From nobody Sun Jun 28 10:34:12 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DD607C433EF for ; Mon, 14 Feb 2022 18:20:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1357424AbiBNSUV convert rfc822-to-8bit (ORCPT ); Mon, 14 Feb 2022 13:20:21 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:33378 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1357407AbiBNSUM (ORCPT ); Mon, 14 Feb 2022 13:20:12 -0500 X-Greylist: delayed 60 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Mon, 14 Feb 2022 10:20:04 PST Received: from us-smtp-delivery-44.mimecast.com (us-smtp-delivery-44.mimecast.com [207.211.30.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 7A5B06541B for ; Mon, 14 Feb 2022 10:20:04 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-586-Mu8-cTGhOvuxgX99ysiN1A-1; Mon, 14 Feb 2022 13:18:55 -0500 X-MC-Unique: Mu8-cTGhOvuxgX99ysiN1A-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BF65A1006AA0; Mon, 14 Feb 2022 18:18:53 +0000 (UTC) Received: from comp-core-i7-2640m-0182e6.redhat.com (unknown [10.36.110.3]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0D3558477A; Mon, 14 Feb 2022 18:18:46 +0000 (UTC) From: Alexey Gladkov To: LKML , Linux Containers Cc: Alexander Mikhalitsyn , Andrew Morton , Christian Brauner , Daniel Walsh , Davidlohr Bueso , "Eric W . Biederman" , Kirill Tkhai , Manfred Spraul , Serge Hallyn , Varad Gautam , Vasily Averin , kernel test robot Subject: [PATCH v4 1/2] ipc: Store mqueue sysctls in the ipc namespace Date: Mon, 14 Feb 2022 19:18:14 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=legion@kernel.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: kernel.org Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Right now, the mqueue sysctls take ipc namespaces into account in a rather hacky way. This works in most cases, but does not respect the user namespace. Within the user namespace, the user cannot change the /proc/sys/fs/mqueue/* parametres. This poses a problem in the rootless containers. To solve this I changed the implementation of the mqueue sysctls just like some other sysctls. So far, the changes do not provide additional access to files. This will be done in a future patch. v3: * Don't implemenet set_permissions to keep the current behavior. v2: * Fixed compilation problem if CONFIG_POSIX_MQUEUE_SYSCTL is not specified. Reported-by: kernel test robot Signed-off-by: Alexey Gladkov --- include/linux/ipc_namespace.h | 16 +++-- ipc/mq_sysctl.c | 121 ++++++++++++++++++---------------- ipc/mqueue.c | 10 ++- ipc/namespace.c | 6 ++ 4 files changed, 88 insertions(+), 65 deletions(-) diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h index b75395ec8d52..fa787d97d60a 100644 --- a/include/linux/ipc_namespace.h +++ b/include/linux/ipc_namespace.h @@ -10,6 +10,7 @@ #include #include #include +#include =20 struct user_namespace; =20 @@ -63,6 +64,9 @@ struct ipc_namespace { unsigned int mq_msg_default; unsigned int mq_msgsize_default; =20 + struct ctl_table_set mq_set; + struct ctl_table_header *mq_sysctls; + /* user_ns which owns the ipc ns */ struct user_namespace *user_ns; struct ucounts *ucounts; @@ -169,14 +173,18 @@ static inline void put_ipc_ns(struct ipc_namespace *n= s) =20 #ifdef