diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-12 23:31:45 +0200 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-25 23:59:59 +0200 |
| commit | 20284ab7427ffac514faf44fd9eb50e5745f4474 (patch) | |
| tree | 6babbbfbcb3fea8deef55d2d03088218e1fe591b /fs/super.c | |
| parent | legacy_get_tree(): pass fc->user_ns to mount_capable() (diff) | |
| download | linux-20284ab7427ffac514faf44fd9eb50e5745f4474.tar.xz linux-20284ab7427ffac514faf44fd9eb50e5745f4474.zip | |
switch mount_capable() to fs_context
now both callers of mount_capable() have access to fs_context;
the only difference is that for sget_fc() we have the possibility
of fc->global being true, while for legacy_get_tree() it's guaranteed
to be impossible. Unify to more generic variant...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/super.c')
| -rw-r--r-- | fs/super.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fs/super.c b/fs/super.c index bdb03255c7ea..d1e2f46bad7e 100644 --- a/fs/super.c +++ b/fs/super.c @@ -476,12 +476,15 @@ void generic_shutdown_super(struct super_block *sb) EXPORT_SYMBOL(generic_shutdown_super); -bool mount_capable(struct file_system_type *type, struct user_namespace *userns) +bool mount_capable(struct fs_context *fc) { - if (!(type->fs_flags & FS_USERNS_MOUNT)) + struct user_namespace *user_ns = fc->global ? &init_user_ns + : fc->user_ns; + + if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT)) return capable(CAP_SYS_ADMIN); else - return ns_capable(userns, CAP_SYS_ADMIN); + return ns_capable(user_ns, CAP_SYS_ADMIN); } /** @@ -513,7 +516,7 @@ struct super_block *sget_fc(struct fs_context *fc, if (!(fc->sb_flags & SB_KERNMOUNT) && fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) { - if (!mount_capable(fc->fs_type, user_ns)) + if (!mount_capable(fc)) return ERR_PTR(-EPERM); } |