Support sockets leaked to child user_ns task

Submitted by Kirill Tkhai on June 5, 2017, 5:23 p.m.

Details

Reviewer None
Submitted June 5, 2017, 5:23 p.m.
Last Updated June 20, 2017, 6:07 a.m.
Revision 3

Revisions

SERIES REVISION LOOKS STRANGE. Please double-check patch list and the ordering before proceeding.

Patches download mbox

# Name Submitter State
[01/28] pid_ns: Set sid for root_item Kirill Tkhai New
[02/28] pre_dump: Assign parasite pid only if it hasn't collected yet Kirill Tkhai New
[03/28] pid_ns: Make add_child_task() working with last_level_pid() Kirill Tkhai Accepted
[04/28] files: Kill file_desc_options::collect_fd() Kirill Tkhai New
[05/28] shmem: Remove pid argument of shmem_wait_and_open() Kirill Tkhai New
[06/28] shmem: Move pr_info to open_fd_of_real_pid() Kirill Tkhai New
[07/28] utils: Change open_fd_of_real_pid() to be open_fd_of_vpid() Kirill Tkhai New
[08/28] utils: Cleanup open_fd_of_vpid() Kirill Tkhai New
[09/28] ns: Add can_access_userns() helper Kirill Tkhai Accepted
[10/28] utils: Use daemon in open_fd_of_vpid() only its really need Kirill Tkhai New
[11/28] ns: Add top_net_ns global variable Kirill Tkhai New
[12/28] net: Fixup net ns_id of sockets on old dumps Kirill Tkhai Accepted
[13/28] ns: Rename root_user_ns to top_user_ns Kirill Tkhai New
[14/28] ns: Refactor top_user_ns assignment Kirill Tkhai New
[15/28] files: Move fle_init() to files.c Kirill Tkhai Accepted
[16/28] files: Merge shmalloc() to fle_init() Kirill Tkhai Accepted
[17/28] files: Add task link to created fdinfo_list_entry and populate it Kirill Tkhai Accepted
[18/28] files: Assign fdesc to fle in collect_fd() earlier Kirill Tkhai Accepted
[19/28] files: Add file_desc_ops::get_user_ns Kirill Tkhai Accepted
[20/28] net: Add file_desc_ops::get_user_ns for sockets Kirill Tkhai Accepted
[21/28] files: Populate file_desc::setns_userns Kirill Tkhai Accepted
[22/28] files: Declare structures of fake masters Kirill Tkhai New
[23/28] files: Extract new_fle assignment from collect_fd() to separate func Kirill Tkhai Accepted
[24/28] files: Choose file master with enough permissions Kirill Tkhai New
[25/28] files: Add fake fle flag and close such fles after restore files Kirill Tkhai New
[26/28] files: Teach collect_fd() mark fake files Kirill Tkhai Accepted
[27/28] files: Add new master to file_desc if owners of existing fles have no permissions Kirill Tkhai New
[28/28] zdtm: Add userns03 test Kirill Tkhai New

Tests

SERIES REVISION LOOKS STRANGE. Please double-check patch list and the ordering before proceeding.

Patches download mbox

# Name Submitter State
[v2,01/30] shmem: Move pr_info to open_fd_of_real_pid() Kirill Tkhai Accepted
[v2,02/30] utils: Change open_fd_of_real_pid() to be open_fd_of_vpid() Kirill Tkhai Accepted
[v2,03/30] utils: Cleanup open_fd_of_vpid() Kirill Tkhai Accepted
[v2,04/30] utils: Use daemon in open_fd_of_vpid() only its really need Kirill Tkhai Accepted
[v2,05/30] ns: Add top_net_ns global variable Kirill Tkhai Accepted
[v2,06/30] net: Fixup net ns_id of sockets on old dumps Kirill Tkhai Accepted
[v2,07/30] ns: Rename root_user_ns to top_user_ns Kirill Tkhai Accepted
[v2,08/30] ns: Refactor top_user_ns assignment Kirill Tkhai Accepted
[v2,09/30] files: Move fle_init() to files.c Kirill Tkhai Accepted
[v2,10/30] files: Merge shmalloc() to fle_init() Kirill Tkhai Accepted
[v2,11/30] files: Add task link to created fdinfo_list_entry and populate it Kirill Tkhai Accepted
[v2,12/30] files: Assign fdesc to fle in collect_fd() earlier Kirill Tkhai Accepted
[v2,13/30] files: Add file_desc_ops::get_user_ns Kirill Tkhai Accepted
[v2,14/30] net: Add file_desc_ops::get_user_ns for sockets Kirill Tkhai Accepted
[v2,15/30] files: Populate file_desc::setns_userns Kirill Tkhai Accepted
[v2,16/30] files: Declare structures of fake masters Kirill Tkhai Accepted
[v2,17/30] files: Extract new_fle assignment from collect_fd() to separate func Kirill Tkhai Accepted
[v2,18/30] files: Choose file master with enough permissions Kirill Tkhai New
[v2,19/30] files: Add fake fle flag and close such fles after restore files Kirill Tkhai Accepted
[v2,20/30] files: Teach collect_fd() mark fake files Kirill Tkhai Accepted
[v2,21/30] files: Add new master to file_desc if owners of existing fles have no permissions Kirill Tkhai Accepted
[v2,22/30] user_ns: Prepare creds of newly created task Kirill Tkhai Accepted
[v2,23/30] zdtm: Add userns-leaked-sock test Kirill Tkhai Accepted
[v2,24/30] ns: Replace last_ns_id with pstree_item->net_ns Kirill Tkhai Accepted
[v2,25/30] net_ns: Make net_ns check in do_restore_task_net_ns more universal Kirill Tkhai Accepted
[v2,26/30] net_ns: Split set_netns() and introduce new set_netns_by_id() Kirill Tkhai Accepted
[v2,27/30] user_ns: Keep setns helpers names in costistent state with net_ns Kirill Tkhai Accepted
[v2,28/30] files: Create transport socket via usernsd, when it's need Kirill Tkhai Accepted
[v2,29/30] net_ns: Set net_ns for child, if it has no permissions to do that Kirill Tkhai Accepted
[v2,30/30] zdtm: Add userns-no-child-setns test Kirill Tkhai Accepted

