Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.1/patches/2231579/?format=api
{ "id": 2231579, "url": "http://patchwork.ozlabs.org/api/1.1/patches/2231579/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-ext4/patch/177758363712.1314717.16316935834409248821.stgit@frogsfrogsfrogs/", "project": { "id": 8, "url": "http://patchwork.ozlabs.org/api/1.1/projects/8/?format=api", "name": "Linux ext4 filesystem development", "link_name": "linux-ext4", "list_id": "linux-ext4.vger.kernel.org", "list_email": "linux-ext4@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null }, "msgid": "<177758363712.1314717.16316935834409248821.stgit@frogsfrogsfrogs>", "date": "2026-04-30T21:17:37", "name": "[10/13] mount_service: allow installation as a setuid program", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "fc9b9e53eda75678a6057254b82dd7ff9874aee5", "submitter": { "id": 77032, "url": "http://patchwork.ozlabs.org/api/1.1/people/77032/?format=api", "name": "Darrick J. Wong", "email": "djwong@kernel.org" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linux-ext4/patch/177758363712.1314717.16316935834409248821.stgit@frogsfrogsfrogs/mbox/", "series": [ { "id": 502386, "url": "http://patchwork.ozlabs.org/api/1.1/series/502386/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-ext4/list/?series=502386", "date": "2026-04-30T21:15:17", "name": "[01/13] Refactor mount code / move common functions to mount_util.c", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/502386/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2231579/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2231579/checks/", "tags": {}, "headers": { "Return-Path": "\n <SRS0=BakC=C5=vger.kernel.org=linux-ext4+bounces-16262-patchwork-incoming=ozlabs.org@ozlabs.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "linux-ext4@vger.kernel.org" ], "Delivered-To": [ "patchwork-incoming@legolas.ozlabs.org", "patchwork-incoming@ozlabs.org" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=LMXm0wUi;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=ozlabs.org\n (client-ip=2404:9400:2221:ea00::3; helo=mail.ozlabs.org;\n envelope-from=srs0=bakc=c5=vger.kernel.org=linux-ext4+bounces-16262-patchwork-incoming=ozlabs.org@ozlabs.org;\n receiver=patchwork.ozlabs.org)", "gandalf.ozlabs.org;\n arc=pass smtp.remote-ip=\"2600:3c04:e001:36c::12fc:5321\"\n arc.chain=subspace.kernel.org", "gandalf.ozlabs.org;\n dmarc=pass (p=quarantine dis=none) header.from=kernel.org", "gandalf.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=LMXm0wUi;\n\tdkim-atps=neutral", "gandalf.