[stable] Locked mount and loopback mount fixes

Eric W. Biederman ebiederm at xmission.com
Mon May 11 13:55:46 UTC 2015


Luis Henriques <luis.henriques at canonical.com> writes:

> On Sun, May 10, 2015 at 09:23:01PM -0500, Eric W. Biederman wrote:
>> 
>> 
>> On May 10, 2015 12:59:51 PM CDT, Ben Hutchings <ben at decadent.org.uk> wrote:
>> >Why were these not cc'd to stable?  Was this an oversight, or are they
>> >simply not needed for fixing any known bugs?
>> 
>> An oversight.
>> 
>> On their own they don't matter but other patches cc'd to stable do depend on them for correct operation.
>> 
>> The fact most of these changes depends on fs_pin likely limits how far they may be bsckported.
>> 
>> >commit cd4a40174b71acd021877341684d8bb1dc8ea4ae
>> >Author: Eric W. Biederman <ebiederm at xmission.com>
>> >Date:   Wed Jan 7 14:28:26 2015 -0600
>> >
>> >    mnt: Fail collect_mounts when applied to unmounted mounts
>> >
>
> Thanks, I'm queuing this one for the 3.16 kernel (the 2nd commit
> doesn't seem to be applicable to his kernel).

Yes.  This one isn't harmful back at 3.16.

Without the changes to keep mounts bound together until mntput time it
is not particularly useful.  Keeping mounts bound together until mntput
time depends on the fs_pin infrastructure.  Keeping mounts bound
together until mntput time is what allows fixing things so that users
may not abuse umount -l or unmount on mountpoint removal (unlink/rmdir)
to split mounts appart and see under existing mounts.

Usually seeing what is under existing mounts is generally a don't care
as it is typically just an empty directory.  Sometimes things are
mounted over deliberately, such as /proc/kcore and docker, in which case
it becomes unfortunate if unprivileged users can get under those mounts.

I hope that puts things in perspective.

Eric




More information about the Containers mailing list