On Tue, Jun 09, 2020 at 09:06:27AM -0700, Andrei Vagin wrote:
> On Tue, Jun 09, 2020 at 09:44:22AM +0200, Christian Brauner wrote:
> > On Mon, Jun 08, 2020 at 08:42:21PM -0700, Andrei Vagin wrote:
> > > On Wed, Jun 03, 2020 at 06:23:26PM +0200, Adrian Reber wrote:
> > &
On Tue, Jun 09, 2020 at 11:08:01AM +0800, Weilong Chen wrote:
> The check is only there to stop root fork bombs.
>
> BUG: KCSAN: data-race in copy_process / copy_process
>
> write to 0x86f87d20 of 4 bytes by task 7121 on cpu 5:
> copy_process+0x2e1a/0x3af0 kernel/fork.c:2285
>
able 'len'
> [-Wunused-variable]
> 21 | size_t len;
> | ^~~
>
> I removed the unused 'len'.
>
> [5] CONFIG_ANDROID_BINDERFS is not required
>
> Since this is a user-space standalone program, it is independent of
> the kernel configuration.
>
On Mon, Jun 08, 2020 at 08:42:21PM -0700, Andrei Vagin wrote:
> On Wed, Jun 03, 2020 at 06:23:26PM +0200, Adrian Reber wrote:
> > This patch introduces CAP_CHECKPOINT_RESTORE, a new capability facilitating
> > checkpoint/restore for non-root users.
> >
> > Over the last years, The CRIU
On Thu, Jun 04, 2020 at 03:33:25PM -0500, Eric W. Biederman wrote:
> Alexey Gladkov writes:
>
> > Greetings!
> >
> > Preface
> > ---
> > This patch set can be applied over:
> >
> > git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git
> > d35bec8a5788
>
> I am not going to
On Wed, Jun 03, 2020 at 07:22:57PM -0700, Kees Cook wrote:
> On Thu, Jun 04, 2020 at 03:24:52AM +0200, Christian Brauner wrote:
> > On Tue, Jun 02, 2020 at 06:10:41PM -0700, Sargun Dhillon wrote:
> > > Previously there were two chunks of code where the logic to receive file
the kernel where file
> descriptors are copied between processes
>
> I tested cgroup classid setting on both the compat (x32) path, and the
> native path to ensure that when moving the file descriptor the classid
> is set.
>
> Signed-off-by: Sargun Dhillon
> Suggested-
On Wed, Jun 03, 2020 at 05:13:36PM -0700, Linus Torvalds wrote:
> On Wed, Jun 3, 2020 at 4:24 PM Christian Brauner
> wrote:
> >
> > Ok, here's what I have. Does the below look somewhat sane?
>
> Probably. Needs lots of testing. But this one looks wrong:
Right, there's
On Tue, Jun 02, 2020 at 05:08:22PM -0700, Linus Torvalds wrote:
> On Tue, Jun 2, 2020 at 4:33 PM Christian Brauner
> wrote:
> > >
> > > And maybe this _did_ get mentioned last time, and I just don't find
> > > it. I also don't see anything like that in the
On Wed, Jun 03, 2020 at 01:30:57AM +0200, Florian Weimer wrote:
> * Christian Brauner:
>
> > The performance is striking. For good measure, comparing the following
> > simple close_all_fds() userspace implementation that is essentially just
> > glibc's version in
On Tue, Jun 02, 2020 at 02:03:09PM -0700, Linus Torvalds wrote:
> On Tue, Jun 2, 2020 at 1:42 PM Christian Brauner
> wrote:
> >
> > This is a resend of the close_range() syscall, as discussed in [1]. There
> > weren't any outstanding
> > discussions anymore and
that max_fd is correctly capped to the current fdtable maximum
Signed-off-by: Christian Brauner
Cc: Arnd Bergmann
Cc: Jann Horn
Cc: David Howells
Cc: Dmitry V. Levin
Cc: Oleg Nesterov
Cc: Linus Torvalds
Cc: Florian Weimer
Cc: Shuah Khan
Cc: linux-...@vger.kernel.org
Cc: linux-kselft
/1267907092406566912
Christian Brauner (3):
open: add close_range()
arch: wire-up close_range()
tests: add close_range() tests
arch/alpha/kernel/syscalls/syscall.tbl| 1 +
arch/arm/tools/syscall.tbl| 1 +
arch/arm64/include/asm/unistd.h | 2
2 open.
