Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2060486ybv; Fri, 14 Feb 2020 10:40:34 -0800 (PST) X-Google-Smtp-Source: APXvYqzXpFlYGMEbshDxCsE0pLMNuQ80MeiSCv+2qP0rAtkVc6VWDKn7hZJZXJCSZYvLyGcIKuFR X-Received: by 2002:a9d:51ca:: with SMTP id d10mr3398426oth.76.1581705634579; Fri, 14 Feb 2020 10:40:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581705634; cv=none; d=google.com; s=arc-20160816; b=Vnvp2SflCbs5Tm+v9Mx7krrydXXDfIcCGTZQ1Qe6mh3zQcdCX68EWI12FMbd3C8tDC lSX9CGtjDzRc2cFc9BJsOw3NfOnGAFIPOPKCfPdXc0uIwztjbh4A41e8s6Snq68CHmV9 +R7sm+fjNko7y1x8cwI7X10F/PcvbACXWNDR9jQIJMh4B9A0C0Nmw01mBErXU7ijnaFx q6oVwAlO3YIfhgCJAURgrRQFLiWKXcvI3xMB5/5qjD72aiQnx801QjNY/b8FisPQEZ+e zgd572IiwTipPu4paEoC2s88NZ5v775rm2D2Kwz5I3bfbqcJYboVgzf/+OIUG3nFvjKM sc2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=qo4dfe5vHScB/QgSYxOCVikaxoFclVLQuuJkpWsLWc4=; b=lcsrVDAvHhL34EUYOLy4afktypIgLqnKGDBAfROWYS+aetkEB58Uc/UynmclDRBkVY HZ2qaDMUk3I4BENBF7xn7ESlekMVyh3rHvfzVPh0MQu0yNgE2AXrOQt0V1qoH7c5V/O1 l3CTqXXwvUvMNpCpjGPARZgWamJyu6tDAPXTXyqLnTX4KqEsgenC1EdNLip7t6DvzZcz 4yVxth1s3w2Pf7OdzUVU5q0t0zsb4qsYun5eMveY58dqLrNq5pPh4Ukcc5E/YjW+DGai SdOjGQtKNPn+egA1YSVXVpKcojLv6vqOeH1DHtjgwif9HFdKarGCYc3apa8gYcYCamEs X1qw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r10si3103733otk.83.2020.02.14.10.40.22; Fri, 14 Feb 2020 10:40:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390754AbgBNSiw (ORCPT + 99 others); Fri, 14 Feb 2020 13:38:52 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:33659 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730491AbgBNSiB (ORCPT ); Fri, 14 Feb 2020 13:38:01 -0500 Received: from ip5f5bf7ec.dynamic.kabel-deutschland.de ([95.91.247.236] helo=wittgenstein.fritz.box) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1j2fqN-0000uO-MI; Fri, 14 Feb 2020 18:37:39 +0000 From: Christian Brauner To: =?UTF-8?q?St=C3=A9phane=20Graber?= , "Eric W. Biederman" , Aleksa Sarai , Jann Horn Cc: smbarber@chromium.org, Seth Forshee , Alexander Viro , Alexey Dobriyan , Serge Hallyn , James Morris , Kees Cook , Jonathan Corbet , Phil Estes , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, containers@lists.linux-foundation.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, Christian Brauner Subject: [PATCH v2 06/28] cred: add kfs{g,u}id Date: Fri, 14 Feb 2020 19:35:32 +0100 Message-Id: <20200214183554.1133805-7-christian.brauner@ubuntu.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200214183554.1133805-1-christian.brauner@ubuntu.com> References: <20200214183554.1133805-1-christian.brauner@ubuntu.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org After the introduction of fsid mappings we need to carefully handle single-superblock filesystems that are visible in user namespaces. This specifically concerns proc and sysfs. For those filesystems we want to continue looking up fsid in the id mappings of the relevant user namespace. We can either do this by dynamically translating between these fsids or we simply keep them around with the other creds. The latter option is not just simpler but also more performant since we don't need to do the translation from fsid mappings into id mappings on the fly. Link: https://lore.kernel.org/r/20200212145149.zohmc6d3x52bw6j6@wittgenstein Cc: Jann Horn Signed-off-by: Christian Brauner --- /* v2 */ patch added --- include/linux/cred.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/linux/cred.h b/include/linux/cred.h index 18639c069263..604914d3fd51 100644 --- a/include/linux/cred.h +++ b/include/linux/cred.h @@ -125,6 +125,8 @@ struct cred { kgid_t egid; /* effective GID of the task */ kuid_t fsuid; /* UID for VFS ops */ kgid_t fsgid; /* GID for VFS ops */ + kuid_t kfsuid; /* UID for VFS ops for userns visible filesystems */ + kgid_t kfsgid; /* GID for VFS ops for userns visible filesystems */ unsigned securebits; /* SUID-less security management */ kernel_cap_t cap_inheritable; /* caps our children can inherit */ kernel_cap_t cap_permitted; /* caps we're permitted */ @@ -384,6 +386,8 @@ static inline void put_cred(const struct cred *_cred) #define current_sgid() (current_cred_xxx(sgid)) #define current_fsuid() (current_cred_xxx(fsuid)) #define current_fsgid() (current_cred_xxx(fsgid)) +#define current_kfsuid() (current_cred_xxx(kfsuid)) +#define current_kfsgid() (current_cred_xxx(kfsgid)) #define current_cap() (current_cred_xxx(cap_effective)) #define current_user() (current_cred_xxx(user)) -- 2.25.0