Commit 0785249f authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'timers-urgent-2020-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull time(keeping) updates from Thomas Gleixner:

 - Fix the time_for_children symlink in /proc/$PID/ so it properly
   reflects that it part of the 'time' namespace

 - Add the missing userns limit for the allowed number of time
   namespaces, which was half defined but the actual array member was
   not added. This went unnoticed as the array has an exessive empty
   member at the end but introduced a user visible regression as the
   output was corrupted.

 - Prevent further silent ucount corruption by adding a BUILD_BUG_ON()
   to catch half updated data.

* tag 'timers-urgent-2020-04-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  ucount: Make sure ucounts in /proc/sys/user don't regress again
  time/namespace: Add max_time_namespaces ucount
  time/namespace: Fix time_for_children symlink
parents 590680d1 0f538e3e
...@@ -65,6 +65,12 @@ max_pid_namespaces ...@@ -65,6 +65,12 @@ max_pid_namespaces
The maximum number of pid namespaces that any user in the current The maximum number of pid namespaces that any user in the current
user namespace may create. user namespace may create.
max_time_namespaces
===================
The maximum number of time namespaces that any user in the current
user namespace may create.
max_user_namespaces max_user_namespaces
=================== ===================
......
...@@ -447,6 +447,7 @@ const struct proc_ns_operations timens_operations = { ...@@ -447,6 +447,7 @@ const struct proc_ns_operations timens_operations = {
const struct proc_ns_operations timens_for_children_operations = { const struct proc_ns_operations timens_for_children_operations = {
.name = "time_for_children", .name = "time_for_children",
.real_ns_name = "time",
.type = CLONE_NEWTIME, .type = CLONE_NEWTIME,
.get = timens_for_children_get, .get = timens_for_children_get,
.put = timens_put, .put = timens_put,
......
...@@ -69,6 +69,7 @@ static struct ctl_table user_table[] = { ...@@ -69,6 +69,7 @@ static struct ctl_table user_table[] = {
UCOUNT_ENTRY("max_net_namespaces"), UCOUNT_ENTRY("max_net_namespaces"),
UCOUNT_ENTRY("max_mnt_namespaces"), UCOUNT_ENTRY("max_mnt_namespaces"),
UCOUNT_ENTRY("max_cgroup_namespaces"), UCOUNT_ENTRY("max_cgroup_namespaces"),
UCOUNT_ENTRY("max_time_namespaces"),
#ifdef CONFIG_INOTIFY_USER #ifdef CONFIG_INOTIFY_USER
UCOUNT_ENTRY("max_inotify_instances"), UCOUNT_ENTRY("max_inotify_instances"),
UCOUNT_ENTRY("max_inotify_watches"), UCOUNT_ENTRY("max_inotify_watches"),
...@@ -81,6 +82,8 @@ bool setup_userns_sysctls(struct user_namespace *ns) ...@@ -81,6 +82,8 @@ bool setup_userns_sysctls(struct user_namespace *ns)
{ {
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
struct ctl_table *tbl; struct ctl_table *tbl;
BUILD_BUG_ON(ARRAY_SIZE(user_table) != UCOUNT_COUNTS + 1);
setup_sysctl_set(&ns->set, &set_root, set_is_seen); setup_sysctl_set(&ns->set, &set_root, set_is_seen);
tbl = kmemdup(user_table, sizeof(user_table), GFP_KERNEL); tbl = kmemdup(user_table, sizeof(user_table), GFP_KERNEL);
if (tbl) { if (tbl) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment