Commit c4e9c42c authored by Seth Forshee's avatar Seth Forshee Committed by Shrirang Bagul
Browse files

UBUNTU: SAUCE: (namespace) fuse: Support fuse filesystems outside of init_user_ns



In order to support mounts from namespaces other than
init_user_ns, fuse must translate uids and gids to/from the
userns of the process servicing requests on /dev/fuse. This
patch does that, with a couple of restrictions on the namespace:

 - The userns for the fuse connection is fixed to the namespace
   from which /dev/fuse is opened.

 - The namespace must be the same as s_user_ns.

These restrictions simplify the implementation by avoiding the
need to pass around userns references and by allowing fuse to
rely on the checks in inode_change_ok for ownership changes.
Either restriction could be relaxed in the future if needed.

For cuse the namespace used for the connection is also simply
current_user_ns() at the time /dev/cuse is opened.

Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
Signed-off-by: default avatarOndrej Kubik <ondrej.kubik@canonical.com>
(cherry picked from commit 00e8ed80c9af283fde795bd83d91081adc42fc13)
Signed-off-by: default avatarShrirang Bagul <shrirang.bagul@canonical.com>
parent f154dbb4
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment