nsfs: tighten permission checks for ns iteration ioctls

commit e6b899f08066e744f89df16ceb782e06868bd148 upstream. Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use may_see_all_namespaces() helper that centralizes this policy until the nstree adapts. Link: https://patch.msgid.link/20260226-work-visibility-fixes-v1-1-d2c2853313bd@kernel.org Fixes: a1d220d9dafa ("nsfs: iterate through mount namespaces") Reviewed-by: Jeff Layton <jlayton@kernel.org> Cc: stable@kernel.org # v6.12+ Signed-off-by: Christian Brauner <brauner@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Christian Brauner <brauner@kernel.org> 2026-02-26 14:50:09 +0100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2026-03-19 16:15:12 +0100
commit: 0ad650e60150eda789deca5e78a6a09d26bf8fc9 (patch)
tree: ef9ec305e3248d420c71824b4fa62829020eae36 /include
parent: 7e6e2fc91d4b9b12ec6e137019532568ebcf2680 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/ns_common.h b/include/linux/ns_common.h
index 825f5865bfc5..c8e227a3f9e2 100644
--- a/include/linux/ns_common.h
+++ b/include/linux/ns_common.h
@@ -55,6 +55,8 @@ static __always_inline bool is_ns_init_id(const struct ns_common *ns)
 
 #define ns_common_free(__ns) __ns_common_free(to_ns_common((__ns)))
 
+bool may_see_all_namespaces(void);
+
 static __always_inline __must_check int __ns_ref_active_read(const struct ns_common *ns)
 {
 	return atomic_read(&ns->__ns_ref_active);
author	Christian Brauner <brauner@kernel.org>	2026-02-26 14:50:09 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2026-03-19 16:15:12 +0100
commit	0ad650e60150eda789deca5e78a6a09d26bf8fc9 (patch)
tree	ef9ec305e3248d420c71824b4fa62829020eae36 /include
parent	7e6e2fc91d4b9b12ec6e137019532568ebcf2680 (diff)