diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-07-31 13:13:04 -0700 |
|---|---|---|
| committer | Ziyan <jaraidaniel@gmail.com> | 2016-03-11 16:08:57 +0100 |
| commit | bc0725d1751d23f4e05aeed0c7140ea1aed7f913 (patch) | |
| tree | f579cdf0042d2be03da377f9959819c57d68e027 /fs/namespace.c | |
| parent | cf60d7b9a6c13130edecd1f521f8e8c02b94bd87 (diff) | |
| download | kernel_samsung_espresso10-bc0725d1751d23f4e05aeed0c7140ea1aed7f913.zip kernel_samsung_espresso10-bc0725d1751d23f4e05aeed0c7140ea1aed7f913.tar.gz kernel_samsung_espresso10-bc0725d1751d23f4e05aeed0c7140ea1aed7f913.tar.bz2 | |
vfs: Only support slave subtrees across different user namespaces
Sharing mount subtress with mount namespaces created by unprivileged
users allows unprivileged mounts created by unprivileged users to
propagate to mount namespaces controlled by privileged users.
Prevent nasty consequences by changing shared subtrees to slave
subtress when an unprivileged users creates a new mount namespace.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
(cherry picked from commit 7a472ef4be8387bc05a42e16309b02c8ca943a40)
Diffstat (limited to 'fs/namespace.c')
| -rw-r--r-- | fs/namespace.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index 98bcaac..445982c 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -708,7 +708,7 @@ static struct vfsmount *clone_mnt(struct vfsmount *old, struct dentry *root, if (!mnt) return ERR_PTR(-ENOMEM); - if (flag & (CL_SLAVE | CL_PRIVATE)) + if (flag & (CL_SLAVE | CL_PRIVATE | CL_SHARED_TO_SLAVE)) mnt->mnt_group_id = 0; /* not a peer of original */ else mnt->mnt_group_id = old->mnt_group_id; @@ -726,7 +726,8 @@ static struct vfsmount *clone_mnt(struct vfsmount *old, struct dentry *root, mnt->mnt_mountpoint = mnt->mnt_root; mnt->mnt_parent = mnt; - if (flag & CL_SLAVE) { + if ((flag & CL_SLAVE) || + ((flag & CL_SHARED_TO_SLAVE) && IS_MNT_SHARED(old))) { list_add(&mnt->mnt_slave, &old->mnt_slave_list); mnt->mnt_master = old; CLEAR_MNT_SHARED(mnt); @@ -2432,6 +2433,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, struct mnt_namespace *new_ns; struct vfsmount *rootmnt = NULL, *pwdmnt = NULL; struct vfsmount *p, *q; + int copy_flags; new_ns = alloc_mnt_ns(user_ns); if (IS_ERR(new_ns)) @@ -2439,8 +2441,10 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns, down_write(&namespace_sem); /* First pass: copy the tree topology */ - new_ns->root = copy_tree(mnt_ns->root, mnt_ns->root->mnt_root, - CL_COPY_ALL | CL_EXPIRE); + copy_flags = CL_COPY_ALL | CL_EXPIRE; + if (user_ns != mnt_ns->user_ns) + copy_flags |= CL_SHARED_TO_SLAVE; + new_ns->root = copy_tree(mnt_ns->root, mnt_ns->root->mnt_root, copy_flags); if (IS_ERR(new_ns->root)) { up_write(&namespace_sem); free_mnt_ns(new_ns); |