Suggested-by: Al Viro
Signed-off-by: Christian Brauner
Cc: Arnd Bergmann
Cc: Kyle Evans
Cc: Jann Horn
Cc: David Howells
Cc: Dmitry V. Levin
Cc: Oleg Nesterov
Cc: Linus Torvalds
Cc: Florian Weimer
Cc: linux-...@vger.kernel.org
---
/* v2 */
- Linus Torvalds :
- add cond_resched() to yield
This wires up the close_range() syscall into all arches at once.
Suggested-by: Arnd Bergmann
Signed-off-by: Christian Brauner
Reviewed-by: Oleg Nesterov
Acked-by: Arnd Bergmann
Acked-by: Michael Ellerman (powerpc)
Cc: Jann Horn
Cc: David Howells
Cc: Dmitry V. Levin
Cc: Linus Torvalds
Cc
-v5.8
Christian Brauner (3):
nsproxy: add struct nsset
nsproxy: attach to namespaces via pidfds
selftests/pidfd: add pidfd setns tests
fs/namespace.c | 15 +-
fs/n
On Mon, Jun 01, 2020 at 12:29:27PM -0700, Kees Cook wrote:
> On Sun, May 31, 2020 at 01:50:30PM +0200, Christian Brauner wrote:
> > We've been making heavy use of the seccomp notifier to intercept and
> > handle certain syscalls for containers. This patch allows a syscall
> >
an actual usage counter in a follow-up patch.
Cc: Tycho Andersen
Cc: Kees Cook
Cc: Matt Denton
Cc: Sargun Dhillon
Cc: Jann Horn
Cc: Chris Palmer
Cc: Aleksa Sarai
Cc: Robert Sesek
Cc: Jeffrey Vander Stoep
Cc: Linux Containers
Signed-off-by: Christian Brauner
---
/* v2 */
patch not pres
This verifies we're correctly notified when a seccomp filter becomes
unused when a notifier is in use.
Signed-off-by: Christian Brauner
---
/* v2 */
unchanged
/* v3 */
At first it seemed sensible to add POLLHUP to all poll invocations but
all checks test for revents to be equal to POLLIN. Hence
Cc: Jeffrey Vander Stoep
Cc: Linux Containers
Signed-off-by: Christian Brauner
---
/* v2 */
patch not present
/* v3 */
patch introduced
---
include/linux/seccomp.h | 4 +--
kernel/exit.c | 1 +
kernel/fork.c | 1 -
kernel/seccomp.c|
n
Cc: Jann Horn
Cc: Chris Palmer
Cc: Aleksa Sarai
Cc: Robert Sesek
Cc: Jeffrey Vander Stoep
Cc: Linux Containers
Signed-off-by: Christian Brauner
---
/* v2 */
- Jann Horn :
- Use more descriptive instead of seccomp_filter_notify().
(I went with seccomp_filter_release().)
/* v3 */
- Ke
On Sat, May 30, 2020 at 09:14:50AM -0700, Kees Cook wrote:
> On Sat, May 30, 2020 at 04:13:29PM +0200, Christian Brauner wrote:
> > On Fri, May 29, 2020 at 10:47:12PM -0700, Kees Cook wrote:
> > > Oh hey! Look at scm_detach_fds_compat(). It needs this too. (And it's
> &
On Fri, May 29, 2020 at 10:47:12PM -0700, Kees Cook wrote:
> On Sat, May 30, 2020 at 03:58:18AM +, Sargun Dhillon wrote:
> > Isn't the "right" way to do this to allocate a bunch of file descriptors,
> > and fill up the user buffer with them, and then install the files? This
> > seems to like
On Sat, May 30, 2020 at 05:17:24AM +0200, Jann Horn wrote:
> On Sat, May 30, 2020 at 4:43 AM Kees Cook wrote:
> > I mean, yes, that's certainly better, but it just seems a shame that
> > everyone has to do the get_unused/put_unused dance just because of how
> > SCM_RIGHTS does this weird
On Fri, May 29, 2020 at 05:10:29PM +0200, Adrian Reber wrote:
> On Fri, May 29, 2020 at 02:26:13PM +0200, Michael Kerrisk (man-pages) wrote:
> > Hi Adrian,
> >
> > If there was a revision to this patch, I missed it. Is there still a
> > plan to bring CLONE_NEWTIME to clone3()?
