From bbc3e471011417598e598707486f5d8814ec9c01 Mon Sep 17 00:00:00 2001

From: "Eric W. Biederman" <ebiederm@xmission.com>

Date: Wed, 29 Nov 2017 17:29:20 -0600

Subject: [PATCH] userns: Don't fail follow_automount based on s_user_ns

Git-commit: bbc3e471011417598e598707486f5d8814ec9c01

Patch-mainline: v4.16-rc1

References: bsc#1099918

When vfs_submount was added the test to limit automounts from

filesystems that with s_user_ns != &init_user_ns accidentially left

in follow_automount.  The test was never about any security concerns

and was always about how do we implement this for filesystems whose

s_user_ns != &init_user_ns.

At the moment this check makes no difference as there are no

filesystems that both set FS_USERNS_MOUNT and implement d_automount.

Remove this check now while I am thinking about it so there will not

be odd booby traps for someone who does want to make this combination

work.

vfs_submount still needs improvements to allow this combination to work,

and vfs_submount contains a check that presents a warning.

The autofs4 filesystem could be modified to set FS_USERNS_MOUNT and it would

need not work on this code path, as userspace performs the mounts.

Fixes: 93faccbbfa95 ("fs: Better permission checking for submounts")

Fixes: aeaa4a79ff6a ("fs: Call d_automount with the filesystems creds")

Acked-by: Ian Kent <raven@themaw.net>

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

Signed-off-by: Coly Li <colyli@suse.de>

---

 fs/namei.c |    3 ---

 1 file changed, 3 deletions(-)

--- a/fs/namei.c

+++ b/fs/namei.c

@@ -1133,9 +1133,6 @@ static int follow_automount(struct path

 	    path->dentry->d_inode)

 		return -EISDIR;

-	if (path->dentry->d_sb->s_user_ns != &init_user_ns)

-		return -EACCES;

-

 	nd->total_link_count++;

 	if (nd->total_link_count >= 40)

 		return -ELOOP;