• Miklos Szeredi's avatar
    fuse: allow server to run in different pid_ns · 5d6d3a30
    Miklos Szeredi authored
    Commit 0b6e9ea0 ("fuse: Add support for pid namespaces") broke
    Sandstorm.io development tools, which have been sending FUSE file
    descriptors across PID namespace boundaries since early 2014.
    
    The above patch added a check that prevented I/O on the fuse device file
    descriptor if the pid namespace of the reader/writer was different from the
    pid namespace of the mounter.  With this change passing the device file
    descriptor to a different pid namespace simply doesn't work.  The check was
    added because pids are transferred to/from the fuse userspace server in the
    namespace registered at mount time.
    
    To fix this regression, remove the checks and do the following:
    
    1) the pid in the request header (the pid of the task that initiated the
    filesystem operation) is translated to the reader's pid namespace.  If a
    mapping doesn't exist for this pid, then a zero pid is used.  Note: even if
    a mapping would exist between the initiator task's pid namespace and the
    reader's pid namespace the pid will be zero if either mapping from
    initator's to mounter's namespace or mapping from mounter's to reader's
    namespace doesn't exist.
    
    2) The lk.pid value in setlk/setlkw requests and getlk reply is left alone.
    Userspace should not interpret this value anyway.  Also allow the
    setlk/setlkw operations if the pid of the task cannot be represented in the
    mounter's namespace (pid being zero in that case).
    Reported-by: default avatarKenton Varda <kenton@sandstorm.io>
    Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
    Fixes: 0b6e9ea0 ("fuse: Add support for pid namespaces")
    Cc: <stable@vger.kernel.org> # v4.12+
    Cc: Eric W. Biederman <ebiederm@xmission.com>
    Cc: Seth Forshee <seth.forshee@canonical.com>
    5d6d3a30
dev.c 51.4 KB