diff options
| author | Takashi Iwai <tiwai@suse.de> | 2013-04-15 21:45:16 +0400 |
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2013-04-15 21:45:16 +0400 |
| commit | ad2109d7d258a92fa016f1f36b423bfcc69f7efc (patch) | |
| tree | f1a98ab99b8e80c376b13ac3a82d750ab9b179cf /fs/namespace.c | |
| parent | cbc200bca4b51a8e2406d4b654d978f8503d430b (diff) | |
| parent | 5cbad7d39ad229c68a724e5e139fd845b93766b2 (diff) | |
| download | linux-ad2109d7d258a92fa016f1f36b423bfcc69f7efc.tar.xz | |
Merge tag 'asoc-v3.10' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-next
ASoC: Updates for v3.10
A bunch of changes here, the most interesting one subsystem wise being
Morimoto-san's work to create snd_soc_component which doesn't do much
for now but will be pretty important going forwards:
- Add a new component object type which will form the basis of moving
to a more generic handling of SoC and off-SoC components, contributed
by Kuninori Morimoto.
- A fairly large set of cleanups for the dmaengine integration from
Lars-Peter Clausen, starting to move towards being able to have a
generic driver based on the library.
- Performance optimisations to DAPM from Ryo Tsutsui.
- Support for mixer control sharing in DAPM from Stephen Warren.
- Multiplatform ARM cleanups from Arnd Bergmann.
- New CODEC drivers for AK5385 and TAS5086 from Daniel Mack.
Diffstat (limited to 'fs/namespace.c')
| -rw-r--r-- | fs/namespace.c | 54 |
1 files changed, 53 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index 50ca17d3cb45..d581e45c0a9f 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -798,6 +798,10 @@ static struct mount *clone_mnt(struct mount *old, struct dentry *root, } mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD; + /* Don't allow unprivileged users to change mount flags */ + if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY)) + mnt->mnt.mnt_flags |= MNT_LOCK_READONLY; + atomic_inc(&sb->s_active); mnt->mnt.mnt_sb = sb; mnt->mnt.mnt_root = dget(root); @@ -1713,6 +1717,9 @@ static int change_mount_flags(struct vfsmount *mnt, int ms_flags) if (readonly_request == __mnt_is_readonly(mnt)) return 0; + if (mnt->mnt_flags & MNT_LOCK_READONLY) + return -EPERM; + if (readonly_request) error = mnt_make_readonly(real_mount(mnt)); else @@ -2339,7 +2346,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, /* First pass: copy the tree topology */ copy_flags = CL_COPY_ALL | CL_EXPIRE; if (user_ns != mnt_ns->user_ns) - copy_flags |= CL_SHARED_TO_SLAVE; + copy_flags |= CL_SHARED_TO_SLAVE | CL_UNPRIVILEGED; new = copy_tree(old, old->mnt.mnt_root, copy_flags); if (IS_ERR(new)) { up_write(&namespace_sem); @@ -2732,6 +2739,51 @@ bool our_mnt(struct vfsmount *mnt) return check_mnt(real_mount(mnt)); } +bool current_chrooted(void) +{ + /* Does the current process have a non-standard root */ + struct path ns_root; + struct path fs_root; + bool chrooted; + + /* Find the namespace root */ + ns_root.mnt = ¤t->nsproxy->mnt_ns->root->mnt; + ns_root.dentry = ns_root.mnt->mnt_root; + path_get(&ns_root); + while (d_mountpoint(ns_root.dentry) && follow_down_one(&ns_root)) + ; + + get_fs_root(current->fs, &fs_root); + + chrooted = !path_equal(&fs_root, &ns_root); + + path_put(&fs_root); + path_put(&ns_root); + + return chrooted; +} + +void update_mnt_policy(struct user_namespace *userns) +{ + struct mnt_namespace *ns = current->nsproxy->mnt_ns; + struct mount *mnt; + + down_read(&namespace_sem); + list_for_each_entry(mnt, &ns->list, mnt_list) { + switch (mnt->mnt.mnt_sb->s_magic) { + case SYSFS_MAGIC: + userns->may_mount_sysfs = true; + break; + case PROC_SUPER_MAGIC: + userns->may_mount_proc = true; + break; + } + if (userns->may_mount_sysfs && userns->may_mount_proc) + break; + } + up_read(&namespace_sem); +} + static void *mntns_get(struct task_struct *task) { struct mnt_namespace *ns = NULL; |