iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Christian Brauner 1ab29965b3
exec: handle idmapped mounts 
When executing a setuid binary the kernel will verify in bprm_fill_uid()
that the inode has a mapping in the caller's user namespace before
setting the callers uid and gid. Let bprm_fill_uid() handle idmapped
mounts. If the inode is accessed through an idmapped mount it is mapped
according to the mount's user namespace. Afterwards the checks are
identical to non-idmapped mounts. If the initial user namespace is
passed nothing changes so non-idmapped mounts will see identical
behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-24-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:19 +01:00
..
9p
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
adfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
affs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
afs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
autofs
file: Replace ksys_close with close_fd
2020-12-10 12:42:59 -06:00
befs
bfs
inode: make init and permission helpers idmapped mount aware
2021-01-24 14:27:16 +01:00
btrfs
namei: handle idmapped mounts in may_*() helpers
2021-01-24 14:27:17 +01:00
cachefiles
namei: prepare for idmapped mounts
2021-01-24 14:27:18 +01:00
ceph
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
cifs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
coda
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
configfs
namei: make permission helpers idmapped mount aware
2021-01-24 14:27:16 +01:00
cramfs
crypto
inode: make init and permission helpers idmapped mount aware
2021-01-24 14:27:16 +01:00
debugfs
debugfs: remove return value of debugfs_create_devm_seqfile()
2020-10-30 08:37:39 +01:00
devpts
dlm
fs: dlm: check on existing node address
2020-11-10 12:14:20 -06:00
ecryptfs
namei: prepare for idmapped mounts
2021-01-24 14:27:18 +01:00
efivarfs
inode: make init and permission helpers idmapped mount aware
2021-01-24 14:27:16 +01:00
efs
erofs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
exfat
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
exportfs
exportfs: Add a function to return the raw output from fh_to_dentry()
2020-12-09 09:39:38 -05:00
ext2
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
ext4
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
f2fs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
fat
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
freevxfs
fscache
fuse
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
gfs2
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
hfs
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
hfsplus
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
hostfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
hpfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
hugetlbfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
iomap
mm: memcontrol: Use helpers to read page's memcg data
2020-12-02 18:28:05 -08:00
isofs
fs: Replace zero-length array with flexible-array member
2020-10-29 17:22:59 -05:00
jbd2
jbd2: add a helper to find out number of fast commit blocks
2020-12-17 13:30:45 -05:00
jffs2
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
jfs
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
kernfs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
lockd
fs/lockd: convert comma to semicolon
2020-12-16 07:57:37 -05:00
minix
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
nfs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
nfs_common
nfs_common: need lock during iterate through the list
2020-12-09 09:38:34 -05:00
nfsd
namei: prepare for idmapped mounts
2021-01-24 14:27:18 +01:00
nilfs2
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
nls
notify
fs: add file and path permissions helpers
2021-01-24 14:27:16 +01:00
ntfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
ocfs2
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
omfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
openpromfs
orangefs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
overlayfs
namei: prepare for idmapped mounts
2021-01-24 14:27:18 +01:00
proc
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
pstore
Tracing updates for 5.11
2020-12-17 13:22:17 -08:00
qnx4
qnx6
quota
\n
2020-12-17 11:00:37 -08:00
ramfs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
reiserfs
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
romfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
squashfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
sysfs
sysv
