Revert "Disable idmapped mounts" (!2179) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Alexey Gladkov requested to merge legionus/centos-stream-9:fix-RHELBU-1999 into main Mar 13, 2023

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2132410 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2179877 JIRA: https://issues.redhat.com/browse/RHELBU-1999 Upstream: RHEL-only

Re-enable the idmapped mount. This technology is too important for our projects to wait until the upstream address of all the issues.

This reverts commit c93c7283.

commit c93c7283 Author: Alexey Gladkov agladkov@redhat.com Date: Fri Nov 12 19:29:51 2021 +0100

Disable idmapped mounts

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2018141
Upstream Status: RHEL only

The commmit 9caccd41541a ("fs: introduce MOUNT_ATTR_IDMAP") added
idmapped mounts. During the merge, Eric W. Biederman raised concerns [1]
about the security of the changes, but the discussion did not continue.

[1] https://lore.kernel.org/all/m18s7481xc.fsf@fess.ebiederm.org/

Signed-off-by: Alexey Gladkov <agladkov@redhat.com>

Signed-off-by: Alex Gladkov agladkov@redhat.com

Edited Jun 13, 2023 by Alexey Gladkov

Revert "Disable idmapped mounts"

Merge request reports