linux-sg2042/fs/nfs
Linus Torvalds f1ef09fde1 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull namespace updates from Eric Biederman:
 "There is a lot here. A lot of these changes result in subtle user
  visible differences in kernel behavior. I don't expect anything will
  care but I will revert/fix things immediately if any regressions show
  up.

  From Seth Forshee there is a continuation of the work to make the vfs
  ready for unpriviled mounts. We had thought the previous changes
  prevented the creation of files outside of s_user_ns of a filesystem,
  but it turns we missed the O_CREAT path. Ooops.

  Pavel Tikhomirov and Oleg Nesterov worked together to fix a long
  standing bug in the implemenation of PR_SET_CHILD_SUBREAPER where only
  children that are forked after the prctl are considered and not
  children forked before the prctl. The only known user of this prctl
  systemd forks all children after the prctl. So no userspace
  regressions will occur. Holding earlier forked children to the same
  rules as later forked children creates a semantic that is sane enough
  to allow checkpoing of processes that use this feature.

  There is a long delayed change by Nikolay Borisov to limit inotify
  instances inside a user namespace.

  Michael Kerrisk extends the API for files used to maniuplate
  namespaces with two new trivial ioctls to allow discovery of the
  hierachy and properties of namespaces.

  Konstantin Khlebnikov with the help of Al Viro adds code that when a
  network namespace exits purges it's sysctl entries from the dcache. As
  in some circumstances this could use a lot of memory.

  Vivek Goyal fixed a bug with stacked filesystems where the permissions
  on the wrong inode were being checked.

  I continue previous work on ptracing across exec. Allowing a file to
  be setuid across exec while being ptraced if the tracer has enough
  credentials in the user namespace, and if the process has CAP_SETUID
  in it's own namespace. Proc files for setuid or otherwise undumpable
  executables are now owned by the root in the user namespace of their
  mm. Allowing debugging of setuid applications in containers to work
  better.

  A bug I introduced with permission checking and automount is now
  fixed. The big change is to mark the mounts that the kernel initiates
  as a result of an automount. This allows the permission checks in sget
  to be safely suppressed for this kind of mount. As the permission
  check happened when the original filesystem was mounted.

  Finally a special case in the mount namespace is removed preventing
  unbounded chains in the mount hash table, and making the semantics
  simpler which benefits CRIU.

