||