Tests

SERIES REVISION LOOKS STRANGE. Please double-check patch list and the ordering before proceeding.

Patches download mbox

# Name Submitter State
[v2,01/30] shmem: Move pr_info to open_fd_of_real_pid() Kirill Tkhai Accepted
[v2,02/30] utils: Change open_fd_of_real_pid() to be open_fd_of_vpid() Kirill Tkhai Accepted
[v2,03/30] utils: Cleanup open_fd_of_vpid() Kirill Tkhai Accepted
[v2,04/30] utils: Use daemon in open_fd_of_vpid() only its really need Kirill Tkhai Accepted
[v2,05/30] ns: Add top_net_ns global variable Kirill Tkhai Accepted
[v2,06/30] net: Fixup net ns_id of sockets on old dumps Kirill Tkhai Accepted
[v2,07/30] ns: Rename root_user_ns to top_user_ns Kirill Tkhai Accepted
[v2,08/30] ns: Refactor top_user_ns assignment Kirill Tkhai Accepted
[v2,09/30] files: Move fle_init() to files.c Kirill Tkhai Accepted
[v2,10/30] files: Merge shmalloc() to fle_init() Kirill Tkhai Accepted
[v2,11/30] files: Add task link to created fdinfo_list_entry and populate it Kirill Tkhai Accepted
[v2,12/30] files: Assign fdesc to fle in collect_fd() earlier Kirill Tkhai Accepted
[v2,13/30] files: Add file_desc_ops::get_user_ns Kirill Tkhai Accepted
[v2,14/30] net: Add file_desc_ops::get_user_ns for sockets Kirill Tkhai Accepted
[v2,15/30] files: Populate file_desc::setns_userns Kirill Tkhai Accepted
[v2,16/30] files: Declare structures of fake masters Kirill Tkhai Accepted
[v2,17/30] files: Extract new_fle assignment from collect_fd() to separate func Kirill Tkhai Accepted
[v2,18/30] files: Choose file master with enough permissions Kirill Tkhai Accepted
[v2,19/30] files: Add fake fle flag and close such fles after restore files Kirill Tkhai Accepted
[v2,20/30] files: Teach collect_fd() mark fake files Kirill Tkhai Accepted
[v2,21/30] files: Add new master to file_desc if owners of existing fles have no permissions Kirill Tkhai Accepted
[v2,22/30] user_ns: Prepare creds of newly created task Kirill Tkhai Accepted
[v2,23/30] zdtm: Add userns-leaked-sock test Kirill Tkhai Accepted
[v2,24/30] ns: Replace last_ns_id with pstree_item->net_ns Kirill Tkhai Accepted
[v2,25/30] net_ns: Make net_ns check in do_restore_task_net_ns more universal Kirill Tkhai Accepted
[v2,26/30] net_ns: Split set_netns() and introduce new set_netns_by_id() Kirill Tkhai Accepted
[v2,27/30] user_ns: Keep setns helpers names in costistent state with net_ns Kirill Tkhai Accepted
[v2,28/30] files: Create transport socket via usernsd, when it's need Kirill Tkhai Accepted
[v2,29/30] net_ns: Set net_ns for child, if it has no permissions to do that Kirill Tkhai Accepted
[v2,30/30] zdtm: Add userns-no-child-setns test Kirill Tkhai Accepted

Tests