>
> Good that you
On Fri, May 29, 2020 at 12:32:55PM +0200, Christian Brauner wrote:
> On Thu, May 28, 2020 at 04:08:57AM -0700, Sargun Dhillon wrote:
> > This adds a seccomp notifier ioctl which allows for the listener to "add"
> > file descriptors to a process which originated a secc
tion, there is funcitonality to allow for replacement of
> specific file descriptors, following dup2-like semantics.
>
> Signed-off-by: Sargun Dhillon
> Suggested-by: Matt Denton
> Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian B
Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian Brauner
> Cc: Tycho Andersen
> ---
A single nit below otherwise:
Acked-by: Christian Brauner
> kernel/seccomp.c | 51
> 1
On Fri, May 29, 2020 at 01:32:03AM +0200, Jann Horn wrote:
> On Fri, May 29, 2020 at 1:11 AM Kees Cook wrote:
> > On Thu, May 28, 2020 at 05:14:11PM +0200, Christian Brauner wrote:
> > > * @usage: reference count to manage the object lifetime.
> > > * get
On Fri, May 29, 2020 at 01:06:59AM -0700, Kees Cook wrote:
> On Fri, May 29, 2020 at 09:56:41AM +0200, Christian Brauner wrote:
> > On Thu, May 28, 2020 at 04:11:00PM -0700, Kees Cook wrote:
> > > void seccomp_filter_release(const struct task_struct *tsk)
> > > {
&g
On Thu, May 28, 2020 at 10:41:45PM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 05:14:12PM +0200, Christian Brauner wrote:
> > This verifies we're correctly notified when a seccomp filter becomes
> > unused when a notifier is in use.
>
> While you're adding this, can
On Fri, May 29, 2020 at 12:56:50AM -0700, Kees Cook wrote:
> On Fri, May 29, 2020 at 09:51:37AM +0200, Christian Brauner wrote:
> > Aside from this being not an issue now, can we please not dump seccomp
> > filter contents in proc. That sounds terrible and what's the rationale,
On Thu, May 28, 2020 at 04:11:00PM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 05:14:11PM +0200, Christian Brauner wrote:
> > * @usage: reference count to manage the object lifetime.
> > * get/put helpers should be used when accessing an instance
> >
On Fri, May 29, 2020 at 01:32:03AM +0200, Jann Horn wrote:
> On Fri, May 29, 2020 at 1:11 AM Kees Cook wrote:
> > On Thu, May 28, 2020 at 05:14:11PM +0200, Christian Brauner wrote:
> > > * @usage: reference count to manage the object lifetime.
> > > * get
On Thu, May 28, 2020 at 04:11:00PM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 05:14:11PM +0200, Christian Brauner wrote:
> > * @usage: reference count to manage the object lifetime.
> > * get/put helpers should be used when accessing an instance
> >
tes below...
>
> > +/* valid flags for seccomp_notif_addfd */
> > +#define SECCOMP_ADDFD_FLAG_SETFD (1UL << 0) /* Specify remote fd */
>
> Nit: please use BIT()
Fwiw, I don't think we can use BIT() in uapi headers, see:
commit 23b2c96fad21886c53f5e1a4ffedd45ddd2e85b
On Sun, May 17, 2020 at 05:18:55PM +0200, Christian Brauner wrote:
> On Sun, May 17, 2020 at 05:16:35PM +0200, Christian Brauner wrote:
> > This is part of a larger series that aims at getting rid of the
> > copy_thread()/copy_thread_tls() split that makes the process creatio
n
Cc: Jann Horn
Cc: Chris Palmer
Cc: Aleksa Sarai
Cc: Robert Sesek
Cc: Jeffrey Vander Stoep
Cc: Linux Containers
Signed-off-by: Christian Brauner
---
/* v2 */
- Jann Horn :
- Use more descriptive instead of seccomp_filter_notify().
