APPLIED[D/E]/cmnt: [SRU X/B/D/E/F 0/2] CVE-2020-12114

[Kleber Souza]

On 14.05.20 02:35, Thadeu Lima de Souza Cascardo wrote:
> From CVE description:
>  A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x
>  before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before
>  4.19.119, and 5.x before 5.3 allows local users to cause a denial of
>  service (panic) by corrupting a mountpoint reference counter.
> 
> Commit "fs/namespace.c: fix mountpoint reference counter race" was applied to
> the stable series referenced above not coming from an upstream commit. That's
> why it doesn't have an upstream commit.
> 
> I decided against prefixing the title with "UBUNTU: SAUCE:" because as this
> might be applied to Xenial as coming from 4.4.x, it will not be prefixed as
> such, and then we would have more than one title to match as a fix.
> 
> I tested pivot_root under mount namespaces and user namespaces, and smoke
> tested lxd, snapd and docker as well.
> 
> Al Viro (1):
>   propagate_one(): mnt_set_mountpoint() needs mount_lock
> 
> Piotr Krysiuk (1):
>   fs/namespace.c: fix mountpoint reference counter race
> 
>  fs/namespace.c | 2 +-
>  fs/pnode.c     | 9 ++++-----
>  2 files changed, 5 insertions(+), 6 deletions(-)
> 

The second patch ("propagate_one(): mnt_set_mountpoint() needs mount_lock")
was missing on disco/linux, so I applied it there.

Also applied the same patch to eoan/linux.

I think all series are covered now.

Thanks,
Kleber