From: ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)
To: Linus Torvalds
<torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
Cc: Andrey Vagin <avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org>,
Miklos Szeredi <miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>,
Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org>,
Linux Containers
<containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
"J. Bruce Fields"
<bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>,
Al Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
linux-fsdevel
<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Jann Horn <jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org>,
Willy Tarreau <w@1wt.eu>
Subject: [PATCH] vfs: Test for and handle paths that are unreachable from their mnt_root
Date: Sat, 15 Aug 2015 20:27:13 -0500 [thread overview]
Message-ID: <87tws010r2.fsf_-_@x220.int.ebiederm.org> (raw)
In-Reply-To: <87bne82glg.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org> (Eric W. Biederman's message of "Sat, 15 Aug 2015 19:59:39 -0500")
In rare cases a directory can be renamed out from under a bind mount.
In those cases without special handling it becomes possible to walk up
the directory tree to the root dentry of the filesystem and down
from the root dentry to every other file or directory on the filesystem.
Like division by zero .. from an unconnected path can not be given
a useful semantic as there is no predicting at which path component
the code will realize it is unconnected. We certainly can not match
the current behavior as the current behavior is a security hole.
Therefore when encounting .. when following an unconnected path
return -ENOENT.
- Add a function path_connected to verify path->dentry is reachable
from path->mnt.mnt_root. AKA to validate that rename did not do
something nasty to the bind mount.
To avoid races path_connected must be called after following a path
component to it's next path component.
Signed-off-by: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
---
This is the simple version that needs no extra vfs support.
My availability is likely to be a bit spotty for the next while
as I am travelling to and then attending Linux Plumbers Conference.
fs/namei.c | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index ae4e4c18b2ac..5303e994f8d6 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -560,6 +560,24 @@ static int __nd_alloc_stack(struct nameidata *nd)
return 0;
}
+/**
+ * path_connected - Verify that a path->dentry is below path->mnt.mnt_root
+ * @path: nameidate to verify
+ *
+ * Rename can sometimes move a file or directory outside of a bind
+ * mount, path_connected allows those cases to be detected.
+ */
+static bool path_connected(const struct path *path)
+{
+ struct vfsmount *mnt = path->mnt;
+
+ /* Only bind mounts can have disconnected paths */
+ if (mnt->mnt_root == mnt->mnt_sb->s_root)
+ return true;
+
+ return is_subdir(path->dentry, mnt->mnt_root);
+}
+
static inline int nd_alloc_stack(struct nameidata *nd)
{
if (likely(nd->depth != EMBEDDED_LEVELS))
@@ -1296,6 +1314,8 @@ static int follow_dotdot_rcu(struct nameidata *nd)
return -ECHILD;
nd->path.dentry = parent;
nd->seq = seq;
+ if (unlikely(!path_connected(&nd->path)))
+ return -ENOENT;
break;
} else {
struct mount *mnt = real_mount(nd->path.mnt);
@@ -1396,7 +1416,7 @@ static void follow_mount(struct path *path)
}
}
-static void follow_dotdot(struct nameidata *nd)
+static int follow_dotdot(struct nameidata *nd)
{
if (!nd->root.mnt)
set_root(nd);
@@ -1412,6 +1432,8 @@ static void follow_dotdot(struct nameidata *nd)
/* rare case of legitimate dget_parent()... */
nd->path.dentry = dget_parent(nd->path.dentry);
dput(old);
+ if (unlikely(!path_connected(&nd->path)))
+ return -ENOENT;
break;
}
if (!follow_up(&nd->path))
@@ -1419,6 +1441,7 @@ static void follow_dotdot(struct nameidata *nd)
}
follow_mount(&nd->path);
nd->inode = nd->path.dentry->d_inode;
+ return 0;
}
/*
@@ -1634,7 +1657,7 @@ static inline int handle_dots(struct nameidata *nd, int type)
