mirror of https://github.com/torvalds/linux.git
692ec06d7c
This patch adds a receive method to NETLINK_KOBJECT_UEVENT netlink sockets to allow sending uevent messages into the network namespace the socket belongs to. Currently non-initial network namespaces are already isolated and don't receive uevents. There are a number of cases where it is beneficial for a sufficiently privileged userspace process to send a uevent into a network namespace. One such use case would be debugging and fuzzing of a piece of software which listens and reacts to uevents. By running a copy of that software inside a network namespace, specific uevents could then be presented to it. More concretely, this would allow for easy testing of udevd/ueventd. This will also allow some piece of software to run components inside a separate network namespace and then effectively filter what that software can receive. Some examples of software that do directly listen to uevents and that we have in the past attempted to run inside a network namespace are rbd (CEPH client) or the X server. Implementation: The implementation has been kept as simple as possible from the kernel's perspective. Specifically, a simple input method uevent_net_rcv() is added to NETLINK_KOBJECT_UEVENT sockets which completely reuses existing af_netlink infrastructure and does neither add an additional netlink family nor requires any user-visible changes. For example, by using netlink_rcv_skb() we can make use of existing netlink infrastructure to report back informative error messages to userspace. Furthermore, this implementation does not introduce any overhead for existing uevent generating codepaths. The struct netns got a new uevent socket member that records the uevent socket associated with that network namespace including its position in the uevent socket list. Since we record the uevent socket for each network namespace in struct net we don't have to walk the whole uevent socket list. Instead we can directly retrieve the relevant uevent socket and send the message. At exit time we can now also trivially remove the uevent socket from the uevent socket list. This keeps the codepath very performant without introducing needless overhead and even makes older codepaths faster. Uevent sequence numbers are kept global. When a uevent message is sent to another network namespace the implementation will simply increment the global uevent sequence number and append it to the received uevent. This has the advantage that the kernel will never need to parse the received uevent message to replace any existing uevent sequence numbers. Instead it is up to the userspace process to remove any existing uevent sequence numbers in case the uevent message to be sent contains any. Security: In order for a caller to send uevent messages to a target network namespace the caller must have CAP_SYS_ADMIN in the owning user namespace of the target network namespace. Additionally, any received uevent message is verified to not exceed size UEVENT_BUFFER_SIZE. This includes the space needed to append the uevent sequence number. Testing: This patch has been tested and verified to work with the following udev implementations: 1. CentOS 6 with udevd version 147 2. Debian Sid with systemd-udevd version 237 3. Android 7.1.1 with ueventd Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|---|---|---|
| .. | ||
| 842 | ||
| fonts | ||
| lz4 | ||
| lzo | ||
| mpi | ||
| raid6 | ||
| reed_solomon | ||
| xz | ||
| zlib_deflate | ||
| zlib_inflate | ||
| zstd | ||
| .gitignore | ||
| Kconfig | ||
| Kconfig.debug | ||
| Kconfig.kasan | ||
| Kconfig.kgdb | ||
| Kconfig.ubsan | ||
| Makefile | ||
| argv_split.c | ||
| ashldi3.c | ||
| ashrdi3.c | ||
| asn1_decoder.c | ||
| assoc_array.c | ||
| atomic64.c | ||
| atomic64_test.c | ||
| audit.c | ||
| bcd.c | ||
| bch.c | ||
| bitmap.c | ||
| bitrev.c | ||
| bsearch.c | ||
| btree.c | ||
| bucket_locks.c | ||
| bug.c | ||
| build_OID_registry | ||
| bust_spinlocks.c | ||
| chacha20.c | ||
| check_signature.c | ||
| checksum.c | ||
| clz_ctz.c | ||
| clz_tab.c | ||
