From: ebiederm@xmission.com (Eric W. Biederman)
To: "Levin\, Alexander \(Sasha Levin\)" <alexander.levin@verizon.com>
Cc: "linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"stable\@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCH for v4.9 LTS 72/87] libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount
Date: Sat, 15 Jul 2017 02:50:30 -0500 [thread overview]
Message-ID: <871spinnp5.fsf@xmission.com> (raw)
In-Reply-To: <20170715012538.10101-72-alexander.levin@verizon.com> (Alexander Levin's message of "Sat, 15 Jul 2017 01:26:22 +0000")
*Scratches my head*
Is there code in v4.9 where this matters? At the time I merged this to
my knowledge there were no in kernel users that cared. Which is why I
did not cc stable in the first place.
Eric
"Levin, Alexander (Sasha Levin)" <alexander.levin@verizon.com> writes:
> From: "Eric W. Biederman" <ebiederm@xmission.com>
>
> [ Upstream commit 75422726b0f717d67db3283c2eb5bc14fa2619c5 ]
>
> Add MS_KERNMOUNT to the flags that are passed.
> Use sget_userns and force &init_user_ns instead of calling sget so that
> even if called from a weird context the internal filesystem will be
> considered to be in the intial user namespace.
>
> Luis Ressel reported that the the failure to pass MS_KERNMOUNT into
> mount_pseudo broke his in development graphics driver that uses the
> generic drm infrastructure. I am not certain the deriver was bug
> free in it's usage of that infrastructure but since
> mount_pseudo_xattr can never be triggered by userspace it is clearer
> and less error prone, and less problematic for the code to be explicit.
>
> Reported-by: Luis Ressel <aranea@aixah.de>
> Tested-by: Luis Ressel <aranea@aixah.de>
> Acked-by: Al Viro <viro@ZenIV.linux.org.uk>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
> Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
> ---
> fs/libfs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/fs/libfs.c b/fs/libfs.c
> index 48826d4da189..9588780ad43e 100644
> --- a/fs/libfs.c
> +++ b/fs/libfs.c
> @@ -245,7 +245,8 @@ struct dentry *mount_pseudo_xattr(struct file_system_type *fs_type, char *name,
> struct inode *root;
> struct qstr d_name = QSTR_INIT(name, strlen(name));
>
> - s = sget(fs_type, NULL, set_anon_super, MS_NOUSER, NULL);
> + s = sget_userns(fs_type, NULL, set_anon_super, MS_KERNMOUNT|MS_NOUSER,
> + &init_user_ns, NULL);
> if (IS_ERR(s))
> return ERR_CAST(s);
next prev parent reply other threads:[~2017-07-15 7:58 UTC|newest]
Thread overview: 92+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-15 1:25 [PATCH for v4.9 LTS 01/87] x86/mce/AMD: Make the init code more robust Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 02/87] r8169: add support for RTL8168 series add-on card Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 03/87] ARM: omap2+: fixing wrong strcat for Non-NULL terminated string Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 04/87] dt-bindings: power/supply: Update TPS65217 properties Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 05/87] dt-bindings: input: Specify the interrupt number of TPS65217 power button Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 06/87] ARM: dts: am57xx-idk: Put USB2 port in peripheral mode Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 07/87] ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 08/87] net/mlx5: Disable RoCE on the e-switch management port under switchdev mode Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 09/87] ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 10/87] net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 11/87] net/mlx4: Remove BUG_ON from ICM allocation routine Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 14/87] drm/msm: Put back the vaddr in submit_reloc() Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 13/87] drm/msm: Ensure that the hardware write pointer is valid Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 12/87] net/mlx4_core: Fix raw qp flow steering rules under SRIOV Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 17/87] irqchip/keystone: Fix "scheduling while atomic" on rt Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 15/87] drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 16/87] vfio-pci: use 32-bit comparisons for register address for gcc-4.5 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 19/87] spi: dw: Make debugfs name unique between instances Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 20/87] ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 18/87] ASoC: tlv320aic3x: Mark the RESET register as volatile Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 23/87] dmaengine: ioatdma: Add Skylake PCI Dev ID Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 22/87] openrisc: Add _text symbol to fix ksym build error Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 21/87] irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 25/87] l2tp: consider '::' as wildcard address in l2tp_ip6 socket lookup Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 24/87] dmaengine: ioatdma: workaround SKX ioatdma version Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 26/87] dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 27/87] usb: dwc3: omap: fix race of pm runtime with irq handler in probe Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 29/87] ARM64: zynqmp: Fix i2c node's compatible string Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 28/87] ARM64: zynqmp: Fix W=1 dtc 1.4 warnings Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 30/87] perf probe: Fix to get correct modname from elf header Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 31/87] ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_* Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 32/87] ACPI / scan: Prefer devices without _HID/_CID for _ADR matching Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 34/87] Btrfs: use down_read_nested to make lockdep silent Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 35/87] Btrfs: fix lockdep warning about