Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
> "Serge E. Hallyn" <serge@xxxxxxxxxx> writes:
>
> > Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
> >> "Serge E. Hallyn" <serge@xxxxxxxxxx> writes:
> >>
> >> > Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx):
> >> >> +static bool setup_userns_sysctls(struct user_namespace *ns)
> >> >> +{
> >> >> +#ifdef CONFIG_SYSCTL
> >> >> + struct ctl_table *tbl;
> >> >> + setup_sysctl_set(&ns->set, &set_root, set_is_seen);
> >> >> + tbl = kmemdup(userns_table, sizeof(userns_table), GFP_KERNEL);
> >> >> + if (tbl) {
> >> >> + ns->sysctls = __register_sysctl_table(&ns->set, "userns", tbl);
> >> >> + }
> >> >
> >> > What happens if tbl is null due to oom? Would it be better to just
> >> > return false in that case here?
> >>
> >> ns->sysctls is initialized to NULL and kfree(NULL) is a noop.
> >> So I don't see any problems.
> >>
> >> I admit it isn't a usual pattern for error handling.
> >
> > Right I didn't mean that - I meant, is there a way that a namespace
> > could end up escaping its limits as a result? I think not, since
> > either it has hierarchical limits which will still be enforced, or
> > the admin tries to set a new limit and that step will fail visibly,
> > which suffices.
>
> And what I meant is that we do actually return false in the case you are
> worrying about. And if we return false we don't even create the user
> namespace.
D'oh. Right. Thanks :)
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
