[PULL][unstable] namespace mount patches for 4.8
Seth Forshee
seth.forshee at canonical.com
Thu Aug 25 13:04:44 UTC 2016
The following changes since commit b6afef49069d5f8dccc5742cd7f51579ca92dd60:
UBUNTU: Ubuntu-4.8.0-4.5 (2016-08-23 13:22:11 -0600)
are available in the git repository at:
git://git.launchpad.net/~sforshee/+git/linux-unstable nsmount
for you to fetch changes up to cd6e426ab2d6fcfdeb5a14ec253dbdc0b2378f28:
UBUNTU: SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts (2016-08-25 08:36:06 -0400)
----------------------------------------------------------------
Eric W. Biederman (1):
UBUNTU: SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
Seth Forshee (16):
UBUNTU: SAUCE: (namespace) security/integrity: Harden against malformed xattrs
UBUNTU: SAUCE: (namespace) block_dev: Support checking inode permissions in lookup_bdev()
UBUNTU: SAUCE: (namespace) block_dev: Check permissions towards block device inode when mounting
UBUNTU: SAUCE: (namespace) mtd: Check permissions towards mtd block device inode when mounting
UBUNTU: SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
UBUNTU: SAUCE: (namespace) fs: Allow superblock owner to access do_remount_sb()
UBUNTU: SAUCE: (namespace) capabilities: Allow privileged user in s_user_ns to set security.* xattrs
UBUNTU: SAUCE: (namespace) fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems
UBUNTU: SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules
UBUNTU: SAUCE: (namespace) fuse: Add support for pid namespaces
UBUNTU: SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns
UBUNTU: SAUCE: (namespace) fuse: Translate ids in posix acl xattrs
UBUNTU: SAUCE: (namespace) fuse: Restrict allow_other to the superblock's namespace or a descendant
UBUNTU: SAUCE: (namespace) fuse: Allow user namespace mounts
UBUNTU: SAUCE: (namespace) ext4: Add support for unprivileged mounts from user namespaces
UBUNTU: SAUCE: (namespace) ext4: Add module parameter to enable user namespace mounts
drivers/md/bcache/super.c | 2 +-
drivers/md/dm-table.c | 2 +-
drivers/mtd/mtdsuper.c | 6 +++-
fs/attr.c | 34 ++++++++++++++-----
fs/block_dev.c | 18 ++++++++--
fs/ext4/acl.c | 31 +++++++++++------
fs/ext4/balloc.c | 4 +--
fs/ext4/ialloc.c | 7 ++--
fs/ext4/inode.c | 18 +++++-----
fs/ext4/ioctl.c | 10 +++---
fs/ext4/namei.c | 16 ++++-----
fs/ext4/resize.c | 2 +-
fs/ext4/super.c | 64 +++++++++++++++++++++++++++--------
fs/fuse/cuse.c | 3 +-
fs/fuse/dev.c | 25 ++++++++++----
fs/fuse/dir.c | 46 +++++++++++++++++++------
fs/fuse/file.c | 22 +++++++++---
fs/fuse/fuse_i.h | 10 +++++-
fs/fuse/inode.c | 40 ++++++++++++++--------
fs/inode.c | 6 ++--
fs/ioctl.c | 4 +--
fs/namespace.c | 4 +--
fs/posix_acl.c | 42 ++++++++++++++---------
fs/proc/base.c | 7 ++++
fs/proc/generic.c | 7 ++++
fs/proc/proc_sysctl.c | 7 ++++
fs/quota/quota.c | 2 +-
include/linux/fs.h | 2 +-
include/linux/posix_acl_xattr.h | 9 +++++
include/linux/projid.h | 5 +++
kernel/user_namespace.c | 1 +
security/commoncap.c | 12 ++++---
security/integrity/digsig.c | 2 +-
security/integrity/evm/evm_main.c | 4 +++
security/integrity/ima/ima_appraise.c | 5 ++-
35 files changed, 348 insertions(+), 131 deletions(-)
More information about the kernel-team
mailing list