[PATCH v3 28/38] exec: handle idmapped mounts

[PATCH v3 00/38] idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 32/38] fat: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 32/38] fat: handle idmapped mounts · Mauricio Vásquez Bernal <hidden> · 2020-11-30
Re: [PATCH v3 32/38] fat: handle idmapped mounts · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 25/38] init: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 37/38] tests: extend mount_setattr tests · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 30/38] apparmor: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 35/38] overlayfs: do not mount on top of idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 23/38] fcntl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 21/38] af_unix: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 34/38] ecryptfs: do not mount on top of idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 36/38] fs: introduce MOUNT_ATTR_IDMAP · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 31/38] ima: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 22/38] utimes: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 26/38] ioctl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 28/38] exec: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 20/38] open: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Mauricio Vásquez Bernal <hidden> · 2020-11-30
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 27/38] would_dump: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 24/38] notify: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 11/38] attr: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 14/38] commoncap: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 13/38] xattr: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 15/38] stat: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 12/38] acl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 17/38] namei: introduce struct renamedata · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 17/38] namei: introduce struct renamedata · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 17/38] namei: introduce struct renamedata · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 19/38] open: handle idmapped mounts in do_truncate() · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 16/38] namei: handle idmapped mounts in may_*() helpers · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 08/38] capability: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 08/38] capability: handle idmapped mounts · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
[PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 18/38] namei: prepare for idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 06/38] fs: add id translation helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 06/38] fs: add id translation helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 06/38] fs: add id translation helpers · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
[PATCH v3 07/38] mount: attach mappings to mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Tycho Andersen <tycho@tycho.pizza> · 2020-12-01
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 05/38] tests: add mount_setattr() selftests · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 00/38] idmapped mounts · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
Re: [PATCH v3 00/38] idmapped mounts · Christian Brauner <hidden> · 2020-12-01

STALE2004d

Revisions (4)

2020-11-28 v3 current
2020-12-04 v4 [diff vs current]
2021-01-12 v5 [diff vs current]
2021-01-21 v6 [diff vs current]

From: Christian Brauner <hidden>
Date: 2020-11-28 22:13:01
Also in: fstests, linux-api, linux-ext4, linux-fsdevel, linux-security-module, selinux
Subsystem: exec & binfmt api, elf, filesystems (vfs and infrastructure), the rest · Maintainers: Kees Cook, Alexander Viro, Christian Brauner, Linus Torvalds

When executing a setuid binary the kernel will verify in bprm_fill_uid() that
the inode has a mapping in the caller's user namespace before setting the
callers uid and gid. Let bprm_fill_uid() handle idmapped mounts. If the inode
is accessed through an idmapped mount it is mapped according to the mount's
user namespace. Afterwards the checks are identical to non-idmapped mounts. If
the initial user namespace is passed nothing changes so non-idmapped mounts will
see identical behavior as before.

Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Signed-off-by: Christian Brauner <redacted>
---
/* v2 */
unchanged

/* v3 */
unchanged
---
 fs/exec.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 10c06fdf78a7..7d6d3dd17e84 100644
--- a/fs/exec.c
+++ b/fs/exec.c

@@ -1567,6 +1567,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm)
 static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
 {
 	/* Handle suid and sgid on files */
+	struct user_namespace *user_ns;
 	struct inode *inode;
 	unsigned int mode;
 	kuid_t uid;

@@ -1583,13 +1584,15 @@ static void bprm_fill_uid(struct linux_binprm *bprm, struct file *file)
 	if (!(mode & (S_ISUID|S_ISGID)))
 		return;
 
+	user_ns = mnt_user_ns(file->f_path.mnt);
+
 	/* Be careful if suid/sgid is set */
 	inode_lock(inode);
 
 	/* reload atomically mode/uid/gid now that lock held */
 	mode = inode->i_mode;
-	uid = inode->i_uid;
-	gid = inode->i_gid;
+	uid = i_uid_into_mnt(user_ns, inode);
+	gid = i_gid_into_mnt(user_ns, inode);
 	inode_unlock(inode);
 
 	/* We ignore suid/sgid if there are no mappings for them in the ns */

-- 
2.29.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help