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=linux-ext4+bounces-16262-patchwork-incoming=ozlabs.org@vger.kernel.org;\n receiver=ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=\"LMXm0wUi\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=10.30.226.201" ], "Received": [ "from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g66X62J3Vz1yGq\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 01 May 2026 07:20:22 +1000 (AEST)", "from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])\n\tby gandalf.ozlabs.org (Postfix) with ESMTP id 4g66X61sXjz4wTZ\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 01 May 2026 07:20:22 +1000 (AEST)", "by gandalf.ozlabs.org (Postfix)\n\tid 4g66X61lZZz4wLX; Fri, 01 May 2026 07:20:22 +1000 (AEST)", "from tor.lore.kernel.org (tor.lore.kernel.org\n [IPv6:2600:3c04:e001:36c::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby gandalf.ozlabs.org (Postfix) with ESMTPS id 4g66X13YNjz4wTZ\n\tfor <patchwork-incoming@ozlabs.org>; Fri, 01 May 2026 07:20:17 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id 0A16330438CB\n\tfor <patchwork-incoming@ozlabs.org>; Thu, 30 Apr 2026 21:17:40 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 398473AB276;\n\tThu, 30 Apr 2026 21:17:39 +0000 (UTC)", "from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org\n [10.30.226.201])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id F01A12FE066;\n\tThu, 30 Apr 2026 21:17:38 +0000 (UTC)", "by smtp.kernel.org (Postfix) with ESMTPSA id 784F6C2BCB3;\n\tThu, 30 Apr 2026 21:17:38 +0000 (UTC)" ], "ARC-Seal": [ "i=2; a=rsa-sha256; d=ozlabs.org; s=201707; t=1777584022; cv=pass;\n\tb=ygF85KIQs97O6FskVkcAlUS656rRstQf6WyXhXDUaYw45KEN+0XrKZn+T6pvnTkWMi4A2OVlWgZfKRQE9OqiRyO7MRwfC8g270kUykrf7dRLd5nfA1cqhAvOPwjoWgLJRKOPW2F8bgDSUNgFQeiuC82wFoE0mxDEpv9bfreMyRcx7phZgI1mQufbOB99/I4qaAU2GxTH39jSMLCgYcQ0gwVn7wMC8nId041ibnYZSiohlgvajK3s12mmFEV06PQ/m9LuKPG820tNUY2lPtjkSP8BrGsFCpJsZB+vQe8b5K3IkxMPTDLOe/hdrt8Fnk1ihA+6P5MCau9A9APfYQnUvw==", "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1777583859; cv=none;\n b=gb+TyaAR13aLo6CsFCuyA6qvjJ4CIO+98SMKreqSpj8cotOVFAZp/V0K1/CsBQoandHRi47eBYF8ru7EJtrxd9sJo9BC1DSVnVPDhz/bCCh/rIY7xQnLXjpPn3VpLAMqhRBF5lZj3q9yQh5285I7pTlxNDz6uAJVySpbhhHRODA=" ], "ARC-Message-Signature": [ "i=2; a=rsa-sha256; d=ozlabs.org; s=201707;\n\tt=1777584022; c=relaxed/relaxed;\n\tbh=Hl3FgZQ2RTs3ZIM8sLsJU+vlFnaFNsc8m7ToKxV7tNg=;\n\th=Date:Subject:From:To:Cc:Message-ID:In-Reply-To:References:\n\t MIME-Version:Content-Type;\n b=RjVSBxPY9zM7Mo8jhBTlnOJrqyPsuQTjC3raiUTXjhT/MmnPmzlOLDkQxoycgm8KhbiSD8WwNZig5vrhHy0Qlwa4deUk3y3tM8or/64AlNS8CfTso/0w7EBR8rjIPOwro6vgWByyEyZ9cr6CejzoLIYQWKTIgOtFhPhbmDJasFClnJjaz85O/JYGkfst4/nC6VnJqv6t+9Vkcf2vlaEZKvoVCipyXAFJRSl0i5y/0ymN8d9Na0tnXDzTpm5Zev8zTdsisL64rRXGHYF5aChKahthyR5cu1zz8Z6QOci0axdL2RRFbKNu6sDuLoiA+shFqnGW+5Oiw5a66bf04172mw==", "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1777583859; c=relaxed/simple;\n\tbh=UNCbDvUix/6fcD3ir7GQaG2O0AXlLax60sqntYviLZM=;\n\th=Date:Subject:From:To:Cc:Message-ID:In-Reply-To:References:\n\t MIME-Version:Content-Type;\n b=dNxelXFsNz5Vwe9nCKTa3LZG/7SkzfYD4ecE/XgFc1dW9YWIDP6rDaH2WuCJWGfWPvs2TkQpDx3SkrVo72nnTpiFK14n8c6Zo0WJFKlcZg1EvfCzmvMSfATuaEQQE0y1G1cs6nxazvd/yZQ2FgUTlQ+lpqzChHmkaaQs6wi6PJk=" ], "ARC-Authentication-Results": [ "i=2; gandalf.ozlabs.org;\n dmarc=pass (p=quarantine