umount: Allow superblock owners to force umount

Loosen the permission check on forced umount to allow users holding CAP_SYS_ADMIN privileges in namespaces that are privileged with respect to the userns that originally mounted the filesystem. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> Link: https://lore.kernel.org/r/12f212d4ef983714d065a6bb372fbb378753bf4c.1742315194.git.trond.myklebust@hammerspace.com Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
author: Trond Myklebust <trond.myklebust@hammerspace.com> 2025-03-18 12:29:21 -0400
committer: Christian Brauner <brauner@kernel.org> 2025-03-19 09:19:04 +0100
commit: e1ff7aa34dec7e650159fd7ca8ec6af7cc428d9f (patch)
tree: e8f730c9dd1df1666220a97858716004d244d3df
parent: e1c24b52adb22136fa6f4025daf841384a6d0d1e (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 01fb1074c4c9..57c14af6092a 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2105,6 +2105,7 @@ static void warn_mandlock(void)
 static int can_umount(const struct path *path, int flags)
 {
 	struct mount *mnt = real_mount(path->mnt);
+	struct super_block *sb = path->dentry->d_sb;
 
 	if (!may_mount())
 		return -EPERM;
@@ -2114,7 +2115,7 @@ static int can_umount(const struct path *path, int flags)
 		return -EINVAL;
 	if (mnt->mnt.mnt_flags & MNT_LOCKED) /* Check optimistically */
 		return -EINVAL;
-	if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))
+	if (flags & MNT_FORCE && !ns_capable(sb->s_user_ns, CAP_SYS_ADMIN))
 		return -EPERM;
 	return 0;
 }
author	Trond Myklebust <trond.myklebust@hammerspace.com>	2025-03-18 12:29:21 -0400
committer	Christian Brauner <brauner@kernel.org>	2025-03-19 09:19:04 +0100
commit	e1ff7aa34dec7e650159fd7ca8ec6af7cc428d9f (patch)
tree	e8f730c9dd1df1666220a97858716004d244d3df
parent	e1c24b52adb22136fa6f4025daf841384a6d0d1e (diff)