diff options
| author | Eric W. Biederman <[email protected]> | 2022-01-24 12:46:50 -0600 |
|---|---|---|
| committer | Eric W. Biederman <[email protected]> | 2022-01-26 18:34:11 -0600 |
| commit | f9d87929d451d3e649699d0f1d74f71f77ad38f5 (patch) | |
| tree | 89237016732d74ce6b40294164c716e5723fd4e3 /drivers/usb/cdns3/cdns3-trace.h | |
| parent | e783362eb54cd99b2cac8b3a9aeac942e6f6ac07 (diff) | |
ucount: Make get_ucount a safe get_user replacement
When the ucount code was refactored to create get_ucount it was missed
that some of the contexts in which a rlimit is kept elevated can be
the only reference to the user/ucount in the system.
Ordinary ucount references exist in places that also have a reference
to the user namspace, but in POSIX message queues, the SysV shm code,
and the SIGPENDING code there is no independent user namespace
reference.
Inspection of the the user_namespace show no instance of circular
references between struct ucounts and the user_namespace. So
hold a reference from struct ucount to i's user_namespace to
resolve this problem.
Link: https://lore.kernel.org/lkml/[email protected]/
Reported-by: Qian Cai <[email protected]>
Reported-by: Mathias Krause <[email protected]>
Tested-by: Mathias Krause <[email protected]>
Reviewed-by: Mathias Krause <[email protected]>
Reviewed-by: Alexey Gladkov <[email protected]>
Fixes: d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts")
Fixes: 6e52a9f0532f ("Reimplement RLIMIT_MSGQUEUE on top of ucounts")
Fixes: d7c9e99aee48 ("Reimplement RLIMIT_MEMLOCK on top of ucounts")
Cc: [email protected]
Signed-off-by: "Eric W. Biederman" <[email protected]>
Diffstat (limited to 'drivers/usb/cdns3/cdns3-trace.h')
0 files changed, 0 insertions, 0 deletions