userns: Add a Kconfig option to enforce strict kuid and kgid type checks

Make it possible to easily switch between strong mandatory
type checks and relaxed type checks so that the code can
easily be tested with the type checks and then built
with the strong type checks disabled so the resulting
code can be used.

Require strong mandatory type checks when enabling the user namespace.
It is very simple to make a typo and use the wrong type allowing
conversions to/from userspace values to be bypassed by accident,
the strong type checks prevent this.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

1 files changed, 11 insertions, 1 deletions

diff --git a/init/Kconfig b/init/Kconfig
index 72f33faca44f..86cf760893b3 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -828,7 +828,8 @@ config IPC_NS
 config USER_NS
         bool "User namespace (EXPERIMENTAL)"
         depends on EXPERIMENTAL
-        default y
+        select UIDGID_STRICT_TYPE_CHECKS
+        default n
         help
           This allows containers, i.e. vservers, to use user namespaces
           to provide different user info for different servers.
@@ -852,6 +853,15 @@ config NET_NS
 
 endif # NAMESPACES
 
+config UIDGID_STRICT_TYPE_CHECKS
+        bool "Require conversions between uid/gids and their internal representation"
+        default n
+        help
+         While the nececessary conversions are being added to all subsystems this option allows
+         the code to continue to build for unconverted subsystems.
+
+         Say Y here if you want the strict type checking enabled
+
 config SCHED_AUTOGROUP
         bool "Automatic process group scheduling"
         select EVENTFD