From patchwork Tue Jun  7 11:57:36 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Eric W. Biederman" <ebiederm@xmission.com>
X-Patchwork-Id: 9160979
Return-Path: <linux-fsdevel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	8340160467 for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  7 Jun 2016 12:09:40 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 73D8525EF7
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  7 Jun 2016 12:09:40 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 681852793B; Tue,  7 Jun 2016 12:09:40 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1BB4C25EF7
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Tue,  7 Jun 2016 12:09:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754870AbcFGMJZ (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Tue, 7 Jun 2016 08:09:25 -0400
Received: from out03.mta.xmission.com ([166.70.13.233]:44075 "EHLO
	out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752958AbcFGMJX (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 7 Jun 2016 08:09:23 -0400
Received: from in01.mta.xmission.com ([166.70.13.51])
	by out03.mta.xmission.com with esmtps
	(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.87)
	(envelope-from <ebiederm@xmission.com>)
	id 1bAFov-000764-IF; Tue, 07 Jun 2016 06:09:21 -0600
Received: from 67-3-226-120.omah.qwest.net ([67.3.226.120]
	helo=x220.int.ebiederm.org.xmission.com)
	by in01.mta.xmission.com with esmtpsa
	(TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.87)
	(envelope-from <ebiederm@xmission.com>)
	id 1bAFou-0001XW-Ef; Tue, 07 Jun 2016 06:09:21 -0600
From: ebiederm@xmission.com (Eric W. Biederman)
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Seth Forshee <seth.forshee@canonical.com>,
	Linux Containers <containers@lists.linux-foundation.org>,
	<linux-fsdevel@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Date: Tue, 07 Jun 2016 06:57:36 -0500
Message-ID: <874m95ky8f.fsf@x220.int.ebiederm.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
X-XM-AID: U2FsdGVkX19Z+e3uzePwSoMQuvgVQi2A4iTTWURTkus=
X-SA-Exim-Connect-IP: 67.3.226.120
X-SA-Exim-Mail-From: ebiederm@xmission.com
Subject: [GIT PULL] userns related fixes for v4.7-rc3
X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600)
X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com)
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Linus,

Please pull the for-linus branch from the git tree:

   git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus

   HEAD: d71ed6c930ac7d8f88f3cef6624a7e826392d61f mnt: fs_fully_visible test the proper mount for MNT_LOCKED

This contains two small but significant fixes to fs/namespace.c.  The
first adds a drops the filesystem refcount drop on error.  The second
corrects a test in fs_fully_visible which could be abused to allow
mounting of proc or sysfs, when that should not be allowed.

To keep myself honest I have tested to ensure the incorrect test in
fs_fully_visible actually allows improper mounting of proc before the
fix and that when fixed the improper mounting is not allowed.

Eric W. Biederman (2):
      mnt: If fs_fully_visible fails call put_filesystem.
      mnt: fs_fully_visible test the proper mount for MNT_LOCKED

 fs/namespace.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)


Eric
---
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/fs/namespace.c b/fs/namespace.c
index 4fb1691b4355..a7ec92c051f5 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2409,8 +2409,10 @@ static int do_new_mount(struct path *path, const char *fstype, int flags,
 			mnt_flags |= MNT_NODEV | MNT_LOCK_NODEV;
 		}
 		if (type->fs_flags & FS_USERNS_VISIBLE) {
-			if (!fs_fully_visible(type, &mnt_flags))
+			if (!fs_fully_visible(type, &mnt_flags)) {
+				put_filesystem(type);
 				return -EPERM;
+			}
 		}
 	}
 
@@ -3271,7 +3273,7 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
 		list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) {
 			struct inode *inode = child->mnt_mountpoint->d_inode;
 			/* Only worry about locked mounts */
-			if (!(mnt_flags & MNT_LOCKED))
+			if (!(child->mnt.mnt_flags & MNT_LOCKED))
 				continue;
 			/* Is the directory permanetly empty? */
 			if (!is_empty_dir_inode(inode))