From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from out03.mta.xmission.com ([166.70.13.233]:54859 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726342AbeKKD6J (ORCPT ); Sat, 10 Nov 2018 22:58:09 -0500 From: ebiederm@xmission.com (Eric W. Biederman) To: Linus Torvalds Cc: , , Linux Containers , Jann Horn Date: Sat, 10 Nov 2018 12:12:12 -0600 Message-ID: <87pnvcls3n.fsf@xmission.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [GIT PULL] namespace fixes for v4.20-rc2 Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Linus, Please pull the for-linus branch from the git tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus HEAD: 9c8e0a1b683525464a2abe9fb4b54404a50ed2b4 mount: Prevent MNT_DETACH from disconnecting locked mounts I believe all of these are simple obviously correct bug fixes. These fall into two groups. Fixing the implementation of MNT_LOCKED which prevents lesser privileged users from seeing unders mounts created by more privileged users. Fixing the extended uid and group mapping in user namespaces. As well as ensuring the code looks correct I have spot tested these changes as well and in my testing the fixes are working. I have let these changes sit on my branch for a few days as well and none of the automated testing has found any problems either. Eric W. Biederman (3): mount: Retest MNT_LOCKED in do_umount mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts mount: Prevent MNT_DETACH from disconnecting locked mounts Jann Horn (1): userns: also map extents in the reverse map to kernel IDs fs/namespace.c | 22 +++++++++++++++++----- kernel/user_namespace.c | 12 ++++++++---- 2 files changed, 25 insertions(+), 9 deletions(-) Eric