Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull namespace updates from Eric Biederman:
 "This is a bunch of small changes built against 3.16-rc6.  The most
  significant change for users is the first patch which makes setns
  drmatically faster by removing unneded rcu handling.

  The next chunk of changes are so that "mount -o remount,.." will not
  allow the user namespace root to drop flags on a mount set by the
  system wide root.  Aks this forces read-only mounts to stay read-only,
  no-dev mounts to stay no-dev, no-suid mounts to stay no-suid, no-exec
  mounts to stay no exec and it prevents unprivileged users from messing
  with a mounts atime settings.  I have included my test case as the
  last patch in this series so people performing backports can verify
  this change works correctly.

  The next change fixes a bug in NFS that was discovered while auditing
  nsproxy users for the first optimization.  Today you can oops the
  kernel by reading /proc/fs/nfsfs/{servers,volumes} if you are clever
  with pid namespaces.  I rebased and fixed the build of the
  !CONFIG_NFS_FS case yesterday when a build bot caught my typo.  Given
  that no one to my knowledge bases anything on my tree fixing the typo
  in place seems more responsible that requiring a typo-fix to be
  backported as well.

  The last change is a small semantic cleanup introducing
  /proc/thread-self and pointing /proc/mounts and /proc/net at it.  This
  prevents several kinds of problemantic corner cases.  It is a
  user-visible change so it has a minute chance of causing regressions
  so the change to /proc/mounts and /proc/net are individual one line
  commits that can be trivially reverted.  Unfortunately I lost and
  could not find the email of the original reporter so he is not
  credited.  From at least one perspective this change to /proc/net is a
  refgression fix to allow pthread /proc/net uses that were broken by
  the introduction of the network namespace"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  proc: Point /proc/mounts at /proc/thread-self/mounts instead of /proc/self/mounts
  proc: Point /proc/net at /proc/thread-self/net instead of /proc/self/net
  proc: Implement /proc/thread-self to point at the directory of the current thread
  proc: Have net show up under /proc/<tgid>/task/<tid>
  NFS: Fix /proc/fs/nfsfs/servers and /proc/fs/nfsfs/volumes
  mnt: Add tests for unprivileged remount cases that have found to be faulty
  mnt: Change the default remount atime from relatime to the existing value
  mnt: Correct permission checks in do_remount
  mnt: Move the test for MNT_LOCK_READONLY from change_mount_flags into do_remount
  mnt: Only change user settable mount flags in remount
  namespaces: Use task_lock and not rcu to protect nsproxy

7 files changed, 119 insertions, 9 deletions

diff --git a/fs/proc/Makefile b/fs/proc/Makefile
index 239493ec718e..7151ea428041 100644
--- a/fs/proc/Makefile
+++ b/fs/proc/Makefile
@@ -23,6 +23,7 @@ proc-y	+= version.o
 proc-y  += softirqs.o
 proc-y  += namespaces.o
 proc-y  += self.o
+proc-y  += thread_self.o
 proc-$(CONFIG_PROC_SYSCTL)      += proc_sysctl.o
 proc-$(CONFIG_NET)              += proc_net.o
 proc-$(CONFIG_PROC_KCORE)       += kcore.o
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 043c83cb51f9..baf852b648ad 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2814,7 +2814,7 @@ retry:
         return iter;
 }
 
-#define TGID_OFFSET (FIRST_PROCESS_ENTRY + 1)
+#define TGID_OFFSET (FIRST_PROCESS_ENTRY + 2)
 
 /* for the /proc/ directory itself, after non-process stuff has been done */
 int proc_pid_readdir(struct file *file, struct dir_context *ctx)
@@ -2826,14 +2826,19 @@ int proc_pid_readdir(struct file *file, struct dir_context *ctx)
         if (pos >= PID_MAX_LIMIT + TGID_OFFSET)
                 return 0;
 
