• Seth Forshee's avatar
    fuse: Support fuse filesystems outside of init_user_ns · 58ecdf5e
    Seth Forshee authored
    Update fuse to translate uids and gids to/from the user namspace
    of the process servicing requests on /dev/fuse. Any ids which do
    not map into the namespace will result in errors. inodes will
    also be marked bad when unmappable ids are received from the
    userspace fuse process.
    
    Currently no use cases are known for letting the userspace fuse
    daemon switch namespaces after opening /dev/fuse. Given this
    fact, and in order to keep the implementation as simple as
    possible and ease security auditing, the user namespace from
    which /dev/fuse is opened is used for all id translations. This
    is required to be the same namespace as s_user_ns to maintain
    behavior consistent with other filesystems which can be mounted
    in user namespaces.
    
    For cuse the namespace used for the connection is also simply
    current_user_ns() at the time /dev/cuse is opened.
    Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
    58ecdf5e
cuse.c 15.4 KB