[GIT,PULL] userns bug fix for 4.17-rc3

Details

Message ID	87k1sww4kf.fsf@xmission.com
State	New
Series	"userns bug fix for 4.17-rc3"
Headers	show Delivered-To: criupatchwork@gmail.com Received-SPF: pass (google.com: domain of containers-bounces@lists.linux-foundation.org designates 140.211.169.12 as permitted sender) client-ip=140.211.169.12; From: ebiederm@xmission.com (Eric W. Biederman) To: Linus Torvalds <torvalds@linux-foundation.org> Date: Tue, 24 Apr 2018 18:46:40 -0500 Message-ID: <87k1sww4kf.fsf@xmission.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 parse: 0.96 (0.0%), extract_message_metadata: 24 (0.2%), get_uri_detail_list: 2.9 (0.0%), tests_pri_-1000: 2.9 (0.0%), tests_pri_-950: 1.15 (0.0%), tests_pri_-900: 0.96 (0.0%), tests_pri_-400: 21 (0.1%), check_bayes: 20 (0.1%), b_tokenize: 6 (0.0%), b_tok_get_all: 7 (0.0%), b_comp_prob: 1.96 (0.0%), b_tok_touch_all: 3.3 (0.0%), b_finish: 0.63 (0.0%), tests_pri_0: 128 (0.9%), check_dkim_signature: 0.55 (0.0%), check_dkim_adsp: 2.9 (0.0%), tests_pri_500: 14854 (98.8%), poll_dns_idle: 14839 (98.7%), rewrite_mail: 0.00 (0.0%) Subject: [GIT PULL] userns bug fix for 4.17-rc3 Cc: Linux Containers <containers@lists.linux-foundation.org>, linux-kernel@vger.kernel.org Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: containers-bounces@lists.linux-foundation.org Errors-To: containers-bounces@lists.linux-foundation.org

Message ID

87k1sww4kf.fsf@xmission.com

State

New

Series

"userns bug fix for 4.17-rc3"

