[PATCH v5 30/42] would_dump: handle idmapped mounts

Christoph Hellwig hch at infradead.org
Tue Jan 19 09:44:34 UTC 2021

On Tue, Jan 12, 2021 at 11:01:12PM +0100, Christian Brauner wrote:
> When determining whether or not to create a coredump the vfs will verify
> that the caller is privileged over the inode. Make the would_dump()
> helper handle idmapped mounts by passing down the mount's user namespace
> of the exec file. If the initial user namespace is passed nothing
> changes so non-idmapped mounts will see identical behavior as before.

Looks good,

Reviewed-by: Christoph Hellwig <hch at lst.de>

More information about the Linux-security-module-archive mailing list