| 2016-04-06 09:04:21 |
Tim Gardner |
description |
Bring xenial up to date wrt the current state of my upstream branch. |
These commits bring xenial up to date wrt my branch for upstream. Most
of the changes here are in response to upstream feedback. At a high
level the changes are:
- A small improvement to the quota code, then disallow enabling quota
for mounts from non-init user namespaces. Since quota in non-init
namespaces isn't a requirement in 16.04 we're better off disabling it
until we know for sure how it will be handled upstream. However ext4
might temporarily enable quota during mount if recovering from an
unclean unmount, so the kernel needs to be able to handle it.
- Revert the way capabilities are determined for inodes in userns
mounts back to how it is upstream, i.e. based on both capabilities
and inode ownership, but allow a privileged user in s_user_ns to
chown if the id being changed is invalid and the other id is either
invalid or an id mapped into s_user_ns. This gives the mounter
control over inodes with unmappable ids while making it safe to have
s_user_ns != &init_user_ns for proc and kernfs-based mounts.
- Fix an incompatibility between cgroup namespaces and user namespace
mounts. Previously this was fixed as a side effect of another patch,
but that patch is being reverted.
- Remove a needless mount option initialization in fuse.
- Fix a resource leak for an error path in sget_userns(). |
|
