Re: [PATCH v8 1/1] ns: add binfmt_misc to the user namespace

[Kees Cook <keescook@chromium.org>]

On Wed, Sep 06, 2023 at 12:28:27PM +0200, Norbert Lange wrote:
> Am Mi., 12. Juli 2023 um 21:40 Uhr schrieb Kees Cook <keescook@chromium.org>:
> >
> > On Fri, Jun 30, 2023 at 11:06:59AM +0200, Christian Brauner wrote:
> > > On Fri, Jun 30, 2023 at 10:52:22AM +0200, Laurent Vivier wrote:
> > > > Hi Norbert,
> > > >
> > > > Le 30/06/2023 à 10:38, Norbert Lange a écrit :
> > > > > Any news on this? What remains to be done, who needs to be harrassed?
> > > > >
> > > > > Regards, Norbert
> > > >
> > > > Christian was working on a new version but there is no update for 1 year.
> > > >
> > > > [PATCH v2 1/2] binfmt_misc: cleanup on filesystem umount
> > > > https://lkml.org/lkml/2021/12/16/406
> > > > [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
> > > > https://lkml.org/lkml/2021/12/16/407
> > > >
> > > > And personally I don't have the time to work on this.
> > >
> > > I've actually rebased this a few weeks ago:
> > > https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git/log/?h=vfs.binfmt_misc
> > > It has Acks, it's done. The only thing back then was Kees had wanted to
> > > take this but never did. I'll ping him.
> >
> > Hi! Can you resend this now that the merge window is closed? I looked at
> > it in your tree and it seems okay. I remain a bit nervous about exposing
> > it to unpriv access, but I'd like to give it a try. It'd be very useful!
> >
> > -Kees
> >
> > --
> > Kees Cook
> 
> Hate to be that guy, but did anything move closer towards upstream
> since that post?

No rebase was needed -- I've dropped this in -next now. Let's see how it
goes!

-- 
Kees Cook