(I went with seccomp_filter_release().)
---
include/
This verifies we're correctly notified when a seccomp filter becomes
unused when a notifier is in use.
Signed-off-by: Christian Brauner
---
/* v2 */
unchanged
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 136 ++
1 file changed, 136 insertions(+)
diff --git a/tools
On Thu, May 28, 2020 at 04:17:00PM +0200, Christian Brauner wrote:
> On Wed, May 27, 2020 at 06:59:54PM -0700, Kees Cook wrote:
> > On Thu, May 28, 2020 at 01:16:46AM +0200, Christian Brauner wrote:
> > > I'm also starting to think this isn't even possible or currently d
On Wed, May 27, 2020 at 06:59:54PM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 01:16:46AM +0200, Christian Brauner wrote:
> > I'm also starting to think this isn't even possible or currently doable
> > safely.
> > The fdtable in the kernel would end up with a dang
On Thu, May 28, 2020 at 06:04:48AM +0200, Jann Horn wrote:
> On Wed, May 27, 2020 at 1:19 PM Christian Brauner
> wrote:
> > We've been making heavy use of the seccomp notifier to intercept and
> > handle certain syscalls for containers. This patch allows a syscall
> &
On Wed, May 27, 2020 at 06:05:55PM +, Nicolas Viennot wrote:
> > > Also in this thread Kamil mentioned that they also need calling prctl
> > > with PR_SET_MM during restore in their production setup.
> >
> > We're using that as well but it really feels like this:
> >
> > prctl_map =
On Thu, May 28, 2020 at 12:45:02AM +0200, Christian Brauner wrote:
> On Wed, May 27, 2020 at 03:37:58PM -0700, Kees Cook wrote:
> > On Thu, May 28, 2020 at 12:05:32AM +0200, Christian Brauner wrote:
> > > The main question also is, is there precedence where the kernel just
>
On Wed, May 27, 2020 at 03:37:58PM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 12:05:32AM +0200, Christian Brauner wrote:
> > The main question also is, is there precedence where the kernel just
> > closes the file descriptor for userspace behind it's back? I'm not sure
On Wed, May 27, 2020 at 02:43:49PM -0700, Kees Cook wrote:
> On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote:
> > loop. But this is problematic since we don't get a notification when the
> > seccomp filter has become unused and so we currently never remove
On Wed, May 27, 2020 at 05:37:07PM +, Sargun Dhillon wrote:
> On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote:
> > +void seccomp_filter_notify(const struct task_struct *tsk)
> > +{
> > + struct seccomp_filter *orig = tsk->seccomp.filter;
&
On Wed, May 27, 2020 at 09:25:59AM -0600, Tycho Andersen wrote:
> On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote:
> > +void seccomp_filter_notify(const struct task_struct *tsk)
> > +{
> > + struct seccomp_filter *orig = tsk->seccomp.filter;
&
On Wed, May 27, 2020 at 04:14:03PM +0200, Adrian Reber wrote:
> On Tue, May 26, 2020 at 08:59:29AM -0500, Eric W. Biederman wrote:
> > Adrian Reber writes:
> >
> > > On Fri, May 22, 2020 at 09:40:37AM -0700, Casey Schaufler wrote:
> >
> > >> What are the other blockers? Are you going to suggest
This verifies we're correctly notified when a seccomp filter becomes
unused when a notifier is in use.
