Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull userns fix from Eric Biederman: "This contains just a single small patch that fixes a tiny hole in the logic of allowing unprivileged mounting of proc and sysfs. In practice I don't think anyone is affected because having MNT_RDONLY clear in mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird for a filesystem, and weirder for proc and sysfs. However if it happens let's handle it correctly and then no one has to to worry about this crazy case" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: mnt: Account for MS_RDONLY in fs_fully_visible
This commit is contained in:
Коммит
f9020d1741
|
@ -3247,6 +3247,10 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
|
|||
if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC)
|
||||
mnt_flags &= ~(MNT_LOCK_NOSUID | MNT_LOCK_NOEXEC);
|
||||
|
||||
/* Don't miss readonly hidden in the superblock flags */
|
||||
if (mnt->mnt.mnt_sb->s_flags & MS_RDONLY)
|
||||
mnt_flags |= MNT_LOCK_READONLY;
|
||||
|
||||
/* Verify the mount flags are equal to or more permissive
|
||||
* than the proposed new mount.
|
||||
*/
|
||||
|
|
Загрузка…
Ссылка в новой задаче