diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2016-06-09 22:34:02 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2016-06-23 22:41:57 +0200 |
commit | a2982cc922c3068783eb9a1f77a5626a1ec36a1f (patch) | |
tree | 61ccc6ad01f8804d5290ae4565ba8d4238bf648a /ipc | |
parent | ipc/mqueue: The mqueue filesystem should never contain executables (diff) | |
download | linux-a2982cc922c3068783eb9a1f77a5626a1ec36a1f.tar.xz linux-a2982cc922c3068783eb9a1f77a5626a1ec36a1f.zip |
vfs: Generalize filesystem nodev handling.
Introduce a function may_open_dev that tests MNT_NODEV and a new
superblock flab SB_I_NODEV. Use this new function in all of the
places where MNT_NODEV was previously tested.
Add the new SB_I_NODEV s_iflag to proc, sysfs, and mqueuefs as those
filesystems should never support device nodes, and a simple superblock
flags makes that very hard to get wrong. With SB_I_NODEV set if any
device nodes somehow manage to show up on on a filesystem those
device nodes will be unopenable.
Acked-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'ipc')
-rw-r--r-- | ipc/mqueue.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 5bdd50de7d05..0b13ace266f2 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -307,7 +307,7 @@ static int mqueue_fill_super(struct super_block *sb, void *data, int silent) struct inode *inode; struct ipc_namespace *ns = sb->s_fs_info; - sb->s_iflags |= SB_I_NOEXEC; + sb->s_iflags |= SB_I_NOEXEC | SB_I_NODEV; sb->s_blocksize = PAGE_SIZE; sb->s_blocksize_bits = PAGE_SHIFT; sb->s_magic = MQUEUE_MAGIC; |