On Tue, Aug 30, 2016 at 7:41 PM, Serge E. Hallyn [off-list ref] wrote:

On Fri, Aug 26, 2016 at 04:08:08PM -0700, Andrei Vagin wrote:

quoted

From: Andrey Vagin <redacted>

Return -EPERM if an owning user namespace is outside of a process
current user namespace.

v2: In a first version ns_get_owner returned ENOENT for init_user_ns.
    This special cases was removed from this version. There is nothing
    outside of init_user_ns, so we can return EPERM.

Signed-off-by: Andrei Vagin <redacted>
---
 fs/namespace.c                 |  6 ++++++
 include/linux/proc_ns.h        |  1 +
 include/linux/user_namespace.h |  7 +++++++
 ipc/namespace.c                |  6 ++++++
 kernel/cgroup.c                |  6 ++++++
 kernel/pid_namespace.c         |  6 ++++++
 kernel/user_namespace.c        | 24 ++++++++++++++++++++++++
 kernel/utsname.c               |  6 ++++++
 net/core/net_namespace.c       |  6 ++++++
 9 files changed, 68 insertions(+)

diff --git a/fs/namespace.c b/fs/namespace.c
index 491b8f3..f985817 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c

@@ -3368,10 +3368,16 @@ static int mntns_install(struct nsproxy *nsproxy, struct ns_common *ns)
      return 0;
 }

+static struct user_namespace *mntns_get_owner(struct ns_common *ns)
+{
+     return to_mnt_ns(ns)->user_ns;

Hi - sorry to be pedantic here, but *_get_owner makes me think
it will grab a reference too.  A bit unfortunate, maybe it doesn't
matter, but would mntns_owner(), netns_owner(), etc be better?

Actually it looks reasonable. Especially, when we have get_parent()
which grabs a reference.

Serge, could you look at the attached patch? I will need to rebase
other patches, if we accept this patch.

Thanks,
Andrei