Do not assume that ids from the lower filesystem are from init_user_ns. Instead, translate them from that filesystem's s_user_ns and then to the shiftfs user ns. Signed-off-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx> --- fs/shiftfs.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/shiftfs.c b/fs/shiftfs.c index 556594988dd2..226c03d8588b 100644 --- a/fs/shiftfs.c +++ b/fs/shiftfs.c @@ -613,6 +613,8 @@ static int shiftfs_getattr(const struct path *path, struct kstat *stat, struct inode *reali = real->d_inode; const struct inode_operations *iop = reali->i_op; struct path newpath = { .mnt = path->dentry->d_sb->s_fs_info, .dentry = real }; + struct user_namespace *from_ns = reali->i_sb->s_user_ns; + struct user_namespace *to_ns = inode->i_sb->s_user_ns; int err = 0; if (iop->getattr) @@ -624,8 +626,8 @@ static int shiftfs_getattr(const struct path *path, struct kstat *stat, return err; /* transform the underlying id */ - stat->uid = make_kuid(inode->i_sb->s_user_ns, __kuid_val(stat->uid)); - stat->gid = make_kgid(inode->i_sb->s_user_ns, __kgid_val(stat->gid)); + stat->uid = shift_kuid(from_ns, to_ns, stat->uid); + stat->gid = shift_kgid(from_ns, to_ns, stat->gid); return 0; } -- 2.19.1 _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers