Commit 467e9f4b5086a60a5cb2e032ccaf4a31abadc4c2
Committed by
Linus Torvalds
1 parent
3e733f071e
Exists in
master
and in
4 other branches
fix create_new_namespaces() return value
dup_mnt_ns() and clone_uts_ns() return NULL on failure. This is wrong, create_new_namespaces() uses ERR_PTR() to catch an error. This means that the subsequent create_new_namespaces() will hit BUG_ON() in copy_mnt_ns() or copy_utsname(). Modify create_new_namespaces() to also use the errors returned by the copy_*_ns routines and not to systematically return ENOMEM. [oleg@tv-sign.ru: better changelog] Signed-off-by: Cedric Le Goater <clg@fr.ibm.com> Cc: Serge E. Hallyn <serue@us.ibm.com> Cc: Badari Pulavarty <pbadari@us.ibm.com> Cc: Pavel Emelianov <xemul@openvz.org> Cc: Herbert Poetzl <herbert@13thfloor.at> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Showing 4 changed files with 28 additions and 15 deletions Side-by-side Diff
fs/namespace.c
... | ... | @@ -1451,7 +1451,7 @@ |
1451 | 1451 | |
1452 | 1452 | new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL); |
1453 | 1453 | if (!new_ns) |
1454 | - return NULL; | |
1454 | + return ERR_PTR(-ENOMEM); | |
1455 | 1455 | |
1456 | 1456 | atomic_set(&new_ns->count, 1); |
1457 | 1457 | INIT_LIST_HEAD(&new_ns->list); |
... | ... | @@ -1465,7 +1465,7 @@ |
1465 | 1465 | if (!new_ns->root) { |
1466 | 1466 | up_write(&namespace_sem); |
1467 | 1467 | kfree(new_ns); |
1468 | - return NULL; | |
1468 | + return ERR_PTR(-ENOMEM);; | |
1469 | 1469 | } |
1470 | 1470 | spin_lock(&vfsmount_lock); |
1471 | 1471 | list_add_tail(&new_ns->list, &new_ns->root->mnt_list); |
kernel/nsproxy.c
... | ... | @@ -58,30 +58,41 @@ |
58 | 58 | struct fs_struct *new_fs) |
59 | 59 | { |
60 | 60 | struct nsproxy *new_nsp; |
61 | + int err; | |
61 | 62 | |
62 | 63 | new_nsp = clone_nsproxy(tsk->nsproxy); |
63 | 64 | if (!new_nsp) |
64 | 65 | return ERR_PTR(-ENOMEM); |
65 | 66 | |
66 | 67 | new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs); |
67 | - if (IS_ERR(new_nsp->mnt_ns)) | |
68 | + if (IS_ERR(new_nsp->mnt_ns)) { | |
69 | + err = PTR_ERR(new_nsp->mnt_ns); | |
68 | 70 | goto out_ns; |
71 | + } | |
69 | 72 | |
70 | 73 | new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns); |
71 | - if (IS_ERR(new_nsp->uts_ns)) | |
74 | + if (IS_ERR(new_nsp->uts_ns)) { | |
75 | + err = PTR_ERR(new_nsp->uts_ns); | |
72 | 76 | goto out_uts; |
77 | + } | |
73 | 78 | |
74 | 79 | new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns); |
75 | - if (IS_ERR(new_nsp->ipc_ns)) | |
80 | + if (IS_ERR(new_nsp->ipc_ns)) { | |
81 | + err = PTR_ERR(new_nsp->ipc_ns); | |
76 | 82 | goto out_ipc; |
83 | + } | |
77 | 84 | |
78 | 85 | new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns); |
79 | - if (IS_ERR(new_nsp->pid_ns)) | |
86 | + if (IS_ERR(new_nsp->pid_ns)) { | |
87 | + err = PTR_ERR(new_nsp->pid_ns); | |
80 | 88 | goto out_pid; |
89 | + } | |
81 | 90 | |
82 | 91 | new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns); |
83 | - if (IS_ERR(new_nsp->user_ns)) | |
92 | + if (IS_ERR(new_nsp->user_ns)) { | |
93 | + err = PTR_ERR(new_nsp->user_ns); | |
84 | 94 | goto out_user; |
95 | + } | |
85 | 96 | |
86 | 97 | return new_nsp; |
87 | 98 | |
... | ... | @@ -99,7 +110,7 @@ |
99 | 110 | put_mnt_ns(new_nsp->mnt_ns); |
100 | 111 | out_ns: |
101 | 112 | kfree(new_nsp); |
102 | - return ERR_PTR(-ENOMEM); | |
113 | + return ERR_PTR(err); | |
103 | 114 | } |
104 | 115 | |
105 | 116 | /* |
kernel/user_namespace.c
... | ... | @@ -34,7 +34,7 @@ |
34 | 34 | |
35 | 35 | ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL); |
36 | 36 | if (!ns) |
37 | - return NULL; | |
37 | + return ERR_PTR(-ENOMEM); | |
38 | 38 | |
39 | 39 | kref_init(&ns->kref); |
40 | 40 | |
... | ... | @@ -45,7 +45,7 @@ |
45 | 45 | ns->root_user = alloc_uid(ns, 0); |
46 | 46 | if (!ns->root_user) { |
47 | 47 | kfree(ns); |
48 | - return NULL; | |
48 | + return ERR_PTR(-ENOMEM); | |
49 | 49 | } |
50 | 50 | |
51 | 51 | /* Reset current->user with a new one */ |
... | ... | @@ -53,7 +53,7 @@ |
53 | 53 | if (!new_user) { |
54 | 54 | free_uid(ns->root_user); |
55 | 55 | kfree(ns); |
56 | - return NULL; | |
56 | + return ERR_PTR(-ENOMEM); | |
57 | 57 | } |
58 | 58 | |
59 | 59 | switch_uid(new_user); |
kernel/utsname.c
... | ... | @@ -13,6 +13,7 @@ |
13 | 13 | #include <linux/uts.h> |
14 | 14 | #include <linux/utsname.h> |
15 | 15 | #include <linux/version.h> |
16 | +#include <linux/err.h> | |
16 | 17 | |
17 | 18 | /* |
18 | 19 | * Clone a new ns copying an original utsname, setting refcount to 1 |
... | ... | @@ -24,10 +25,11 @@ |
24 | 25 | struct uts_namespace *ns; |
25 | 26 | |
26 | 27 | ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL); |
27 | - if (ns) { | |
28 | - memcpy(&ns->name, &old_ns->name, sizeof(ns->name)); | |
29 | - kref_init(&ns->kref); | |
30 | - } | |
28 | + if (!ns) | |
29 | + return ERR_PTR(-ENOMEM); | |
30 | + | |
31 | + memcpy(&ns->name, &old_ns->name, sizeof(ns->name)); | |
32 | + kref_init(&ns->kref); | |
31 | 33 | return ns; |
32 | 34 | } |
33 | 35 |