From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Linux Containers <containers@lists.linux-foundation.org>,
<linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
Seth Forshee <seth.forshee@canonical.com>,
Miklos Szeredi <miklos@szeredi.hu>,
Miklos Szeredi <mszeredi@redhat.com>
Subject: [GIT PULL] userns vfs bits for v4.18-rc1
Date: Sun, 03 Jun 2018 23:19:59 -0500 [thread overview]
Message-ID: <87bmcrmbdc.fsf@xmission.com> (raw)
In-Reply-To: <878t7vp64i.fsf@xmission.com> (Eric W. Biederman's message of "Sun, 03 Jun 2018 22:45:01 -0500")
Linus,
Please pull the userns-linus branch from the git tree:
git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-linus
HEAD: f3f1a18330ac1b717cd7a32adff38d965f365aa2 fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
Apologies for the resend I forgot the diffstat and the subject line.
This is the last couple of vfs bits to enable root in a user namespace
to mount and manipulate a filesystem with backing store (AKA not a
virtual filesystem like proc, but a filesystem where the unprivileged
user controls the content). The target filesystem for this work
is fuse, and Miklos should be sending you the pull request for the
fuse bits this merge window.
The two key patches are " evm: Don't update hmacs in user ns mounts" and
"vfs: Don't allow changing the link count of an inode with an invalid
uid or gid". Those close small gaps in the vfs that would be a problem
if an unprivileged fuse filesystem is mounted.
The rest of the changes are things that are now safe to allow a root
user in a user namespace to do with a filesystem they have mounted. The
most interesting development is that remount is now safe.
Eric W. Biederman (5):
vfs: Don't allow changing the link count of an inode with an invalid uid or gid
vfs: Allow userns root to call mknod on owned filesystems.
fs: Allow superblock owner to replace invalid owners of inodes
fs: Allow superblock owner to access do_remount_sb()
capabilities: Allow privileged user in s_user_ns to set security.* xattrs
Seth Forshee (2):
evm: Don't update hmacs in user ns mounts
fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
fs/attr.c | 36 ++++++++++++++++++++++++++++--------
fs/ioctl.c | 4 ++--
fs/namei.c | 16 ++++++++++++----
fs/namespace.c | 4 ++--
security/commoncap.c | 8 ++++++--
security/integrity/evm/evm_crypto.c | 3 ++-
6 files changed, 52 insertions(+), 19 deletions(-)
Eric
prev parent reply other threads:[~2018-06-04 4:20 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-04 3:45 [GIT PULL] userns Eric W. Biederman
2018-06-04 4:19 ` Eric W. Biederman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87bmcrmbdc.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=containers@lists.linux-foundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mszeredi@redhat.com \
--cc=seth.forshee@canonical.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).