1. 18 9月, 2012 17 次提交
    • E
      userns: Convert configfs to use kuid and kgid where appropriate · 69552c0c
      Eric W. Biederman 提交于
      Cc: Joel Becker <jlbec@evilplan.org>
      Acked-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      69552c0c
    • E
      userns: Convert extN to support kuids and kgids in posix acls · af84df93
      Eric W. Biederman 提交于
      Convert ext2, ext3, and ext4 to fully support the posix acl changes,
      using e_uid e_gid instead e_id.
      
      Enabled building with posix acls enabled, all filesystems supporting
      user namespaces, now also support posix acls when user namespaces are enabled.
      
      Cc: Theodore Tso <tytso@mit.edu>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      af84df93
    • E
      userns: Pass a userns parameter into posix_acl_to_xattr and posix_acl_from_xattr · 5f3a4a28
      Eric W. Biederman 提交于
       - Pass the user namespace the uid and gid values in the xattr are stored
         in into posix_acl_from_xattr.
      
       - Pass the user namespace kuid and kgid values should be converted into
         when storing uid and gid values in an xattr in posix_acl_to_xattr.
      
      - Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to
        pass in &init_user_ns.
      
      In the short term this change is not strictly needed but it makes the
      code clearer.  In the longer term this change is necessary to be able to
      mount filesystems outside of the initial user namespace that natively
      store posix acls in the linux xattr format.
      
      Cc: Theodore Tso <tytso@mit.edu>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      5f3a4a28
    • E
      userns: Convert vfs posix_acl support to use kuids and kgids · 2f6f0654
      Eric W. Biederman 提交于
      - In setxattr if we are setting a posix acl convert uids and gids from
        the current user namespace into the initial user namespace, before
        the xattrs are passed to the underlying filesystem.
      
        Untranslatable uids and gids are represented as -1 which
        posix_acl_from_xattr will represent as INVALID_UID or INVALID_GID.
        posix_acl_valid will fail if an acl from userspace has any
        INVALID_UID or INVALID_GID values.  In net this guarantees that
        untranslatable posix acls will not be stored by filesystems.
      
      - In getxattr if we are reading a posix acl convert uids and gids from
        the initial user namespace into the current user namespace.
      
        Uids and gids that can not be tranlsated into the current user namespace
        will be represented as -1.
      
      - Replace e_id in struct posix_acl_entry with an anymouns union of
        e_uid and e_gid.  For the short term retain the e_id field
        until all of the users are converted.
      
      - Don't set struct posix_acl.e_id in the cases where the acl type
        does not use e_id.  Greatly reducing the use of ACL_UNDEFINED_ID.
      
      - Rework the ordering checks in posix_acl_valid so that I use kuid_t
        and kgid_t types throughout the code, and so that I don't need
        arithmetic on uid and gid types.
      
      Cc: Theodore Tso <tytso@mit.edu>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andreas Dilger <adilger.kernel@dilger.ca>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      2f6f0654
    • E
      userns: Teach trace to use from_kuid · d20b92ab
      Eric W. Biederman 提交于
      - When tracing capture the kuid.
      - When displaying the data to user space convert the kuid into the
        user namespace of the process that opened the report file.
      
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Frederic Weisbecker <fweisbec@gmail.com>
      Cc: Ingo Molnar <mingo@redhat.com>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      d20b92ab
    • E
      userns: Convert bsd process accounting to use kuid and kgid where appropriate · f8f3d4de
      Eric W. Biederman 提交于
      BSD process accounting conveniently passes the file the accounting
      records will be written into to do_acct_process.  The file credentials
      captured the user namespace of the opener of the file.  Use the file
      credentials to format the uid and the gid of the current process into
      the user namespace of the user that started the bsd process
      accounting.
      
      Cc: Pavel Emelyanov <xemul@openvz.org>
      Reviewed-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      f8f3d4de
    • E
      userns: Convert taskstats to handle the user and pid namespaces. · 4bd6e32a
      Eric W. Biederman 提交于
      - Explicitly limit exit task stat broadcast to the initial user and
        pid namespaces, as it is already limited to the initial network
        namespace.
      
      - For broadcast task stats explicitly generate all of the idenitiers
        in terms of the initial user namespace and the initial pid
        namespace.
      
      - For request stats report them in terms of the current user namespace
        and the current pid namespace.  Netlink messages are delivered
        syncrhonously to the kernel allowing us to get the user namespace
        and the pid namespace from the current task.
      
      - Pass the namespaces for representing pids and uids and gids
        into bacct_add_task.
      
      Cc: Balbir Singh <bsingharora@gmail.com>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      4bd6e32a
    • E
      userns: Convert audit to work with user namespaces enabled · cca080d9
      Eric W. Biederman 提交于
      - Explicitly format uids gids in audit messges in the initial user
        namespace. This is safe because auditd is restrected to be in
        the initial user namespace.
      