Signed-off-by: Christian Brauner
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 137 ++
1 file changed, 137 insertions(+)
diff --git a/tools/testing/selftests/seccomp
n
Cc: Jann Horn
Cc: Chris Palmer
Cc: Aleksa Sarai
Cc: Robert Sesek
Cc: Jeffrey Vander Stoep
Cc: Linux Containers
Signed-off-by: Christian Brauner
---
include/linux/seccomp.h | 5 +
kernel/exit.c | 2 ++
kernel/seccomp.c| 32 ++--
3 files ch
On Mon, May 25, 2020 at 11:59:18PM -0700, Sargun Dhillon wrote:
> On Mon, May 25, 2020 at 6:50 AM Christian Brauner
> wrote:
> >
> > On Sun, May 24, 2020 at 04:39:39PM -0700, Sargun Dhillon wrote:
> > > This adds a seccomp notifier ioctl which allows for the l
s may or may not be desirable with the addfd ioctl. This allows
> the user to opt-in.
>
> Signed-off-by: Sargun Dhillon
> Suggested-by: Tycho Andersen
> Cc: Matt Denton
> Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian Brau
tion, there is funcitonality to allow for replacement of
> specific file descriptors, following dup2-like semantics.
>
> Signed-off-by: Sargun Dhillon
> Suggested-by: Matt Denton
> Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian Br
Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian Brauner
> Cc: Tycho Andersen
> ---
> kernel/seccomp.c | 38 +-
> 1 file changed, 21 insertions(+), 17 deletions(-)
>
> diff --git a/kerne
/kernel/git/brauner/linux
Pull thread fixes from Christian Brauner:
"This contains a series of patches to fix CLONE_SETTLS when used with
clone3().
The clone3() syscall passes the tls argument through struct clone_args
instead of a register. This means, all architec
On Fri, May 22, 2020 at 09:38:16AM -0400, Joel Fernandes wrote:
> On Fri, May 22, 2020 at 03:13:55PM +0200, Christian Brauner wrote:
> > On Thu, May 21, 2020 at 11:55:21AM -0400, Joel Fernandes wrote:
> > > On Thu, May 21, 2020 at 11:53 AM Joel Fernandes (Go
On Fri, May 22, 2020 at 07:53:50AM +0200, Adrian Reber wrote:
> This enables CRIU to checkpoint and restore a process as non-root.
>
> Over the last years CRIU upstream has been asked a couple of time if it
> is possible to checkpoint and restore a process as non-root. The answer
> usually was:
On Thu, May 21, 2020 at 11:55:21AM -0400, Joel Fernandes wrote:
> On Thu, May 21, 2020 at 11:53 AM Joel Fernandes (Google)
> wrote:
> >
> > On a modern Linux distro, compiling the following program fails:
> > #include
> > #include
> > #include
> > #include
> >
> > void main() {
> >
On Fri, May 22, 2020 at 07:53:50AM +0200, Adrian Reber wrote:
> This enables CRIU to checkpoint and restore a process as non-root.
>
> Over the last years CRIU upstream has been asked a couple of time if it
> is possible to checkpoint and restore a process as non-root. The answer
> usually was:
On Wed, May 20, 2020 at 07:24:18PM +0200, Christian Brauner wrote:
> On Wed, May 20, 2020 at 10:54:21AM -0600, David Ahern wrote:
> > On 5/20/20 8:58 AM, Christian Brauner wrote:
> > > During NorthSec (cf. [1]) a very large number of unprivileged
> > > containers an
On Wed, May 20, 2020 at 10:54:21AM -0600, David Ahern wrote:
> On 5/20/20 8:58 AM, Christian Brauner wrote:
> > During NorthSec (cf. [1]) a very large number of unprivileged
> > containers and nested containers are run during the competition to
> > provide a safe environment
the limit from the current network namespace. This to means
we don't fully namespace max_sizes but allow the current network
namespace to choose a limit it is comfortable with inheriting.
