Commit dec77184 authored by Seth Forshee's avatar Seth Forshee Committed by Kamal Mostafa
Browse files

UBUNTU: SAUCE: (namespace) mqueue: Super blocks must be owned by the user ns which owns the ipc ns

BugLink: http://bugs.launchpad.net/bugs/1582378



s_user_ns for an mqueue super block needs to be set to the user
ns which owns the ipc ns, otherwise it will not be mountable in
that user ns. This is not currently the case for an
unshare(CLONE_NEWIPC|CLONE_NEWUSER) as the internal mount of the
super block for the new ipc ns is done before the new user
namespace is installed.

Since s_user_ns = ipc_ns->user_ns is the only arrangement that
makes sense for mqueue, the initial kernel mount can simply pass
that namespace to sget_userns(). In addition we should do the
same for userspace mounts to preserve the behavior that allows
a user privileged towards ipc_ns->user_ns to mount mqueue from a
different user ns. The existing checks already ensure that the
user has sufficient privileges for the mount.

Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
Acked-by: default avatarTim Gardner <tim.gardner@canonical.com>
Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
parent 2a157287
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment