Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp1342772pxb;
        Fri, 6 Nov 2020 07:19:29 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzsgIZdCG1i+k9/izLPDfRnuad5sWARG2gCQZH2PnEBa/+a6nlx7hXfoVL9RW83W20WrXhz
X-Received: by 2002:a05:6402:370:: with SMTP id s16mr2417325edw.50.1604675969246;
        Fri, 06 Nov 2020 07:19:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1604675969; cv=none;
        d=google.com; s=arc-20160816;
        b=x17FF4lqdnS+gUrLfQmTdzF0iTJmr4XOCNY7cy1pYNaM2FletTOJs39e2KflToAZGU
         906MOXlXje6tDd739t4fOCXGsomgnf8a9rZsmg+iLcHERtfsX9X7V+ugpj1K1gF5mkAG
         yPxLYjFVlceM1nlLKBxe0yN77LcLZGGjc8aQ3rrNbItmWTcKs9yhNhYitq/VBJP841rn
         2XZniKsHjpz4fSdu5rzfILBmAqxVQzPVTr8N6EfMIb9bPpD0ZNo3jIDmXEJEehbtKDpp
         7FPMjbUAuRwEcYajA36Hm2eCbBeSIIB12Rq0uId8apzxpVl88RPlysEhPh3bxAW0sxOg
         b26w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=wzi4iy+/0x7Yh9a+LWyLqKuCqXy7EaKg2nekXI9I8ak=;
        b=rtjaD0qMIDRwryjJktCvSnkxuy1SmZNY58exK7gv++PWRr1QgapB8PJNrTlkmQsOf9
         6WZ1QXK5Jwgs3QKR+Es3qF9deXd0+mcl1aLJe7OEv0M6W8MwUyTUKCUdMZ4R4oyenKPQ
         wQujbtqaz0kNtOG4uiZUsF3N6RjdAq+oQUc40NttTaM4jNgHbHOZHPUSL5JaB5lrYIPl
         TIci52sGql6QnFC12JPEt7yXq/pqE+ZKI+HIUZpi6ViGw4J1C/S3BU31JxyPLSttF4Z3
         mfPkIPzwETQvFAbCdUQ4U9XDo9l9+2amng94A0Oczbhz1ZpUFaWQ3slA6vfix11scIzh
         zwgQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id z11si1045373ejr.354.2020.11.06.07.19.05;
        Fri, 06 Nov 2020 07:19:29 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727630AbgKFPP0 (ORCPT <rfc822;luigi.mantellini.ml@gmail.com>
        + 99 others); Fri, 6 Nov 2020 10:15:26 -0500
Received: from raptor.unsafe.ru ([5.9.43.93]:46012 "EHLO raptor.unsafe.ru"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727182AbgKFPP0 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 6 Nov 2020 10:15:26 -0500
Received: from comp-core-i7-2640m-0182e6.redhat.com (ip-89-103-122-167.net.upcbroadband.cz [89.103.122.167])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
        (No client certificate requested)
        by raptor.unsafe.ru (Postfix) with ESMTPSA id 2F0FE209D4;
        Fri,  6 Nov 2020 15:15:21 +0000 (UTC)
From:   Alexey Gladkov <gladkov.alexey@gmail.com>
To:     LKML <linux-kernel@vger.kernel.org>,
        Linux FS Devel <linux-fsdevel@vger.kernel.org>,
        "Eric W . Biederman" <ebiederm@xmission.com>
Cc:     Alexey Gladkov <legion@kernel.org>,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Kees Cook <keescook@chromium.org>
Subject: [PATCH v4 0/3] proc: Relax check of mount visibility
Date:   Fri,  6 Nov 2020 16:15:09 +0100
Message-Id: <cover.1604675649.git.gladkov.alexey@gmail.com>
X-Mailer: git-send-email 2.25.4
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.1 (raptor.unsafe.ru [5.9.43.93]); Fri, 06 Nov 2020 15:15:23 +0000 (UTC)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

If only the dynamic part of procfs is mounted (subset=pid), then there is no
need to check if procfs is fully visible to the user in the new user namespace.

Changelog
---------
v4:
* Set SB_I_DYNAMIC only if pidonly is set.
* Add an error message if subset=pid is canceled during remount.

v3:
* Add 'const' to struct cred *mounter_cred (fix kernel test robot warning).

v2:
* cache the mounters credentials and make access to the net directories
  contingent of the permissions of the mounter of procfs.

--

Alexey Gladkov (3):
  proc: Relax check of mount visibility
  proc: Show /proc/self/net only for CAP_NET_ADMIN
  proc: Disable cancellation of subset=pid option

 fs/namespace.c          | 27 ++++++++++++++++-----------
 fs/proc/proc_net.c      |  8 ++++++++
 fs/proc/root.c          | 29 ++++++++++++++++++++++-------
 include/linux/fs.h      |  1 +
 include/linux/proc_fs.h |  1 +
 5 files changed, 48 insertions(+), 18 deletions(-)

-- 
2.25.4