Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3525495imm; Tue, 29 May 2018 08:41:54 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIaXcGM1BneVuKAk9w2VTTM95SCkzrBANlffMI0i5QOYH8hDtgAhXff20zXYx5DYDzo9NEa X-Received: by 2002:a62:a054:: with SMTP id r81-v6mr13025817pfe.10.1527608514927; Tue, 29 May 2018 08:41:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527608514; cv=none; d=google.com; s=arc-20160816; b=C5Wajj7smMkIZ5EdR9YDJ2IQK4hhgbFAJOegb3Z375/1fX0u/Sl2/3ni38wzKoAA6+ ygECBtJzl+4estpvW8lDRcIF/9w2PViReHYUV+NEKeCw+8jUUE+CoI+LMBi/AFYzZLgi X89t4BacTk4kbkPEcazJGxc5yhgj7TAREfywmJC1p6w/NmgFYuo5s0yAW4o5dCrJ1/qM Elk1JU7spj7cxoVVPnASmSMfDiS0bfoUT0QBmApqIfSkT6aI8xglG3t1A6kwpjM/+doX q97TAziFjPhXX2vmAwqPCCn80viP8yT6Qj2W1hL5eb0U0jnlWAoTcFr9D37VS5GODwO2 C6pA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=1QHomPqwz94oSov/7MO/6iTWv2mVoqI63XiMoVg5BIo=; b=O2ZvZo5CzfTiMfqSglNt/IDP4XnqqNXeNyz109PVq9WeABJbcrRvsyF0CrV3WW6Sn1 Dk6xlatFffitp0Pg44wSOt3u70bemitlst1TwJfTy6wlADLguj4o94pSh1JFjkxJ5vpS 5Fn09p0m6Plcnx4OehWTcpytdkgSdv9gr4w9ezPRlD+bQaXtS7ukatYoVTUZhPqWC+/9 3Kw6S0RcET0Rdw+m4OBNelynGdHKZwawaMRqHCWxXZbhaay/zejco9Bjr4E17MCdeQrg gAlgYOsKKxTLI8RcP9RyKqJ1dyKgRDduETWez/Qa2Lt1kWGHroI3D8DE89oNjsfPlLPf /KJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b=Jda0AN+9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p67-v6si31425693pfp.72.2018.05.29.08.41.40; Tue, 29 May 2018 08:41:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b=Jda0AN+9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935410AbeE2Pkx (ORCPT + 99 others); Tue, 29 May 2018 11:40:53 -0400 Received: from mail-yb0-f195.google.com ([209.85.213.195]:40109 "EHLO mail-yb0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934948AbeE2Pkv (ORCPT ); Tue, 29 May 2018 11:40:51 -0400 Received: by mail-yb0-f195.google.com with SMTP id o80-v6so5230800ybc.7 for ; Tue, 29 May 2018 08:40:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kinvolk.io; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1QHomPqwz94oSov/7MO/6iTWv2mVoqI63XiMoVg5BIo=; b=Jda0AN+9LxU4BIHrwXYd50HyIOCdvOkYvLCYId4RAWgbDT2h+LgvarUXjcg6QQme+o lkiiSvAubdJs5x0VFcuRyn038WnQprXWdlGc0r0KoHBUh5aXHe/RoKp5Dfy9WUVq2216 PERX3f/97U6DFogz8cCqRR8VvJz8qxIp6G80o= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1QHomPqwz94oSov/7MO/6iTWv2mVoqI63XiMoVg5BIo=; b=RmcqnQKwH0m0Kg0RR2U3wPHNJI7vHyfd6DGkU4dCxQuiLVSzpyt6dIuEkfkMrHueyI 4sIyd3jmUwv4ebF93QJ9AJ8mfQFQQ7xWfkQaI2x2/Zt9e9RKwfqq5CsenEN8qov1puOk KZdOxCiR+6tLsfp4OrGfdPQlaBBtAoTIh2bozob/3+JcI5Ao+QYH9DpgGOvfychiP0mH ZFbdT7QtEoL4M1k0p8XQKa6IiqzEMu+iN/DL6FQbb9sp96eS1Jjv3zf2kcsfsE/3nxw/ az/2sHf7TAiZuaRlaD+o6LMj5gPVIwixTkVF0nkLyYCNIPvqRLuU/5ixgKriCf/oHtw+ 3AAA== X-Gm-Message-State: ALKqPweV+svTbUo3ulWzRhtX48RuUyf6U3lc8KG48iyNLONq6Q1FfZrx T7TD7/xXIG74ovxkFQn2jtBptCjl04E8U6SJYdv8yQ== X-Received: by 2002:a25:3621:: with SMTP id d33-v6mr10041624yba.269.1527608450723; Tue, 29 May 2018 08:40:50 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:4643:0:0:0:0:0 with HTTP; Tue, 29 May 2018 08:40:50 -0700 (PDT) In-Reply-To: <87o9h6554f.fsf@xmission.com> References: <87o9h6554f.fsf@xmission.com> From: Dongsu Park Date: Tue, 29 May 2018 17:40:50 +0200 Message-ID: Subject: Re: [REVIEW][PATCH 0/6] Wrapping up the vfs support for unprivileged mounts To: "Eric W. Biederman" Cc: Linux Containers , linux-fsdevel@vger.kernel.org, Seth Forshee , LKML , Christian Brauner Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Thu, May 24, 2018 at 1:22 AM, Eric W. Biederman wrote: > > Very slowly the work has been progressing to ensure the vfs has the > necessary support for mounting filesystems without privilege. > > This patchset contains one more core piece of that work, ensuring a few > more operations that would write back an inode and confuse an exisiting > filesystem are denied. > > The rest of the changes actually enable userns root to do things with > filesystems that the userns root has mounted. Most of these have been > waiting in the wings a long time, held back because I wanted the core > of the patchset to be solid before I started allowing additional > behavor. > > It is definitely time for these changes so the effect of s_user_ns > becomes less theoretical. > > The change to allow mknod is new, but consistent with everything else > and harmless as device nodes on filesystems mounted without privilege > are ignored. > > Unless problems show up in the during review I plan to merge these changes. Thank you for the great work. I have been looking forward to seeing it. I have just gathered available relevant patches in my branch: https://github.com/kinvolk/linux/tree/dongsu/fuse-userns-for-4.18 With this branch, I tested sshfs/fuse from non-init user namespace. It works fine as expected. So you can add: Tested-by: Dongsu Park Thanks! Dongsu > These changes are also available at: > git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git userns-test > > Eric W. Biederman (5): > vfs: Don't allow changing the link count of an inode with an invalid uid or gid > vfs: Allow userns root to call mknod on owned filesystems. > fs: Allow superblock owner to replace invalid owners of inodes > fs: Allow superblock owner to access do_remount_sb() > capabilities: Allow privileged user in s_user_ns to set security.* xattrs > > Seth Forshee (1): > fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems > > fs/attr.c | 36 ++++++++++++++++++++++++++++-------- > fs/ioctl.c | 4 ++-- > fs/namei.c | 16 ++++++++++++---- > fs/namespace.c | 4 ++-- > security/commoncap.c | 8 ++++++-- > 5 files changed, 50 insertions(+), 18 deletions(-) > > Eric > _______________________________________________ > Containers mailing list > Containers@lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/containers