Re: [RFC v2 PATCH 0/8] VFS:userns: support portable root filesystems

From: Eric W. Biederman
Date: Mon May 16 2016 - 12:54:05 EST

Next message: Kamal Mostafa: "Re: [3.19.y-ckt stable] Linux 3.19.8-ckt21"
Previous message: Pantelis Antoniou: "[PATCH v2 2/5] of: Support hashtable lookups for phandles"
In reply to: Seth Forshee: "Re: [RFC v2 PATCH 0/8] VFS:userns: support portable root filesystems"
Next in thread: Seth Forshee: "Re: [RFC v2 PATCH 0/8] VFS:userns: support portable root filesystems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Seth Forshee <seth.forshee@xxxxxxxxxxxxx> writes:

> On Sat, May 14, 2016 at 09:21:55PM -0500, Eric W. Biederman wrote:
>> I have slowly been working with Seth Forshee on these issues as
>> the last thing I want is to introduce more security bugs right now.
>> Seth being a braver man than I am has already merged his changes into
>> the Ubuntu kernel.
>
> Maybe not quite so brave as you think. I also threw on a patch to
> disable the feature unless explicitly enabled by a sys admin.
>
>> James I think you are missing the fact that all filesystems already have
>> the make_kuid and make_kgid calls right where the data comes off disk,
>> and the from_kuid and from_kgid calls right where the on-disk data is
>> being created just before it goes on disk. Which means that the actual
>> impact on filesystems of the translation is trivial.
>
> It is fairly simple but a there's bit more that just id conversions to
> change. With ext4 I found that there were mount options which needed to
> be restricted, some capability checks to update, and access to external
> journal devices must be checked. In all it wasn't a whole lot of changes
> to the filesystem though. Fuse was a bit more involved, but the
> complexities there won't apply to other filesystems.
>
>> Djalal if you could work with Seth I think that would be very useful. I
>> know I am dragging my heels there but I really hope I can dig in and get
>> everything reviewed and merged soonish.
>
> That would make me very happy :-)

It has missed this merge window :( But I am hoping with am aiming to
review them and get your patches (or modified versions of your patches)
into my tree as soon after rc1 as humanly possible.

Part of that will have to be the fix for mqueuefs, that Docker just hit.

> I'm happy to look with Djalal for commonalities. I did skim his patches
> before, and based on that all I really expect to find are things related
> to permission checks when ids don't map. The rest seems fundamentally
> different.

Hmm. Then I may have to look closer at what Djalal is doing then. It
sounded like what you were doing and if not, I will scratch my head.

That said yes. The biggy is getting the VFS changes to handle all of
the weird translation corner cases etc (that are part of your patches).

Eric

Next message: Kamal Mostafa: "Re: [3.19.y-ckt stable] Linux 3.19.8-ckt21"
Previous message: Pantelis Antoniou: "[PATCH v2 2/5] of: Support hashtable lookups for phandles"
In reply to: Seth Forshee: "Re: [RFC v2 PATCH 0/8] VFS:userns: support portable root filesystems"
Next in thread: Seth Forshee: "Re: [RFC v2 PATCH 0/8] VFS:userns: support portable root filesystems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]