Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel…

…/git/ebiederm/user-namespace Pull userns fix from Eric Biederman: "This contains just a single small patch that fixes a tiny hole in the logic of allowing unprivileged mounting of proc and sysfs. In practice I don't think anyone is affected because having MNT_RDONLY clear in mnt->mnt_flags but MS_RDONLY set in sb->s_flags is very weird for a filesystem, and weirder for proc and sysfs. However if it happens let's handle it correctly and then no one has to to worry about this crazy case" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: mnt: Account for MS_RDONLY in fs_fully_visible
mariux64 · Jun 22, 2016 · f9020d1 · f9020d1
2 parents 144b5ae + 695e9df
commit f9020d1
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/fs/namespace.c b/fs/namespace.c
@@ -3247,6 +3247,10 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
 		if (mnt->mnt.mnt_sb->s_iflags & SB_I_NOEXEC)
 			mnt_flags &= ~(MNT_LOCK_NOSUID | MNT_LOCK_NOEXEC);
 
+		/* Don't miss readonly hidden in the superblock flags */
+		if (mnt->mnt.mnt_sb->s_flags & MS_RDONLY)
+			mnt_flags |= MNT_LOCK_READONLY;
+
 		/* Verify the mount flags are equal to or more permissive
 		 * than the proposed new mount.
 		 */