if (nd->flags & LOOKUP_RCU) {
return follow_dotdot_rcu(nd);
} else
- follow_dotdot(nd);
+ return follow_dotdot(nd);
}
return 0;
}
--
2.2.1
next prev parent reply other threads:[~2015-08-16 1:27 UTC|newest]
Thread overview: 153+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-02 21:42 [PATCH review 0/9] Call for testing and review of mount detach fixes Eric W. Biederman
[not found] ` <871tncuaf6.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-02 21:52 ` [PATCH review 1/9] mnt: Improve the umount_tree flags Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 2/9] mnt: Don't propagate umounts in __detach_mounts Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 3/9] mnt: In umount_tree reuse mnt_list instead of mnt_hash Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 4/9] mnt: Add MNT_UMOUNT flag Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 5/9] mnt: Delay removal from the mount hash Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 6/9] mnt: Factor out __detach_mnt from detach_mnt Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 7/9] mnt: Simplify umount_tree Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 8/9] mnt: Remove redundant NULL tests in namespace_unlock Eric W. Biederman
2015-01-02 21:52 ` [PATCH review 9/9] mnt: Honor MNT_LOCKED when detaching mounts Eric W. Biederman
2015-01-05 20:45 ` [PATCH review 0/11 Call for testing and review of mount detach fixes (take 2) Eric W. Biederman
[not found] ` <87mw5xq7lt.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-05 20:46 ` [PATCH review 01/11] mnt: Improve the umount_tree flags Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 02/11] mnt: Don't propagate umounts in __detach_mounts Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 03/11] mnt: In umount_tree reuse mnt_list instead of mnt_hash Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 04/11] mnt: Add MNT_UMOUNT flag Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 05/11] mnt: Delay removal from the mount hash Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 06/11] mnt: Factor out __detach_mnt from detach_mnt Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 07/11] mnt: Simplify umount_tree Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 08/11] mnt: Remove redundant NULL tests in namespace_unlock Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 09/11] mnt: On an unmount propagate clearing of MNT_LOCKED Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 10/11] mnt: Don't propagate unmounts to locked mounts Eric W. Biederman
2015-01-05 20:46 ` [PATCH review 11/11] mnt: Honor MNT_LOCKED when detaching mounts Eric W. Biederman
2015-04-03 1:53 ` [PATCH review 0/19] Locked mount and loopback mount fixes Eric W. Biederman
[not found] ` <1420490787-14387-11-git-send-email-ebiederm@xmission.com>
[not found] ` <1420490787-14387-11-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-01-07 18:43 ` [PATCH review 11/11] mnt: Honor MNT_LOCKED when detaching mounts Al Viro
[not found] ` <20150107184334.GZ22149@ZenIV.linux.org.uk>
[not found] ` <20150107184334.GZ22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-07 19:28 ` Al Viro
[not found] ` <20150107192807.GA22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-07 19:53 ` Eric W. Biederman
2015-01-07 19:30 ` Eric W. Biederman
[not found] ` <87h9w2gzht.fsf@x220.int.ebiederm.org>
[not found] ` <87h9w2gzht.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-07 20:52 ` Al Viro
[not found] ` <20150107205239.GB22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-07 21:51 ` Eric W. Biederman
[not found] ` <87iogi8dka.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-08 0:22 ` Al Viro
[not found] ` <20150108002227.GC22149@ZenIV.linux.org.uk>
[not found] ` <20150108030229.GD22149@ZenIV.linux.org.uk>
[not found] ` <20150108030229.GD22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-08 3:11 ` Al Viro
[not found] ` <20150108002227.GC22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-08 3:02 ` Al Viro
2015-01-08 22:32 ` Al Viro
