On Wed, May 3, 2017 at 1:02 PM, Matt Brown <[email protected]> wrote: > On 05/03/2017 03:45 PM, Greg KH wrote: >> >> On Wed, May 03, 2017 at 12:32:07PM -0700, Kees Cook wrote: >>> >>> On Mon, Apr 24, 2017 at 6:57 AM, Serge E. Hallyn <[email protected]> >>> wrote: >>>> >>>> Quoting Matt Brown ([email protected]): >>>>> >>>>> This patch adds struct user_namespace *owner_user_ns to the tty_struct. >>>>> Then it is set to current_user_ns() in the alloc_tty_struct function. >>>>> >>>>> This is done to facilitate capability checks against the original user >>>>> namespace that allocated the tty. >>>>> >>>>> E.g. ns_capable(tty->owner_user_ns,CAP_SYS_ADMIN) >>>>> >>>>> This combined with the use of user namespace's will allow hardening >>>>> protections to be built to mitigate container escapes that utilize TTY >>>>> ioctls such as TIOCSTI. >>>>> >>>>> See: https://bugzilla.redhat.com/show_bug.cgi?id=1411256 >>>>> >>>>> Signed-off-by: Matt Brown <[email protected]> >>>> >>>> >>>> Acked-by: Serge Hallyn <[email protected]> >>> >>> >>> This Ack didn't end up in the v5, but I think it stands, yes? >>> >>> Greg, is the v5 okay to pull for you or would a v6 with Acks/Reviews >>> included be preferred? >> >> >> v6 would be great, and we are dropping patch 2 from the series, right? >> I was expecting this to be resent. I'll start looking at new patches >> like this after 4.12-rc1 is out. >> > > I will create a v6 with the Acks/Reviews. I'd like to keep patch 2 in > since that got acked by at least Serge. (Kees also? or just patch 1?)
Sorry, I meant that patch 2's ack from serge got dropped accidentally. i.e. he Acked v4, but it wasn't in v5. Serge, just to double-check, does your Ack stand? -Kees -- Kees Cook Pixel Security