[1]: https://nsec.io/
Signed-off-by: Christian Brauner
---
net/ipv6/route.c | 5 +++--
1 file changed, 3
On Tue, May 19, 2020 at 04:32:38PM +0200, Geert Uytterhoeven wrote:
> Hi Christian,
>
> On Tue, May 19, 2020 at 3:15 PM Christian Brauner
> wrote:
> > On Tue, May 19, 2020 at 06:56:36AM -0500, Eric W. Biederman wrote:
> > > Andreas Schwab writes:
> > > >
On Tue, May 19, 2020 at 03:36:28PM +0200, Michael Kerrisk (man-pages) wrote:
> Hello Christian,
>
> Thanks for this patch!
Thanks for making it palatable. :)
>
> On 5/18/20 7:55 PM, Christian Brauner wrote:
> > From: Christian Brauner
> >
> >
On Tue, May 19, 2020 at 07:28:46AM -0500, Eric W. Biederman wrote:
> Andreas Schwab writes:
>
> > On Mai 19 2020, Eric W. Biederman wrote:
> >
> >> I am wondering if there are source trees for libc4 or libc5 around
> >> anywhere that we can look at to see how usage of uselib evolved.
> >
> >
On Tue, May 19, 2020 at 06:56:36AM -0500, Eric W. Biederman wrote:
> Andreas Schwab writes:
>
> > On Mai 18 2020, Eric W. Biederman wrote:
> >
> >> If it was only libc4 and libc5 that used the uselib system call then it
> >> can probably be removed after enough time.
> >
> > Only libc4 used it,
On Tue, May 19, 2020 at 05:09:29PM +1000, Aleksa Sarai wrote:
> On 2020-05-18, Kees Cook wrote:
> > ## fd passing
> >
> > Background: seccomp users want to be able to install an fd in a
> > monitored process during a user_notif to emulate "open" calls (or
> > similar), possibly across security
On Tue, May 19, 2020 at 12:48:46PM +1000, Aleksa Sarai wrote:
> On 2020-05-19, Jann Horn wrote:
> > On Mon, May 18, 2020 at 11:05 PM Kees Cook wrote:
> > > ## deep argument inspection
> > >
> > > Background: seccomp users would like to write filters that traverse
> > > the user pointers passed
On Mon, May 18, 2020 at 02:04:57PM -0700, Kees Cook wrote:
> Hi!
>
> This is my attempt at a brain-dump on my plans for nearish-term seccomp
> features. Welcome to my TED talk... ;)
>
> These are the things I've been thinking about:
>
> - fd passing
> - deep argument inspection
> - changing
On Tue, May 19, 2020 at 07:24:52AM +, Sargun Dhillon wrote:
> On Tue, May 19, 2020 at 12:39:39AM +0200, Jann Horn wrote:
> > > For user_notif, I think we need something in and around these options:
> > >
> > > - make a new API that explicitly follows EA struct design
> > > (and while
On Mon, May 18, 2020 at 06:57:15PM -0500, Eric W. Biederman wrote:
> Christian Brauner writes:
>
> > On Mon, May 18, 2020 at 04:43:20PM +0200, Jann Horn wrote:
> >> On Mon, May 18, 2020 at 3:03 PM Christian Brauner
> >> wrote:
> >> > Also - gulp (pu
if (syscall(__NR_pidfd_send_signal, -1, 0, NULL, 0) < 0)
printf("%m - pidfd_getfd(-1)\n");
exit(EXIT_SUCCESS);
}
which all give:
Bad file descriptor - openat(-1)
Bad file descriptor - fcntl(-1)
Bad file descriptor - dup(-1)
Bad file descriptor - close(-1)
On Mon, May 18, 2020 at 07:18:25PM +0100, Al Viro wrote:
> On Sun, May 17, 2020 at 11:13:47PM +0100, Al Viro wrote:
>
> > Is virtio-blk-pci more resilent to lost interrupt bug introduced in
> > "sun4u: update PCI topology to include simba PCI bridges"? I hadn't tried
> > it yet (reverted to
From: Christian Brauner
Signed-off-by: Christian Brauner
---
/* v2 */
- Michael Kerrisk (man-pages) :
- Fix various types and add examples and how to specify the file
descriptor.