[not found] ` <20150108223212.GF22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-09 20:31 ` Al Viro
[not found] ` <20150109203126.GI22149@ZenIV.linux.org.uk>
[not found] ` <20150109203126.GI22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-09 21:30 ` Eric W. Biederman
2015-01-10 5:32 ` Eric W. Biederman
[not found] ` <87h9vzryio.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-10 5:51 ` Al Viro
[not found] ` <20150110055148.GY22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-11 2:00 ` Al Viro
[not found] ` <20150111020030.GF22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-11 2:50 ` Al Viro
2015-01-16 18:29 ` Eric W. Biederman
[not found] ` <87k30vwskd.fsf@x220.int.ebiederm.org>
[not found] ` <87k30vwskd.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-01-09 22:17 ` Al Viro
[not found] ` <20150109221715.GN22149-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-01-09 22:25 ` Eric W. Biederman
[not found] ` <87a8yqou41.fsf_-_@x220.int.ebiederm.org>
[not found] ` <1428026183-14879-16-git-send-email-ebiederm@xmission.com>
[not found] ` <1428026183-14879-16-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-04-03 5:54 ` [PATCH review 16/19] mnt: Track which mounts use a dentry as root Al Viro
[not found] ` <20150403055449.GE889-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-04-03 10:31 ` Eric W. Biederman
2015-04-07 20:22 ` Eric W. Biederman
[not found] ` <1428026183-14879-19-git-send-email-ebiederm@xmission.com>
[not found] ` <1428026183-14879-19-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-04-03 6:20 ` [PATCH review 19/19] vfs: Do not allow escaping from bind mounts Al Viro
[not found] ` <20150403062035.GF889@ZenIV.linux.org.uk>
[not found] ` <20150403062035.GF889-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-04-03 10:22 ` Eric W. Biederman
[not found] ` <1428026183-14879-9-git-send-email-ebiederm@xmission.com>
[not found] ` <1428026183-14879-9-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-04-03 8:55 ` [PATCH review 09/19] mnt: Fail collect_mounts when applied to unmounted mounts Lukasz Pawelczyk
[not found] ` <1428051353.1924.2.camel@samsung.com>
[not found] ` <1428051353.1924.2.camel-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2015-04-09 16:39 ` Eric W. Biederman
[not found] ` <874moq9oyb.fsf_-_@x220.int.ebiederm.org>
[not found] ` <87iod68aa3.fsf_-_@x220.int.ebiederm.org>
[not found] ` <20150409130601.GA22250@pc.thejh.net>
[not found] ` <20150409130601.GA22250-J1fxOzX/cBvk1uMJSBkQmQ@public.gmane.org>
2015-04-09 16:52 ` [PATCH review 4/4] vfs: Do not allow escaping from bind mounts Eric W. Biederman
[not found] ` <87iod68aa3.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-09 13:06 ` Jann Horn
2015-04-09 23:22 ` Al Viro
[not found] ` <20150409232212.GX889@ZenIV.linux.org.uk>
[not found] ` <20150409232212.GX889-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-04-10 2:51 ` Eric W. Biederman
[not found] ` <874moo1ysg.fsf@x220.int.ebiederm.org>
[not found] ` <874moo1ysg.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-10 3:14 ` Al Viro
[not found] ` <874moq9oyb.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-08 23:32 ` [PATCH review 1/4] mnt: Track which mounts use a dentry as root Eric W. Biederman
2015-04-08 23:32 ` [PATCH review 2/4] vfs: Test for and handle paths that are unreachable from their mnt_root Eric W. Biederman
[not found] ` <87sica8ac5.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-09 23:16 ` Al Viro
[not found] ` <20150409231636.GW889-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-04-10 2:24 ` Eric W. Biederman
2015-04-08 23:33 ` [PATCH review 3/4] vfs: Handle mounts whose parents are unreachable from their mountpoint Eric W. Biederman
2015-04-08 23:34 ` [PATCH review 4/4] vfs: Do not allow escaping from bind mounts Eric W. Biederman
2015-04-09 19:01 ` [PATCH review 0/4] Loopback mount escape fixes Eric W. Biederman
[not found] ` <87egnt5dok.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-09 19:12 ` Al Viro
[not found] ` <20150409191232.GV889@ZenIV.linux.org.uk>
