Inter-revision diff: patch 28

Comparing v3 (message) to v6 (message) 

--- v3
+++ v6
@@ -1,11 +1,8 @@
-When executing a setuid binary the kernel will verify in bprm_fill_uid() that
-the inode has a mapping in the caller's user namespace before setting the
-callers uid and gid. Let bprm_fill_uid() handle idmapped mounts. If the inode
-is accessed through an idmapped mount it is mapped according to the mount's
-user namespace. Afterwards the checks are identical to non-idmapped mounts. If
-the initial user namespace is passed nothing changes so non-idmapped mounts will
-see identical behavior as before.
+Prevent overlayfs from being mounted on top of idmapped mounts.
+Stacking filesystems need to be prevented from being mounted on top of
+idmapped mounts until they have have been converted to handle this.
 
+Link: https://lore.kernel.org/r/20210112220124.837960-40-christian.brauner@ubuntu.com
 Cc: Christoph Hellwig <hch@lst.de>
 Cc: David Howells <dhowells@redhat.com>
 Cc: Al Viro <viro@zeniv.linux.org.uk>
@@ -13,44 +10,43 @@
 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 ---
 /* v2 */
+patch introduced
+
+/* v3 */
+- Amir Goldstein <amir73il@gmail.com>:
+  - Move check for idmapped lower layers into ovl_mount_dir_noesc().
+- David Howells <dhowells@redhat.com>:
+  - Adapt check after removing mnt_idmapped() helper.
+
+/* v4 */
 unchanged
 
-/* v3 */
+/* v5 */
 unchanged
+base-commit: 7c53f6b671f4aba70ff15e1b05148b10d58c2837
+
+/* v6 */
+unchanged
+base-commit: 19c329f6808995b142b3966301f217c831e7cf31
 ---
- fs/exec.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
+ fs/overlayfs/super.c | 4 ++++
+ 1 file changed, 4 insertions(+)
 
-diff --git a/fs/exec.c b/fs/exec.c
-index 10c06fdf78a7..7d6d3dd17e84 100644
---- a/fs/exec.c
-+++ b/fs/exec.c
-@@ -1567,6 +1567,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm)
- static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
- {
- 	/* Handle suid and sgid on files */
-+	struct user_namespace *user_ns;
- 	struct inode *inode;
- 	unsigned int mode;
- 	kuid_t uid;
-@@ -1583,13 +1584,15 @@ static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
- 	if (!(mode & (S_ISUID|S_ISGID)))
- 		return;
- 
-+	user_ns = mnt_user_ns(file->f_path.mnt);
-+
- 	/* Be careful if suid/sgid is set */
- 	inode_lock(inode);
- 
- 	/* reload atomically mode/uid/gid now that lock held */
- 	mode = inode->i_mode;
--	uid = inode->i_uid;
--	gid = inode->i_gid;
-+	uid = i_uid_into_mnt(user_ns, inode);
-+	gid = i_gid_into_mnt(user_ns, inode);
- 	inode_unlock(inode);
- 
- 	/* We ignore suid/sgid if there are no mappings for them in the ns */
+diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
+index c04612b19054..b702c576e783 100644
+--- a/fs/overlayfs/super.c
++++ b/fs/overlayfs/super.c
+@@ -858,6 +858,10 @@ static int ovl_mount_dir_noesc(const char *name, struct path *path)
+ 		pr_err("filesystem on '%s' not supported\n", name);
+ 		goto out_put;
+ 	}
++	if (mnt_user_ns(path->mnt) != &init_user_ns) {
++		pr_err("idmapped layers are currently not supported\n");
++		goto out_put;
++	}
+ 	if (!d_is_dir(path->dentry)) {
+ 		pr_err("'%s' not a directory\n", name);
+ 		goto out_put;
 -- 
-2.29.2
+2.30.0
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help