Re: [PATCH v1] fs/namespace: fix unprivileged mount propagation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jun 17, 2019 at 11:22:14PM +0200, Christian Brauner wrote:
> When propagating mounts across mount namespaces owned by different user
> namespaces it is not possible anymore to move or umount the mount in the
> less privileged mount namespace.
> 
> Here is a reproducer:
> 
>   sudo mount -t tmpfs tmpfs /mnt
>   sudo --make-rshared /mnt
> 
>   # create unprivileged user + mount namespace and preserve propagation
>   unshare -U -m --map-root --propagation=unchanged
> 
>   # now change back to the original mount namespace in another terminal:
>   sudo mkdir /mnt/aaa
>   sudo mount -t tmpfs tmpfs /mnt/aaa
> 
>   # now in the unprivileged user + mount namespace
>   mount --move /mnt/aaa /opt
> 
> Unfortunately, this is a pretty big deal for userspace since this is
> e.g. used to inject mounts into running unprivileged containers.
> So this regression really needs to go away rather quickly.
> 
> The problem is that a recent change falsely locked the root of the newly
> added mounts by setting MNT_LOCKED. Fix this by only locking the mounts
> on copy_mnt_ns() and not when adding a new mount.

Applied.  Linus, if you want to apply it directly, feel free to add my
Acked-by.  Alternatively, wait until tonight and I'll send a pull request
with that (as well as missing mntget() in fsmount(2) fix, at least).

Al, down to ~3Kmail in the pile...



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux