Commit 467e9f4b authored by Cedric Le Goater's avatar Cedric Le Goater Committed by Linus Torvalds

fix create_new_namespaces() return value

dup_mnt_ns() and clone_uts_ns() return NULL on failure.  This is wrong,
create_new_namespaces() uses ERR_PTR() to catch an error.  This means that the
subsequent create_new_namespaces() will hit BUG_ON() in copy_mnt_ns() or
copy_utsname().

Modify create_new_namespaces() to also use the errors returned by the
copy_*_ns routines and not to systematically return ENOMEM.

[oleg@tv-sign.ru: better changelog]
Signed-off-by: default avatarCedric Le Goater <clg@fr.ibm.com>
Cc: Serge E. Hallyn <serue@us.ibm.com>
Cc: Badari Pulavarty <pbadari@us.ibm.com>
Cc: Pavel Emelianov <xemul@openvz.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 3e733f07
...@@ -1451,7 +1451,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, ...@@ -1451,7 +1451,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL); new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
if (!new_ns) if (!new_ns)
return NULL; return ERR_PTR(-ENOMEM);
atomic_set(&new_ns->count, 1); atomic_set(&new_ns->count, 1);
INIT_LIST_HEAD(&new_ns->list); INIT_LIST_HEAD(&new_ns->list);
...@@ -1465,7 +1465,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, ...@@ -1465,7 +1465,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
if (!new_ns->root) { if (!new_ns->root) {
up_write(&namespace_sem); up_write(&namespace_sem);
kfree(new_ns); kfree(new_ns);
return NULL; return ERR_PTR(-ENOMEM);;
} }
spin_lock(&vfsmount_lock); spin_lock(&vfsmount_lock);
list_add_tail(&new_ns->list, &new_ns->root->mnt_list); list_add_tail(&new_ns->list, &new_ns->root->mnt_list);
......
...@@ -58,30 +58,41 @@ static struct nsproxy *create_new_namespaces(int flags, struct task_struct *tsk, ...@@ -58,30 +58,41 @@ static struct nsproxy *create_new_namespaces(int flags, struct task_struct *tsk,
struct fs_struct *new_fs) struct fs_struct *new_fs)
{ {
struct nsproxy *new_nsp; struct nsproxy *new_nsp;
int err;
new_nsp = clone_nsproxy(tsk->nsproxy); new_nsp = clone_nsproxy(tsk->nsproxy);
if (!new_nsp) if (!new_nsp)
return ERR_PTR(-ENOMEM); return ERR_PTR(-ENOMEM);
new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs); new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
if (IS_ERR(new_nsp->mnt_ns)) if (IS_ERR(new_nsp->mnt_ns)) {
err = PTR_ERR(new_nsp->mnt_ns);
goto out_ns; goto out_ns;
}
new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns); new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
if (IS_ERR(new_nsp->uts_ns)) if (IS_ERR(new_nsp->uts_ns)) {
err = PTR_ERR(new_nsp->uts_ns);
goto out_uts; goto out_uts;
}
new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns); new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
if (IS_ERR(new_nsp->ipc_ns)) if (IS_ERR(new_nsp->ipc_ns)) {
err = PTR_ERR(new_nsp->ipc_ns);
goto out_ipc; goto out_ipc;
}
new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns); new_nsp->pid_ns = copy_pid_ns(flags, tsk->nsproxy->pid_ns);
if (IS_ERR(new_nsp->pid_ns)) if (IS_ERR(new_nsp->pid_ns)) {
err = PTR_ERR(new_nsp->pid_ns);
goto out_pid; goto out_pid;
}
new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns); new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
if (IS_ERR(new_nsp->user_ns)) if (IS_ERR(new_nsp->user_ns)) {
err = PTR_ERR(new_nsp->user_ns);
goto out_user; goto out_user;
}
return new_nsp; return new_nsp;
...@@ -99,7 +110,7 @@ out_uts: ...@@ -99,7 +110,7 @@ out_uts:
put_mnt_ns(new_nsp->mnt_ns); put_mnt_ns(new_nsp->mnt_ns);
out_ns: out_ns:
kfree(new_nsp); kfree(new_nsp);
return ERR_PTR(-ENOMEM); return ERR_PTR(err);
} }
/* /*
......
...@@ -34,7 +34,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns) ...@@ -34,7 +34,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL); ns = kmalloc(sizeof(struct user_namespace), GFP_KERNEL);
if (!ns) if (!ns)
return NULL; return ERR_PTR(-ENOMEM);
kref_init(&ns->kref); kref_init(&ns->kref);
...@@ -45,7 +45,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns) ...@@ -45,7 +45,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
ns->root_user = alloc_uid(ns, 0); ns->root_user = alloc_uid(ns, 0);
if (!ns->root_user) { if (!ns->root_user) {
kfree(ns); kfree(ns);
return NULL; return ERR_PTR(-ENOMEM);
} }
/* Reset current->user with a new one */ /* Reset current->user with a new one */
...@@ -53,7 +53,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns) ...@@ -53,7 +53,7 @@ static struct user_namespace *clone_user_ns(struct user_namespace *old_ns)
if (!new_user) { if (!new_user) {
free_uid(ns->root_user); free_uid(ns->root_user);
kfree(ns); kfree(ns);
return NULL; return ERR_PTR(-ENOMEM);
} }
switch_uid(new_user); switch_uid(new_user);
......
...@@ -13,6 +13,7 @@ ...@@ -13,6 +13,7 @@
#include <linux/uts.h> #include <linux/uts.h>
#include <linux/utsname.h> #include <linux/utsname.h>
#include <linux/version.h> #include <linux/version.h>
#include <linux/err.h>
/* /*
* Clone a new ns copying an original utsname, setting refcount to 1 * Clone a new ns copying an original utsname, setting refcount to 1
...@@ -24,10 +25,11 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns) ...@@ -24,10 +25,11 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns)
struct uts_namespace *ns; struct uts_namespace *ns;
ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL); ns = kmalloc(sizeof(struct uts_namespace), GFP_KERNEL);
if (ns) { if (!ns)
memcpy(&ns->name, &old_ns->name, sizeof(ns->name)); return ERR_PTR(-ENOMEM);
kref_init(&ns->kref);
} memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
kref_init(&ns->kref);
return ns; return ns;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment