Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 646535 Details for
Bug 872634
core_pattern helper not executed in same namespaces as crashing program
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
[PATCH] coredump: move pipe helper into the namespace of crashing task
-coredump-move-pipe-helper-into-the-namespace-of-crashing-task.patch (text/plain), 2.00 KB, created by
Neil Horman
on 2012-11-16 18:58:26 UTC
(
hide
)
Description:
[PATCH] coredump: move pipe helper into the namespace of crashing task
Filename:
MIME Type:
Creator:
Neil Horman
Created:
2012-11-16 18:58:26 UTC
Size:
2.00 KB
patch
obsolete
>From f3c4ae1a9c63eb21cd4581ac4f8ff1969db867b8 Mon Sep 17 00:00:00 2001 >From: Neil Horman <nhorman@tuxdriver.com> >Date: Fri, 16 Nov 2012 13:50:07 -0500 >Subject: [PATCH] coredump: move pipe helper into the namespace of crashing > task > >If coredump_pattern is set to pipe data to a user space helper, we need to reset >the namespace of the coredump pipe reader to that of the crashing process, lest >we dump core to a filesystem location or other resource not within the same >container > >Signed-off-by: Neil Horman <nhorman@redhat.com> >--- > fs/exec.c | 8 ++++++++ > include/linux/binfmts.h | 1 + > 2 files changed, 9 insertions(+) > >diff --git a/fs/exec.c b/fs/exec.c >index 574cf4d..08b2d5d 100644 >--- a/fs/exec.c >+++ b/fs/exec.c >@@ -2071,6 +2071,7 @@ static int umh_pipe_setup(struct subprocess_info *info, struct cred *new) > { > struct file *files[2]; > struct fdtable *fdt; >+ struct task_struct *parent; > struct coredump_params *cp = (struct coredump_params *)info->data; > struct files_struct *cf = current->files; > int err = create_pipe_files(files, 0); >@@ -2090,6 +2091,12 @@ static int umh_pipe_setup(struct subprocess_info *info, struct cred *new) > /* and disallow core files too */ > current->signal->rlim[RLIMIT_CORE] = (struct rlimit){1, 1}; > >+ parent = rcu_dereference(cp->process->real_parent); >+ if (parent) >+ switch_task_namespaces(current, parent->nsproxy); >+ else >+ printk(KERN_WARNING "Crashing process has no real parent!\n"); >+ > return 0; > } > >@@ -2116,6 +2123,7 @@ void do_coredump(long signr, int exit_code, struct pt_regs *regs) > * by any locks. > */ > .mm_flags = mm->flags, >+ .process = current, > }; > > audit_core_dumps(signr); >diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h >index 366422b..0a5ce45 100644 >--- a/include/linux/binfmts.h >+++ b/include/linux/binfmts.h >@@ -74,6 +74,7 @@ struct linux_binprm { > struct coredump_params { > long signr; > struct pt_regs *regs; >+ struct task_struct *process; > struct file *file; > unsigned long limit; > unsigned long mm_flags; >-- >1.7.11.7 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=646535">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 872634
:
646534
| 646535 |
655182
|
666220