On Mon, Jun 17, 2019 at 11:22:14PM +0200, Christian Brauner wrote: > When propagating mounts across mount namespaces owned by different user > namespaces it is not possible anymore to move or umount the mount in the > less privileged mount namespace. > > Here is a reproducer: > > sudo mount -t tmpfs tmpfs /mnt > sudo --make-rshared /mnt > > # create unprivileged user + mount namespace and preserve propagation > unshare -U -m --map-root --propagation=unchanged > > # now change back to the original mount namespace in another terminal: > sudo mkdir /mnt/aaa > sudo mount -t tmpfs tmpfs /mnt/aaa > > # now in the unprivileged user + mount namespace > mount --move /mnt/aaa /opt > > Unfortunately, this is a pretty big deal for userspace since this is > e.g. used to inject mounts into running unprivileged containers. > So this regression really needs to go away rather quickly. > > The problem is that a recent change falsely locked the root of the newly > added mounts by setting MNT_LOCKED. Fix this by only locking the mounts > on copy_mnt_ns() and not when adding a new mount. Applied. Linus, if you want to apply it directly, feel free to add my Acked-by. Alternatively, wait until tonight and I'll send a pull request with that (as well as missing mntget() in fsmount(2) fix, at least). Al, down to ~3Kmail in the pile...
