From e19613a77cf2754adfad164167f3ec7333e76d80 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Wed, 18 Feb 2009 09:13:28 -0800
Subject: [PATCH] start .27 queue

---
 ...fix-si_pid-value-in-mqueue-do_notify.patch | 56 ++++++++++++++++
 queue-2.6.27/pid-implement-ns_of_pid.patch    | 66 +++++++++++++++++++
 queue-2.6.27/series                           |  2 +
 3 files changed, 124 insertions(+)
 create mode 100644 queue-2.6.27/mqueue-fix-si_pid-value-in-mqueue-do_notify.patch
 create mode 100644 queue-2.6.27/pid-implement-ns_of_pid.patch
 create mode 100644 queue-2.6.27/series

diff --git a/queue-2.6.27/mqueue-fix-si_pid-value-in-mqueue-do_notify.patch b/queue-2.6.27/mqueue-fix-si_pid-value-in-mqueue-do_notify.patch
new file mode 100644
index 00000000000..9653e4c6487
--- /dev/null
+++ b/queue-2.6.27/mqueue-fix-si_pid-value-in-mqueue-do_notify.patch
@@ -0,0 +1,56 @@
+From a6684999f7c6bddd75cf9755ad7ff44435f72fff Mon Sep 17 00:00:00 2001
+From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
+Date: Wed, 7 Jan 2009 18:08:50 -0800
+Subject: mqueue: fix si_pid value in mqueue do_notify()
+
+From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
+
+commit a6684999f7c6bddd75cf9755ad7ff44435f72fff upstream.
+
+If a process registers for asynchronous notification on a POSIX message
+queue, it gets a signal and a siginfo_t structure when a message arrives
+on the message queue.  The si_pid in the siginfo_t structure is set to the
+PID of the process that sent the message to the message queue.
+
+The principle is the following:
+. when mq_notify(SIGEV_SIGNAL) is called, the caller registers for
+  notification when a msg arrives. The associated pid structure is stroed into
+  inode_info->notify_owner. Let's call this process P1.
+. when mq_send() is called by say P2, P2 sends a signal to P1 to notify
+  him about msg arrival.
+
+The way .si_pid is set today is not correct, since it doesn't take into account
+the fact that the process that is sending the message might not be in the
+same namespace as the notified one.
+
+This patch proposes to set si_pid to the sender's pid into the notify_owner
+namespace.
+
+Signed-off-by: Nadia Derbey <Nadia.Derbey@bull.net>
+Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
+Acked-by: Oleg Nesterov <oleg@redhat.com>
+Cc: Roland McGrath <roland@redhat.com>
+Cc: Bastian Blank <bastian@waldi.eu.org>
+Cc: Pavel Emelyanov <xemul@openvz.org>
+Cc: Eric W. Biederman <ebiederm@xmission.com>
+Acked-by: Serge Hallyn <serue@us.ibm.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ ipc/mqueue.c |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/ipc/mqueue.c
++++ b/ipc/mqueue.c
+@@ -498,7 +498,8 @@ static void __do_notify(struct mqueue_in
+ 			sig_i.si_errno = 0;
+ 			sig_i.si_code = SI_MESGQ;
+ 			sig_i.si_value = info->notify.sigev_value;
+-			sig_i.si_pid = task_tgid_vnr(current);
++			sig_i.si_pid = task_tgid_nr_ns(current,
++						ns_of_pid(info->notify_owner));
+ 			sig_i.si_uid = current->uid;
+ 
+ 			kill_pid_info(info->notify.sigev_signo,
diff --git a/queue-2.6.27/pid-implement-ns_of_pid.patch b/queue-2.6.27/pid-implement-ns_of_pid.patch
new file mode 100644
index 00000000000..58fd8cdd7f1
--- /dev/null
+++ b/queue-2.6.27/pid-implement-ns_of_pid.patch
@@ -0,0 +1,66 @@
+From f9fb860f67b9542cd78d1558dec7058092b57d8e Mon Sep 17 00:00:00 2001
+From: Eric W. Biederman <ebiederm@xmission.com>
+Date: Wed, 7 Jan 2009 18:08:46 -0800
+Subject: pid: implement ns_of_pid
+
+From: Eric W. Biederman <ebiederm@xmission.com>
+
+commit f9fb860f67b9542cd78d1558dec7058092b57d8e upstream.
+
+A current problem with the pid namespace is that it is easy to do pid
+related work after exit_task_namespaces which drops the nsproxy pointer.
+
+However if we are doing pid namespace related work we are always operating
+on some struct pid which retains the pid_namespace pointer of the pid
+namespace it was allocated in.
+
+So provide ns_of_pid which allows us to find the pid namespace a pid was
+allocated in.
+
+Using this we have the needed infrastructure to do pid namespace related
+work at anytime we have a struct pid, removing the chance of accidentally
+having a NULL pointer dereference when accessing current->nsproxy.
+
+Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
+Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
+Cc: Oleg Nesterov <oleg@redhat.com>
+Cc: Roland McGrath <roland@redhat.com>
+Cc: Bastian Blank <bastian@waldi.eu.org>
+Cc: Pavel Emelyanov <xemul@openvz.org>
+Cc: Nadia Derbey <Nadia.Derbey@bull.net>
+Acked-by: Serge Hallyn <serue@us.ibm.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ include/linux/pid.h |   18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+--- a/include/linux/pid.h
++++ b/include/linux/pid.h
+@@ -123,6 +123,24 @@ extern struct pid *alloc_pid(struct pid_
+ extern void free_pid(struct pid *pid);
+ 
+ /*
++ * ns_of_pid() returns the pid namespace in which the specified pid was
++ * allocated.
++ *
++ * NOTE:
++ * 	ns_of_pid() is expected to be called for a process (task) that has
++ * 	an attached 'struct pid' (see attach_pid(), detach_pid()) i.e @pid
++ * 	is expected to be non-NULL. If @pid is NULL, caller should handle
++ * 	the resulting NULL pid-ns.
++ */
++static inline struct pid_namespace *ns_of_pid(struct pid *pid)
++{
++	struct pid_namespace *ns = NULL;
++	if (pid)
++		ns = pid->numbers[pid->level].ns;
++	return ns;
++}
++
++/*
+  * the helpers to get the pid's id seen from different namespaces
+  *
+  * pid_nr()    : global id, i.e. the id seen from the init namespace;
diff --git a/queue-2.6.27/series b/queue-2.6.27/series
new file mode 100644
index 00000000000..688f5c0ea4f
--- /dev/null
+++ b/queue-2.6.27/series
@@ -0,0 +1,2 @@
+pid-implement-ns_of_pid.patch
+mqueue-fix-si_pid-value-in-mqueue-do_notify.patch
-- 
2.47.3