---
man2/clone.2 | 43 +++
1 file changed, 43 insertions(+)
diff
On Mon, May 18, 2020 at 04:43:20PM +0200, Jann Horn wrote:
> On Mon, May 18, 2020 at 3:03 PM Christian Brauner
> wrote:
> > Also - gulp (puts on flame proof suit) - may I suggest we check if there
> > are any distros out there that still set CONFIG_USELIB=y
>
> Debian
On Mon, May 18, 2020 at 03:30:34PM +0100, David Howells wrote:
> Michael Kerrisk (man-pages) wrote:
>
> > I've been looking at the new mount API (fsopen(), fsconfig(),
> > fsmount(), move_mount(), etc.) and among the details that remain
> > mysterious to me is this: how does one set the
On Mon, May 18, 2020 at 07:23:55AM -0600, Tycho Andersen wrote:
> On Mon, May 18, 2020 at 02:45:00PM +0200, Christian Brauner wrote:
> > On Mon, May 18, 2020 at 08:32:25AM +, Sargun Dhillon wrote:
> > > On Sun, May 17, 2020 at 02:30:57PM -0700, Kees Cook wrote:
> >
uselib has been deprected since forever basically which makes me doubt
this matters much but:
Acked-by: Christian Brauner
Also - gulp (puts on flame proof suit) - may I suggest we check if there
are any distros out there that still set CONFIG_USELIB=y and if not do
what we did with the sysctl sy
On Sun, May 17, 2020 at 09:02:15AM -0600, Tycho Andersen wrote:
> On Sun, May 17, 2020 at 08:46:03AM -0600, Tycho Andersen wrote:
> > On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wrote:
> > > struct seccomp_notif2 {
> > > __u32 notif_size;
> >
On Mon, May 18, 2020 at 08:32:25AM +, Sargun Dhillon wrote:
> On Sun, May 17, 2020 at 02:30:57PM -0700, Kees Cook wrote:
> > On Sun, May 17, 2020 at 09:02:15AM -0600, Tycho Andersen wrote:
> >
> > I'm going read this thread more carefully tomorrow, but I just wanted to
> > mention that I'd
On Sun, May 17, 2020 at 02:30:57PM -0700, Kees Cook wrote:
> On Sun, May 17, 2020 at 09:02:15AM -0600, Tycho Andersen wrote:
> > On Sun, May 17, 2020 at 08:46:03AM -0600, Tycho Andersen wrote:
> > > On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wrote:
> > &
On Sun, May 17, 2020 at 05:16:35PM +0200, Christian Brauner wrote:
> This is part of a larger series that aims at getting rid of the
> copy_thread()/copy_thread_tls() split that makes the process creation
> codepaths in the kernel more convoluted and error-prone than they need
>
f
git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux
Pull thread fixes from Christian Brauner:
"This contains a series of patches to fix CLONE_SETTLS when used with
clone3().
The clone3() syscall passes the tls argument through struct clone_args
instead of a
On Tue, May 12, 2020 at 01:06:33PM -0700, David Miller wrote:
> From: Christian Brauner
> Date: Tue, 12 May 2020 19:15:24 +0200
>
> > I've tested this series with qemu-system-sparc64 and a Debian Sid image
> > and it comes up no problem (Here's a little recording
>
On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wrote:
> On Sun, May 17, 2020 at 08:23:16AM -0600, Tycho Andersen wrote:
> > On Sun, May 17, 2020 at 09:21:56PM +1000, Aleksa Sarai wrote:
> > > On 2020-05-17, Christian Brauner wrote:
> > > >
On Sun, May 17, 2020 at 08:23:16AM -0600, Tycho Andersen wrote:
> On Sun, May 17, 2020 at 09:21:56PM +1000, Aleksa Sarai wrote:
> > On 2020-05-17, Christian Brauner wrote:
> > > Or... And that's more invasive but ultimately cleaner we v2 the whole
> > > thing so e.g
133
> > [2]: https://lkml.org/lkml/2020/5/15/481
>
> nit: please use lore.kernel.org/lkml/ URLs
>
> > Suggested-by: Christian Brauner
> > Signed-off-by: Sargun Dhillon
> > ---
> > include/uapi/linux/seccomp.h | 2 +
> > kernel
On Fri, May 15, 2020 at 08:57:30AM -0700, Matthew Wilcox wrote:
> On Fri, May 15, 2020 at 10:23:17AM -0500, Nate Karstens wrote:
> > Series of 4 patches to implement close-on-fork. Tests have been
> > published to https://github.com/nkarstens/ltp/tree/close-on-fork
> > and cover close-on-fork
On Fri, May 15, 2020 at 01:41:46PM +0200, Michael Kerrisk (man-pages) wrote:
> Hello Christian,
>
> Ping!
