lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20251002125422.203598-2-b.sachdev1904@gmail.com>
Date: Thu,  2 Oct 2025 18:18:37 +0530
From: Bhavik Sachdev <b.sachdev1904@...il.com>
To: Alexander Viro <viro@...iv.linux.org.uk>,
	Christian Brauner <brauner@...nel.org>
Cc: linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Aleksa Sarai <cyphar@...har.com>,
	Bhavik Sachdev <b.sachdev1904@...il.com>,
	Pavel Tikhomirov <ptikhomirov@...tuozzo.com>,
	Jan Kara <jack@...e.cz>,
	John Garry <john.g.garry@...cle.com>,
	Arnaldo Carvalho de Melo <acme@...hat.com>,
	"Darrick J . Wong" <djwong@...nel.org>,
	Namhyung Kim <namhyung@...nel.org>,
	Ingo Molnar <mingo@...nel.org>,
	Andrei Vagin <avagin@...il.com>,
	Alexander Mikhalitsyn <alexander@...alicyn.com>
Subject: [PATCH 1/4] fs/namespace: add umount_mnt_ns mount namespace for unmounted mounts

From: Pavel Tikhomirov <ptikhomirov@...tuozzo.com>

We would like the ability to get mount info for mounts that have been
"unmounted" but still have open fds (umount2(mnt, MNT_DETACH)).

This patch introduces a new umount_mnt_ns to which these "unmounted"
mounts will be moved to instead of their mount namespaces being NULL.
We add this umount_mnt_ns to init_userns so all "umounted" mounts are
accessible via root userns only.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@...tuozzo.com>
---
 fs/namespace.c            | 14 ++++++++++++++
 include/linux/proc_ns.h   |  1 +
 include/uapi/linux/nsfs.h |  1 +
 3 files changed, 16 insertions(+)

diff --git a/fs/namespace.c b/fs/namespace.c
index ae6d1312b184..70fe01d810df 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -107,6 +107,9 @@ struct mount_kattr {
 struct kobject *fs_kobj __ro_after_init;
 EXPORT_SYMBOL_GPL(fs_kobj);
 
+struct mnt_namespace *umount_mnt_ns __ro_after_init;
+EXPORT_SYMBOL_GPL(umount_mnt_ns);
+
 /*
  * vfsmount lock may be taken for read to prevent changes to the
  * vfsmount hash, ie. during mountpoint lookups or walking back
@@ -6121,6 +6124,17 @@ static void __init init_mount_tree(void)
 	set_fs_root(current->fs, &root);
 
 	mnt_ns_tree_add(ns);
+
+	umount_mnt_ns = alloc_mnt_ns(&init_user_ns, true);
+	if (IS_ERR(umount_mnt_ns)) {
+		free_mnt_ns(ns);
+		panic("Can't allocate initial umount namespace");
+	}
+	umount_mnt_ns->seq = atomic64_inc_return(&mnt_ns_seq);
+	umount_mnt_ns->seq_origin = ns->seq;
+	umount_mnt_ns->ns.inum = PROC_UMNT_INIT_INO;
+
+	mnt_ns_tree_add(umount_mnt_ns);
 }
 
 void __init mnt_init(void)
diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h
index 4b20375f3783..c1e8edba862d 100644
--- a/include/linux/proc_ns.h
+++ b/include/linux/proc_ns.h
@@ -48,6 +48,7 @@ enum {
 	PROC_TIME_INIT_INO	= TIME_NS_INIT_INO,
 	PROC_NET_INIT_INO	= NET_NS_INIT_INO,
 	PROC_MNT_INIT_INO	= MNT_NS_INIT_INO,
+	PROC_UMNT_INIT_INO	= UMNT_NS_INIT_INO,
 };
 
 #ifdef CONFIG_PROC_FS
diff --git a/include/uapi/linux/nsfs.h b/include/uapi/linux/nsfs.h
index 97d8d80d139f..8bb0df8954bb 100644
--- a/include/uapi/linux/nsfs.h
+++ b/include/uapi/linux/nsfs.h
@@ -51,6 +51,7 @@ enum init_ns_ino {
 	TIME_NS_INIT_INO	= 0xEFFFFFFAU,
 	NET_NS_INIT_INO		= 0xEFFFFFF9U,
 	MNT_NS_INIT_INO		= 0xEFFFFFF8U,
+	UMNT_NS_INIT_INO	= 0xEFFFFFF7U,
 };
 
 #endif /* __LINUX_NSFS_H */
-- 
2.51.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