pidfs: check for valid pid namespace

Message ID	20240926-klebt-altgedienten-0415ad4d273c@brauner (mailing list archive)
State	New
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B7DD63F9D5; Thu, 26 Sep 2024 16:51:57 +0000 (UTC) From: Christian Brauner <brauner@kernel.org> To: Jeff Layton <jlayton@kernel.org>, Josef Bacik <josef@toxicpanda.com>, Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com> Cc: Christian Brauner <brauner@kernel.org>, linux-fsdevel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH] pidfs: check for valid pid namespace Date: Thu, 26 Sep 2024 18:51:46 +0200 Message-ID: <20240926-klebt-altgedienten-0415ad4d273c@brauner> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	pidfs: check for valid pid namespace \| expand pidfs: check for valid pid namespace

Message ID

20240926-klebt-altgedienten-0415ad4d273c@brauner (mailing list archive)

State

New

Headers

From: Christian Brauner <brauner@kernel.org>
To: Jeff Layton <jlayton@kernel.org>,
	Josef Bacik <josef@toxicpanda.com>,
	Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Cc: Christian Brauner <brauner@kernel.org>,
	linux-fsdevel@vger.kernel.org,
	stable@vger.kernel.org
Subject: [PATCH] pidfs: check for valid pid namespace
Date: Thu, 26 Sep 2024 18:51:46 +0200
Message-ID: <20240926-klebt-altgedienten-0415ad4d273c@brauner>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

pidfs: check for valid pid namespace | expand

Commit Message

Christian Brauner Sept. 26, 2024, 4:51 p.m. UTC

When we access a no-current task's pid namespace we need check that the
task hasn't been reaped in the meantime and it's pid namespace isn't
accessible anymore.

The user namespace is fine because it is only released when the last
reference to struct task_struct is put and exit_creds() is called.

Fixes: 5b08bd408534 ("pidfs: allow retrieval of namespace file descriptors")
CC: stable@vger.kernel.org # v6.11
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
 fs/pidfs.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Josef Bacik Sept. 30, 2024, 6:13 p.m. UTC | #1

On Thu, Sep 26, 2024 at 06:51:46PM +0200, Christian Brauner wrote:
> When we access a no-current task's pid namespace we need check that the
> task hasn't been reaped in the meantime and it's pid namespace isn't
> accessible anymore.
> 
> The user namespace is fine because it is only released when the last
> reference to struct task_struct is put and exit_creds() is called.
> 
> Fixes: 5b08bd408534 ("pidfs: allow retrieval of namespace file descriptors")
> CC: stable@vger.kernel.org # v6.11
> Signed-off-by: Christian Brauner <brauner@kernel.org>

Reviewed-by: Josef Bacik <josef@toxicpanda.com>

Thanks,

Josef

diff --git a/fs/pidfs.c b/fs/pidfs.c
index 7ffdc88dfb52..80675b6bf884 100644
--- a/fs/pidfs.c
+++ b/fs/pidfs.c
@@ -120,6 +120,7 @@  static long pidfd_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 	struct nsproxy *nsp __free(put_nsproxy) = NULL;
 	struct pid *pid = pidfd_pid(file);
 	struct ns_common *ns_common = NULL;
+	struct pid_namespace *pid_ns;
 
 	if (arg)
 		return -EINVAL;
@@ -202,7 +203,9 @@  static long pidfd_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 	case PIDFD_GET_PID_NAMESPACE:
 		if (IS_ENABLED(CONFIG_PID_NS)) {
 			rcu_read_lock();
-			ns_common = to_ns_common( get_pid_ns(task_active_pid_ns(task)));
+			pid_ns = task_active_pid_ns(task);
+			if (pid_ns)
+				ns_common = to_ns_common(get_pid_ns(pid_ns));
 			rcu_read_unlock();
 		}
 		break;

pidfs: check for valid pid namespace

Commit Message

Comments

Patch