  The vfs fix along with related work in ima and evm I believe makes us
  ready to finish developing and merge fully unprivileged mounts of the
  fuse filesystem. The cleanups of the mount namespace makes discussing
  how to fix the worst case complexity of umount. The stacked filesystem
  fixes pave the way for adding multiple mappings for the filesystem
  uids so that efficient and safer containers can be implemented"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  proc/sysctl: Don't grab i_lock under sysctl_lock.
  vfs: Use upper filesystem inode in bprm_fill_uid()
  proc/sysctl: prune stale dentries during unregistering
  mnt: Tuck mounts under others instead of creating shadow/side mounts.
  prctl: propagate has_child_subreaper flag to every descendant
  introduce the walk_process_tree() helper
  nsfs: Add an ioctl() to return owner UID of a userns
  fs: Better permission checking for submounts
  exit: fix the setns() && PR_SET_CHILD_SUBREAPER interaction
  vfs: open() with O_CREAT should not create inodes with unknown ids
  nsfs: Add an ioctl() to return the namespace type
  proc: Better ownership of files for non-dumpable tasks in user namespaces
  exec: Remove LSM_UNSAFE_PTRACE_CAP
  exec: Test the ptracer's saved cred to see if the tracee can gain caps
  exec: Don't reset euid and egid when the tracee has CAP_SETUID
  inotify: Convert to using per-namespace limits
2017-02-23 20:33:51 -08:00
..
blocklayout pnfs/blocklayout: fix last_write_offset incorrectly set to page boundary 2016-10-13 16:42:53 -04:00
filelayout NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success. 2016-12-19 17:29:48 -05:00
flexfilelayout ktime: Get rid of ktime_equal() 2016-12-25 17:21:23 +01:00
objlayout pNFS: Get rid of unnecessary layout parameter in encode_layoutreturn callback 2016-12-01 17:21:44 -05:00
Kconfig kernel: conditionally support non-root users, groups and capabilities 2015-04-15 16:35:22 -07:00
Makefile NFS: Do not serialise O_DIRECT reads and writes 2016-07-05 19:11:04 -04:00
cache_lib.c NFS: cache_lib: use complete() instead of complete_all() 2016-09-23 09:40:12 -04:00
cache_lib.h
callback.c NFSv4.x: hide array-bounds warning 2016-11-22 16:11:44 -05:00
callback.h nfs: add handling for CB_NOTIFY_LOCK in client 2016-09-22 13:56:04 -04:00
callback_proc.c pNFS: Delay getting the layout header in CB_LAYOUTRECALL handlers 2016-12-01 17:21:42 -05:00
callback_xdr.c nfs: add handling for CB_NOTIFY_LOCK in client 2016-09-22 13:56:04 -04:00
client.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
delegation.c NFSv4: Optimise away forced revalidation when we know the attributes are OK 2016-12-01 17:21:37 -05:00
delegation.h NFSv4: nfs_inode_find_state_and_recover() should check all stateids 2016-09-27 14:34:35 -04:00
dir.c NFS: Fix and clean up the access cache validity checking 2016-12-19 17:29:39 -05:00
direct.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
dns_resolve.c NFS: Enabling v4.2 should not recompile nfsd and lockd 2013-11-19 16:20:40 -05:00
dns_resolve.h
file.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
fscache-index.c NFS: Fabricate fscache server index key correctly 2014-09-25 21:25:18 -04:00
fscache.c nfs: define nfs_inc_fscache_stats and using it as possible 2014-11-24 20:08:47 -05:00
fscache.h
getroot.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
inode.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
internal.h NFS: Clean up cache validity checking 2016-12-19 17:29:35 -05:00
io.c NFS: Do not serialise O_DIRECT reads and writes 2016-07-05 19:11:04 -04:00
iostat.h nfs: define nfs_inc_fscache_stats and using it as possible 2014-11-24 20:08:47 -05:00
mount_clnt.c NFS: Remove unneeded NFS_DEBUG checking before define NFSDBG_FACILITY 2015-10-21 15:49:23 -05:00
namespace.c fs: Better permission checking for submounts 2017-02-02 04:36:12 +13:00
netns.h netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
nfs.h
nfs2super.c
nfs2xdr.c nfs: save server READ/WRITE/COMMIT status 2015-02-03 11:06:40 -08:00
nfs3_fs.h nfsv3: introduce nfs3_set_ds_client 2015-02-03 11:06:34 -08:00
nfs3acl.c posix_acl: Inode acl caching fixes 2016-03-31 00:30:15 -04:00
nfs3client.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
nfs3proc.c vfs: Remove {get,set,remove}xattr inode operations 2016-10-07 21:48:36 -04:00
nfs3super.c nfsv3: introduce nfs3_set_ds_client 2015-02-03 11:06:34 -08:00
nfs3xdr.c xprtrdma: Fix large NFS SYMLINK calls 2015-08-05 16:21:28 -04:00
nfs4_fs.h NFSv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner 2016-12-01 17:57:56 -05:00
nfs4client.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
nfs4file.c NFSv4: add flock_owner to open context 2016-12-01 17:57:27 -05:00
nfs4getroot.c nfs: Remove invalid NFS_ATTR_FATTR_V4_REFERRAL checking in nfs4_get_rootfh 2015-07-01 11:31:22 -04:00
nfs4idmap.c KEYS: Add a facility to restrict new links into a keyring 2016-04-11 22:37:37 +01:00
nfs4idmap.h NFS: Move nfs_idmap.h into fs/nfs/ 2015-04-23 15:16:14 -04:00
nfs4namespace.c fs: Better permission checking for submounts 2017-02-02 04:36:12 +13:00
nfs4proc.c NFSv4.0: always send mode in SETATTR after EXCLUSIVE4 2017-01-24 12:52:34 -05:00
nfs4renewd.c NFSv4: Cap the transport reconnection timer at 1/2 lease period 2016-08-05 19:22:22 -04:00
nfs4session.c NFSv4.1: Fix regression in callback retry handling 2016-12-01 17:21:38 -05:00
nfs4session.h NFSv4.1: Don't deadlock the state manager on the SEQUENCE status flags 2016-09-27 14:31:27 -04:00
nfs4state.c nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED" 2017-01-26 15:25:03 -05:00
nfs4super.c NFS: Move nfs_idmap.h into fs/nfs/ 2015-04-23 15:16:14 -04:00
nfs4sysctl.c nfs: do not initialise statics to 0 2015-12-28 09:57:15 -05:00
nfs4trace.c pNFS: Modify pnfs_update_layout tracepoints to use layout stateid 2015-12-28 09:57:14 -05:00
nfs4trace.h tracing: Use __get_str() when manipulating strings 2016-07-15 15:52:20 -04:00
nfs4xdr.c NFSv4: Retry the DELEGRETURN if the embedded GETATTR is rejected with EACCES 2016-12-19 17:30:03 -05:00
nfs42.h NFS: Add COPY nfs operation 2016-05-17 15:47:55 -04:00
nfs42proc.c pNFS/flexfiles: Minor refactoring before adding iostats to layoutreturn 2016-12-03 15:37:45 -05:00
nfs42xdr.c pNFS/flexfiles: Minor refactoring before adding iostats to layoutreturn 2016-12-03 15:37:45 -05:00
nfsroot.c nfsroot: make nfsroot to accept the 1024 bytes long directory name 2015-10-21 15:49:19 -05:00
nfstrace.c NFSv4: Allow tracing of NFSv4 fsync calls 2015-03-27 12:39:34 -04:00
nfstrace.h NFS client updates for Linux 4.8 2016-07-30 16:33:25 -07:00
pagelist.c NFS: discard nfs_lockowner structure. 2016-12-01 17:58:13 -05:00
pnfs.c pNFS: Fix a reference leak in _pnfs_return_layout 2017-01-26 15:50:41 -05:00
pnfs.h pNFS/flexfiles: Minor refactoring before adding iostats to layoutreturn 2016-12-03 15:37:45 -05:00
pnfs_dev.c NFSv4.1: Don't cache deviceids that have no notifications 2015-03-27 12:32:24 -04:00
pnfs_nfs.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
proc.c fs: rename "rename2" i_op to "rename" 2016-09-27 11:03:58 +02:00
read.c mm: remove page_file_index 2016-10-07 18:46:28 -07:00
super.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
symlink.c vfs: remove ".readlink = generic_readlink" assignments 2016-12-09 16:45:04 +01:00
sysctl.c nfs: convert use of typedef ctl_table to struct ctl_table 2014-06-06 16:08:16 -07:00
unlink.c qstr: constify instances in nfs 2016-07-20 23:30:06 -04:00
write.c nfs: no PG_private waiters remain, remove waker 2017-02-22 16:41:29 -08:00