[not found] ` <20150409191232.GV889-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-04-09 19:14 ` Eric W. Biederman
2015-04-13 12:18 ` Miklos Szeredi
2015-08-03 21:25 ` [PATCH review 0/6] Bind " Eric W. Biederman
[not found] ` <871tfkawu9.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-03 21:26 ` [PATCH review 1/6] mnt: Track which mounts use a dentry as root Eric W. Biederman
2015-08-03 21:26 ` [PATCH review 2/6] dcache: Handle escaped paths in prepend_path Eric W. Biederman
2015-08-03 21:27 ` [PATCH review 3/6] dcache: Implement d_common_ancestor Eric W. Biederman
2015-08-03 21:27 ` [PATCH review 4/6] mnt: Track when a directory escapes a bind mount Eric W. Biederman
2015-08-03 21:30 ` [PATCH review 5/6] vfs: Test for and handle paths that are unreachable from their mnt_root Eric W. Biederman
2015-08-03 21:30 ` [PATCH review 6/6] vfs: Cache the results of path_connected Eric W. Biederman
2015-08-05 3:14 ` [PATCH review 7/6] vfs: Make mnt_escape_count 64bit Eric W. Biederman
[not found] ` <8738009i0h.fsf_-_@x220.int.ebiederm.org>
[not found] ` <8738009i0h.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-04 11:52 ` [PATCH review 6/6] vfs: Cache the results of path_connected Andrew Vagin
[not found] ` <20150804115215.GA317@odin.com>
[not found] ` <20150804115215.GA317-wo1vFcy6AUs@public.gmane.org>
2015-08-04 17:41 ` Eric W. Biederman
[not found] ` <871tfj0x4j.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-04 19:44 ` J. Bruce Fields
[not found] ` <20150804194447.GB6664@fieldses.org>
[not found] ` <20150804194447.GB6664-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2015-08-04 22:58 ` Eric W. Biederman
[not found] ` <874mkey824.fsf@x220.int.ebiederm.org>
[not found] ` <874mkey824.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-05 15:59 ` J. Bruce Fields
[not found] ` <20150805155948.GD17797-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2015-08-05 16:28 ` Eric W. Biederman
[not found] ` <878u9pwvg8.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-28 19:43 ` J. Bruce Fields
[not found] ` <20150828194302.GE10468-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2015-08-28 19:45 ` J. Bruce Fields
[not found] ` <20150828194540.GF10468@fieldses.org>
[not found] ` <20150828194540.GF10468-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2015-08-31 21:17 ` Eric W. Biederman
[not found] ` <87k2sb88ev.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-09-01 14:46 ` J. Bruce Fields
[not found] ` <20150901144632.GA32692-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>
2015-09-01 18:00 ` Eric W. Biederman
[not found] ` <877foavx3f.fsf@x220.int.ebiederm.org>
[not found] ` <877foavx3f.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-09-01 18:11 ` J. Bruce Fields
[not found] ` <87vbcw9i8g.fsf_-_@x220.int.ebiederm.org>
[not found] ` <87vbcw9i8g.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-07 10:46 ` [PATCH review 1/6] mnt: Track which mounts use a dentry as root Nikolay Borisov
[not found] ` <55C48C94.6050804@kyup.com>
[not found] ` <55C48C94.6050804-6AxghH7DbtA@public.gmane.org>
2015-08-07 15:43 ` Eric W. Biederman
[not found] ` <87egjk9i61.fsf_-_@x220.int.ebiederm.org>
[not found] ` <87egjk9i61.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-10 4:36 ` [PATCH review 4/6] mnt: Track when a directory escapes a bind mount Al Viro
[not found] ` <20150810043637.GC14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-10 4:43 ` Al Viro
2015-08-14 4:10 ` Eric W. Biederman
[not found] ` <877foymrwt.fsf@x220.int.ebiederm.org>
[not found] ` <877foymrwt.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-14 4:29 ` [PATCH review 0/8] Bind mount escape fixes Eric W. Biederman
[not found] ` <87wpwyjxwc.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-14 4:30 ` [PATCH review 1/8] dcache: Handle escaped paths in prepend_path Eric W. Biederman
2015-08-14 4:30 ` [PATCH review 2/8] dcache: Reduce the scope of i_lock in d_splice_alias Eric W. Biederman
2015-08-14 4:31 ` [PATCH review 3/8] dcache: Clearly separate the two directory rename cases " Eric W. Biederman
