Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
GfA
/
linux_kernel
5
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Эх сурвалжийг харах

userns: Remove implicit MNT_NODEV fragility.

Replace the implict setting of MNT_NODEV on mounts that happen with
just user namespace permissions with an implicit setting of SB_I_NODEV
in s_iflags.  The visibility of the implicit MNT_NODEV has caused
problems in the past.

With this change the fragile case where an implicit MNT_NODEV needs to
be preserved in do_remount is removed.  Using SB_I_NODEV is much less
fragile as s_iflags are set during the original mount and never
changed.

In do_new_mount with the implicit setting of MNT_NODEV gone, the only
code that can affect mnt_flags is fs_fully_visible so simplify the if
statement and reduce the indentation of the code to make that clear.

Acked-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Eric W. Biederman 9 жил өмнө
parent
a1935c1738
commit
67690f937c
2 өөрчлөгдсөн 4 нэмэгдсэн , 18 устгасан
Өөрчлөллтийг нэгтгэж харах Өөрчлөлтийн статистик харах
  1. 1 18
      fs/namespace.c
  2. 3 0
      fs/super.c

+ 1 - 18
fs/namespace.c
Файл харах 

@@ -2185,13 +2185,7 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 
 	}
 
 	}
 
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 
 	    !(mnt_flags & MNT_NODEV)) {
 
 	    !(mnt_flags & MNT_NODEV)) {
 
-		/* Was the nodev implicitly added in mount? */
 
-		if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
 
-		    !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
 
-			mnt_flags |= MNT_NODEV;
 
-		} else {
 
-			return -EPERM;
 
-		}
 
+		return -EPERM;
 
 	}
 
 	}
 
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 
 	    !(mnt_flags & MNT_NOSUID)) {
 
 	    !(mnt_flags & MNT_NOSUID)) {
 
@@ -2385,7 +2379,6 @@ static int do_new_mount(struct path *path, const char *fstype, int flags,
 
 			int mnt_flags, const char *name, void *data)
 
 			int mnt_flags, const char *name, void *data)
 
 {
 
 {
 
 	struct file_system_type *type;
 
 	struct file_system_type *type;
 
-	struct user_namespace *user_ns = current->nsproxy->mnt_ns->user_ns;
 
 	struct vfsmount *mnt;
 
 	struct vfsmount *mnt;
 
 	int err;
 
 	int err;
 
 
 
@@ -2396,16 +2389,6 @@ static int do_new_mount(struct path *path, const char *fstype, int flags,
 
 	if (!type)
 
 	if (!type)
 
 		return -ENODEV;
 
 		return -ENODEV;
 
 
 
-	if (user_ns != &init_user_ns) {
 
-		/* Only in special cases allow devices from mounts
 
-		 * created outside the initial user namespace.
 
-		 */
 
-		if (!(type->fs_flags & FS_USERNS_DEV_MOUNT)) {
 
-			flags |= MS_NODEV;
 
-			mnt_flags |= MNT_NODEV | MNT_LOCK_NODEV;
 
-		}
 
-	}
 
-
 
 	mnt = vfs_kern_mount(type, flags, name, data);
 
 	mnt = vfs_kern_mount(type, flags, name, data);
 
 	if (!IS_ERR(mnt) && (type->fs_flags & FS_HAS_SUBTYPE) &&
 
 	if (!IS_ERR(mnt) && (type->fs_flags & FS_HAS_SUBTYPE) &&
 
 	    !mnt->mnt_sb->s_subtype)
 
 	    !mnt->mnt_sb->s_subtype)

+ 3 - 0
fs/super.c
Файл харах 

@@ -206,6 +206,9 @@ static struct super_block *alloc_super(struct file_system_type *type, int flags,
 
 	init_waitqueue_head(&s->s_writers.wait_unfrozen);
 
 	init_waitqueue_head(&s->s_writers.wait_unfrozen);
 
 	s->s_bdi = &noop_backing_dev_info;
 
 	s->s_bdi = &noop_backing_dev_info;
 
 	s->s_flags = flags;
 
 	s->s_flags = flags;
 
+	if ((s->s_user_ns != &init_user_ns) &&
 
+	    !(type->fs_flags & FS_USERNS_DEV_MOUNT))
 
+		s->s_iflags |= SB_I_NODEV;
 
 	INIT_HLIST_NODE(&s->s_instances);
 
 	INIT_HLIST_NODE(&s->s_instances);
 
 	INIT_HLIST_BL_HEAD(&s->s_anon);
 
 	INIT_HLIST_BL_HEAD(&s->s_anon);
 
 	mutex_init(&s->s_sync_lock);
 
 	mutex_init(&s->s_sync_lock);