-        if (pos == TGID_OFFSET - 1) {
+        if (pos == TGID_OFFSET - 2) {
                 struct inode *inode = ns->proc_self->d_inode;
                 if (!dir_emit(ctx, "self", 4, inode->i_ino, DT_LNK))
                         return 0;
-                iter.tgid = 0;
-        } else {
-                iter.tgid = pos - TGID_OFFSET;
+                ctx->pos = pos = pos + 1;
+        }
+        if (pos == TGID_OFFSET - 1) {
+                struct inode *inode = ns->proc_thread_self->d_inode;
+                if (!dir_emit(ctx, "thread-self", 11, inode->i_ino, DT_LNK))
+                        return 0;
+                ctx->pos = pos = pos + 1;
         }
+        iter.tgid = pos - TGID_OFFSET;
         iter.task = NULL;
         for (iter = next_tgid(ns, iter);
              iter.task;
@@ -2862,6 +2867,9 @@ static const struct pid_entry tid_base_stuff[] = {
         DIR("fd",        S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
         DIR("fdinfo",    S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations),
         DIR("ns",        S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations),
+#ifdef CONFIG_NET
+        DIR("net",        S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations),
+#endif
         REG("environ",   S_IRUSR, proc_environ_operations),
         ONE("auxv",      S_IRUSR, proc_pid_auxv),
         ONE("status",    S_IRUGO, proc_pid_status),
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
index 0adbc02d60e3..333080d7a671 100644
--- a/fs/proc/inode.c
+++ b/fs/proc/inode.c
@@ -442,6 +442,7 @@ struct inode *proc_get_inode(struct super_block *sb, struct proc_dir_entry *de)
 int proc_fill_super(struct super_block *s)
 {
         struct inode *root_inode;
+        int ret;
 
         s->s_flags |= MS_NODIRATIME | MS_NOSUID | MS_NOEXEC;
         s->s_blocksize = 1024;
@@ -463,5 +464,9 @@ int proc_fill_super(struct super_block *s)
                 return -ENOMEM;
         }
 
-        return proc_setup_self(s);
+        ret = proc_setup_self(s);
+        if (ret) {
+                return ret;
+        }
+        return proc_setup_thread_self(s);
 }
diff --git a/fs/proc/internal.h b/fs/proc/internal.h
index a024cf7b260f..7da13e49128a 100644
--- a/fs/proc/internal.h
+++ b/fs/proc/internal.h
@@ -231,6 +231,12 @@ static inline int proc_net_init(void) { return 0; }
 extern int proc_setup_self(struct super_block *);
 
 /*
+ * proc_thread_self.c
+ */
+extern int proc_setup_thread_self(struct super_block *);
+extern void proc_thread_self_init(void);
+
+/*
  * proc_sysctl.c
  */
 #ifdef CONFIG_PROC_SYSCTL
diff --git a/fs/proc/proc_net.c b/fs/proc/proc_net.c
index 4677bb7dc7c2..39481028ec08 100644
--- a/fs/proc/proc_net.c
+++ b/fs/proc/proc_net.c
@@ -113,9 +113,11 @@ static struct net *get_proc_task_net(struct inode *dir)
         rcu_read_lock();
         task = pid_task(proc_pid(dir), PIDTYPE_PID);
         if (task != NULL) {
-                ns = task_nsproxy(task);
+                task_lock(task);
+                ns = task->nsproxy;
                 if (ns != NULL)
                         net = get_net(ns->net_ns);
+                task_unlock(task);
         }
         rcu_read_unlock();
 
@@ -224,7 +226,7 @@ static struct pernet_operations __net_initdata proc_net_ns_ops = {
 
 int __init proc_net_init(void)
 {
-        proc_symlink("net", NULL, "self/net");
+        proc_symlink("net", NULL, "thread-self/net");
 
         return register_pernet_subsys(&proc_net_ns_ops);
 }
diff --git a/fs/proc/root.c b/fs/proc/root.c
index 574bafc41f0b..6296c7626963 100644
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -149,6 +149,8 @@ static void proc_kill_sb(struct super_block *sb)
         ns = (struct pid_namespace *)sb->s_fs_info;
         if (ns->proc_self)
                 dput(ns->proc_self);
+        if (ns->proc_thread_self)
+                dput(ns->proc_thread_self);
         kill_anon_super(sb);
         put_pid_ns(ns);
 }
@@ -170,7 +172,8 @@ void __init proc_root_init(void)
                 return;
 