CONFIG_POSIX_MQUEUE_SYSCTL =20 -struct ctl_table_header; -extern struct ctl_table_header *mq_register_sysctl_table(void); +void retire_mq_sysctls(struct ipc_namespace *ns); +bool setup_mq_sysctls(struct ipc_namespace *ns); =20 #else /* CONFIG_POSIX_MQUEUE_SYSCTL */ =20 -static inline struct ctl_table_header *mq_register_sysctl_table(void) +static inline void retire_mq_sysctls(struct ipc_namespace *ns) { - return NULL; +} + +static inline bool setup_mq_sysctls(struct ipc_namespace *ns) +{ + return true; } =20 #endif /* CONFIG_POSIX_MQUEUE_SYSCTL */ diff --git a/ipc/mq_sysctl.c b/ipc/mq_sysctl.c index 72a92a08c848..fbf6a8b93a26 100644 --- a/ipc/mq_sysctl.c +++ b/ipc/mq_sysctl.c @@ -9,39 +9,9 @@ #include #include =20 -#ifdef CONFIG_PROC_SYSCTL -static void *get_mq(struct ctl_table *table) -{ - char *which =3D table->data; - struct ipc_namespace *ipc_ns =3D current->nsproxy->ipc_ns; - which =3D (which - (char *)&init_ipc_ns) + (char *)ipc_ns; - return which; -} - -static int proc_mq_dointvec(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct ctl_table mq_table; - memcpy(&mq_table, table, sizeof(mq_table)); - mq_table.data =3D get_mq(table); - - return proc_dointvec(&mq_table, write, buffer, lenp, ppos); -} - -static int proc_mq_dointvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct ctl_table mq_table; - memcpy(&mq_table, table, sizeof(mq_table)); - mq_table.data =3D get_mq(table); - - return proc_dointvec_minmax(&mq_table, write, buffer, - lenp, ppos); -} -#else -#define proc_mq_dointvec NULL -#define proc_mq_dointvec_minmax NULL -#endif +#include +#include +#include =20 static int msg_max_limit_min =3D MIN_MSGMAX; static int msg_max_limit_max =3D HARD_MSGMAX; @@ -55,14 +25,14 @@ static struct ctl_table mq_sysctls[] =3D { .data =3D &init_ipc_ns.mq_queues_max, .maxlen =3D sizeof(int), .mode =3D 0644, - .proc_handler =3D proc_mq_dointvec, + .proc_handler =3D proc_dointvec, }, { .procname =3D "msg_max", .data =3D &init_ipc_ns.mq_msg_max, .maxlen =3D sizeof(int), .mode =3D 0644, - .proc_handler =3D proc_mq_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D &msg_max_limit_min, .extra2 =3D &msg_max_limit_max, }, @@ -71,7 +41,7 @@ static struct ctl_table mq_sysctls[] =3D { .data =3D &init_ipc_ns.mq_msgsize_max, .maxlen =3D sizeof(int), .mode =3D 0644, - .proc_handler =3D proc_mq_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D &msg_maxsize_limit_min, .extra2 =3D &msg_maxsize_limit_max, }, @@ -80,7 +50,7 @@ static struct ctl_table mq_sysctls[] =3D { .data =3D &init_ipc_ns.mq_msg_default, .maxlen =3D sizeof(int), .mode =3D 0644, - .proc_handler =3D proc_mq_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D &msg_max_limit_min, .extra2 =3D &msg_max_limit_max, }, @@ -89,32 +59,73 @@ static struct ctl_table mq_sysctls[] =3D { .data =3D &init_ipc_ns.mq_msgsize_default, .maxlen =3D sizeof(int), .mode =3D 0644, - .proc_handler =3D proc_mq_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D &msg_maxsize_limit_min, .extra2 =3D &msg_maxsize_limit_max, }, {} }; =20 -static struct ctl_table mq_sysctl_dir[] =3D { - { - .procname =3D "mqueue", - .mode =3D 0555, - .child =3D mq_sysctls, - }, - {} -}; +static struct ctl_table_set *set_lookup(struct ctl_table_root *root) +{ + return ¤t->nsproxy->ipc_ns->mq_set; +} =20 -static struct ctl_table mq_sysctl_root[] =3D { - { - .procname =3D "fs", - .mode =3D 0555, - .child =3D mq_sysctl_dir, - }, - {} +static int set_is_seen(struct ctl_table_set *set) +{ + return ¤t->nsproxy->ipc_ns->mq_set =3D=3D set; +} + +static struct ctl_table_root set_root =3D { + .lookup =3D set_lookup, }; =20 -struct ctl_table_header *mq_register_sysctl_table(void) +bool setup_mq_sysctls(struct ipc_namespace *ns) { - return register_sysctl_table(mq_sysctl_root); + struct ctl_table *tbl; + + setup_sysctl_set(&ns->mq_set, &set_root, set_is_seen); + + tbl =3D kmemdup(mq_sysctls, sizeof(mq_sysctls), GFP_KERNEL); + if (tbl) { + int i; + + for (i =3D 0; i < ARRAY_SIZE(mq_sysctls); i++) { + if (tbl[i].data =3D=3D &init_ipc_ns.mq_queues_max) + tbl[i].data =3D &ns->mq_queues_max; + + else if (tbl[i].data =3D=3D &init_ipc_ns.mq_msg_max) + tbl[i].data =3D &ns->mq_msg_max; + + else if (tbl[i].data =3D=3D &init_ipc_ns.mq_msgsize_max) + tbl[i].data =3D &ns->mq_msgsize_max; + + else if (tbl[i].data =3D=3D &init_ipc_ns.mq_msg_default) + tbl[i].data =3D &ns->mq_msg_default; + + else if (tbl[i].data =3D=3D &init_ipc_ns.mq_msgsize_default) + tbl[i].data =3D &ns->mq_msgsize_default; + else + tbl[i].data =3D NULL; + } + + ns->mq_sysctls =3D __register_sysctl_table(&ns->mq_set, "fs/mqueue", tbl= ); + } + if (!ns->mq_sysctls) { + kfree(tbl); + retire_sysctl_set(&ns->mq_set); + return false; + } + + return true; +} + +void retire_mq_sysctls(struct ipc_namespace *ns) +{ + struct ctl_table *tbl; + + tbl =3D ns->mq_sysctls->ctl_table_arg; + unregister_sysctl_table(ns->mq_sysctls); + retire_sysctl_set(&ns->mq_set); + kfree(tbl); } diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 5becca9be867..1b4a3be71636 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -163,8 +163,6 @@ static void remove_notification(struct mqueue_inode_inf= o *info); =20 static struct kmem_cache *mqueue_inode_cachep; =20 -static struct ctl_table_header *mq_sysctl_table; - static inline struct mqueue_inode_info *MQUEUE_I(struct inode *inode) { return container_of(inode, struct mqueue_inode_info, vfs_inode); @@ -1713,8 +1711,10 @@ static int __init init_mqueue_fs(void) if (mqueue_inode_cachep =3D=3D NULL) return -ENOMEM; =20 - /* ignore failures - they are not fatal */ - mq_sysctl_table =3D mq_register_sysctl_table(); + if (!setup_mq_sysctls(&init_ipc_ns)) { + pr_warn("sysctl registration failed\n"); + return -ENOMEM; + } =20 error =3D register_filesystem(&mqueue_fs_type); if (error) @@ -1731,8 +1731,6 @@ static int __init init_mqueue_fs(void) out_filesystem: unregister_filesystem(&mqueue_fs_type); out_sysctl: - if (mq_sysctl_table) - unregister_sysctl_table(mq_sysctl_table); kmem_cache_destroy(mqueue_inode_cachep); return error; } diff --git a/ipc/namespace.c b/ipc/namespace.c index ae83f0f2651b..f760243ca685 100644 --- a/ipc/namespace.c +++ b/ipc/namespace.c @@ -59,6 +59,10 @@ static struct ipc_namespace *create_ipc_ns(struct user_n= amespace *user_ns, if (err) goto fail_put; =20 + err =3D -ENOMEM; + if (!setup_mq_sysctls(ns)) + goto fail_put; + sem_init_ns(ns); msg_init_ns(ns); shm_init_ns(ns); @@ -125,6 +129,8 @@ static void free_ipc_ns(struct