Yes, I just thought of this when I saw your mail to Aleksa fly by. ;)
Christian
On Fri, May 15, 2020 at 04:49:14AM -0700, Sargun Dhillon wrote:
> On Sat, Jan 25, 2020 at 9:42 PM Tycho Andersen wrote:
>
> > On Fri, Jan 24, 2020 at 12:09:37PM -0800, Sargun Dhillon wrote:
> > > On Fri, Jan 24, 2020 at 10:03 AM Tycho Andersen wrote:
> > > >
> > > > On Fri, Jan 24, 2020 at
On Thu, May 14, 2020 at 11:35:29AM -0700, Linus Torvalds wrote:
> On Thu, May 14, 2020 at 11:22 AM Christian Brauner
> wrote:
> >
> > Seemed weird to me to change something that's been exposed to userspace for
> > that long.
>
> Well, the internal declarations are
On May 14, 2020 8:07:59 PM GMT+02:00, Linus Torvalds
wrote:
>On Thu, May 14, 2020 at 10:05 AM Christian Brauner
> wrote:
>>
>> This contains a single fix for all exported legacy fork helpers to
>block
>> accidental access to clone3() features in the upper 32 bits o
020-05-13
----
Christian Brauner (1):
fork: prevent accidental access to clone3 features
kernel/fork.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
On Thu, May 14, 2020 at 11:48:31AM +0200, John Paul Adrian Glaubitz wrote:
>
>
> On 5/14/20 9:53 AM, John Paul Adrian Glaubitz wrote:
> > The kernel is currently building, you should get it by the evening (CEST).
> >
> > The machine also serves as a Debian buildd which is why it's a bit more
>
On Thu, May 14, 2020 at 12:45:41PM +0200, Andreas Schwab wrote:
> On Mai 14 2020, Christian Brauner wrote:
>
> > pid = syscall(189 /* __NR_clone2 */, SIGCHLD, stack, STACK_SIZE,
> > NULL, NULL);
>
> Syscall 189 doesn't exist on ia64, they start with 1024 (a
On Thu, May 14, 2020 at 12:35:49PM +0200, John Paul Adrian Glaubitz wrote:
> On 5/14/20 12:32 PM, Christian Brauner wrote:
> > Do you have a very minimalistic ia64 userspace preferably without systemd
> > where
> > you could simply test. That should give us an ide
On Thu, May 14, 2020 at 12:33:00PM +0200, Christian Brauner wrote:
> On Thu, May 14, 2020 at 12:21:13PM +0200, John Paul Adrian Glaubitz wrote:
> > On 5/14/20 12:19 PM, Christian Brauner wrote:
> > > Scratch that. It's even worse. On ia64 it is _invalid_ to pass a NULL
> >
On Thu, May 14, 2020 at 12:21:13PM +0200, John Paul Adrian Glaubitz wrote:
> On 5/14/20 12:19 PM, Christian Brauner wrote:
> > Scratch that. It's even worse. On ia64 it is _invalid_ to pass a NULL
> > stack. That's at least what the glibc assembly assumes:
> >
>
On Thu, May 14, 2020 at 12:15:42PM +0200, Christian Brauner wrote:
> On Thu, May 14, 2020 at 12:08:27PM +0200, John Paul Adrian Glaubitz wrote:
> > On 5/14/20 12:04 PM, Christian Brauner wrote:
> > > So that's interesting because systemd doesn't support itanium corre
501 - 600 of 2432 matches
Mail list logo