log_mutex Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 33/87] usb: gadget: Fix copy/pasted error message Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 37/87] Btrfs: adjust outstanding_extents counter properly when dio write is split Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 36/87] benet: stricter vxlan offloading check in be_features_check Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 40/87] perf tools: Install tools/lib/traceevent plugins with install-bin Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 38/87] Xen: ARM: Zero reserved fields of xatp before making hypervisor call Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 39/87] tools lib traceevent: Fix prev/next_prio for deadline tasks Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 42/87] video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 41/87] perf symbols: Robustify reading of build-id from sysfs Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 43/87] perf probe: Fix to probe on gcc generated symbols for offline kernel Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 44/87] vfio-pci: Handle error from pci_iomap Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 46/87] nvmem: imx-ocotp: Fix wrong register size Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 45/87] arm64: mm: fix show_pte KERN_CONT fallout Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 47/87] net: usb: asix_devices: add .reset_resume for USB PM Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 48/87] ASoC: fsl_ssi: set fifo watermark to more reliable value Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 49/87] sh_eth: enable RX descriptor word 0 shift on SH7734 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 50/87] ARCv2: IRQ: Call entry/exit functions for chained handlers in MCIP Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 53/87] perf/x86: Set pmu->module in Intel PMU modules Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 51/87] ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 52/87] x86/platform/intel-mid: Rename 'spidev' to 'mrfld_spidev' Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 55/87] HID: ignore Petzl USB headlamp Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 56/87] scsi: fnic: Avoid sending reset to firmware when another reset is in progress Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 54/87] ASoC: Intel: bytcr-rt5640: fix settings in internal clock mode Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 57/87] scsi: snic: Return error code on memory allocation failure Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 58/87] scsi: bfa: Increase requested firmware version to 3.2.5.1 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 59/87] ASoC: Intel: Skylake: Release FW ctx in cleanup Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 61/87] sh_eth: fix EESIPR values for SH77{34|63} Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 60/87] ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 62/87] sh_eth: R8A7740 supports packet shecksumming Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 63/87] net: phy: dp83867: fix irq generation Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 64/87] tg3: Fix race condition in tg3_get_stats64() Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 65/87] x86/boot: Add missing declaration of string functions Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 67/87] ASoC: rt5645: set sel_i2s_pre_div1 to 2 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 66/87] spi: spi-axi: Free resources on error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 68/87] netfilter: use fwmark_reflect in nf_send_reset Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 70/87] ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 69/87] phy state machine: failsafe leave invalid RUNNING state Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 72/87] libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount Levin, Alexander (Sasha Levin)
2017-07-15 7:50 ` Eric W. Biederman [this message]
2017-07-15 15:46 ` Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 73/87] scsi: qla2xxx: Get mutex lock before checking optrom_state Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 71/87] clk/samsung: exynos542x: mark some clocks as critical Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 74/87] drm/virtio: fix framebuffer sparse warning Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 75/87] ARM: dts: sun6i: hummingbird: Enable display engine again Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 77/87] ARM: dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 78/87] iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 76/87] ARM: dts: sun8i: Support DTB build for NanoPi M1 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 80/87] virtio_blk: fix panic in initialization error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 81/87] ARM: 8632/1: ftrace: fix syscall name matching Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 79/87] nbd: blk_mq_init_queue returns an error code on failure, not NULL Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 83/87] lib/Kconfig.debug: fix frv build failure Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 82/87] mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 85/87] mm: don't dereference struct page fields of invalid pages Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 84/87] signal: protect SIGNAL_UNKILLABLE from unintentional clearing Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 86/87] net: account for current skb length when deciding about UFO Levin, Alexander (Sasha Levin)
2017-07-15 8:53 ` Michal Kubecek
2017-07-15 8:53 ` Michal Kubecek
2017-07-24 14:10 ` Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 87/87] net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy Levin, Alexander (Sasha Levin)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871spinnp5.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=alexander.levin@verizon.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.