Headers

show

Delivered-To: criupatchwork@gmail.com
Received: from gmail-imap.l.google.com [173.194.222.108]
	by patchwork.criu.org with IMAP (fetchmail-6.3.26)
	for <root@localhost> (single-drop);
	Wed, 25 Apr 2018 01:48:27 +0200 (CEST)
Received: by 10.46.88.66 with SMTP id x2csp142812ljd; Tue, 24 Apr 2018
	16:48:25 -0700 (PDT)
X-Google-Smtp-Source: AIpwx48eKBtgXHugOMazpr3X0ed+ojB2bYbpBsf3YiG8fCJjNecMDNXOXLoGp+8Fay9/cjWYN0Bw
X-Received: by 10.101.86.8 with SMTP id l8mr21101874pgs.182.1524613704922;
	Tue, 24 Apr 2018 16:48:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524613704; cv=none; d=google.com;
	s=arc-20160816;
	b=zk54FO7wD9AxmfLTQ4tk8zCXLEMbM50U20XB49St8+SY4A1MnbsdM3lt763m3J7rHT
	D+nd7CwLOhttZYk9nJe9pyE7dDn4obwwc1cOlXi4fAhwc55qv04WzYsiEwoxu86166SK
	ZDkX9JyEf9SdyrE9bx/zoSoWz/NzLiPTvUTrAUDCHyvzEOq2sHkS9RJNf2U8+YKeDAip
	3bFfEiyJhija3vVeCj5YwB6uRuUrKbleLU+SbJqsu6WKPrwfd9UmPbPUfRv9u+M0C8fA
	YXU9mA2ypMzacqRgjhvwMw5HCN2t2+nS901IK1jKtGnvjnilzyRlF4c3DmBQvk3hp9BW
	YLLg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help
	:list-post:list-archive:list-unsubscribe:list-id:precedence:cc
	:subject:mime-version:user-agent:message-id:date:to:from
	:delivered-to:arc-authentication-results;
	bh=uoXdfiJtB1hDmvHtNaTQqDb18jdq8cDWkneODZslNbM=;
	b=cPI3iKfoiUy3wCFcckmLS/52K6/zQPnPaaEunXlm5aDnzEgb/0t3mK3mzQ5XDXXxi4
	aOK3pk1uA5E9uXVaFudC0FVR9xz7cpJdFiPKk/3jYjg2inPduMFZPg6YbiR91iGhU/Zu
	S0+wkcmUGAvPjA/xt6hLm10v/9AuXScMV/YbdAbm7/lKpcpkCjYXhCHRZFnkLRaaL5Pv
	1SZk1WxK58/GPwFfYgusT5utlE0Uqzj4EDbJUPlCPY+PTu6426z1zqy7JZ+irMYxGn44
	Rz0NdI8ECXWZOmpTv/zngqI/z/YQ2yh/k48IKqO5kVlHwzMOxIHnfSkfKhufz3wh3k1/
	3G+w==
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain
	of containers-bounces@lists.linux-foundation.org
	designates 140.211.169.12 as permitted sender)
	smtp.mailfrom=containers-bounces@lists.linux-foundation.org
Return-Path: <containers-bounces@lists.linux-foundation.org>
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org.
	[140.211.169.12]) by mx.google.com with ESMTPS id
	b89-v6si14912099plb.262.2018.04.24.16.48.24 (version=TLS1_2
	cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 24 Apr 2018 16:48:24 -0700 (PDT)
Received-SPF: pass (google.com: domain of
	containers-bounces@lists.linux-foundation.org designates
	140.211.169.12 as permitted sender) client-ip=140.211.169.12;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
	containers-bounces@lists.linux-foundation.org designates
	140.211.169.12 as permitted sender)
	smtp.mailfrom=containers-bounces@lists.linux-foundation.org
Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by
	mail.linuxfoundation.org (Postfix) with ESMTP id C48537A8;
	Tue, 24 Apr 2018 23:48:23 +0000 (UTC)
X-Original-To: containers@lists.linux-foundation.org
Delivered-To: containers@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id
	7B129481 for <containers@lists.linux-foundation.org>; Tue, 24 Apr 2018
	23:48:22 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from out02.mta.xmission.com (out02.mta.xmission.com
	[166.70.13.232])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D178E557 for
	<containers@lists.linux-foundation.org>;
	Tue, 24 Apr 2018 23:48:21 +0000 (UTC)
Received: from in02.mta.xmission.com ([166.70.13.52]) by
	out02.mta.xmission.com with esmtps
	(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
	(Exim 4.87) (envelope-from <ebiederm@xmission.com>) id
	1fB7fY-0001AJ-4j; Tue, 24 Apr 2018 17:48:20 -0600
Received: from [97.119.174.25] (helo=x220.xmission.com) by
	in02.mta.xmission.com with esmtpsa
	(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
	(Exim 4.87) (envelope-from <ebiederm@xmission.com>) id
	1fB7fI-0000CI-Ng; Tue, 24 Apr 2018 17:48:19 -0600
From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 24 Apr 2018 18:46:40 -0500
Message-ID: <87k1sww4kf.fsf@xmission.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)
MIME-Version: 1.0
X-XM-SPF: eid=1fB7fI-0000CI-Ng; ; ; mid=<87k1sww4kf.fsf@xmission.com>; ; ;
	hst=in02.mta.xmission.com; ; ; ip=97.119.174.25; ; ;
	frm=ebiederm@xmission.com; ; ; spf=neutral
X-XM-AID: U2FsdGVkX1+GNo6rElbfctgrk/kHUzhHq9ffO/6UBZo=
X-SA-Exim-Connect-IP: 97.119.174.25
X-SA-Exim-Mail-From: ebiederm@xmission.com
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_LOW,
	T_HDRS_LCASE autolearn=ham version=3.3.1
X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1
X-Spam-Combo: ****;Linus Torvalds <torvalds@linux-foundation.org>
X-Spam-Relay-Country: 
X-Spam-Timing: total 15039 ms - load_scoreonly_sql: 0.04 (0.0%),
	signal_user_changed: 3.0 (0.0%), b_tie_ro: 2.1 (0.0%),
	parse: 0.96 (0.0%), 
	extract_message_metadata: 24 (0.2%), get_uri_detail_list: 2.9 (0.0%), 
	tests_pri_-1000: 2.9 (0.0%), tests_pri_-950: 1.15 (0.0%),
	tests_pri_-900:
	0.96 (0.0%), tests_pri_-400: 21 (0.1%), check_bayes: 20 (0.1%),
	b_tokenize: 6
	(0.0%), b_tok_get_all: 7 (0.0%), b_comp_prob: 1.96 (0.0%),
	b_tok_touch_all:
	3.3 (0.0%), b_finish: 0.63 (0.0%), tests_pri_0: 128 (0.9%),
	check_dkim_signature: 0.55 (0.0%), check_dkim_adsp: 2.9 (0.0%),
	tests_pri_500: 14854 (98.8%), poll_dns_idle: 14839 (98.7%),
	rewrite_mail: 0.00 (0.0%)
Subject: [GIT PULL] userns bug fix for 4.17-rc3
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com)
Cc: Linux Containers <containers@lists.linux-foundation.org>,
	linux-kernel@vger.kernel.org
X-BeenThere: containers@lists.linux-foundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Linux Containers <containers.lists.linux-foundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/containers>,
	<mailto:containers-request@lists.linux-foundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/containers/>
List-Post: <mailto:containers@lists.linux-foundation.org>
List-Help: <mailto:containers-request@lists.linux-foundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/containers>,
	<mailto:containers-request@lists.linux-foundation.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: containers-bounces@lists.linux-foundation.org
Errors-To: containers-bounces@lists.linux-foundation.org

Commit Message

Eric W. Biederman April 24, 2018, 11:46 p.m.

Linus,

Please pull the userns-linus branch from the git tree:

   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus

   HEAD: 1f5781725dcbb026438e77091c91a94f678c3522 commoncap: Handle memory allocation failure

Just a small fix to properly set the return code on error.

From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Tue, 10 Apr 2018 15:15:16 +0900
Subject: [PATCH] commoncap: Handle memory allocation failure.

syzbot is reporting NULL pointer dereference at xattr_getsecurity() [1],
for cap_inode_getsecurity() is returning sizeof(struct vfs_cap_data) when
memory allocation failed. Return -ENOMEM if memory allocation failed.

[1] https://syzkaller.appspot.com/bug?id=a55ba438506fe68649a5f50d2d82d56b365e0107

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes: 8db6c34f1dbc8e06 ("Introduce v3 namespaced file capabilities")
Reported-by: syzbot <syzbot+9369930ca44f29e60e2d@syzkaller.appspotmail.com>
Cc: stable <stable@vger.kernel.org> # 4.14+
Acked-by: Serge E. Hallyn <serge@hallyn.com>
Acked-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 security/commoncap.c | 2 ++
 1 file changed, 2 insertions(+)

Patch hide | download patch | download mbox

diff --git a/security/commoncap.c b/security/commoncap.c
index 48620c93d697..1ce701fcb3f3 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -449,6 +449,8 @@  int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
 				magic |= VFS_CAP_FLAGS_EFFECTIVE;
 			memcpy(&cap->data, &nscap->data, sizeof(__le32) * 2 * VFS_CAP_U32);
 			cap->magic_etc = cpu_to_le32(magic);
+		} else {
+			size = -ENOMEM;
 		}
 	}
 	kfree(tmpbuf);