From: Dongsu Park <dongsu@kinvolk.io>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Linux Containers <containers@lists.linux-foundation.org>,
linux-fsdevel@vger.kernel.org,
Seth Forshee <seth.forshee@canonical.com>,
LKML <linux-kernel@vger.kernel.org>,
Christian Brauner <christian@brauner.io>
Subject: Re: [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts
Date: Tue, 29 May 2018 17:40:50 +0200 [thread overview]
Message-ID: <CANxcAMt5f7=TV3Yqc6iavos=saGFOPKC4R4Yr9yGbKoVwq3YGw@mail.gmail.com> (raw)
In-Reply-To: <87o9h6554f.fsf@xmission.com>
Hi,
On Thu, May 24, 2018 at 1:22 AM, Eric W. Biederman
<ebiederm@xmission.com> wrote:
>
> Very slowly the work has been progressing to ensure the vfs has the
> necessary support for mounting filesystems without privilege.
>
> This patchset contains one more core piece of that work, ensuring a few
> more operations that would write back an inode and confuse an exisiting
> filesystem are denied.
>
> The rest of the changes actually enable userns root to do things with
> filesystems that the userns root has mounted. Most of these have been
> waiting in the wings a long time, held back because I wanted the core
> of the patchset to be solid before I started allowing additional
> behavor.
>
> It is definitely time for these changes so the effect of s_user_ns
> becomes less theoretical.
>
> The change to allow mknod is new, but consistent with everything else
> and harmless as device nodes on filesystems mounted without privilege
> are ignored.
>
> Unless problems show up in the during review I plan to merge these changes.
Thank you for the great work. I have been looking forward to seeing it.
I have just gathered available relevant patches in my branch:
https://github.com/kinvolk/linux/tree/dongsu/fuse-userns-for-4.18
With this branch, I tested sshfs/fuse from non-init user namespace.
It works fine as expected. So you can add:
Tested-by: Dongsu Park <dongsu@kinvolk.io>
Thanks!
Dongsu
> These changes are also available at:
> git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-test
>
> Eric W. Biederman (5):
> vfs: Don't allow changing the link count of an inode with an invalid uid or gid
> vfs: Allow userns root to call mknod on owned filesystems.
> fs: Allow superblock owner to replace invalid owners of inodes
> fs: Allow superblock owner to access do_remount_sb()
> capabilities: Allow privileged user in s_user_ns to set security.* xattrs
>
> Seth Forshee (1):
> fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
>
> fs/attr.c | 36 ++++++++++++++++++++++++++++--------
> fs/ioctl.c | 4 ++--
> fs/namei.c | 16 ++++++++++++----
> fs/namespace.c | 4 ++--
> security/commoncap.c | 8 ++++++--
> 5 files changed, 50 insertions(+), 18 deletions(-)
>
> Eric
> _______________________________________________
> Containers mailing list
> Containers@lists.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers
prev parent reply other threads:[~2018-05-29 15:40 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-23 23:22 [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts Eric W. Biederman
2018-05-23 23:25 ` [REVIEW][PATCH 1/6] vfs: Don't allow changing the link count of an inode with an invalid uid or gid Eric W. Biederman
2018-05-24 12:58 ` Seth Forshee
2018-05-24 22:30 ` Christian Brauner
2018-05-23 23:25 ` [REVIEW][PATCH 2/6] vfs: Allow userns root to call mknod on owned filesystems Eric W. Biederman
2018-05-24 13:55 ` Seth Forshee
2018-05-24 16:55 ` Eric W. Biederman
2018-05-24 17:22 ` Seth Forshee
2018-05-24 19:12 ` Christian Brauner
2018-05-23 23:25 ` [REVIEW][PATCH 3/6] fs: Allow superblock owner to replace invalid owners of inodes Eric W. Biederman
2018-05-23 23:41 ` [REVIEW][PATCH v2 " Eric W. Biederman
2018-05-24 22:30 ` Christian Brauner
2018-05-23 23:25 ` [REVIEW][PATCH 4/6] fs: Allow superblock owner to access do_remount_sb() Eric W. Biederman
2018-05-24 15:58 ` Christian Brauner
2018-05-24 16:45 ` Eric W. Biederman
2018-05-24 17:28 ` Christian Brauner
2018-05-23 23:25 ` [REVIEW][PATCH 5/6] capabilities: Allow privileged user in s_user_ns to set security.* xattrs Eric W. Biederman
2018-05-24 15:57 ` Christian Brauner
2018-05-23 23:25 ` [REVIEW][PATCH 6/6] fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems Eric W. Biederman
2018-05-24 15:59 ` Christian Brauner
2018-05-24 21:46 ` [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts Theodore Y. Ts'o
2018-05-24 23:23 ` Eric W. Biederman
2018-05-25 3:57 ` Dave Chinner
2018-05-25 4:06 ` Darrick J. Wong
2018-05-29 13:12 ` Eric W. Biederman
2018-05-29 22:17 ` Dave Chinner
2018-05-30 2:34 ` Eric W. Biederman
2018-05-30 4:34 ` Dave Chinner
2018-05-29 15:40 ` Dongsu Park [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANxcAMt5f7=TV3Yqc6iavos=saGFOPKC4R4Yr9yGbKoVwq3YGw@mail.gmail.com' \
--to=dongsu@kinvolk.io \
--cc=christian@brauner.io \
--cc=containers@lists.linux-foundation.org \
--cc=ebiederm@xmission.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=seth.forshee@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).