Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2877103ybi;
        Mon, 17 Jun 2019 11:55:47 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxWn0WBJhgaxVE/vJiyjsfsizNYk3/TDc0iFlJ7HAedRLoW/ALZ0kh7tAbgm5KFPOrK1eD6
X-Received: by 2002:a17:902:20ec:: with SMTP id v41mr28059351plg.142.1560797747235;
        Mon, 17 Jun 2019 11:55:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560797747; cv=none;
        d=google.com; s=arc-20160816;
        b=hQYNE3tZX8CIoKoa20QmvaT4+XAF8nqMMndMmLSIr4oXaQTY+WInwjclakql0+pds2
         N5ncZtfAWR9Py/hWScoWlR6rxcEZ2tev8zQFyrr+wFqUwx6q8KBKvd90swkE83bgswGC
         sFbdXzO+f/QEbcYxY2EWQX+ZOj4cB16+VZzStxXJbvwvqX5zsRC2KZq159d53+8Evqq5
         9QXs4cm6JXvLmKOTI735CeeuVcYJREwdZ6cPIdq4T5Auff40DM6d3T3TdHbwavwbpbro
         OxMX2EnCwEjrQ3pHtou9PbRWy+6vYcL3yi/+q1TesuqltdEnSehmTQOsxeJ4D6WR+zuN
         +sEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=N4LmJoDm393am3LOXmW7HeqV1LEACkFRWiey/C9Q6Uo=;
        b=c1RVuof2hjV78ziDgQ5GzLBlOpgMgi6kta5KvPa2qMi6Qn8/BsABFcDP96ff91BSwh
         eezulqFdgOVEOZYgYg9CAeOe3rshopV7HV+RSwtKHuIXp6zZsMcyv/7hAqUjxqf3DwXN
         nr7zkaOag80rpmYNmkJpfV75IOiLyw7MKZnvGrZ2Bo4TaTT9QcoDfmm0xbZh2keZ/1P1
         f112MN72VAJkBDwBplTqmR8temkpJ9uG67qLdAU2afbjnQf1/4u4+6dKLMkhKjeuH7yk
         cVyNdPi/JZikHWAGx4YCkYEsfW+ehFQpiLyg+v0louMkVgc6Lcwevtbm51gnG+yBV71L
         Ubvg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 73si285104pga.407.2019.06.17.11.55.32;
        Mon, 17 Jun 2019 11:55:47 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726623AbfFQSzV (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Mon, 17 Jun 2019 14:55:21 -0400
Received: from zeniv.linux.org.uk ([195.92.253.2]:59742 "EHLO
        ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725772AbfFQSzV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 17 Jun 2019 14:55:21 -0400
Received: from viro by ZenIV.linux.org.uk with local (Exim 4.92 #3 (Red Hat Linux))
        id 1hcwmi-0004Gq-Rq; Mon, 17 Jun 2019 18:55:16 +0000
Date:   Mon, 17 Jun 2019 19:55:16 +0100
From:   Al Viro <viro@zeniv.linux.org.uk>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Christian Brauner <christian@brauner.io>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        linux-fsdevel <linux-fsdevel@vger.kernel.org>,
        stable <stable@vger.kernel.org>
Subject: Re: [PATCH] fs/namespace: fix unprivileged mount propagation
Message-ID: <20190617185516.GU17978@ZenIV.linux.org.uk>
References: <20190617184711.21364-1-christian@brauner.io>
 <CAHk-=wh+OWQ2s-NZC4RzfHtgNfhV9sbtP6dXV4WnsVRQ3A3hnA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=wh+OWQ2s-NZC4RzfHtgNfhV9sbtP6dXV4WnsVRQ3A3hnA@mail.gmail.com>
User-Agent: Mutt/1.11.3 (2019-02-01)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Jun 17, 2019 at 11:50:13AM -0700, Linus Torvalds wrote:
> On Mon, Jun 17, 2019 at 11:47 AM Christian Brauner <christian@brauner.io> wrote:
> >
> > When propagating mounts across mount namespaces owned by different user
> > namespaces it is not possible anymore to move or umount the mount in the
> > less privileged mount namespace.
> 
> I will wait a short while in the hope of getting Al's ack for this,
> but since it looks about as good as it likely can be, I suspect I'll
> just apply it later today even without such an ack..

Give me a bit; I'm busy digging myself from under the pile of mail accumulated
in the last few weeks (bronchitis sucked, especially when it got to the point
where one can't stay asleep for more than an hour or get more than about 5 hours
per day total).  I'm trying not to throw anything relevant out, but if I don't
reply to something important today or tomorrow, please resend it my way -
the pile had been 36Kmail (down to 24K now) ;-/