lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jan 2021 18:06:40 +0100 From: Christian Brauner <christian.brauner@...ntu.com> To: "Serge E. Hallyn" <serge@...lyn.com> Cc: "Eric W. Biederman" <ebiederm@...ssion.com>, Alexander Viro <viro@...iv.linux.org.uk>, Christoph Hellwig <hch@....de>, linux-fsdevel@...r.kernel.org, John Johansen <john.johansen@...onical.com>, James Morris <jmorris@...ei.org>, Mimi Zohar <zohar@...ux.ibm.com>, Dmitry Kasatkin <dmitry.kasatkin@...il.com>, Stephen Smalley <stephen.smalley.work@...il.com>, Casey Schaufler <casey@...aufler-ca.com>, Arnd Bergmann <arnd@...db.de>, Andreas Dilger <adilger.kernel@...ger.ca>, OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>, Geoffrey Thomas <geofft@...reload.com>, Mrunal Patel <mpatel@...hat.com>, Josh Triplett <josh@...htriplett.org>, Andy Lutomirski <luto@...nel.org>, Theodore Tso <tytso@....edu>, Alban Crequy <alban@...volk.io>, Tycho Andersen <tycho@...ho.ws>, David Howells <dhowells@...hat.com>, James Bottomley <James.Bottomley@...senpartnership.com>, Seth Forshee <seth.forshee@...onical.com>, Stéphane Graber <stgraber@...ntu.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Aleksa Sarai <cyphar@...har.com>, Lennart Poettering <lennart@...ttering.net>, smbarber@...omium.org, Phil Estes <estesp@...il.com>, Kees Cook <keescook@...omium.org>, Todd Kjos <tkjos@...gle.com>, Paul Moore <paul@...l-moore.com>, Jonathan Corbet <corbet@....net>, containers@...ts.linux-foundation.org, linux-security-module@...r.kernel.org, linux-api@...r.kernel.org, linux-ext4@...r.kernel.org, linux-xfs@...r.kernel.org, linux-integrity@...r.kernel.org, selinux@...r.kernel.org Subject: Re: [PATCH v6 23/40] exec: handle idmapped mounts On Mon, Jan 25, 2021 at 11:03:16AM -0600, Serge Hallyn wrote: > On Mon, Jan 25, 2021 at 05:44:04PM +0100, Christian Brauner wrote: > > On Mon, Jan 25, 2021 at 10:39:01AM -0600, Eric W. Biederman wrote: > > > Christian Brauner <christian.brauner@...ntu.com> writes: > > > > > > > When executing a setuid binary the kernel will verify in bprm_fill_uid() > > > > that the inode has a mapping in the caller's user namespace before > > > > setting the callers uid and gid. Let bprm_fill_uid() handle idmapped > > > > mounts. If the inode is accessed through an idmapped mount it is mapped > > > > according to the mount's user namespace. Afterwards the checks are > > > > identical to non-idmapped mounts. If the initial user namespace is > > > > passed nothing changes so non-idmapped mounts will see identical > > > > behavior as before. > > > > > > This does not handle the v3 capabilites xattr with embeds a uid. > > > So at least at that level you are missing some critical conversions. > > > > Thanks for looking. Vfs v3 caps are handled earlier in the series. I'm > > not sure what you're referring to here. There are tests in xfstests that > > verify vfs3 capability behavior. > > *just* to make sure i'm not misunderstanding - s/vfs3/v3/ right? Yes, in my mind it's always as "vfs v3 caps -> vfs3 caps". Sorry for the confusion.
Powered by blists - more mailing lists