2015-08-14 4:32 ` [PATCH review 4/8] mnt: Track which mounts use a dentry as root Eric W. Biederman
2015-08-14 4:33 ` [PATCH review 5/8] dcache: Implement d_common_ancestor Eric W. Biederman
2015-08-14 4:34 ` [PATCH review 6/8] dcache: Only read d_flags once is d_is_dir Eric W. Biederman
2015-08-14 4:35 ` [PATCH review 7/8] mnt: Track when a directory escapes a bind mount Eric W. Biederman
2015-08-14 4:36 ` [PATCH review 8/8] vfs: Test for and handle paths that are unreachable from their mnt_root Eric W. Biederman
[not found] ` <87fv3mjxsc.fsf_-_@x220.int.ebiederm.org>
[not found] ` <87fv3mjxsc.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-15 6:16 ` [PATCH review 3/8] dcache: Clearly separate the two directory rename cases in d_splice_alias Al Viro
[not found] ` <20150815061617.GG14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-15 18:25 ` Eric W. Biederman
[not found] ` <874mk08l3g.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-15 18:35 ` [PATCH review 0/7] Bind mount escape fixes Eric W. Biederman
[not found] ` <87a8ts763c.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-15 18:36 ` [PATCH review 1/7] dcache: Handle escaped paths in prepend_path Eric W. Biederman
2015-08-15 18:36 ` [PATCH review 2/7] dcache: Reduce the scope of i_lock in d_splice_alias Eric W. Biederman
2015-08-15 18:37 ` [PATCH review 3/7] mnt: Track which mounts use a dentry as root Eric W. Biederman
2015-08-15 18:37 ` [PATCH review 4/7] dcache: Implement d_common_ancestor Eric W. Biederman
2015-08-15 18:38 ` [PATCH review 5/7] dcache: Only read d_flags once in d_is_dir Eric W. Biederman
2015-08-15 19:36 ` [PATCH review 0/7] Bind mount escape fixes Linus Torvalds
[not found] ` <CA+55aFzMuCn33yK71HoKnj1hr8=ac_Y-vfE5mM8h4f3YJeGKvg@mail.gmail.com>
[not found] ` <CA+55aFzMuCn33yK71HoKnj1hr8=ac_Y-vfE5mM8h4f3YJeGKvg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-08-15 19:48 ` Linus Torvalds
[not found] ` <CA+55aFyeu-p_3eJQCLM0TDuLYvo10mx379FaCFq7Z103RgKvVA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-08-15 21:07 ` Eric W. Biederman
[not found] ` <E2AECA7F-ED57-4FCD-A4C0-8C7C4B860FB6-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-08-15 22:47 ` Linus Torvalds
[not found] ` <CA+55aFx2s7TrmPKviKnFL0nGRZDHuCajW_UO02EnF+CsJY2-4w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-08-16 0:59 ` Eric W. Biederman
[not found] ` <87bne82glg.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-16 1:27 ` Eric W. Biederman [this message]
[not found] ` <87tws010r2.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-17 3:56 ` [PATCH] vfs: Test for and handle paths that are unreachable from their mnt_root NeilBrown
2015-08-16 2:12 ` [PATCH review 0/7] Bind mount escape fixes Al Viro
[not found] ` <20150816021209.GI14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-16 2:25 ` Linus Torvalds
[not found] ` <CA+55aFy3pzEY=4dfd_PX-Og_b7fqrG1rDniOqehBfQhXb=Cg9A@mail.gmail.com>
[not found] ` <CA+55aFy3pzEY=4dfd_PX-Og_b7fqrG1rDniOqehBfQhXb=Cg9A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-08-16 4:53 ` Al Viro
[not found] ` <20150816045322.GJ14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-16 6:22 ` Eric W. Biederman
[not found] ` <87fv3ju4zy.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-16 6:55 ` Al Viro
[not found] ` <20150816065503.GL14139@ZenIV.linux.org.uk>
[not found] ` <20150816065503.GL14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-16 7:04 ` Al Viro
2015-08-16 11:33 ` Eric W. Biederman
[not found] ` <87bne7piwu.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-21 7:51 ` Al Viro
[not found] ` <20150821075105.GF18890-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-21 15:27 ` Eric W. Biederman
2015-08-16 11:51 ` Eric W. Biederman
[not found] ` <87egj3moxm.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-16 22:29 ` Willy Tarreau
2015-08-15 18:39 ` [PATCH review 6/7] mnt: Track when a directory escapes a bind mount Eric W. Biederman
2015-08-15 18:39 ` [PATCH review 7/7] vfs: Test for and handle paths that are unreachable from their mnt_root Eric W. Biederman