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
tracefs
ubifs
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
udf
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
ufs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
unicode
vboxsf
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
verity
fs: add file and path permissions helpers
2021-01-24 14:27:16 +01:00
xfs
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
zonefs
attr: handle idmapped mounts
2021-01-24 14:27:16 +01:00
aio.c
Merge branch 'akpm' (patches from Andrew)
2020-12-15 12:53:37 -08:00
anon_inodes.c
attr.c
commoncap: handle idmapped mounts
2021-01-24 14:27:17 +01:00
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c
binfmt_elf, binfmt_elf_fdpic: use a VMA list snapshot
2020-10-16 11:11:21 -07:00
binfmt_elf.c
Merge branch 'exec-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-12-15 19:29:43 -08:00
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
block_dev.c
block: pre-initialize struct block_device in bdev_alloc_inode
2021-01-07 20:57:53 -07:00
buffer.c
for-5.11/block-2020-12-14
2020-12-16 12:57:51 -08:00
char_dev.c
compat_binfmt_elf.c
elf: Expose ELF header on arch_setup_additional_pages()
2020-10-26 13:46:47 +01:00
coredump.c
open: handle idmapped mounts in do_truncate()
2021-01-24 14:27:18 +01:00
d_path.c
fs: fix NULL dereference due to data race in prepend_path()
2020-10-14 14:54:45 -07:00
dax.c
mm: simplify follow_pte{,pmd}
2020-12-15 22:46:19 -08:00
dcache.c
fs: Kill DCACHE_DONTCACHE dentry even if DCACHE_REFERENCED is set
2020-12-10 17:33:17 -05:00
dcookies.c
direct-io.c
\n
2020-10-15 15:03:10 -07:00
drop_caches.c
eventfd.c
eventfd: Export eventfd_ctx_do_read()
2020-11-15 09:49:10 -05:00
eventpoll.c
epoll: add syscall epoll_pwait2
2020-12-19 11:18:38 -08:00
exec.c
exec: handle idmapped mounts
2021-01-24 14:27:19 +01:00
fcntl.c
fcntl: handle idmapped mounts
2021-01-24 14:27:19 +01:00
fhandle.c
file_table.c
epoll: take epitem list out of struct file
2020-10-25 20:02:08 -04:00
file.c
kernel/io_uring: cancel io_uring before task works
2020-12-30 19:36:54 -07:00
filesystems.c
fs_context.c
fs_parser.c
fs_parse: mark fs_param_bad_value() as static
2020-10-13 18:38:27 -07:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
writeback: don't warn on an unregistered BDI in __mark_inode_dirty
2020-12-16 11:56:02 +01:00
fsopen.c
init.c
init: handle idmapped mounts
2021-01-24 14:27:19 +01:00
inode.c
open: handle idmapped mounts in do_truncate()
2021-01-24 14:27:18 +01:00
internal.h
namei: handle idmapped mounts in may_*() helpers
2021-01-24 14:27:17 +01:00
io_uring.c
io_uring: ensure finish_wait() is always called in __io_uring_task_cancel()
2021-01-15 16:04:23 -07:00
io-wq.c
io-wq: kill now unused io_wq_cancel_all()
2020-12-20 10:47:42 -07:00
io-wq.h
io-wq: kill now unused io_wq_cancel_all()
2020-12-20 10:47:42 -07:00
ioctl.c
Kconfig
Kconfig.binfmt
kernel_read_file.c
libfs.c
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
locks.c
Merge branch 'exec-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2020-12-15 19:29:43 -08:00
Makefile
Refactored code for 5.10:
2020-10-23 11:33:41 -07:00
mbcache.c
mount.h
mpage.c
namei.c
open: handle idmapped mounts in do_truncate()
2021-01-24 14:27:18 +01:00
namespace.c
mount: attach mappings to mounts
2021-01-24 14:27:15 +01:00
no-block.c
nsfs.c
open.c
open: handle idmapped mounts
2021-01-24 14:27:18 +01:00
pipe.c
block: remove i_bdev
2020-12-01 14:53:39 -07:00
pnode.c
pnode.h
fs/namespace.c: WARN if mnt_count has become negative
2020-12-10 17:33:17 -05:00
posix_acl.c
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
proc_namespace.c
proc mountinfo: make splice available again
2020-12-27 12:00:36 -08:00
read_write.c
Refactored code for 5.10:
2020-10-23 11:33:41 -07:00
readdir.c
remap_range.c
ioctl: handle idmapped mounts
2021-01-24 14:27:19 +01:00
select.c
poll: fix performance regression due to out-of-line __put_user()
2021-01-08 11:06:29 -08:00
seq_file.c
fix return values of seq_read_iter()
2020-11-15 22:12:53 -05:00
signalfd.c
splice.c
io_uring-5.10-2020-10-24
2020-10-24 12:40:18 -07:00
stack.c
stat.c
stat: handle idmapped mounts
2021-01-24 14:27:17 +01:00
statfs.c
block: remove i_bdev
2020-12-01 14:53:39 -07:00
super.c
block: remove i_bdev
2020-12-01 14:53:39 -07:00
sync.c
timerfd.c
userfaultfd.c
userfaultfd: add user-mode only option to unprivileged_userfaultfd sysctl knob
2020-12-15 12:13:46 -08:00
utimes.c
utimes: handle idmapped mounts
2021-01-24 14:27:18 +01:00
xattr.c
namei: handle idmapped mounts in may_*() helpers
2021-01-24 14:27:17 +01:00