Searched hist:aeaa4a79 (Results 1 – 1 of 1) sorted by relevance
/openbmc/linux/fs/ |
H A D | namei.c | aeaa4a79 Sat Jul 23 11:20:44 CDT 2016 Eric W. Biederman <ebiederm@xmission.com> fs: Call d_automount with the filesystems creds
Seth Forshee reported a mount regression in nfs autmounts with "fs: Add user namespace member to struct super_block".
It turns out that the assumption that current->cred is something reasonable during mount while necessary to improve support of unprivileged mounts is wrong in the automount path.
To fix the existing filesystems override current->cred with the init_cred before calling d_automount and restore current->cred after d_automount completes.
To support unprivileged mounts would require a more nuanced cred selection, so fail on unprivileged mounts for the time being. As none of the filesystems that currently set FS_USERNS_MOUNT implement d_automount this check is only good for preventing future problems.
Fixes: 6e4eab577a0c ("fs: Add user namespace member to struct super_block") Tested-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> aeaa4a79 Sat Jul 23 11:20:44 CDT 2016 Eric W. Biederman <ebiederm@xmission.com> fs: Call d_automount with the filesystems creds Seth Forshee reported a mount regression in nfs autmounts with "fs: Add user namespace member to struct super_block". It turns out that the assumption that current->cred is something reasonable during mount while necessary to improve support of unprivileged mounts is wrong in the automount path. To fix the existing filesystems override current->cred with the init_cred before calling d_automount and restore current->cred after d_automount completes. To support unprivileged mounts would require a more nuanced cred selection, so fail on unprivileged mounts for the time being. As none of the filesystems that currently set FS_USERNS_MOUNT implement d_automount this check is only good for preventing future problems. Fixes: 6e4eab577a0c ("fs: Add user namespace member to struct super_block") Tested-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|