git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit

author	Seth Forshee <seth.forshee@canonical.com>
	Thu, 21 Jan 2016 21:37:53 +0000 (15:37 -0600)
committer	Seth Forshee <seth.forshee@canonical.com>
	Tue, 5 Sep 2017 12:33:19 +0000 (07:33 -0500)
commit	0dc048868fdbac212b2dc5fcaa7701591e6a5f2f
tree	ee3510574aec86b1d5e126c591143f901cb0fceb	tree
parent	c6e1ef11bb735ab44109b4172e39aa680205bfb3	commit \| diff

UBUNTU: SAUCE: overlayfs: Propogate nosuid from lower and upper mounts

An overlayfs mount using an upper or lower directory from a
nosuid filesystem bypasses this restriction. Change this so
that if any lower or upper directory is nosuid at mount time the
overlayfs superblock is marked nosuid. This requires some
additions at the vfs level since nosuid currently only applies to
mounts, so a SB_I_NOSUID flag is added along with a helper
function to check a path for nosuid in both the mount and the
superblock.

BugLink: http://bugs.launchpad.net/bugs/1534961
BugLink: http://bugs.launchpad.net/bugs/1535150
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>

fs/exec.c		diff \| blob \| blame \| history
fs/overlayfs/super.c		diff \| blob \| blame \| history
include/linux/fs.h		diff \| blob \| blame \| history
security/commoncap.c		diff \| blob \| blame \| history
security/selinux/hooks.c		diff \| blob \| blame \| history