From patchwork Thu Apr 23 20:03:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexey Gladkov X-Patchwork-Id: 11506467 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DDB581392 for ; Thu, 23 Apr 2020 20:04:13 +0000 (UTC) Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.kernel.org (Postfix) with SMTP id 51C0920781 for ; Thu, 23 Apr 2020 20:04:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 51C0920781 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernel-hardening-return-18622-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com Received: (qmail 1285 invoked by uid 550); 23 Apr 2020 20:03:53 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 1179 invoked from network); 23 Apr 2020 20:03:52 -0000 From: Alexey Gladkov To: LKML Cc: Kernel Hardening , Linux API , Linux FS Devel , Linux Security Module , Akinobu Mita , Alexander Viro , Alexey Dobriyan , Alexey Gladkov , Andrew Morton , Andy Lutomirski , Daniel Micay , Djalal Harouni , "Dmitry V . Levin" , "Eric W . Biederman" , Greg Kroah-Hartman , Ingo Molnar , "J . Bruce Fields" , Jeff Layton , Jonathan Corbet , Kees Cook , Linus Torvalds , Oleg Nesterov , David Howells Subject: [PATCH v13 2/8] Use proc_pid_ns() to get pid_namespace from the proc superblock Date: Thu, 23 Apr 2020 22:03:10 +0200 Message-Id: <20200423200316.164518-3-gladkov.alexey@gmail.com> X-Mailer: git-send-email 2.25.3 In-Reply-To: <20200423200316.164518-1-gladkov.alexey@gmail.com> References: <20200423200316.164518-1-gladkov.alexey@gmail.com> MIME-Version: 1.0 X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.1 (raptor.unsafe.ru [5.9.43.93]); Thu, 23 Apr 2020 20:03:41 +0000 (UTC) To get pid_namespace from the procfs superblock should be used a special helper. This will avoid errors when s_fs_info will change the type. Signed-off-by: Alexey Gladkov --- fs/locks.c | 4 ++-- security/tomoyo/realpath.c | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/fs/locks.c b/fs/locks.c index b8a31c1c4fff..399c5dbb72c4 100644 --- a/fs/locks.c +++ b/fs/locks.c @@ -2823,7 +2823,7 @@ static void lock_get_status(struct seq_file *f, struct file_lock *fl, { struct inode *inode = NULL; unsigned int fl_pid; - struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info; + struct pid_namespace *proc_pidns = proc_pid_ns(file_inode(f->file)); fl_pid = locks_translate_pid(fl, proc_pidns); /* @@ -2901,7 +2901,7 @@ static int locks_show(struct seq_file *f, void *v) { struct locks_iterator *iter = f->private; struct file_lock *fl, *bfl; - struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info; + struct pid_namespace *proc_pidns = proc_pid_ns(file_inode(f->file)); fl = hlist_entry(v, struct file_lock, fl_link); diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index bf38fc1b59b2..08b096e2f7e3 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c @@ -7,6 +7,7 @@ #include "common.h" #include +#include /** * tomoyo_encode2 - Encode binary string to ascii string. @@ -161,9 +162,10 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer, if (sb->s_magic == PROC_SUPER_MAGIC && *pos == '/') { char *ep; const pid_t pid = (pid_t) simple_strtoul(pos + 1, &ep, 10); + struct pid_namespace *proc_pidns = proc_pid_ns(d_inode(dentry)); if (*ep == '/' && pid && pid == - task_tgid_nr_ns(current, sb->s_fs_info)) { + task_tgid_nr_ns(current, proc_pidns)) { pos = ep - 5; if (pos < buffer) goto out;