Commit 1c53753e authored Jan 29, 2016 by Serge Hallyn Committed by Tejun Heo Feb 16, 2016

Add FS_USERNS_FLAG to cgroup fs



allowing root in a non-init user namespace to mount it.  This should
now be safe, because

1. non-init-root cannot mount a previously unbound subsystem
2. the task doing the mount must be privileged with respect to the
   user namespace owning the cgroup namespace
3. the mounted subsystem will have its current cgroup as the root dentry.
   the permissions will be unchanged, so tasks will receive no new
   privilege over the cgroups which they did not have on the original
   mounts.

Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>

parent d4021f6c

kernel/cgroup.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -2227,12 +2227,14 @@ static struct file_system_type cgroup_fs_type = {
		.name = "cgroup",
		.mount = cgroup_mount,
		.kill_sb = cgroup_kill_sb,
		.fs_flags = FS_USERNS_MOUNT,
		};

		static struct file_system_type cgroup2_fs_type = {
		.name = "cgroup2",
		.mount = cgroup_mount,
		.kill_sb = cgroup_kill_sb,
		.fs_flags = FS_USERNS_MOUNT,
		};

		static char cgroup_path_ns_locked(struct cgroup cgrp, char *buf, size_t buflen,

Admin message