| cmdline.c | ||
| cmpdi2.c | ||
| compat_audit.c | ||
| cordic.c | ||
| cpu_rmap.c | ||
| cpumask.c | ||
| crc-ccitt.c | ||
| crc-itu-t.c | ||
| crc-t10dif.c | ||
| crc4.c | ||
| crc7.c | ||
| crc8.c | ||
| crc16.c | ||
| crc32.c | ||
| crc32defs.h | ||
| crc32test.c | ||
| ctype.c | ||
| debug_info.c | ||
| debug_locks.c | ||
| debugobjects.c | ||
| dec_and_lock.c | ||
| decompress.c | ||
| decompress_bunzip2.c | ||
| decompress_inflate.c | ||
| decompress_unlz4.c | ||
| decompress_unlzma.c | ||
| decompress_unlzo.c | ||
| decompress_unxz.c | ||
| devres.c | ||
| digsig.c | ||
| div64.c | ||
| dma-debug.c | ||
| dma-direct.c | ||
| dma-virt.c | ||
| dump_stack.c | ||
| dynamic_debug.c | ||
| dynamic_queue_limits.c | ||
| earlycpio.c | ||
| error-inject.c | ||
| errseq.c | ||
| extable.c | ||
| fault-inject.c | ||
| fdt.c | ||
| fdt_empty_tree.c | ||
| fdt_ro.c | ||
| fdt_rw.c | ||
| fdt_strerror.c | ||
| fdt_sw.c | ||
| fdt_wip.c | ||
| find_bit.c | ||
| find_bit_benchmark.c | ||
| flex_array.c | ||
| flex_proportions.c | ||
| gcd.c | ||
| gen_crc32table.c | ||
| genalloc.c | ||
| glob.c | ||
| globtest.c | ||
| hexdump.c | ||
| hweight.c | ||
| idr.c | ||
| inflate.c | ||
| int_sqrt.c | ||
| interval_tree.c | ||
| interval_tree_test.c | ||
| iomap.c | ||
| iomap_copy.c | ||
| iommu-common.c | ||
| iommu-helper.c | ||
| ioremap.c | ||
| iov_iter.c | ||
| irq_poll.c | ||
| irq_regs.c | ||
| is_single_threaded.c | ||
| jedec_ddr_data.c | ||
| kasprintf.c | ||
| kfifo.c | ||
| klist.c | ||
| kobject.c | ||
| kobject_uevent.c | ||
| kstrtox.c | ||
| kstrtox.h | ||
| lcm.c | ||
| libcrc32c.c | ||
| list_debug.c | ||
| list_sort.c | ||
| llist.c | ||
| locking-selftest-hardirq.h | ||
| locking-selftest-mutex.h | ||
| locking-selftest-rlock-hardirq.h | ||
| locking-selftest-rlock-softirq.h | ||
| locking-selftest-rlock.h | ||
| locking-selftest-rsem.h | ||
| locking-selftest-rtmutex.h | ||
| locking-selftest-softirq.h | ||
| locking-selftest-spin-hardirq.h | ||
| locking-selftest-spin-softirq.h | ||
| locking-selftest-spin.h | ||
| locking-selftest-wlock-hardirq.h | ||
| locking-selftest-wlock-softirq.h | ||
| locking-selftest-wlock.h | ||
| locking-selftest-wsem.h | ||
| locking-selftest.c | ||
| lockref.c | ||
| lru_cache.c | ||
| lshrdi3.c | ||
| memory-notifier-error-inject.c | ||
| memweight.c | ||
| muldi3.c | ||
| net_utils.c | ||
| netdev-notifier-error-inject.c | ||
| nlattr.c | ||
| nmi_backtrace.c | ||
| nodemask.c | ||
| notifier-error-inject.c | ||
| notifier-error-inject.h | ||
| of-reconfig-notifier-error-inject.c | ||
| oid_registry.c | ||
| once.c | ||
| parman.c | ||
| parser.c | ||
| pci_iomap.c | ||
| percpu-refcount.c | ||
| percpu_counter.c | ||
| percpu_ida.c | ||
| percpu_test.c | ||
| plist.c | ||
| pm-notifier-error-inject.c | ||
| prime_numbers.c | ||
| radix-tree.c | ||
| random32.c | ||
| ratelimit.c | ||
| rational.c | ||
| rbtree.c | ||
| rbtree_test.c | ||
| reciprocal_div.c | ||
| refcount.c | ||
| rhashtable.c | ||
| sbitmap.c | ||
| scatterlist.c | ||
| seq_buf.c | ||
| sg_pool.c | ||
| sg_split.c | ||
| sha1.c | ||
| show_mem.c | ||
| siphash.c | ||
| smp_processor_id.c | ||
| sort.c | ||
| stackdepot.c | ||
| stmp_device.c | ||
| string.c | ||
| string_helpers.c | ||
| strncpy_from_user.c | ||
| strnlen_user.c | ||
| swiotlb.c | ||
| syscall.c | ||
| test-kstrtox.c | ||
| test-string_helpers.c | ||
| test_bitmap.c | ||
| test_bpf.c | ||
| test_debug_virtual.c | ||
| test_firmware.c | ||
| test_hash.c | ||
| test_hexdump.c | ||
| test_kasan.c | ||
| test_kmod.c | ||
| test_list_sort.c | ||
| test_module.c | ||
| test_parman.c | ||
| test_printf.c | ||
| test_rhashtable.c | ||
| test_siphash.c | ||
| test_sort.c | ||
| test_static_key_base.c | ||
| test_static_keys.c | ||
| test_string.c | ||
| test_sysctl.c | ||
| test_user_copy.c | ||
| test_uuid.c | ||
| textsearch.c | ||
| timerqueue.c | ||
| ts_bm.c | ||
| ts_fsm.c | ||
| ts_kmp.c | ||
| ubsan.c | ||
| ubsan.h | ||
| ucmpdi2.c | ||
| ucs2_string.c | ||
| usercopy.c | ||
| uuid.c | ||
| vsprintf.c | ||
| win_minmax.c | ||
| xxhash.c | ||