dis=none) header.from=kernel.org;\n dkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=LMXm0wUi; dkim-atps=neutral;\n spf=pass (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=linux-ext4+bounces-16262-patchwork-incoming=ozlabs.org@vger.kernel.org;\n receiver=ozlabs.org) smtp.mailfrom=vger.kernel.org", "i=1; smtp.subspace.kernel.org;\n dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=LMXm0wUi; arc=none smtp.client-ip=10.30.226.201" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n\ts=k20201202; t=1777583858;\n\tbh=UNCbDvUix/6fcD3ir7GQaG2O0AXlLax60sqntYviLZM=;\n\th=Date:Subject:From:To:Cc:In-Reply-To:References:From;\n\tb=LMXm0wUiMfMZNpeVuWyeT139GgaLa+Y9MDxCr0aLohFqdUFGIQkwikXMYk/qK4nGK\n\t jjNrMFGpOncNWJchh3wiObTATYYcNF+lPZGsm5lIthXF5WMhDsN1UBZNXOMoDWgs8A\n\t EAqFQUr13RgD5LC8Cjkvimy4J6Q6qLi/pG+shptnNYmrct2dZqa1xfaTWjtzhMt/xl\n\t LS+I1wFqf7vQtKwFFgiILy4tZHzGB5H/+nmLcw+aNJZ4KoKLNuhAI35WZQWGeWcS92\n\t RMMAbT1zccRhwowPhfBm8VacXoe6xmGy4tsOoT9KVTnQ4crZ3U9Ql8RdakRlgz5ngR\n\t cNlVXAQp4KAkg==", "Date": "Thu, 30 Apr 2026 14:17:37 -0700", "Subject": "[PATCH 10/13] mount_service: allow installation as a setuid program", "From": "\"Darrick J. Wong\" <djwong@kernel.org>", "To": "bernd@bsbernd.com, djwong@kernel.org", "Cc": "linux-fsdevel@vger.kernel.org, fuse-devel@lists.linux.dev,\n linux-ext4@vger.kernel.org, miklos@szeredi.hu, neal@gompa.dev,\n joannelkoong@gmail.com", "Message-ID": "<177758363712.1314717.16316935834409248821.stgit@frogsfrogsfrogs>", "In-Reply-To": "<177758363484.1314717.11777978893472254088.stgit@frogsfrogsfrogs>", "References": "<177758363484.1314717.11777978893472254088.stgit@frogsfrogsfrogs>", "Precedence": "bulk", "X-Mailing-List": "linux-ext4@vger.kernel.org", "List-Id": "<linux-ext4.vger.kernel.org>", "List-Subscribe": "<mailto:linux-ext4+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:linux-ext4+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "7bit", "X-Spam-Status": "No, score=-1.2 required=5.0 tests=ARC_SIGNED,ARC_VALID,\n\tDKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DMARC_PASS,\n\tMAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=disabled\n\tversion=4.0.1", "X-Spam-Checker-Version": "SpamAssassin 4.0.1 (2024-03-25) on gandalf.ozlabs.org" }, "content": "From: Darrick J. Wong <djwong@kernel.org>\n\nAllow installation of the mount service helper as a setuid program so\nthat regular users can access containerized filesystem drivers.\n\nSigned-off-by: \"Darrick J. Wong\" <djwong@kernel.org>\n---\n README.md | 3 +++\n test/ci-build.sh | 14 ++++++++++++++\n util/install_helper.sh | 6 ++++++\n util/meson.build | 3 ++-\n 4 files changed, 25 insertions(+), 1 deletion(-)", "diff": "diff --git a/README.md b/README.md\nindex 6cf23cd870109a..92b85522e7890a 100644\n--- a/README.md\n+++ b/README.md\n@@ -98,6 +98,9 @@ Security implications\n \n The *fusermount3* program is installed setuid root. This is done to\n allow normal users to mount their own filesystem implementations.