[Devel] [PATCH VZ10 2/4] ve_namespace: Fix races when linking namespace to cgroup

[Pavel Tikhomirov]

First, we have to protect the use of task->cgroups with rcu_read_lock(),
let's also use correct access helper - task_css().

Second, disallow new namespace creation for processes without ve cgroup,
as in cgroup-v2, the task might legally have no ve controller enabled,
in its cgroup.

Fixes: 8a771a3d6bea ("ve: Introduce VE namespace")
https://virtuozzo.atlassian.net/browse/VSTOR-118289
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>

Feature: ve: ve generic structures
---
 kernel/ve/ve_namespace.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/kernel/ve/ve_namespace.c b/kernel/ve/ve_namespace.c
index 6dae8487735f..d3985d52e0e5 100644
--- a/kernel/ve/ve_namespace.c
+++ b/kernel/ve/ve_namespace.c
@@ -54,9 +54,17 @@ static struct ve_namespace *clone_ve_ns(struct user_namespace *user_ns,
 	 * VE namespace links to current ve cgroup
 	 * FIXME it should be a 1:1 link
 	 */
-	ns->ve = get_ve(css_to_ve(current->cgroups->subsys[ve_cgrp_id]));
+	scoped_guard(rcu)
+		ns->ve = get_ve(css_to_ve(task_css(current, ve_cgrp_id)));
+	if (!ns->ve) {
+		err = -EINVAL;
+		goto err_free_inum;
+	}
 
 	return ns;
+err_free_inum:
+	put_user_ns(ns->user_ns);
+	ns_free_inum(&ns->ns);
 err_free_ns:
 	kfree(ns);
 err_dec_ucount:
-- 
2.51.1