[Devel] Re: [PATCH 4/9] allow killing tasks in your own or child userns

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:03 PM, Serge E. Hallyn wrote:
 Changelog:
   Dec  8: Fixed bug in my check_kill_permission pointed out by
   Eric Biederman.
   Dec 13: Apply Eric's suggestion to pass target task into 
 kill_ok_by_cred()
   for clarity
   Dec 31: address comment by Eric Biederman:
   don't need cred/tcred in check_kill_permission.
   Jan  1: use const cred struct.
   Jan 11: Per Bastian Blank's advice, clean up kill_ok_by_cred().
   Feb 16: kill_ok_by_cred: fix bad parentheses

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com

Acked-by: Daniel Lezcano daniel.lezc...@free.fr
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 5/9] Allow ptrace from non-init user namespaces

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:03 PM, Serge E. Hallyn wrote:
 ptrace is allowed to tasks in the same user namespace according to
 the usual rules (i.e. the same rules as for two tasks in the init
 user namespace).  ptrace is also allowed to a user namespace to
 which the current task the has CAP_SYS_PTRACE capability.

 Changelog:
   Dec 31: Address feedback by Eric:
   . Correct ptrace uid check
   . Rename may_ptrace_ns to ptrace_capable
   . Also fix the cap_ptrace checks.
   Jan  1: Use const cred struct
   Jan 11: use task_ns_capable() in place of ptrace_capable().

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com
Acked-by: Daniel Lezcano daniel.lezc...@free.fr

___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 6/9] user namespaces: convert all capable checks in kernel/sys.c

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:03 PM, Serge E. Hallyn wrote:
 This allows setuid/setgid in containers.  It also fixes some
 corner cases where kernel logic foregoes capability checks when
 uids are equivalent.  The latter will need to be done throughout
 the whole kernel.

 Changelog:
   Jan 11: Use nsown_capable() as suggested by Bastian Blank.
   Jan 11: Fix logic errors in uid checks pointed out by Bastian.
   Feb 15: allow prlimit to current (was regression in previous version)

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com

Acked-by: Daniel Lezcano daniel.lezc...@free.fr


 - if (!ns_capable(current-nsproxy-uts_ns-user_ns, CAP_SYS_ADMIN))
 + if (!ns_capable(current-nsproxy-uts_ns-user_ns, CAP_SYS_ADMIN)) {
 + printk(KERN_NOTICE %s: did not have CAP_SYS_ADMIN\n, 
 __func__);
   return -EPERM;
 + }
 + printk(KERN_NOTICE %s: did have CAP_SYS_ADMIN\n, __func__);

A couple of printk left here.


___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 7/9] add a user namespace owner of ipc ns

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:03 PM, Serge E. Hallyn wrote:
 Changelog:
   Feb 15: Don't set new ipc-user_ns if we didn't create a new
   ipc_ns.

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com
 ---

Acked-by: Daniel Lezcano daniel.lezc...@free.fr


[ ... ]

 + ns-user_ns = old_ns-user_ns;
 + get_user_ns(ns-user_ns);

A mindless change.

ns-user_ns = get_user_ns(old_ns-user_ns);


___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 8/9] user namespaces: convert several capable() calls

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:03 PM, Serge E. Hallyn wrote:
 CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
 because the resource comes from current's own ipc namespace.

 setuid/setgid are to uids in own namespace, so again checks can be
 against current_user_ns().

 Changelog:
   Jan 11: Use task_ns_capable() in place of sched_capable().
   Jan 11: Use nsown_capable() as suggested by Bastian Blank.
   Jan 11: Clarify (hopefully) some logic in futex and sched.c
   Feb 15: use ns_capable for ipc, not nsown_capable

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com
 ---

Acked-by: Daniel Lezcano daniel.lezc...@free.fr
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel

[Devel] Re: [PATCH 9/9] userns: check user namespace for task-file uid equivalence checks

2011-02-19 Thread Daniel Lezcano 
On 02/17/2011 04:04 PM, Serge E. Hallyn wrote:
 Cheat for now and say all files belong to init_user_ns.  Next
 step will be to let superblocks belong to a user_ns, and derive
 inode_userns(inode) from inode-i_sb-s_user_ns.  Finally we'll
 introduce more flexible arrangements.

 Changelog:
   Feb 15: make is_owner_or_cap take const struct inode

 Signed-off-by: Serge E. Hallynserge.hal...@canonical.com
 ---

Acked-by: Daniel Lezcano daniel.lezc...@free.fr
___
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers

___
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel