From patchwork Thu Jan 21 13:19:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12036191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42CEBC4332E for ; Thu, 21 Jan 2021 13:24:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0C3622245C for ; Thu, 21 Jan 2021 13:24:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729162AbhAUNYK (ORCPT ); Thu, 21 Jan 2021 08:24:10 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:54133 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731953AbhAUNWP (ORCPT ); Thu, 21 Jan 2021 08:22:15 -0500 Received: from ip5f5af0a0.dynamic.kabel-deutschland.de ([95.90.240.160] helo=wittgenstein.fritz.box) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1l2Ztw-0005g7-HI; Thu, 21 Jan 2021 13:21:28 +0000 From: Christian Brauner To: Alexander Viro , Christoph Hellwig , linux-fsdevel@vger.kernel.org Cc: John Johansen , James Morris , Mimi Zohar , Dmitry Kasatkin , Stephen Smalley , Casey Schaufler , Arnd Bergmann , Andreas Dilger , OGAWA Hirofumi , Geoffrey Thomas , Mrunal Patel , Josh Triplett , Andy Lutomirski , Theodore Tso , Alban Crequy , Tycho Andersen , David Howells , James Bottomley , Seth Forshee , =?utf-8?q?St=C3=A9phane_Graber?= , Linus Torvalds , Aleksa Sarai , Lennart Poettering , "Eric W. Biederman" , smbarber@chromium.org, Phil Estes , Serge Hallyn , Kees Cook , Todd Kjos , Paul Moore , Jonathan Corbet , containers@lists.linux-foundation.org, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org, linux-ext4@vger.kernel.org, linux-xfs@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org, Christian Brauner Subject: [PATCH v6 17/40] af_unix: handle idmapped mounts Date: Thu, 21 Jan 2021 14:19:36 +0100 Message-Id: <20210121131959.646623-18-christian.brauner@ubuntu.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210121131959.646623-1-christian.brauner@ubuntu.com> References: <20210121131959.646623-1-christian.brauner@ubuntu.com> MIME-Version: 1.0 X-Patch-Hashes: v=1; h=sha256; i=bTjAWrcqQEv0S0d4FYAs3/GqS1T6sx1KbcrCQIdbMQ0=; m=twWEGxskJSS4i1ogJQfrHKhWCmrI1WuSHxrnammM5TU=; p=aixbXYnl8q1vgWutDKTjZqvJYLBw2Sjer/EFWsTVdok=; g=22194cebe03859c478ffe95eb4a26c49a17d789e X-Patch-Sig: m=pgp; i=christian.brauner@ubuntu.com; s=0x0x91C61BC06578DCA2; b=iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCYAl9pQAKCRCRxhvAZXjcorRYAP4h7Rg odg1epo8B/Emlr4heI1qeisSpSXWaXsI7fcF2LgD/Z7C6n1IDnZ5efKGvPKhA3EChOiqBD4mmlPDa T8jMZQ4= Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org When binding a non-abstract AF_UNIX socket it will gain a representation in the filesystem. Enable the socket infrastructure to handle idmapped mounts by passing down the user namespace of the mount the socket will be created from. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before. Link: https://lore.kernel.org/r/20210112220124.837960-25-christian.brauner@ubuntu.com Cc: Christoph Hellwig Cc: David Howells Cc: Al Viro Cc: linux-fsdevel@vger.kernel.org Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner Reviewed-by: James Morris --- /* v2 */ unchanged /* v3 */ unchanged /* v4 */ unchanged /* v5 */ unchanged base-commit: 7c53f6b671f4aba70ff15e1b05148b10d58c2837 /* v6 */ unchanged base-commit: 19c329f6808995b142b3966301f217c831e7cf31 --- net/unix/af_unix.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 9a1f3c04402e..5a31307ceb76 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -996,8 +996,8 @@ static int unix_mknod(const char *sun_path, umode_t mode, struct path *res) */ err = security_path_mknod(&path, dentry, mode, 0); if (!err) { - err = vfs_mknod(&init_user_ns, d_inode(path.dentry), dentry, - mode, 0); + err = vfs_mknod(mnt_user_ns(path.mnt), d_inode(path.dentry), + dentry, mode, 0); if (!err) { res->mnt = mntget(path.mnt); res->dentry = dget(dentry);