| Message ID | 20160825130444.GA29619@ubuntu-xps13 |
|---|---|
| State | New |
| Headers | show
Return-Path: <kernel-team-bounces@lists.ubuntu.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 3sKkt11xQ6z9sCY; Thu, 25 Aug 2016 23:04:57 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=canonical-com.20150623.gappssmtp.com header.i=@canonical-com.20150623.gappssmtp.com header.b=laOzD7s+; dkim-atps=neutral Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from <kernel-team-bounces@lists.ubuntu.com>) id 1bcuKx-0006ry-Nr; Thu, 25 Aug 2016 13:04:51 +0000 Received: from mail-qt0-f173.google.com ([209.85.216.173]) by huckleberry.canonical.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from <seth.forshee@canonical.com>) id 1bcuKt-0006rn-4a for kernel-team@lists.ubuntu.com; Thu, 25 Aug 2016 13:04:47 +0000 Received: by mail-qt0-f173.google.com with SMTP id 93so22124125qtg.2 for <kernel-team@lists.ubuntu.com>; Thu, 25 Aug 2016 06:04:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical-com.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:mime-version:content-disposition :user-agent; bh=OIEz52Sij4SLA2wZnHOnPnZTL/NLTBsuBAsc+kZC950=; b=laOzD7s+7rUYiwvLV+TDCwsmp8MUmbnRMzifymSZFrfUUaRycZQL4UHcNOqMWMzPux SFcK5w86d8dr7KTTIDVWxHYRF1hdYrXynQEsooQ3H/LocFz9HT9o0oshtQ/I39gAfg/3 Mb/SrJagjDgZziS6CFiHVOhggiHI3/owOCFhOSv9WxXYpG6Zr062LpnmEdI3KvxJ6+xG D533ytnIcFUJIvPC+pXyzgbRbjcMZ8arZiJ7c184SOBzvpYs952c5UxR3tNrQsPF8DPw 0C6zM++T/e6ou26CxIFYoWY5xqewwo4HC77M4zzH2D0Nwhx5Isq7gf+zZJc/9JbnRwKg wrEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition:user-agent; bh=OIEz52Sij4SLA2wZnHOnPnZTL/NLTBsuBAsc+kZC950=; b=LkiTmXKY1GJEbOcSlLrYnewhwh3cTP046WZyf7Yv9+3Okf/clO7IvHwYNi51niKcEO NwZMF3hj8SvfM6TXthr5rUvIpvgyn5lcTeY4W4yhGrrmt9y6dTeT1a7iZr+jvoSt03nY fNIJApREPsTU9rKL4VjMOXTlMENYqXXSOBb5/D6pYDLcE3o6VgoodMesyy8RVGz8T2I9 un29yx+lVmGj/DL5Reunyfq70eh0tMe3LeOLwSWzRB0yWtD5gdqbU9LQtfFvrA5JDKpb XGw4q0gy3Wp5Hip3OdWaHP91npavglHl8QLL9OnCFePXGF3jmMjvwhfxfsSDGCNky8DA Vuyw== X-Gm-Message-State: AE9vXwM2KucqFKHlM6vvCJpzX2FL7s910v3501Wh9Rj1DBlxlZfG0jSEIna97DC29gAO7hwH X-Received: by 10.200.56.35 with SMTP id q32mr10298446qtb.32.1472130286071; Thu, 25 Aug 2016 06:04:46 -0700 (PDT) Received: from localhost ([75.98.193.200]) by smtp.gmail.com with ESMTPSA id f62sm7529719qka.3.2016.08.25.06.04.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Aug 2016 06:04:45 -0700 (PDT) Date: Thu, 25 Aug 2016 09:04:44 -0400 From: Seth Forshee <seth.forshee@canonical.com> To: Tim Gardner <tim.gardner@canonical.com> Subject: [PULL][unstable] namespace mount patches for 4.8 Message-ID: <20160825130444.GA29619@ubuntu-xps13> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.24 (2015-08-30) Cc: Ubuntu Kernel Team <kernel-team@lists.ubuntu.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com> List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe> List-Archive: <https://lists.ubuntu.com/archives/kernel-team> List-Post: <mailto:kernel-team@lists.ubuntu.com> List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help> List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com |
The following changes since commit b6afef49069d5f8dccc5742cd7f51579ca92dd60: UBUNTU: Ubuntu-4.8.0-4.5 (2016-08-23 13:22:11 -0600) are available in the git repository at: git://git.launchpad.net/~sforshee/+git/linux-unstable nsmount for you to fetch changes up to cd6e426ab2d6fcfdeb5a14ec253dbdc0b2378f28: UBUNTU: SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts (2016-08-25 08:36:06 -0400) ---------------------------------------------------------------- Eric W. Biederman (1): UBUNTU: SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes Seth Forshee (16): UBUNTU: SAUCE: (namespace) security/integrity: Harden against malformed xattrs UBUNTU: SAUCE: (namespace) block_dev: Support checking inode permissions in lookup_bdev() UBUNTU: SAUCE: (namespace) block_dev: Check permissions towards block device inode when mounting UBUNTU: SAUCE: (namespace) mtd: Check permissions towards mtd block device inode when mounting UBUNTU: SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root UBUNTU: SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb() UBUNTU: SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set security.* xattrs UBUNTU: SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems UBUNTU: SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules UBUNTU: SAUCE: (namespace) fuse: Add support for pid namespaces UBUNTU: SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns UBUNTU: SAUCE: (namespace) fuse: Translate ids in posix acl xattrs UBUNTU: SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant UBUNTU: SAUCE: (namespace) fuse: Allow user namespace mounts UBUNTU: SAUCE: (namespace) ext4: Add support for unprivileged mounts from user namespaces UBUNTU: SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts drivers/md/bcache/super.c | 2 +- drivers/md/dm-table.c | 2 +- drivers/mtd/mtdsuper.c | 6 +++- fs/attr.c | 34 ++++++++++++++----- fs/block_dev.c | 18 ++++++++-- fs/ext4/acl.c | 31 +++++++++++------ fs/ext4/balloc.c | 4 +-- fs/ext4/ialloc.c | 7 ++-- fs/ext4/inode.c | 18 +++++----- fs/ext4/ioctl.c | 10 +++--- fs/ext4/namei.c | 16 ++++----- fs/ext4/resize.c | 2 +- fs/ext4/super.c | 64 +++++++++++++++++++++++++++-------- fs/fuse/cuse.c | 3 +- fs/fuse/dev.c | 25 ++++++++++---- fs/fuse/dir.c | 46 +++++++++++++++++++------ fs/fuse/file.c | 22 +++++++++--- fs/fuse/fuse_i.h | 10 +++++- fs/fuse/inode.c | 40 ++++++++++++++-------- fs/inode.c | 6 ++-- fs/ioctl.c | 4 +-- fs/namespace.c | 4 +-- fs/posix_acl.c | 42 ++++++++++++++--------- fs/proc/base.c | 7 ++++ fs/proc/generic.c | 7 ++++ fs/proc/proc_sysctl.c | 7 ++++ fs/quota/quota.c | 2 +- include/linux/fs.h | 2 +- include/linux/posix_acl_xattr.h | 9 +++++ include/linux/projid.h | 5 +++ kernel/user_namespace.c | 1 + security/commoncap.c | 12 ++++--- security/integrity/digsig.c | 2 +- security/integrity/evm/evm_main.c | 4 +++ security/integrity/ima/ima_appraise.c | 5 ++- 35 files changed, 348 insertions(+), 131 deletions(-)