Commit f9020d17 authored Jun 22, 2016 by Linus Torvalds

user-namespace

Pull userns fix from Eric Biederman:
 "This contains just a single small patch that fixes a tiny hole in the
  logic of allowing unprivileged mounting of proc and sysfs.

  In practice I don't think anyone is affected because having MNT_RDONLY
  clear in mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird
  for a filesystem, and weirder for proc and sysfs.  However if it
  happens let's handle it correctly and then no one has to to worry
  about this crazy case"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  mnt: Account for MS_RDONLY in fs_fully_visible

parents 144b5ae3 695e9df0

fs/namespace.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -3247,6 +3247,10 @@ static bool fs_fully_visible(struct file_system_type type, int new_mnt_flags)
		if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC)
		mnt_flags &= ~(MNT_LOCK_NOSUID \| MNT_LOCK_NOEXEC);

		/* Don't miss readonly hidden in the superblock flags */
		if (mnt->mnt.mnt_sb->s_flags & MS_RDONLY)
		mnt_flags \|= MNT_LOCK_READONLY;

		/* Verify the mount flags are equal to or more permissive
		* than the proposed new mount.
		*/