mirror of
https://github.com/torvalds/linux.git
synced 2024-12-26 12:52:30 +00:00
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull userns fix from Eric Biederman: "This contains just a single small patch that fixes a tiny hole in the logic of allowing unprivileged mounting of proc and sysfs. In practice I don't think anyone is affected because having MNT_RDONLY clear in mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird for a filesystem, and weirder for proc and sysfs. However if it happens let's handle it correctly and then no one has to to worry about this crazy case" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: mnt: Account for MS_RDONLY in fs_fully_visible
This commit is contained in:
commit
f9020d1741
@ -3247,6 +3247,10 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
|
|||||||
if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC)
|
if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC)
|
||||||
mnt_flags &= ~(MNT_LOCK_NOSUID | MNT_LOCK_NOEXEC);
|
mnt_flags &= ~(MNT_LOCK_NOSUID | MNT_LOCK_NOEXEC);
|
||||||
|
|
||||||
|
/* Don't miss readonly hidden in the superblock flags */
|
||||||
|
if (mnt->mnt.mnt_sb->s_flags & MS_RDONLY)
|
||||||
|
mnt_flags |= MNT_LOCK_READONLY;
|
||||||
|
|
||||||
/* Verify the mount flags are equal to or more permissive
|
/* Verify the mount flags are equal to or more permissive
|
||||||
* than the proposed new mount.
|
* than the proposed new mount.
|
||||||
*/
|
*/
|
||||||
|
Loading…
Reference in New Issue
Block a user