Re: Sky, comma, falling. (Was Re: [uml-devel] Xen going to be in Kernel 2.6 soon?)
On Sat, 5 Feb 2005, Sven Köhler wrote:
> With the integration of UML into the Linux-Kernel i thought, that it would
> speed up development of UML and make it more stable. Intead, the people still
> break the UML-stuff regularly and Jeff and Blaisorblade must provide patches
> again :-(
That's true for _all_ architectures these days[*], not even for UML.
Gr{oetje,eeting}s,
Geert
[*] i386 lost its privilege of never being broken since Linus got a G5 ;-)
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [EMAIL PROTECTED]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
Re: Sky, comma, falling. (Was Re: [uml-devel] Xen going to be in Kernel 2.6 soon?)
On Monday 07 February 2005 04:56 am, Geert Uytterhoeven wrote:
> On Sat, 5 Feb 2005, Sven Köhler wrote:
> > With the integration of UML into the Linux-Kernel i thought, that it
> > would speed up development of UML and make it more stable. Intead, the
> > people still break the UML-stuff regularly and Jeff and Blaisorblade must
> > provide patches again :-(
>
> That's true for _all_ architectures these days[*], not even for UML.
It's the 2.6 development model. We haven't got a stable series anymore, now
_everybody_ tests the odd releases. :)
> Gr{oetje,eeting}s,
>
> Geert
>
> [*] i386 lost its privilege of never being broken since Linus got a G5 ;-)
If the Apple Store ever calls me back about that darn mac mini waiting list,
porting UML to MacOS X may stop being theoretical. (After I get done playing
World of Warcraft, anyway...)
Rob
---
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
___
User-mode-linux-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
Re: [uml-devel] [PATCH] correct gid in hostfs_kern.c
On Tuesday 23 September 2003 19:20, Hannes Schulz wrote:
> I was reading hostfs_* because I wanted hostfs as rootfs (when
> launched by root).
> --- uml-2.4.22um5-orig/arch/um/fs/hostfs/hostfs_kern.c 2003-09-23
> 15:21:33.0 +0200
> +++ uml-2.4.22um5-hwh1/arch/um/fs/hostfs/hostfs_kern.c 2003-09-23
> 15:24:42.0 +0200
> @@ -766,7 +766,7 @@
>if(attr->ia_valid & ATTR_GID){
> if(kdev_same(dentry->d_inode->i_sb->s_dev, ROOT_DEV) &&
>(attr->ia_gid == 0))
> - attr->ia_gid = getuid();
> + attr->ia_gid = getgid();
> attrs.ia_valid |= HOSTFS_ATTR_GID;
> attrs.ia_gid = attr->ia_gid;
>}
I've verified that this patch has not yet been applied, neither in 2.4 nor in
2.6. I'm going to merge it into 2.6.11.
The original code does not make sense (since a given UID could not exist as a
GID) so it *must* be a typo, and not done on purpose.
I don't understand the purpose of the patched branch, however... it means that
chgrp 0 "fileName" will be executed as chgrp
fileName.
And only when running hostfs as rootfs well, it makes sense since when
stat()'ing a file this code is used:
if((ino->i_sb->s_dev == ROOT_DEV) && (ino->i_uid == getuid()))
ino->i_uid = 0;
i.e. if UML runs as uid 500, the host uid 500 is mapped to the guest uid 0.
This does not happen for the gids, which is to fix.
Also, these two threads deserve a look, too:
[uml-devel] [PATCH] hostfs as root (when lauched by root)
[uml-devel] [BUG 2.4.22-um5 + hostfs] file not updated upon munmap
--
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729
http://www.user-mode-linux.org/~blaisorblade
---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
___
User-mode-linux-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
Re: [uml-devel] Fix compilation of UML after the stack-randomization patches
On Friday 04 February 2005 20:38, Frank Sorenson wrote: > The stack randomization patches that went into 2.6.11-rc3-mm1 broke > compilation of ARCH=um. This patch fixes compiling by adding > arch_align_stack back in. > > Signed-off-by: Frank Sorenson <[EMAIL PROTECTED]> > Acked-By: Jeff Dike <[EMAIL PROTECTED]> I've just spotted that if the function is arch-dependent it means that for us it will be subarch-dependant. I've the doubt that the addition would better go under sys-i386 or some other subarch-dependent directories (in a file compiled against kernelspace headers, i.e. not listed in USER_OBJS in the directory it's contained inside), and it'd be nice to add also the x86_64 version. -- Paolo Giarrusso, aka Blaisorblade Linux registered user n. 292729 http://www.user-mode-linux.org/~blaisorblade --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ User-mode-linux-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
[uml-devel] [patch 0/2] uml: other important patches to merge before 2.6.11
Andrew Morton, this is another couple of fixes for UML to go in before 2.6.11 release. The first is *really* trivial, the second is very important since it fixes a security problem (described in the changelog). For the previous ones, I've seen they were merged quickly. Thanks and regards -- Paolo Giarrusso, aka Blaisorblade Linux registered user n. 292729 http://www.user-mode-linux.org/~blaisorblade --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ User-mode-linux-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
[uml-devel] [patch 1/2] uml - kbuild: add further cleaning [before 2.6.11]
From: Paolo 'Blaisorblade' Giarrusso <[EMAIL PROTECTED]> Descend into arch/um/kernel/skas/util during make clean. Signed-off-by: Paolo 'Blaisorblade' Giarrusso <[EMAIL PROTECTED]> --- linux-2.6.11-paolo/arch/um/kernel/skas/Makefile |2 ++ 1 files changed, 2 insertions(+) diff -puN arch/um/kernel/skas/Makefile~uml-kbuild-add-further-cleaning arch/um/kernel/skas/Makefile --- linux-2.6.11/arch/um/kernel/skas/Makefile~uml-kbuild-add-further-cleaning 2005-02-07 19:36:20.077171544 +0100 +++ linux-2.6.11-paolo/arch/um/kernel/skas/Makefile 2005-02-07 19:36:20.080171088 +0100 @@ -11,3 +11,5 @@ USER_OBJS := $(foreach file,$(USER_OBJS) $(USER_OBJS) : %.o: %.c $(CC) $(CFLAGS_$(notdir $@)) $(USER_CFLAGS) -c -o $@ $< + +subdir- := util _ --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ User-mode-linux-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
[uml-devel] [patch 2/2] uml - hostfs: (security) fix chmod +s permission check [before 2.6.11]
From: Paolo 'Blaisorblade' Giarrusso <[EMAIL PROTECTED]>
Cc: Frank 'xraz' Fricke <[EMAIL PROTECTED]>, Alexander Viro <[EMAIL PROTECTED]>
Frank Fricke reported that hostfs does not verify that a chmod +s, for
instance, is done by a sufficiently privileged user, as long as the UML kernel
itself can complete the operation on the host.