[not found] ` <878u9s9i1d.fsf_-_@x220.int.ebiederm.org>
[not found] ` <878u9s9i1d.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-08-10 4:38 ` [PATCH review 5/6] " Al Viro
[not found] ` <20150810043814.GD14139-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2015-08-10 19:34 ` Eric W. Biederman
[not found] ` <CAELBmZBCCC1dspo4rPkFfh3c6RZBUYAZpz0tbUSukcf9att7Cw@mail.gmail.com>
[not found] ` <CAELBmZBCCC1dspo4rPkFfh3c6RZBUYAZpz0tbUSukcf9att7Cw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-07-24 20:39 ` [PATCH review 0/4] Loopback mount escape fixes Eric W. Biederman
[not found] ` <87a8yqou41.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-03 1:56 ` [PATCH review 01/19] mnt: Use hlist_move_list in namespace_unlock Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 02/19] mnt: Improve the umount_tree flags Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 03/19] mnt: Don't propagate umounts in __detach_mounts Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 04/19] mnt: In umount_tree reuse mnt_list instead of mnt_hash Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 05/19] mnt: Add MNT_UMOUNT flag Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 06/19] mnt: Delay removal from the mount hash Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 07/19] mnt: On an unmount propagate clearing of MNT_LOCKED Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 08/19] mnt: Don't propagate unmounts to locked mounts Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 09/19] mnt: Fail collect_mounts when applied to unmounted mounts Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 10/19] mnt: Factor out unhash_mnt from detach_mnt and umount_tree Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 11/19] mnt: Factor umount_mnt from umount_tree Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 12/19] fs_pin: Allow for the possibility that m_list or s_list go unused Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 13/19] mnt: Honor MNT_LOCKED when detaching mounts Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 14/19] mnt: Fix the error check in __detach_mounts Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 15/19] mnt: Update detach_mounts to leave mounts connected Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 16/19] mnt: Track which mounts use a dentry as root Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 17/19] vfs: Test for and handle paths that are unreachable from their mnt_root Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 18/19] vfs: Handle mounts whose parents are unreachable from their mountpoint Eric W. Biederman
2015-04-03 1:56 ` [PATCH review 19/19] vfs: Do not allow escaping from bind mounts Eric W. Biederman
2015-04-08 23:31 ` [PATCH review 0/4] Loopback mount escape fixes Eric W. Biederman
2015-04-16 23:40 ` [GIT PULL] Usernamespace related locked mount fixes Eric W. Biederman
[not found] ` <87383z1w1v.fsf_-_@x220.int.ebiederm.org>
[not found] ` <87383z1w1v.fsf_-_-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2015-04-16 23:42 ` Eric W. Biederman
[not found] ` <1428026183-14879-12-git-send-email-ebiederm@xmission.com>
[not found] ` <1428026183-14879-12-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-05-11 13:36 ` [PATCH review 12/19] fs_pin: Allow for the possibility that m_list or s_list go unused Konstantin Khlebnikov
[not found] ` <1420235574-15177-9-git-send-email-ebiederm@xmission.com>
[not found] ` <1420235574-15177-9-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2015-01-03 2:27 ` [PATCH review 9/9] mnt: Honor MNT_LOCKED when detaching mounts Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tws010r2.fsf_-_@x220.int.ebiederm.org \
--to=ebiederm-as9lmozglivwk0htik3j/w@public.gmane.org \
--cc=avagin-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org \
--cc=bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org \
--cc=miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org \
--cc=richard-/L3Ra7n9ekc@public.gmane.org \
--cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox