]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commitdiff
projects / mirror_ubuntu-artful-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a5abdcb)
UBUNTU: SAUCE: (namespace) Sync with upstream s_user_ns patches
authorSeth Forshee <seth.forshee@canonical.com>
Thu, 23 Jun 2016 15:56:22 +0000 (10:56 -0500)
committerKamal Mostafa <kamal@canonical.com>
Tue, 28 Jun 2016 17:45:07 +0000 (10:45 -0700)
BugLink: http://bugs.launchpad.net/bugs/1588056
Sync up with changes from Eric Biederman when merging s_user_ns
support upstream. Partial backport of
6e4eab577a0cae15b3da9b888cff16fe57981b3e from linux-next.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Brad Figg <brad.figg@canonical.com>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
fs/kernfs/mount.c patch | blob | blame | history
fs/super.c patch | blob | blame | history

diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c
index fbdce5b3920d38345175dc7a07d9d5207bdcc30d..52ed81592456b313fdbdd2f8130f6ae822bd3390 100644 (file)
--- a/fs/kernfs/mount.c
+++ b/fs/kernfs/mount.c
@@ -242,7 +242,8 @@ struct dentry *kernfs_mount_ns(struct file_system_type *fs_type, int flags,
        info->root = root;
        info->ns = ns;
 
-       sb = sget(fs_type, kernfs_test_super, kernfs_set_super, flags, info);
+       sb = sget_userns(fs_type, kernfs_test_super, kernfs_set_super, flags,
+                        &init_user_ns, info);
        if (IS_ERR(sb) || sb->s_fs_info != info)
                kfree(info);
        if (IS_ERR(sb))
diff --git a/fs/super.c b/fs/super.c
index 9221b09eaf12b66aff40984194f1e72ac78271fd..fede1ea05f0bdec627e9c336474c062c84f70779 100644 (file)
--- a/fs/super.c
+++ b/fs/super.c
@@ -531,7 +531,13 @@ struct super_block *sget(struct file_system_type *type,
                        int flags,
                        void *data)
 {
-       return sget_userns(type, test, set, flags, current_user_ns(), data);
+       struct user_namespace *user_ns = current_user_ns();
+
+       /* Ensure the requestor has permissions over the target filesystem */
+       if (!(flags & MS_KERNMOUNT) && !ns_capable(user_ns, CAP_SYS_ADMIN))
+               return ERR_PTR(-EPERM);
+
+       return sget_userns(type, test, set, flags, user_ns, data);
 }
 
 EXPORT_SYMBOL(sget);
@@ -963,7 +969,8 @@ struct dentry *mount_ns(struct file_system_type *fs_type,
        if (!(flags & MS_KERNMOUNT) && !ns_capable(user_ns, CAP_SYS_ADMIN))
                return ERR_PTR(-EPERM);
 
-       sb = sget(fs_type, ns_test_super, ns_set_super, flags, ns);
+       sb = sget_userns(fs_type, ns_test_super, ns_set_super, flags,
+                        user_ns, ns);
        if (IS_ERR(sb))
                return ERR_CAST(sb);
 
Ubuntu Artful kernel mirror