Message ID | 1456335227-89245-1-git-send-email-seth.forshee@canonical.com |
---|---|
State | New |
Headers | show |
On Wed, Feb 24, 2016 at 11:33:47AM -0600, Seth Forshee wrote: > Filesystems implemented using kernfs are generally operating on > a shared set of in-kernel objects even from different super > blocks. Mounts from user namespaces should not have privileges > towards all objects in these filesystems, so set s_user_ns in > these super blocks to init_user_ns rather than the namespace of > the mounter. Privileged users in a user namespace will still have > privileges towards objects in the filesystem owned by users in > that namespace. > > BugLink: http://bugs.launchpad.net/bugs/1549398 > Signed-off-by: Seth Forshee <seth.forshee@canonical.com> > --- > fs/kernfs/mount.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c > index 074bb8b..18ed4dc 100644 > --- a/fs/kernfs/mount.c > +++ b/fs/kernfs/mount.c > @@ -15,6 +15,7 @@ > #include <linux/slab.h> > #include <linux/pagemap.h> > #include <linux/namei.h> > +#include <linux/user_namespace.h> > > #include "kernfs-internal.h" > > @@ -227,7 +228,8 @@ struct dentry *kernfs_mount_ns(struct file_system_type *fs_type, int flags, > info->root = root; > info->ns = ns; > > - sb = sget(fs_type, kernfs_test_super, kernfs_set_super, flags, info); > + sb = sget_userns(fs_type, kernfs_test_super, kernfs_set_super, flags, > + &init_user_ns, info); > if (IS_ERR(sb) || sb->s_fs_info != info) > kfree(info); > if (IS_ERR(sb)) > -- > 1.9.1 That looks simple enough. Acked-by: Andy Whitcroft <apw@canonical.com> -apw
Quoting Seth Forshee (seth.forshee@canonical.com): > Filesystems implemented using kernfs are generally operating on > a shared set of in-kernel objects even from different super > blocks. Mounts from user namespaces should not have privileges > towards all objects in these filesystems, so set s_user_ns in > these super blocks to init_user_ns rather than the namespace of > the mounter. Privileged users in a user namespace will still have > privileges towards objects in the filesystem owned by users in > that namespace. > > BugLink: http://bugs.launchpad.net/bugs/1549398 > Signed-off-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> > --- > fs/kernfs/mount.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c > index 074bb8b..18ed4dc 100644 > --- a/fs/kernfs/mount.c > +++ b/fs/kernfs/mount.c > @@ -15,6 +15,7 @@ > #include <linux/slab.h> > #include <linux/pagemap.h> > #include <linux/namei.h> > +#include <linux/user_namespace.h> > > #include "kernfs-internal.h" > > @@ -227,7 +228,8 @@ struct dentry *kernfs_mount_ns(struct file_system_type *fs_type, int flags, > info->root = root; > info->ns = ns; > > - sb = sget(fs_type, kernfs_test_super, kernfs_set_super, flags, info); > + sb = sget_userns(fs_type, kernfs_test_super, kernfs_set_super, flags, > + &init_user_ns, info); > if (IS_ERR(sb) || sb->s_fs_info != info) > kfree(info); > if (IS_ERR(sb)) > -- > 1.9.1 >
Applied to Xenial. -apw
diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c index 074bb8b..18ed4dc 100644 --- a/fs/kernfs/mount.c +++ b/fs/kernfs/mount.c @@ -15,6 +15,7 @@ #include <linux/slab.h> #include <linux/pagemap.h> #include <linux/namei.h> +#include <linux/user_namespace.h> #include "kernfs-internal.h" @@ -227,7 +228,8 @@ struct dentry *kernfs_mount_ns(struct file_system_type *fs_type, int flags, info->root = root; info->ns = ns; - sb = sget(fs_type, kernfs_test_super, kernfs_set_super, flags, info); + sb = sget_userns(fs_type, kernfs_test_super, kernfs_set_super, flags, + &init_user_ns, info); if (IS_ERR(sb) || sb->s_fs_info != info) kfree(info); if (IS_ERR(sb))
Filesystems implemented using kernfs are generally operating on a shared set of in-kernel objects even from different super blocks. Mounts from user namespaces should not have privileges towards all objects in these filesystems, so set s_user_ns in these super blocks to init_user_ns rather than the namespace of the mounter. Privileged users in a user namespace will still have privileges towards objects in the filesystem owned by users in that namespace. BugLink: http://bugs.launchpad.net/bugs/1549398 Signed-off-by: Seth Forshee <seth.forshee@canonical.com> --- fs/kernfs/mount.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)