diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-06-23 00:11:24 +0300 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-06-23 00:11:24 +0300 |
| commit | f9020d17416ae62f1b1c6459d61e65abb4af79b5 (patch) | |
| tree | 1b55506a178ffc54be3f86dcafd6f5544dd77c39 | |
| parent | 144b5ae3e343f193a6a7edef8f30aab4fad2d12b (diff) | |
| parent | 695e9df010e40f407f4830dc11d53dce957710ba (diff) | |
| download | linux-f9020d17416ae62f1b1c6459d61e65abb4af79b5.tar.xz | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull userns fix from Eric Biederman:
"This contains just a single small patch that fixes a tiny hole in the
logic of allowing unprivileged mounting of proc and sysfs.
In practice I don't think anyone is affected because having MNT_RDONLY
clear in mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird
for a filesystem, and weirder for proc and sysfs. However if it
happens let's handle it correctly and then no one has to to worry
about this crazy case"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
mnt: Account for MS_RDONLY in fs_fully_visible
| -rw-r--r-- | fs/namespace.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index a7ec92c051f5..783004af5707 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -3247,6 +3247,10 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags) if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC) mnt_flags &= ~(MNT_LOCK_NOSUID | MNT_LOCK_NOEXEC); + /* Don't miss readonly hidden in the superblock flags */ + if (mnt->mnt.mnt_sb->s_flags & MS_RDONLY) + mnt_flags |= MNT_LOCK_READONLY; + /* Verify the mount flags are equal to or more permissive * than the proposed new mount. */ |