[CRIU] RFC: Add owner user namespace to tty_struct
Cyrill Gorcunov
gorcunov at gmail.com
Mon May 29 02:31:06 PDT 2017
On Fri, May 26, 2017 at 04:50:01PM -0400, Matt Brown wrote:
> Hello All,
>
> I'm currently attempting to upstream a patch from the grsecurity project to the
> Linux kernel that makes the TIOCSTI ioctl require CAP_SYS_ADMIN.
>
> See mailing list for reference:
> http://www.openwall.com/lists/kernel-hardening/2017/05/05/20
>
> In order to make this feature respect user namespaces, I first introduce an
> infrastructure change that adds "struct user_namespace *owner_user_ns" to
> tty_struct. Then in my second patch, I introduce the tiocsti_restrict sysctl
> which, when activated, requires that a process have the CAP_SYS_ADMIN capability
> in the user namespace which originally created the tty/pty.
>
> patch that adds owner user namespace to tty_struct:
> http://www.openwall.com/lists/kernel-hardening/2017/05/05/21
>
> patch that makes TIOCSTI ioctl require CAP_SYS_ADMIN:
> http://www.openwall.com/lists/kernel-hardening/2017/05/05/22
>
> The issue was raised in the kernel hardening mailing list about if this would
> affect criu, and if I need to provide a method for exposing the owner_user_ns
> that corresponds to a given tty/pty.
>
> If I do need to expose this information, do you have any suggestions on how best
> to do it in order to make it easy for criu to integrate these changes?
Hi Matt! Currently we don't use fake input in criu so at moment it won't
affect us anyhow, but in longterm I expect more owner_user_ns testing may
appear. Thus we will need to know which owner tty belong to. I think we
may extend tty_fops and use show_fdinfo method to print owner_user_ns.
More information about the CRIU
mailing list