         proc_self_init();
-        proc_symlink("mounts", NULL, "self/mounts");
+        proc_thread_self_init();
+        proc_symlink("mounts", NULL, "thread-self/mounts");
 
         proc_net_init();
 
diff --git a/fs/proc/thread_self.c b/fs/proc/thread_self.c
new file mode 100644
index 000000000000..59075b509df3
--- /dev/null
+++ b/fs/proc/thread_self.c
@@ -0,0 +1,85 @@
+#include <linux/sched.h>
+#include <linux/namei.h>
+#include <linux/slab.h>
+#include <linux/pid_namespace.h>
+#include "internal.h"
+
+/*
+ * /proc/thread_self:
+ */
+static int proc_thread_self_readlink(struct dentry *dentry, char __user *buffer,
+                              int buflen)
+{
+        struct pid_namespace *ns = dentry->d_sb->s_fs_info;
+        pid_t tgid = task_tgid_nr_ns(current, ns);
+        pid_t pid = task_pid_nr_ns(current, ns);
+        char tmp[PROC_NUMBUF + 6 + PROC_NUMBUF];
+        if (!pid)
+                return -ENOENT;
+        sprintf(tmp, "%d/task/%d", tgid, pid);
+        return readlink_copy(buffer, buflen, tmp);
+}
+
+static void *proc_thread_self_follow_link(struct dentry *dentry, struct nameidata *nd)
+{
+        struct pid_namespace *ns = dentry->d_sb->s_fs_info;
+        pid_t tgid = task_tgid_nr_ns(current, ns);
+        pid_t pid = task_pid_nr_ns(current, ns);
+        char *name = ERR_PTR(-ENOENT);
+        if (pid) {
+                name = kmalloc(PROC_NUMBUF + 6 + PROC_NUMBUF, GFP_KERNEL);
+                if (!name)
+                        name = ERR_PTR(-ENOMEM);
+                else
+                        sprintf(name, "%d/task/%d", tgid, pid);
+        }
+        nd_set_link(nd, name);
+        return NULL;
+}
+
+static const struct inode_operations proc_thread_self_inode_operations = {
+        .readlink       = proc_thread_self_readlink,
+        .follow_link    = proc_thread_self_follow_link,
+        .put_link       = kfree_put_link,
+};
+
+static unsigned thread_self_inum;
+
+int proc_setup_thread_self(struct super_block *s)
+{
+        struct inode *root_inode = s->s_root->d_inode;
+        struct pid_namespace *ns = s->s_fs_info;
+        struct dentry *thread_self;
+
+        mutex_lock(&root_inode->i_mutex);
+        thread_self = d_alloc_name(s->s_root, "thread-self");
+        if (thread_self) {
+                struct inode *inode = new_inode_pseudo(s);
+                if (inode) {
+                        inode->i_ino = thread_self_inum;
+                        inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
+                        inode->i_mode = S_IFLNK | S_IRWXUGO;
+                        inode->i_uid = GLOBAL_ROOT_UID;
+                        inode->i_gid = GLOBAL_ROOT_GID;
+                        inode->i_op = &proc_thread_self_inode_operations;
+                        d_add(thread_self, inode);
+                } else {
+                        dput(thread_self);
+                        thread_self = ERR_PTR(-ENOMEM);
+                }
+        } else {
+                thread_self = ERR_PTR(-ENOMEM);
+        }
+        mutex_unlock(&root_inode->i_mutex);
+        if (IS_ERR(thread_self)) {
+                pr_err("proc_fill_super: can't allocate /proc/thread_self\n");
+                return PTR_ERR(thread_self);
+        }
+        ns->proc_thread_self = thread_self;
+        return 0;
+}
+
+void __init proc_thread_self_init(void)
+{
+        proc_alloc_inum(&thread_self_inum);
+}