Fix user namespace leak

Message ID	20211014160230.106976-1-legion@kernel.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-nfs-owner@kernel.org> From: Alexey Gladkov <legion@kernel.org> To: LKML <linux-kernel@vger.kernel.org>, "Eric W . Biederman" <ebiederm@xmission.com>, linux-nfs@vger.kernel.org Cc: Trond Myklebust <trond.myklebust@hammerspace.com>, Anna Schumaker <anna.schumaker@netapp.com>, Sargun Dhillon <sargun@sargun.me> Subject: [PATCH] Fix user namespace leak Date: Thu, 14 Oct 2021 18:02:30 +0200 Message-Id: <20211014160230.106976-1-legion@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset=WINDOWS-1252 Precedence: bulk
Series	Fix user namespace leak \| expand Fix user namespace leak

Message ID

20211014160230.106976-1-legion@kernel.org (mailing list archive)

State

New, archived

Headers

From: Alexey Gladkov <legion@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        linux-nfs@vger.kernel.org
Cc: Trond Myklebust <trond.myklebust@hammerspace.com>,
        Anna Schumaker <anna.schumaker@netapp.com>,
        Sargun Dhillon <sargun@sargun.me>
Subject: [PATCH] Fix user namespace leak
Date: Thu, 14 Oct 2021 18:02:30 +0200
Message-Id: <20211014160230.106976-1-legion@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8BIT
Content-Type: text/plain; charset=WINDOWS-1252
Precedence: bulk

Series

Fix user namespace leak | expand

Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from nfs4idmap struct instead of cred") Signed-off-by: Alexey Gladkov <legion@kernel.org> --- fs/nfs/nfs4idmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Eric W. Biederman Oct. 15, 2021, 2:43 p.m. UTC | #1

Alexey Gladkov <legion@kernel.org> writes:

> Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from nfs4idmap struct instead of cred")
> Signed-off-by: Alexey Gladkov <legion@kernel.org>

Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com>

nfs folks do you want to pick this up?

> ---
>  fs/nfs/nfs4idmap.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
> index 8d8aba305ecc..f331866dd418 100644
> --- a/fs/nfs/nfs4idmap.c
> +++ b/fs/nfs/nfs4idmap.c
> @@ -487,7 +487,7 @@ nfs_idmap_new(struct nfs_client *clp)
>  err_destroy_pipe:
>  	rpc_destroy_pipe_data(idmap->idmap_pipe);
>  err:
> -	get_user_ns(idmap->user_ns);
> +	put_user_ns(idmap->user_ns);
>  	kfree(idmap);
>  	return error;
>  }

Trond Myklebust Oct. 15, 2021, 9:19 p.m. UTC | #2

On Fri, 2021-10-15 at 09:43 -0500, Eric W. Biederman wrote:
> Alexey Gladkov <legion@kernel.org> writes:
> 
> > Fixes: 61ca2c4afd9d ("NFS: Only reference user namespace from
> > nfs4idmap struct instead of cred")
> > Signed-off-by: Alexey Gladkov <legion@kernel.org>
> 
> Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com>
> 
> nfs folks do you want to pick this up?

It is in my testing branch,

> 
> > ---
> >  fs/nfs/nfs4idmap.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
> > index 8d8aba305ecc..f331866dd418 100644
> > --- a/fs/nfs/nfs4idmap.c
> > +++ b/fs/nfs/nfs4idmap.c
> > @@ -487,7 +487,7 @@ nfs_idmap_new(struct nfs_client *clp)
> >  err_destroy_pipe:
> >         rpc_destroy_pipe_data(idmap->idmap_pipe);
> >  err:
> > -       get_user_ns(idmap->user_ns);
> > +       put_user_ns(idmap->user_ns);
> >         kfree(idmap);
> >         return error;
> >  }

diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c
index 8d8aba305ecc..f331866dd418 100644
--- a/fs/nfs/nfs4idmap.c
+++ b/fs/nfs/nfs4idmap.c
@@ -487,7 +487,7 @@  nfs_idmap_new(struct nfs_client *clp)
 err_destroy_pipe:
 	rpc_destroy_pipe_data(idmap->idmap_pipe);
 err:
-	get_user_ns(idmap->user_ns);
+	put_user_ns(idmap->user_ns);
 	kfree(idmap);
 	return error;
 }

Fix user namespace leak

Commit Message

Comments

Patch