This is a note to let you know that I've just added the patch titled
fs: relax permissions for statmount()
to the 6.10-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fs-relax-permissions-for-statmount.patch
and it can be found in the queue-6.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit 0f29f2dff8262b0c0c47e336411adae0278bd9e4
Author: Christian Brauner <brauner@xxxxxxxxxx>
Date: Mon Jun 24 11:49:45 2024 -0400
fs: relax permissions for statmount()
[ Upstream commit f3107df39df123328a9d3c8f40c006834b37287d ]
It is sufficient to have capabilities in the owning user namespace of
the mount namespace to stat a mount regardless of whether it's reachable
or not.
Link: https://lore.kernel.org/r/bf5961d71ec479ba85806766b0d8d96043e67bba.1719243756.git.josef@xxxxxxxxxxxxxx
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/fs/namespace.c b/fs/namespace.c
index 57311ecbdf5a..4494064205a6 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -4906,6 +4906,7 @@ static int copy_statmount_to_user(struct kstatmount *s)
static int do_statmount(struct kstatmount *s)
{
struct mount *m = real_mount(s->mnt);
+ struct mnt_namespace *ns = m->mnt_ns;
int err;
/*
@@ -4913,7 +4914,7 @@ static int do_statmount(struct kstatmount *s)
* mounts to show users.
*/
if (!is_path_reachable(m, m->mnt.mnt_root, &s->root) &&
- !ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN))
+ !ns_capable_noaudit(ns->user_ns, CAP_SYS_ADMIN))
return -EPERM;
err = security_sb_statfs(s->mnt->mnt_root);