ipc_namespace *ns) msg_exit_ns(ns); shm_exit_ns(ns); =20 + retire_mq_sysctls(ns); + dec_ipc_namespaces(ns->ucounts); put_user_ns(ns->user_ns); ns_free_inum(&ns->ns); --=20 2.33.0 From nobody Sun Jun 28 10:34:12 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 602B6C433F5 for ; Mon, 14 Feb 2022 18:20:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1357426AbiBNSUX convert rfc822-to-8bit (ORCPT ); Mon, 14 Feb 2022 13:20:23 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:33376 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1357405AbiBNSUP (ORCPT ); Mon, 14 Feb 2022 13:20:15 -0500 Received: from us-smtp-delivery-44.mimecast.com (us-smtp-delivery-44.mimecast.com [207.211.30.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 6A9E0652DF for ; Mon, 14 Feb 2022 10:20:07 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-639-xmApq_c0O9aJ6JyWvjj16A-1; Mon, 14 Feb 2022 13:19:01 -0500 X-MC-Unique: xmApq_c0O9aJ6JyWvjj16A-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 022401091DA2; Mon, 14 Feb 2022 18:19:00 +0000 (UTC) Received: from comp-core-i7-2640m-0182e6.redhat.com (unknown [10.36.110.3]) by smtp.corp.redhat.com (Postfix) with ESMTP id 22B9D8477A; Mon, 14 Feb 2022 18:18:53 +0000 (UTC) From: Alexey Gladkov To: LKML , Linux Containers Cc: Alexander Mikhalitsyn , Andrew Morton , Christian Brauner , Daniel Walsh , Davidlohr Bueso , "Eric W . Biederman" , Kirill Tkhai , Manfred Spraul , Serge Hallyn , Varad Gautam , Vasily Averin Subject: [PATCH v4 2/2] ipc: Store ipc sysctls in the ipc namespace Date: Mon, 14 Feb 2022 19:18:15 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=legion@kernel.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: kernel.org Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The ipc sysctls are not available for modification inside the user namespace. Following the mqueue sysctls, we changed the implementation to be more userns friendly. So far, the changes do not provide additional access to files. This will be done in a future patch. Signed-off-by: Alexey Gladkov --- include/linux/ipc_namespace.h | 21 ++++ ipc/ipc_sysctl.c | 189 ++++++++++++++++++++++------------ ipc/namespace.c | 4 + 3 files changed, 147 insertions(+), 67 deletions(-) diff --git a/include/linux/ipc_namespace.h b/include/linux/ipc_namespace.h index fa787d97d60a..e3e8c8662b49 100644 --- a/include/linux/ipc_namespace.h +++ b/include/linux/ipc_namespace.h @@ -67,6 +67,9 @@ struct ipc_namespace { struct ctl_table_set mq_set; struct ctl_table_header *mq_sysctls; =20 + struct ctl_table_set ipc_set; + struct ctl_table_header *ipc_sysctls; + /* user_ns which owns the ipc ns */ struct user_namespace *user_ns; struct ucounts *ucounts; @@ -188,4 +191,22 @@ static inline bool setup_mq_sysctls(struct ipc_namespa= ce *ns) } =20 #endif /* CONFIG_POSIX_MQUEUE_SYSCTL */ + +#ifdef CONFIG_SYSVIPC_SYSCTL + +bool setup_ipc_sysctls(struct ipc_namespace *ns); +void retire_ipc_sysctls(struct ipc_namespace *ns); + +#else /* CONFIG_SYSVIPC_SYSCTL */ + +static inline void retire_ipc_sysctls(struct ipc_namespace *ns) +{ +} + +static inline bool setup_ipc_sysctls(struct ipc_namespace *ns) +{ + return true; +} + +#endif /* CONFIG_SYSVIPC_SYSCTL */ #endif diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c index f101c171753f..15210ac47e9e 100644 --- a/ipc/ipc_sysctl.c +++ b/ipc/ipc_sysctl.c @@ -13,43 +13,22 @@ #include #include #include +#include #include "util.h" =20 -static void *get_ipc(struct ctl_table *table) -{ - char *which =3D table->data; - struct ipc_namespace *ipc_ns =3D current->nsproxy->ipc_ns; - which =3D (which - (char *)&init_ipc_ns) + (char *)ipc_ns; - return which; -} - -static int proc_ipc_dointvec(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct ctl_table ipc_table; - - memcpy(&ipc_table, table, sizeof(ipc_table)); - ipc_table.data =3D get_ipc(table); - - return proc_dointvec(&ipc_table, write, buffer, lenp, ppos); -} - -static int proc_ipc_dointvec_minmax(struct ctl_table *table, int write, +static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int w= rite, void *buffer, size_t *lenp, loff_t *ppos) { + struct ipc_namespace *ns =3D table->extra1; struct ctl_table ipc_table; + int err; =20 memcpy(&ipc_table, table, sizeof(ipc_table)); - ipc_table.data =3D get_ipc(table); =20 - return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos); -} + ipc_table.extra1 =3D SYSCTL_ZERO; + ipc_table.extra2 =3D SYSCTL_ONE; =20 -static int proc_ipc_dointvec_minmax_orphans(struct ctl_table *table, int w= rite, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct ipc_namespace *ns =3D current->nsproxy->ipc_ns; - int err =3D proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos); + err =3D proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos); =20 if (err < 0) return err; @@ -58,17 +37,6 @@ static int proc_ipc_dointvec_minmax_orphans(struct ctl_t= able *table, int write, return err; } =20 -static int proc_ipc_doulongvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - struct ctl_table ipc_table; - memcpy(&ipc_table, table, sizeof(ipc_table)); - ipc_table.data =3D get_ipc(table); - - return proc_doulongvec_minmax(&ipc_table, write, buffer, - lenp, ppos); -} - static int proc_ipc_auto_msgmni(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { @@ -87,11 +55,17 @@ static int proc_ipc_auto_msgmni(struct ctl_table *table= , int write, static int proc_ipc_sem_dointvec(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { + struct ipc_namespace *ns =3D table->extra1; + struct ctl_table ipc_table; int ret, semmni; - struct ipc_namespace *ns =3D current->nsproxy->ipc_ns; + + memcpy(&ipc_table, table, sizeof(ipc_table)); + + ipc_table.extra1 =3D NULL; + ipc_table.extra2 =3D NULL; =20 semmni =3D ns->sem_ctls[3]; - ret =3D proc_ipc_dointvec(table, write, buffer, lenp, ppos); + ret =3D proc_dointvec(table, write, buffer, lenp, ppos); =20 if (!ret) ret =3D sem_check_semmni(current->nsproxy->ipc_ns); @@ -108,12 +82,18 @@ static int proc_ipc_sem_dointvec(struct ctl_table *tab= le, int write, static int proc_ipc_dointvec_minmax_checkpoint_restore(struct ctl_table *t= able, int write, void *buffer, size_t *lenp, loff_t *ppos) { - struct user_namespace *user_ns =3D current->nsproxy->ipc_ns->user_ns; + struct ipc_namespace *ns =3D table->extra1; + struct ctl_table ipc_table; =20 - if (write && !checkpoint_restore_ns_capable(user_ns)) + if (write && !checkpoint_restore_ns_capable(ns->user_ns)) return -EPERM; =20 - return proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos); + memcpy(&ipc_table, table, sizeof(ipc_table)); + + ipc_table.extra1 =3D SYSCTL_ZERO; + ipc_table.extra2 =3D SYSCTL_INT_MAX; + + return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos); } #endif =20 @@ -121,27 +101,27 @@ int ipc_mni =3D IPCMNI; int ipc_mni_shift =3D IPCMNI_SHIFT; int ipc_min_cycle =3D RADIX_TREE_MAP_SIZE; =20 -static struct ctl_table ipc_kern_table[] =3D { +static struct ctl_table ipc_sysctls[] =3D { { .procname =3D "shmmax", .data =3D &init_ipc_ns.shm_ctlmax, .maxlen =3D sizeof(init_ipc_ns.shm_ctlmax), .mode =3D 0644, - .proc_handler =3D proc_ipc_doulongvec_minmax, + .proc_handler =3D proc_doulongvec_minmax, }, { .procname =3D "shmall", .data =3D &init_ipc_ns.shm_ctlall, .maxlen =3D sizeof(init_ipc_ns.shm_ctlall), .mode =3D 0644, - .proc_handler =3D proc_ipc_doulongvec_minmax, + .proc_handler =3D proc_doulongvec_minmax, }, { .procname =3D "shmmni", .data =3D &init_ipc_ns.shm_ctlmni, .maxlen =3D sizeof(init_ipc_ns.shm_ctlmni), .mode =3D 0644, - .proc_handler =3D proc_ipc_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D SYSCTL_ZERO, .extra2 =3D &ipc_mni, }, @@ -151,15 +131,13 @@ static struct ctl_table ipc_kern_table[] =3D { .maxlen =3D sizeof(init_ipc_ns.shm_rmid_forced), .mode =3D 0644, .proc_handler =3D proc_ipc_dointvec_minmax_orphans, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_ONE, }, { .procname =3D "msgmax", .data =3D &init_ipc_ns.msg_ctlmax, .maxlen =3D sizeof(init_ipc_ns.msg_ctlmax), .mode =3D 0644, - .proc_handler =3D proc_ipc_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D SYSCTL_ZERO, .extra2 =3D SYSCTL_INT_MAX, }, @@ -168,7 +146,7 @@ static struct ctl_table ipc_kern_table[] =3D { .data =3D &init_ipc_ns.msg_ctlmni, .maxlen =3D sizeof(init_ipc_ns.msg_ctlmni), .mode =3D 0644, - .proc_handler =3D proc_ipc_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D SYSCTL_ZERO, .extra2 =3D &ipc_mni, }, @@ -186,7 +164,7 @@ static struct ctl_table ipc_kern_table[] =3D { .data =3D &init_ipc_ns.msg_ctlmnb, .maxlen =3D sizeof(init_ipc_ns.msg_ctlmnb), .mode =3D 0644, - .proc_handler =3D proc_ipc_dointvec_minmax, + .proc_handler =3D proc_dointvec_minmax, .extra1 =3D SYSCTL_ZERO, .extra2 =3D SYSCTL_INT_MAX, }, @@ -204,8 +182,6 @@ static struct ctl_table ipc_kern_table[] =3D { .maxlen =3D sizeof(init_ipc_ns.ids[IPC_SEM_IDS].next_id), .mode =3D 0666, .proc_handler =3D proc_ipc_dointvec_minmax_checkpoint_restore, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "msg_next_id", @@ -213,8 +189,6 @@ static struct ctl_table ipc_kern_table[] =3D { .maxlen =3D sizeof(init_ipc_ns.ids[IPC_MSG_IDS].next_id), .mode =3D 0666, .proc_handler =3D proc_ipc_dointvec_minmax_checkpoint_restore, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_INT_MAX, }, { .procname =3D "shm_next_id", @@ -222,25 +196,106 @@ static struct ctl_table ipc_kern_table[] =3D { .maxlen =3D sizeof(init_ipc_ns.ids[IPC_SHM_IDS].next_id), .mode =3D 0666, .proc_handler =3D proc_ipc_dointvec_minmax_checkpoint_restore, - .extra1 =3D SYSCTL_ZERO, - .extra2 =3D SYSCTL_INT_MAX, }, #endif {} }; =20 -static struct ctl_table ipc_root_table[] =3D { - { - .procname =3D "kernel", - .mode =3D 0555, - .child =3D ipc_kern_table, - }, - {} +static struct ctl_table_set *set_lookup(struct ctl_table_root *root) +{ + return ¤t->nsproxy->ipc_ns->ipc_set; +} + +static int set_is_seen(struct ctl_table_set *set) +{ + return ¤t->nsproxy->ipc_ns->ipc_set =3D=3D set; +} + +static struct ctl_table_root set_root =3D { + .lookup =3D set_lookup, }; =20 +bool setup_ipc_sysctls(struct ipc_namespace *ns) +{ + struct ctl_table *tbl; + + setup_sysctl_set(&ns->ipc_set, &set_root, set_is_seen); + + tbl =3D kmemdup(ipc_sysctls, sizeof(ipc_sysctls), GFP_KERNEL); + if (tbl) { + int i; + + for (i =3D 0; i < ARRAY_SIZE(ipc_sysctls); i++) { + if (tbl[i].data =3D=3D &init_ipc_ns.shm_ctlmax) { + tbl[i].data =3D &ns->shm_ctlmax; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.shm_ctlall) { + tbl[i].data =3D &ns->shm_ctlall; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.shm_ctlmni) { + tbl[i].data =3D &ns->shm_ctlmni; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.shm_rmid_forced) { + tbl[i].data =3D &ns->shm_rmid_forced; + tbl[i].extra1 =3D ns; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.msg_ctlmax) { + tbl[i].data =3D &ns->msg_ctlmax; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.msg_ctlmni) { + tbl[i].data =3D &ns->msg_ctlmni; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.msg_ctlmnb) { + tbl[i].data =3D &ns->msg_ctlmnb; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.sem_ctls) { + tbl[i].data =3D &ns->sem_ctls; + tbl[i].extra1 =3D ns; +#ifdef CONFIG_CHECKPOINT_RESTORE + } else if (tbl[i].data =3D=3D &init_ipc_ns.ids[IPC_SEM_IDS].next_id) { + tbl[i].data =3D &ns->ids[IPC_SEM_IDS].next_id; + tbl[i].extra1 =3D ns; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.ids[IPC_MSG_IDS].next_id) { + tbl[i].data =3D &ns->ids[IPC_MSG_IDS].next_id; + tbl[i].extra1 =3D ns; + + } else if (tbl[i].data =3D=3D &init_ipc_ns.ids[IPC_SHM_IDS].next_id) { + tbl[i].data =3D &ns->ids[IPC_SHM_IDS].next_id; + tbl[i].extra1 =3D ns; +#endif + } else { + tbl[i].data =3D NULL; + } + } + + ns->ipc_sysctls =3D __register_sysctl_table(&ns->ipc_set, "kernel", tbl); + } + if (!ns->ipc_sysctls) { + kfree(tbl); + retire_sysctl_set(&ns->ipc_set); + return false; + } + + return true; +} + +void retire_ipc_sysctls(struct ipc_namespace *ns) +{ + struct ctl_table *tbl; + + tbl =3D ns->ipc_sysctls->ctl_table_arg; + unregister_sysctl_table(ns->ipc_sysctls); + retire_sysctl_set(&ns->ipc_set); + kfree(tbl); +} + static int __init ipc_sysctl_init(void) { - register_sysctl_table(ipc_root_table); + if (!setup_ipc_sysctls(&init_ipc_ns)) { + pr_warn("ipc sysctl registration failed\n"); + return -ENOMEM; + } return 0; } =20 diff --git a/ipc/namespace.c b/ipc/namespace.c index f760243ca685..754f3237194a 100644 --- a/ipc/namespace.c +++ b/ipc/namespace.c @@ -63,6 +63,9 @@ static struct ipc_namespace *create_ipc_ns(struct user_na= mespace *user_ns, if (!setup_mq_sysctls(ns)) goto fail_put; =20 + if (!setup_ipc_sysctls(ns)) + goto fail_put; + sem_init_ns(ns); msg_init_ns(ns); shm_init_ns(ns); @@ -130,6 +133,7 @@ static void free_ipc_ns(struct ipc_namespace *ns) shm_exit_ns(ns); =20 retire_mq_sysctls(ns); + retire_ipc_sysctls(ns); =20 dec_ipc_namespaces(ns->ucounts); put_user_ns(ns->user_ns); --=20 2.33.0