Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1438286imm; Wed, 23 May 2018 16:27:49 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqkU41x7XBzyFhYaVCnKL7ZVJpNYIMD0z36F5PYOtK6lRKBAsMssuoA0RFx0zW695MHESjS X-Received: by 2002:a17:902:3081:: with SMTP id v1-v6mr4963249plb.266.1527118069698; Wed, 23 May 2018 16:27:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527118069; cv=none; d=google.com; s=arc-20160816; b=Cx+JrPGHNSIRBPXKVYUifGr/ynN5vlEZFLJwGVpZX36RZDaUjVKOBLQ9f0sE64e72j NJF2JJR750D9Rar8vKogItwzlJAmLmRArUODiNMOeVAiDYCKY6/cwcLnJblUf1r4fTFQ +oBftm03RyPQfHv+b3MQxxM7Eom+r6ssBAmZnE5/SeeQAick12vkaWVPjaVxlrMXkj+h 7CP1F4B82PJ95XCiO125rxXvyyVzWbf6ThAndjHtnSXci6425/sHUwVSeUaA5SL5/sJg GP0gkOIASGPkxXe4UZR8qqZm2UNCc3rCpEfvkth4tBCwKzC2FpYxgm4TmcuZFegaVQtN HeRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:references:in-reply-to:message-id :date:cc:to:from:arc-authentication-results; bh=cPVB92UUgX4lH3f5Xxls78uKC45T7YcXAfRTQtKoH90=; b=yThGRWo7kSYxUByR3v32x1221B03ZfYMXUVWUt0v/jZ5uCPaYbXAYXJ9ekC7RExA9x 5SvQW0aotaIP4Pa79jtaB8U9uS1/7OFGlDfcrShV+fCp4qYsIS4IBHQlVRJu5Go32h1B SKd3OQAuG+06xxfATddN0lAYhMehROyJt/gzB61EeIgXB4fjFo5dem9JyE5XtcjnRgpW mFAziuZ/YZNMziAhHItGpAVYvWtyp+S0XPP9/Pzg8YpFtHatFK66hpes9T1IuNeONAfO bk/LDgDoxQQtER1uqqNGJ2WyfO9rBNofA91zhmKhHrKB5PYL45Yjx07tcc5g10CF2gZV huXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g33-v6si20629089plb.297.2018.05.23.16.27.35; Wed, 23 May 2018 16:27:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935176AbeEWX0z (ORCPT + 99 others); Wed, 23 May 2018 19:26:55 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:48370 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935144AbeEWX0r (ORCPT ); Wed, 23 May 2018 19:26:47 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out01.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1fLd9b-0003Z9-6C; Wed, 23 May 2018 17:26:47 -0600 Received: from [97.119.174.25] (helo=x220.int.ebiederm.org) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87) (envelope-from ) id 1fLd9a-0004ID-DJ; Wed, 23 May 2018 17:26:47 -0600 From: "Eric W. Biederman" To: Linux Containers Cc: linux-fsdevel@vger.kernel.org, Seth Forshee , "Serge E. Hallyn" , Christian Brauner , linux-kernel@vger.kernel.org, "Eric W. Biederman" Date: Wed, 23 May 2018 18:25:36 -0500 Message-Id: <20180523232538.4880-4-ebiederm@xmission.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <87o9h6554f.fsf@xmission.com> References: <87o9h6554f.fsf@xmission.com> X-XM-SPF: eid=1fLd9a-0004ID-DJ;;;mid=<20180523232538.4880-4-ebiederm@xmission.com>;;;hst=in02.mta.xmission.com;;;ip=97.119.174.25;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX1+ox6BYEU36ruf3Jktpvotef8Xvub+1C4Q= X-SA-Exim-Connect-IP: 97.119.174.25 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa04.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.5 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,TR_Symld_Words,T_TooManySym_01,T_TooManySym_02, T_TooManySym_03,XMNoVowels,XMSubLong autolearn=disabled version=3.4.1 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.7 XMSubLong Long Subject * 1.5 TR_Symld_Words too many words that have symbols inside * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa04 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_02 5+ unique symbols in subject * 0.0 T_TooManySym_03 6+ unique symbols in subject * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa04 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***;Linux Containers X-Spam-Relay-Country: X-Spam-Timing: total 209 ms - load_scoreonly_sql: 0.07 (0.0%), signal_user_changed: 3.8 (1.8%), b_tie_ro: 2.6 (1.3%), parse: 1.30 (0.6%), extract_message_metadata: 22 (10.3%), get_uri_detail_list: 2.2 (1.1%), tests_pri_-1000: 11 (5.4%), tests_pri_-950: 1.65 (0.8%), tests_pri_-900: 1.31 (0.6%), tests_pri_-400: 20 (9.7%), check_bayes: 19 (9.1%), b_tokenize: 7 (3.4%), b_tok_get_all: 5 (2.6%), b_comp_prob: 2.0 (1.0%), b_tok_touch_all: 2.5 (1.2%), b_finish: 0.64 (0.3%), tests_pri_0: 139 (66.5%), check_dkim_signature: 0.51 (0.2%), check_dkim_adsp: 5.0 (2.4%), tests_pri_500: 4.4 (2.1%), rewrite_mail: 0.00 (0.0%) Subject: [REVIEW][PATCH 4/6] fs: Allow superblock owner to access do_remount_sb() X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Superblock level remounts are currently restricted to global CAP_SYS_ADMIN, as is the path for changing the root mount to read only on umount. Loosen both of these permission checks to also allow CAP_SYS_ADMIN in any namespace which is privileged towards the userns which originally mounted the filesystem. Signed-off-by: Seth Forshee Acked-by: "Eric W. Biederman" Acked-by: Serge Hallyn Signed-off-by: Eric W. Biederman --- fs/namespace.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 5f75969adff1..8ddd14806799 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1590,7 +1590,7 @@ static int do_umount(struct mount *mnt, int flags) * Special case for "unmounting" root ... * we just try to remount it readonly. */ - if (!capable(CAP_SYS_ADMIN)) + if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) return -EPERM; down_write(&sb->s_umount); if (!sb_rdonly(sb)) @@ -2333,7 +2333,7 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags, down_write(&sb->s_umount); if (ms_flags & MS_BIND) err = change_mount_flags(path->mnt, ms_flags); - else if (!capable(CAP_SYS_ADMIN)) + else if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) err = -EPERM; else err = do_remount_sb(sb, sb_flags, data, 0); -- 2.14.1