So, for instance, if UML is run as root and under /mnt/host we have a hostfs
mount, this works successfully:
[EMAIL PROTECTED]:~ (0)$ chmod 4755 /mnt/host/bin/bash
[EMAIL PROTECTED]:~ (0)$ ll /mnt/host/bin/bash
-rwsr-xr-x 1 root root 662724 2004-10-20 02:15 /mnt/host/bin/bash*
(bash refuses running as setuid, but you could have another shell on the host,
as dash or whatever).
In general, if UML is run as uid 500 on the host, a hostfs mount is done and
under the hostfs mount there is a file with uid 500 on the host, I can freely
make it setuid (if it's executable).
This is especially bad when UML is run as root (which you should not do), but
is a problem in general, since it allows any user to create setuid 500 (in
this example) executables on the host filesystem.
Finally, while I was looking at the chmod() implementation, I spotted a kludge
in the code and explained it with a comment.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <[EMAIL PROTECTED]>
---
linux-2.6.11-paolo/fs/hostfs/hostfs.h | 21 +
linux-2.6.11-paolo/fs/hostfs/hostfs_kern.c |4
2 files changed, 25 insertions(+)
diff -puN fs/hostfs/hostfs_kern.c~uml-hostfs-fix-setuid-permission-check
fs/hostfs/hostfs_kern.c
--- linux-2.6.11/fs/hostfs/hostfs_kern.c~uml-hostfs-fix-setuid-permission-check
2005-02-07 19:37:51.661248648 +0100
+++ linux-2.6.11-paolo/fs/hostfs/hostfs_kern.c 2005-02-07 19:39:24.317162808
+0100
@@ -823,6 +823,10 @@ int hostfs_setattr(struct dentry *dentry
char *name;
int err;
+ err = inode_change_ok(dentry->d_inode, attr);
+ if (err)
+ return err;
+
if(append)
attr->ia_valid &= ~ATTR_SIZE;
diff -puN fs/hostfs/hostfs.h~uml-hostfs-fix-setuid-permission-check
fs/hostfs/hostfs.h
--- linux-2.6.11/fs/hostfs/hostfs.h~uml-hostfs-fix-setuid-permission-check
2005-02-07 19:37:51.663248344 +0100
+++ linux-2.6.11-paolo/fs/hostfs/hostfs.h 2005-02-07 19:37:51.666247888
+0100
@@ -16,9 +16,30 @@
#define HOSTFS_ATTR_CTIME 64
#define HOSTFS_ATTR_ATIME_SET 128
#define HOSTFS_ATTR_MTIME_SET 256
+
+/* These two are unused by hostfs. */
#define HOSTFS_ATTR_FORCE 512 /* Not a change, but a change it */
#define HOSTFS_ATTR_ATTR_FLAG 1024
+/* If you are very careful, you'll notice that these two are missing:
+ *
+ * #define ATTR_KILL_SUID 2048
+ * #define ATTR_KILL_SGID 4096
+ *
+ * and this is because they were added in 2.5 development in this patch:
+ *
+ * http://linux.bkbits.net:8080/linux-2.5/
+ * [EMAIL PROTECTED]
+ * |src/.|src/include|src/include/linux|related/include/linux/fs.h
+ *
+ * Actually, they are not needed by most ->setattr() methods - they are set by
+ * callers of notify_change() to notify that the setuid/setgid bits must be
+ * dropped.
+ * notify_change() will delete those flags, make sure attr->ia_valid &
ATTR_MODE
+ * is on, and remove the appropriate bits from attr->ia_mode (attr is a
+ * "struct iattr *"). -BlaisorBlade
+ */
+
struct hostfs_iattr {
unsigned intia_valid;
mode_t ia_mode;
_
---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
___
User-mode-linux-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
Re: [uml-devel] Fix compilation of UML after the stack-randomization patches
[EMAIL PROTECTED] said: > I've the doubt that the addition would better go under sys-i386 or > some other subarch-dependent directories (in a file compiled against > kernelspace headers, i.e. not listed in USER_OBJS in the directory > it's contained inside), and it'd be nice to add also the x86_64 > version. Yes, good point. Jeff --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ User-mode-linux-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
