3.6.11.2 stable review patch.
If anyone has any objections, please let me know.
------------------
From: "Eric W. Biederman" <[email protected]>
[ Upstream commit 90563b198e4c6674c63672fae1923da467215f45 ]
When a read-only bind mount is copied from mount namespace in a higher
privileged user namespace to a mount namespace in a lesser privileged
user namespace, it should not be possible to remove the the read-only
restriction.
Add a MNT_LOCK_READONLY mount flag to indicate that a mount must
remain read-only.
CC: [email protected]
Acked-by: Serge Hallyn <[email protected]>
Signed-off-by: "Eric W. Biederman" <[email protected]>
Signed-off-by: Steven Rostedt <[email protected]>
---
fs/namespace.c | 3 +++
include/linux/mount.h | 2 ++
2 files changed, 5 insertions(+)
diff --git a/fs/namespace.c b/fs/namespace.c
index c48b0d3..48c7edb 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1702,6 +1702,9 @@ static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
if (readonly_request == __mnt_is_readonly(mnt))
return 0;
+ if (mnt->mnt_flags & MNT_LOCK_READONLY)
+ return -EPERM;
+
if (readonly_request)
error = mnt_make_readonly(real_mount(mnt));
else
diff --git a/include/linux/mount.h b/include/linux/mount.h
index d7029f4..73005f9 100644
--- a/include/linux/mount.h
+++ b/include/linux/mount.h
@@ -47,6 +47,8 @@ struct mnt_namespace;
#define MNT_INTERNAL 0x4000
+#define MNT_LOCK_READONLY 0x400000
+
struct vfsmount {
struct dentry *mnt_root; /* root of the mounted tree */
struct super_block *mnt_sb; /* pointer to superblock */
--
1.7.10.4
Steven Rostedt <[email protected]> writes:
> 3.6.11.2 stable review patch.
> If anyone has any objections, please let me know.
Mounting only with privilege in the user namespace (where we use
MNT_LOCK_READONLY) only dates back to 3.8 so this is not needed in 3.6.
Not that it should do any harm, but there doesn't seem to be much point
in backporting this one.
Eric
> ------------------
>
> From: "Eric W. Biederman" <[email protected]>
>
> [ Upstream commit 90563b198e4c6674c63672fae1923da467215f45 ]
>
> When a read-only bind mount is copied from mount namespace in a higher
> privileged user namespace to a mount namespace in a lesser privileged
> user namespace, it should not be possible to remove the the read-only
> restriction.
>
> Add a MNT_LOCK_READONLY mount flag to indicate that a mount must
> remain read-only.
>
> CC: [email protected]
> Acked-by: Serge Hallyn <[email protected]>
> Signed-off-by: "Eric W. Biederman" <[email protected]>
> Signed-off-by: Steven Rostedt <[email protected]>
> ---
> fs/namespace.c | 3 +++
> include/linux/mount.h | 2 ++
> 2 files changed, 5 insertions(+)
>
> diff --git a/fs/namespace.c b/fs/namespace.c
> index c48b0d3..48c7edb 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -1702,6 +1702,9 @@ static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
> if (readonly_request == __mnt_is_readonly(mnt))
> return 0;
>
> + if (mnt->mnt_flags & MNT_LOCK_READONLY)
> + return -EPERM;
> +
> if (readonly_request)
> error = mnt_make_readonly(real_mount(mnt));
> else
> diff --git a/include/linux/mount.h b/include/linux/mount.h
> index d7029f4..73005f9 100644
> --- a/include/linux/mount.h
> +++ b/include/linux/mount.h
> @@ -47,6 +47,8 @@ struct mnt_namespace;
>
> #define MNT_INTERNAL 0x4000
>
> +#define MNT_LOCK_READONLY 0x400000
> +
> struct vfsmount {
> struct dentry *mnt_root; /* root of the mounted tree */
> struct super_block *mnt_sb; /* pointer to superblock */
On Thu, 2013-04-11 at 13:57 -0700, Eric W. Biederman wrote:
> Steven Rostedt <[email protected]> writes:
>
> > 3.6.11.2 stable review patch.
> > If anyone has any objections, please let me know.
>
> Mounting only with privilege in the user namespace (where we use
> MNT_LOCK_READONLY) only dates back to 3.8 so this is not needed in 3.6.
>
> Not that it should do any harm, but there doesn't seem to be much point
> in backporting this one.
OK, I'll drop it.
Thanks!
-- Steve