\n+If built, the *fuservicemount3* program will also be installed setuid\n+root so that normal users can access containerized filesystem\n+implementations.\n \n To limit the harm that malicious users can do this way, *fusermount3*\n enforces the following limitations:\ndiff --git a/test/ci-build.sh b/test/ci-build.sh\nindex 8b019a0b5e52c1..f6e6c3d9de4e4e 100755\n--- a/test/ci-build.sh\n+++ b/test/ci-build.sh\n@@ -60,11 +60,18 @@ non_sanitized_build()\n \n # libfuse will first try the install path and then system defaults\n sudo chmod 4755 ${PREFIX_DIR}/bin/fusermount3\n+ test -x \"${PREFIX_DIR}/sbin/fuservicemount3\" && \\\n+ sudo chmod 4755 ${PREFIX_DIR}/sbin/fuservicemount3\n \n # also needed for some of the tests\n sudo chown root:root util/fusermount3\n sudo chmod 4755 util/fusermount3\n \n+ if [ -x util/fuservicemount3 ]; then\n+ sudo chown root:root util/fuservicemount3\n+ sudo chmod 4755 util/fuservicemount3\n+ fi\n+\n ${TEST_CMD}\n popd\n rm -fr build-${CC}\n@@ -101,11 +108,18 @@ sanitized_build()\n ninja\n sudo env PATH=$PATH ninja install\n sudo chmod 4755 ${PREFIX_DIR}/bin/fusermount3\n+ test -x \"${PREFIX_DIR}/sbin/fuservicemount3\" && \\\n+ sudo chmod 4755 ${PREFIX_DIR}/sbin/fuservicemount3\n \n # also needed for some of the tests\n sudo chown root:root util/fusermount3\n sudo chmod 4755 util/fusermount3\n \n+ if [ -x util/fuservicemount3 ]; then\n+ sudo chown root:root util/fuservicemount3\n+ sudo chmod 4755 util/fuservicemount3\n+ fi\n+\n # Test as root and regular user\n sudo env PATH=$PATH ${TEST_CMD}\n # Cleanup temporary files (since they are now owned by root)\ndiff --git a/util/install_helper.sh b/util/install_helper.sh\nindex 76f2b47fe6c8f9..4c6f9dc3dc70aa 100755\n--- a/util/install_helper.sh\n+++ b/util/install_helper.sh\n@@ -11,6 +11,7 @@ bindir=\"$2\"\n udevrulesdir=\"$3\"\n useroot=\"$4\"\n initscriptdir=\"$5\"\n+sbindir=\"$6\"\n \n # Both sysconfdir and bindir are absolute paths (since they are joined\n # with --prefix in meson.build), but need to be interpreted relative\n@@ -31,6 +32,11 @@ if $useroot; then\n chown root:root \"${DESTDIR}${bindir}/fusermount3\"\n chmod u+s \"${DESTDIR}${bindir}/fusermount3\"\n \n+ if [ -e \"${DESTDIR}${sbindir}/fuservicemount3\" ]; then\n+ chown root:root \"${DESTDIR}${sbindir}/fuservicemount3\"\n+ chmod u+s \"${DESTDIR}${sbindir}/fuservicemount3\"\n+ fi\n+\n if test ! -e \"${DESTDIR}/dev/fuse\"; then\n mkdir -p \"${DESTDIR}/dev\"\n mknod \"${DESTDIR}/dev/fuse\" -m 0666 c 10 229\ndiff --git a/util/meson.build b/util/meson.build\nindex 85b54d5d322dcb..e15dd9bbb0c486 100644\n--- a/util/meson.build\n+++ b/util/meson.build\n@@ -46,4 +46,5 @@ meson.add_install_script('install_helper.sh',\n join_paths(get_option('prefix'), get_option('bindir')),\n udevrulesdir,\n '@0@'.format(get_option('useroot')),\n- get_option('initscriptdir'))\n+ get_option('initscriptdir'),\n+ join_paths(get_option('prefix'), get_option('sbindir')))\n", "prefixes": [ "10/13" ] }