Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull namespace changes from Eric Biederman:
 "This is an assorted mishmash of small cleanups, enhancements and bug
  fixes.

  The major theme is user namespace mount restrictions.  nsown_capable
  is killed as it encourages not thinking about details that need to be
  considered.  A very hard to hit pid namespace exiting bug was finally
  tracked and fixed.  A couple of cleanups to the basic namespace
  infrastructure.

  Finally there is an enhancement that makes per user namespace
  capabilities usable as capabilities, and an enhancement that allows
  the per userns root to nice other processes in the user namespace"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  userns:  Kill nsown_capable it makes the wrong thing easy
  capabilities: allow nice if we are privileged
  pidns: Don't have unshare(CLONE_NEWPID) imply CLONE_THREAD
  userns: Allow PR_CAPBSET_DROP in a user namespace.
  namespaces: Simplify copy_namespaces so it is clear what is going on.
  pidns: Fix hang in zap_pid_ns_processes by sending a potentially extra wakeup
  sysfs: Restrict mounting sysfs
  userns: Better restrictions on when proc and sysfs can be mounted
  vfs: Don't copy mount bind mounts of /proc/<pid>/ns/mnt between namespaces
  kernel/nsproxy.c: Improving a snippet of code.
  proc: Restrict mounting the proc filesystem
  vfs: Lock in place mounts from more privileged users

1 files changed, 12 insertions, 24 deletions

diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c
index 997cbb951a3b..8e7811086b82 100644
--- a/kernel/nsproxy.c
+++ b/kernel/nsproxy.c
@@ -126,22 +126,16 @@ int copy_namespaces(unsigned long flags, struct task_struct *tsk)
         struct nsproxy *old_ns = tsk->nsproxy;
         struct user_namespace *user_ns = task_cred_xxx(tsk, user_ns);
         struct nsproxy *new_ns;
-        int err = 0;
 
-        if (!old_ns)
+        if (likely(!(flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC |
+                              CLONE_NEWPID | CLONE_NEWNET)))) {
+                get_nsproxy(old_ns);
                 return 0;
-
-        get_nsproxy(old_ns);
-
-        if (!(flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC |
-                                CLONE_NEWPID | CLONE_NEWNET)))
-                return 0;
-
-        if (!ns_capable(user_ns, CAP_SYS_ADMIN)) {
-                err = -EPERM;
-                goto out;
         }
 
+        if (!ns_capable(user_ns, CAP_SYS_ADMIN))
+                return -EPERM;
+
         /*
          * CLONE_NEWIPC must detach from the undolist: after switching
          * to a new ipc namespace, the semaphore arrays from the old
@@ -149,22 +143,16 @@ int copy_namespaces(unsigned long flags, struct task_struct *tsk)
          * means share undolist with parent, so we must forbid using
          * it along with CLONE_NEWIPC.
          */
-        if ((flags & CLONE_NEWIPC) && (flags & CLONE_SYSVSEM)) {
-                err = -EINVAL;
-                goto out;
-        }
+        if ((flags & (CLONE_NEWIPC | CLONE_SYSVSEM)) ==
+                (CLONE_NEWIPC | CLONE_SYSVSEM)) 
+                return -EINVAL;
 
         new_ns = create_new_namespaces(flags, tsk, user_ns, tsk->fs);
-        if (IS_ERR(new_ns)) {
-                err = PTR_ERR(new_ns);
-                goto out;
-        }
+        if (IS_ERR(new_ns))
+                return  PTR_ERR(new_ns);
 
         tsk->nsproxy = new_ns;
-
-out:
-        put_nsproxy(old_ns);
-        return err;
+        return 0;
 }
 
 void free_nsproxy(struct nsproxy *ns)