      - Convert audit_sig_uid into a kuid_t.
      
      - Enable building the audit code and user namespaces at the same time.
      
      The net result is that the audit subsystem now uses kuid_t and kgid_t whenever
      possible making it almost impossible to confuse a raw uid_t with a kuid_t
      preventing bugs.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      cca080d9
    • E
      userns: Convert the audit loginuid to be a kuid · e1760bd5
      Eric W. Biederman 提交于
      Always store audit loginuids in type kuid_t.
      
      Print loginuids by converting them into uids in the appropriate user
      namespace, and then printing the resulting uid.
      
      Modify audit_get_loginuid to return a kuid_t.
      
      Modify audit_set_loginuid to take a kuid_t.
      
      Modify /proc/<pid>/loginuid on read to convert the loginuid into the
      user namespace of the opener of the file.
      
      Modify /proc/<pid>/loginud on write to convert the loginuid
      rom the user namespace of the opener of the file.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Cc: Paul Moore <paul@paul-moore.com> ?
      Cc: David Miller <davem@davemloft.net>
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      e1760bd5
    • E
      audit: Add typespecific uid and gid comparators · ca57ec0f
      Eric W. Biederman 提交于
      The audit filter code guarantees that uid are always compared with
      uids and gids are always compared with gids, as the comparason
      operations are type specific.  Take advantage of this proper to define
      audit_uid_comparator and audit_gid_comparator which use the type safe
      comparasons from uidgid.h.
      
      Build on audit_uid_comparator and audit_gid_comparator and replace
      audit_compare_id with audit_compare_uid and audit_compare_gid.  This
      is one of those odd cases where being type safe and duplicating code
      leads to simpler shorter and more concise code.
      
      Don't allow bitmask operations in uid and gid comparisons in
      audit_data_to_entry.  Bitmask operations are already denined in
      audit_rule_to_entry.
      
      Convert constants in audit_rule_to_entry and audit_data_to_entry into
      kuids and kgids when appropriate.
      
      Convert the uid and gid field in struct audit_names to be of type
      kuid_t and kgid_t respectively, so that the new uid and gid comparators
      can be applied in a type safe manner.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      ca57ec0f
    • E
      audit: Don't pass pid or uid to audit_log_common_recv_msg · 860c0aaf
      Eric W. Biederman 提交于
      The only place we use the uid and the pid that we calculate in
      audit_receive_msg is in audit_log_common_recv_msg so move the
      calculation of these values into the audit_log_common_recv_msg.
      
      Simplify the calcuation of the current pid and uid by
      reading them from current instead of reading them from
      NETLINK_CREDS.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      860c0aaf
    • E
      audit: Remove the unused uid parameter from audit_receive_filter · 017143fe
      Eric W. Biederman 提交于
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      017143fe
    • E
      audit: Properly set the origin port id of audit messages. · 35ce9888
      Eric W. Biederman 提交于
      For user generated audit messages set the portid field in the netlink
      header to the netlink port where the user generated audit message came
      from.  Reporting the process id in a port id field was just nonsense.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      35ce9888
    • E
      audit: Simply AUDIT_TTY_SET and AUDIT_TTY_GET · 8aa14b64
      Eric W. Biederman 提交于
      Use current instead of looking up the current up the current task by
      process identifier.  Netlink requests are processed in trhe context of
      the sending task so this is safe.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      8aa14b64
    • E
      audit: kill audit_prepare_user_tty · f95732e2
      Eric W. Biederman 提交于
      Now that netlink messages are processed in the context of the sender
      tty_audit_push_task can be called directly and audit_prepare_user_tty
      which only added looking up the task of the tty by process id is
      not needed.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      f95732e2
    • E
      audit: Use current instead of NETLINK_CREDS() in audit_filter · 02276bda
      Eric W. Biederman 提交于
      Get caller process uid and gid and pid values from the current task
      instead of the NETLINK_CB.  This is simpler than passing NETLINK_CREDS
      from from audit_receive_msg to audit_filter_user_rules and avoid the
      chance of being hit by the occassional bugs in netlink uid/gid
      credential passing.  This is a safe changes because all netlink
      requests are processed in the task of the sending process.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      02276bda
    • E
      audit: Limit audit requests to processes in the initial pid and user namespaces. · 34e36d8e
      Eric W. Biederman 提交于
      This allows the code to safely make the assumption that all of the
      uids gids and pids that need to be send in audit messages are in the
      initial namespaces.
      
      If someone cares we may lift this restriction someday but start with
      limiting access so at least the code is always correct.
      
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Eric Paris <eparis@redhat.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      34e36d8e
  2. 14 9月, 2012 3 次提交
  3. 07 9月, 2012 3 次提交
  4. 24 8月, 2012 2 次提交
  5. 17 8月, 2012 1 次提交
  6. 15 8月, 2012 14 次提交