diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2016-05-18 20:50:06 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2016-06-23 22:47:23 +0200 |
commit | 67690f937c38bbab1d94cb45f6a32e61612834ae (patch) | |
tree | b15e18fb82f42d4001c7d0b4e2d9d3b2113db95c /fs/super.c | |
parent | mnt: Simplify mount_too_revealing (diff) | |
download | linux-67690f937c38bbab1d94cb45f6a32e61612834ae.tar.xz linux-67690f937c38bbab1d94cb45f6a32e61612834ae.zip |
userns: Remove implicit MNT_NODEV fragility.
Replace the implict setting of MNT_NODEV on mounts that happen with
just user namespace permissions with an implicit setting of SB_I_NODEV
in s_iflags. The visibility of the implicit MNT_NODEV has caused
problems in the past.
With this change the fragile case where an implicit MNT_NODEV needs to
be preserved in do_remount is removed. Using SB_I_NODEV is much less
fragile as s_iflags are set during the original mount and never
changed.
In do_new_mount with the implicit setting of MNT_NODEV gone, the only
code that can affect mnt_flags is fs_fully_visible so simplify the if
statement and reduce the indentation of the code to make that clear.
Acked-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'fs/super.c')
-rw-r--r-- | fs/super.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/super.c b/fs/super.c index 78790ada7191..25cdceed2ad3 100644 --- a/fs/super.c +++ b/fs/super.c @@ -206,6 +206,9 @@ static struct super_block *alloc_super(struct file_system_type *type, int flags, init_waitqueue_head(&s->s_writers.wait_unfrozen); s->s_bdi = &noop_backing_dev_info; s->s_flags = flags; + if ((s->s_user_ns != &init_user_ns) && + !(type->fs_flags & FS_USERNS_DEV_MOUNT)) + s->s_iflags |= SB_I_NODEV; INIT_HLIST_NODE(&s->s_instances); INIT_HLIST_BL_HEAD(&s->s_anon); mutex_init(&s->s_sync_lock); |