Attaching test script to reproduce the bug, adapted from the reproducer
for bug 1850994. Requires the bindfs package.

** Description changed:

  As reported by Jann Horn on bug 1850994, unprivileged overlayfs mounting
- fails in disco/eoan due to SB_I_NOSUID and SB_I_USERNS_VISIBLE.
+ can fail in disco/eoan due to SB_I_NOSUID and SB_I_USERNS_VISIBLE.
  overlayfs sets SB_I_NOSUID for unprivileged mounts, which causes
- mount_too_revealing() to bail out as it sees SB_I_USERNS_VISIBLE as
- being set.
+ mount_too_revealing() to see SB_I_USERNS_VISIBLE as being set. This
+ leads to performing additional, unnecessary checks which may fail.

** Attachment added: "test.sh"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1851677/+attachment/5303526/+files/test.sh

** Changed in: linux (Ubuntu Disco)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Disco)
       Status: New => In Progress

** Changed in: linux (Ubuntu Disco)
     Assignee: (unassigned) => Seth Forshee (sforshee)

** Changed in: linux (Ubuntu Eoan)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Eoan)
       Status: New => In Progress

** Changed in: linux (Ubuntu Eoan)
     Assignee: (unassigned) => Seth Forshee (sforshee)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1851677

Title:
  s_iflags overlap prevents unprivileged overlayfs mounts

Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Disco:
  In Progress
Status in linux source package in Eoan:
  In Progress

Bug description:
  As reported by Jann Horn on bug 1850994, unprivileged overlayfs
  mounting can fail in disco/eoan due to SB_I_NOSUID and
  SB_I_USERNS_VISIBLE. overlayfs sets SB_I_NOSUID for unprivileged
  mounts, which causes mount_too_revealing() to see SB_I_USERNS_VISIBLE
  as being set. This leads to performing additional, unnecessary checks
  which may fail.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1851677/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to