* [GIT PULL] fs mount_setattr fix
@ 2021-05-19 13:20 Christian Brauner
2021-05-19 16:20 ` pr-tracker-bot
0 siblings, 1 reply; 2+ messages in thread
From: Christian Brauner @ 2021-05-19 13:20 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-fsdevel, linux-kernel
/* Summary */
This simple change makes an underlying assumption more explicit. We currently
don't have any filesystems that support idmapped mounts which are mountable
inside a user namespace, i.e. where s_user_ns != init_user_ns. That was a
deliberate decision for now as userns root can just mount the filesystem
themselves.
Express this restriction explicitly and enforce it until there's a real
use-case for this. This way we can notice it and will have a chance to adapt
and audit our translation helpers and fstests appropriately if we need to
support such filesystems.
On a general note, we're seeing idmapped mounts being adopted rapidly. Since
5.12 was released systemd has already merged full support for idmapped mounts.
Discussions have kicked off for Docker/Moby, k8s, runC, and the containerd
patchset is about to be reworked. Requests for more filesystems are coming in
including btrfs and overlayfs and we're discussing fanotify making us of
idmapped mounts to implement filtered filesystems marks which will be a great
addition as well. We won't be able to please everyone's desire or design of
course but it feels like we hit the right direction with this patchset.
The following changes since commit 6efb943b8616ec53a5e444193dccf1af9ad627b5:
Linux 5.13-rc1 (2021-05-09 14:17:44 -0700)
are available in the Git repository at:
git@gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/fs.idmapped.mount_setattr.v5.13-rc3
for you to fetch changes up to 2ca4dcc4909d787ee153272f7efc2bff3b498720:
fs/mount_setattr: tighten permission checks (2021-05-12 14:13:16 +0200)
/* Testing */
All patches are based on v5.13-rc1 and have been sitting in linux-next. No
build failures or warnings were observed. All fstests are passing.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline.
Please consider pulling these changes from the signed fs.idmapped.mount_setattr.v5.13-rc3 tag.
Thanks!
Christian
----------------------------------------------------------------
fs.idmapped.mount_setattr.v5.13-rc3
----------------------------------------------------------------
Christian Brauner (1):
fs/mount_setattr: tighten permission checks
fs/namespace.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [GIT PULL] fs mount_setattr fix
2021-05-19 13:20 [GIT PULL] fs mount_setattr fix Christian Brauner
@ 2021-05-19 16:20 ` pr-tracker-bot
0 siblings, 0 replies; 2+ messages in thread
From: pr-tracker-bot @ 2021-05-19 16:20 UTC (permalink / raw)
To: Christian Brauner; +Cc: Linus Torvalds, linux-fsdevel, linux-kernel
The pull request you sent on Wed, 19 May 2021 15:20:55 +0200:
> git@gitolite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/fs.idmapped.mount_setattr.v5.13-rc3
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/c3d0e3fd41b7f0f5d5d5b6022ab7e813f04ea727
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-05-19 16:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-19 13:20 [GIT PULL] fs mount_setattr fix Christian Brauner
2021-05-19 16:20 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).