From: ebiederm@xmission.com (Eric W. Biederman)
To: "Levin\, Alexander \(Sasha Levin\)" <alexander.levin@verizon.com>
Cc: "linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"stable\@vger.kernel.org" <stable@vger.kernel.org>
Subject: Re: [PATCH for v4.9 LTS 72/87] libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount
Date: Sat, 15 Jul 2017 02:50:30 -0500 [thread overview]
Message-ID: <871spinnp5.fsf@xmission.com> (raw)
In-Reply-To: <20170715012538.10101-72-alexander.levin@verizon.com> (Alexander Levin's message of "Sat, 15 Jul 2017 01:26:22 +0000")
*Scratches my head*
Is there code in v4.9 where this matters? At the time I merged this to
my knowledge there were no in kernel users that cared. Which is why I
did not cc stable in the first place.
Eric
"Levin, Alexander (Sasha Levin)" <alexander.levin@verizon.com> writes:
> From: "Eric W. Biederman" <ebiederm@xmission.com>
>
> [ Upstream commit 75422726b0f717d67db3283c2eb5bc14fa2619c5 ]
>
> Add MS_KERNMOUNT to the flags that are passed.
> Use sget_userns and force &init_user_ns instead of calling sget so that
> even if called from a weird context the internal filesystem will be
> considered to be in the intial user namespace.
>
> Luis Ressel reported that the the failure to pass MS_KERNMOUNT into
> mount_pseudo broke his in development graphics driver that uses the
> generic drm infrastructure. I am not certain the deriver was bug
> free in it's usage of that infrastructure but since
> mount_pseudo_xattr can never be triggered by userspace it is clearer
> and less error prone, and less problematic for the code to be explicit.
>
> Reported-by: Luis Ressel <aranea@aixah.de>
> Tested-by: Luis Ressel <aranea@aixah.de>
> Acked-by: Al Viro <viro@ZenIV.linux.org.uk>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
> Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
> ---
> fs/libfs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/fs/libfs.c b/fs/libfs.c
> index 48826d4da189..9588780ad43e 100644
> --- a/fs/libfs.c
> +++ b/fs/libfs.c
> @@ -245,7 +245,8 @@ struct dentry *mount_pseudo_xattr(struct file_system_type *fs_type, char *name,
> struct inode *root;
> struct qstr d_name = QSTR_INIT(name, strlen(name));
>
> - s = sget(fs_type, NULL, set_anon_super, MS_NOUSER, NULL);
> + s = sget_userns(fs_type, NULL, set_anon_super, MS_KERNMOUNT|MS_NOUSER,
> + &init_user_ns, NULL);
> if (IS_ERR(s))
> return ERR_CAST(s);
next prev parent reply other threads:[~2017-07-15 7:58 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-15 1:25 [PATCH for v4.9 LTS 01/87] x86/mce/AMD: Make the init code more robust Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 02/87] r8169: add support for RTL8168 series add-on card Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 03/87] ARM: omap2+: fixing wrong strcat for Non-NULL terminated string Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 04/87] dt-bindings: power/supply: Update TPS65217 properties Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 05/87] dt-bindings: input: Specify the interrupt number of TPS65217 power button Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 06/87] ARM: dts: am57xx-idk: Put USB2 port in peripheral mode Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 08/87] net/mlx5: Disable RoCE on the e-switch management port under switchdev mode Levin, Alexander (Sasha Levin)
2017-07-15 1:25 ` [PATCH for v4.9 LTS 07/87] ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 09/87] ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 11/87] net/mlx4: Remove BUG_ON from ICM allocation routine Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 10/87] net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 14/87] drm/msm: Put back the vaddr in submit_reloc() Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 12/87] net/mlx4_core: Fix raw qp flow steering rules under SRIOV Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 13/87] drm/msm: Ensure that the hardware write pointer is valid Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 15/87] drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 17/87] irqchip/keystone: Fix "scheduling while atomic" on rt Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 16/87] vfio-pci: use 32-bit comparisons for register address for gcc-4.5 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 18/87] ASoC: tlv320aic3x: Mark the RESET register as volatile Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 19/87] spi: dw: Make debugfs name unique between instances Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 20/87] ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 21/87] irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 22/87] openrisc: Add _text symbol to fix ksym build error Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 23/87] dmaengine: ioatdma: Add Skylake PCI Dev ID Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 26/87] dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 24/87] dmaengine: ioatdma: workaround SKX ioatdma version Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 25/87] l2tp: consider '::' as wildcard address in l2tp_ip6 socket lookup Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 29/87] ARM64: zynqmp: Fix i2c node's compatible string Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 27/87] usb: dwc3: omap: fix race of pm runtime with irq handler in probe Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 28/87] ARM64: zynqmp: Fix W=1 dtc 1.4 warnings Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 32/87] ACPI / scan: Prefer devices without _HID/_CID for _ADR matching Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 31/87] ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_* Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 30/87] perf probe: Fix to get correct modname from elf header Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 34/87] Btrfs: use down_read_nested to make lockdep silent Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 33/87] usb: gadget: Fix copy/pasted error message Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 35/87] Btrfs: fix lockdep warning about log_mutex Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 36/87] benet: stricter vxlan offloading check in be_features_check Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 37/87] Btrfs: adjust outstanding_extents counter properly when dio write is split Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 40/87] perf tools: Install tools/lib/traceevent plugins with install-bin Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 39/87] tools lib traceevent: Fix prev/next_prio for deadline tasks Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 38/87] Xen: ARM: Zero reserved fields of xatp before making hypervisor call Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 42/87] video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 41/87] perf symbols: Robustify reading of build-id from sysfs Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 44/87] vfio-pci: Handle error from pci_iomap Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 43/87] perf probe: Fix to probe on gcc generated symbols for offline kernel Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 47/87] net: usb: asix_devices: add .reset_resume for USB PM Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 45/87] arm64: mm: fix show_pte KERN_CONT fallout Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 46/87] nvmem: imx-ocotp: Fix wrong register size Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 49/87] sh_eth: enable RX descriptor word 0 shift on SH7734 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 48/87] ASoC: fsl_ssi: set fifo watermark to more reliable value Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 50/87] ARCv2: IRQ: Call entry/exit functions for chained handlers in MCIP Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 53/87] perf/x86: Set pmu->module in Intel PMU modules Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 51/87] ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 52/87] x86/platform/intel-mid: Rename 'spidev' to 'mrfld_spidev' Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 55/87] HID: ignore Petzl USB headlamp Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 56/87] scsi: fnic: Avoid sending reset to firmware when another reset is in progress Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 54/87] ASoC: Intel: bytcr-rt5640: fix settings in internal clock mode Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 57/87] scsi: snic: Return error code on memory allocation failure Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 58/87] scsi: bfa: Increase requested firmware version to 3.2.5.1 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 61/87] sh_eth: fix EESIPR values for SH77{34|63} Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 59/87] ASoC: Intel: Skylake: Release FW ctx in cleanup Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 60/87] ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 62/87] sh_eth: R8A7740 supports packet shecksumming Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 63/87] net: phy: dp83867: fix irq generation Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 64/87] tg3: Fix race condition in tg3_get_stats64() Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 65/87] x86/boot: Add missing declaration of string functions Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 66/87] spi: spi-axi: Free resources on error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 67/87] ASoC: rt5645: set sel_i2s_pre_div1 to 2 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 70/87] ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 69/87] phy state machine: failsafe leave invalid RUNNING state Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 68/87] netfilter: use fwmark_reflect in nf_send_reset Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 72/87] libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount Levin, Alexander (Sasha Levin)
2017-07-15 7:50 ` Eric W. Biederman [this message]
2017-07-15 15:46 ` Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 73/87] scsi: qla2xxx: Get mutex lock before checking optrom_state Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 71/87] clk/samsung: exynos542x: mark some clocks as critical Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 74/87] drm/virtio: fix framebuffer sparse warning Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 75/87] ARM: dts: sun6i: hummingbird: Enable display engine again Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 78/87] iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 76/87] ARM: dts: sun8i: Support DTB build for NanoPi M1 Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 77/87] ARM: dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 79/87] nbd: blk_mq_init_queue returns an error code on failure, not NULL Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 80/87] virtio_blk: fix panic in initialization error path Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 81/87] ARM: 8632/1: ftrace: fix syscall name matching Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 83/87] lib/Kconfig.debug: fix frv build failure Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 82/87] mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 84/87] signal: protect SIGNAL_UNKILLABLE from unintentional clearing Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 85/87] mm: don't dereference struct page fields of invalid pages Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 86/87] net: account for current skb length when deciding about UFO Levin, Alexander (Sasha Levin)
2017-07-15 8:53 ` Michal Kubecek
2017-07-24 14:10 ` Levin, Alexander (Sasha Levin)
2017-07-15 1:26 ` [PATCH for v4.9 LTS 87/87] net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy Levin, Alexander (Sasha Levin)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871spinnp5.fsf@xmission.com \
--to=ebiederm@xmission.com \
--cc=alexander.levin@verizon.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox