mirrors/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-11-04 10:40:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

vfs: Ignore unlocked mounts in fs_fully_visible

Browse source 
Limit the mounts fs_fully_visible considers to locked mounts.
Unlocked can always be unmounted so considering them adds hassle
but no security benefit.

Cc: stable@vger.kernel.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman 2015-01-07 08:10:09 -06:00
parent 8c6cf9cc82
commit ceeb0e5d39
1 changed files with 6 additions and 2 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

8
fs/namespace.c
View file

@ -3205,11 +3205,15 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
((mnt->mnt.mnt_flags & MNT_ATIME_MASK) != (new_flags & MNT_ATIME_MASK))) ((mnt->mnt.mnt_flags & MNT_ATIME_MASK) != (new_flags & MNT_ATIME_MASK)))
continue; continue;
/* This mount is not fully visible if there are any child mounts /* This mount is not fully visible if there are any
* that cover anything except for empty directories. * locked child mounts that cover anything except for
* empty directories.
*/ */
list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) { list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) {
struct inode *inode = child->mnt_mountpoint->d_inode; struct inode *inode = child->mnt_mountpoint->d_inode;
/* Only worry about locked mounts */
if (!(mnt->mnt.mnt_flags & MNT_LOCKED))
continue;
if (!S_ISDIR(inode->i_mode)) if (!S_ISDIR(inode->i_mode))
goto next; goto next;
if (inode->i_nlink > 2) if (inode->i_nlink > 2)