[PATCH] Implement decoding of NS_* ioctl commands

Dmitry V. Levin ldv at altlinux.org
Mon Apr 10 00:22:07 UTC 2017 

On Fri, Apr 07, 2017 at 09:23:04PM +0700, Nikolay Marchuk wrote:
[...]
> +int
> +nsfs_ioctl(struct tcb *tcp, unsigned int code, kernel_ulong_t arg)
> +{
> +	uid_t uid;
> +	switch (code) {
> +	case NS_GET_USERNS:
> +	case NS_GET_PARENT:
> +		return 1 + RVAL_FD + RVAL_DECODED;
> +	case NS_GET_NSTYPE:
> +		if (entering(tcp))
> +			return 0;
> +		if (!syserror(tcp)) {
> +			const char *outstr;
> +			outstr = xlookup(setns_types, tcp->u_rval);
> +			if (outstr) {
> +				tcp->auxstr = outstr;
> +				return 1 + RVAL_STR;
> +			}
> +		}
> +		return 1;
> +	case NS_GET_OWNER_UID:
> +		if (entering(tcp))
> +			return 0;
> +		tprints(", ");
> +		if (!umove_or_printaddr(tcp, arg, &uid)) {
> +			printuid("[", uid);
> +			tprints("]");
> +		}
> +		return 1;

printuid takes an unsigned int as uid and other parsers except those
defined in uid.c do not use uid_t.  As the libc's idea of uid_t may differ
from kernel's, let's use unsigned int so far.

[...]
> --- a/tests/gen_tests.in
> +++ b/tests/gen_tests.in
> @@ -123,6 +123,7 @@ ioctl_evdev-v	+ioctl-v.sh
>  ioctl_loop	+ioctl.test
>  ioctl_loop-v	+ioctl-v.sh
>  ioctl_mtd	+ioctl.test
> +ioctl_nsfs	-a16 -e trace=ioctl -esignal=none

The grep -v '^ioctl([012],' thing all ioctl*.test scripts do
is not for nothing.  The previous variant was fine but this one
is not going to work with libcs that do ioctl calls on standard
descriptors.

[...]
> +#define STACK_SIZE 1024
> +
> +static void
> +test_user_namespace(void)
> +{
> +	char stack[STACK_SIZE];

Now it's less than a page.

> +	pid_t pid;
> +	int pipefd[2];
> +	int rc, status;
> +
> +	rc = pipe(pipefd);
> +	if (rc == -1)
> +		perror_msg_and_skip("pipe");
> +
> +	pid = clone(child, stack + STACK_SIZE, (CLONE_NEWUSER | CLONE_UNTRACED
> +	            | SIGCHLD), pipefd);

Try tail_alloc(1) + 1 as a child stack address, it should be safer.


-- 
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20170410/4509d03b/attachment.bin>

More information about the Strace-devel mailing list