summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2015-05-09 16:07:14 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2015-05-09 16:07:14 -0700
commit51dfcb076d1e1ce7006aa272cb7c4514740c7e47 (patch)
tree877684653bbad3e9d9ddaeba8cefadb6cdaed7e1
parent9d88f22a819db8a9ff78496edf5553e90d88179c (diff)
parent7e96c1b0e0f495c5a7450dc4aa7c9a24ba4305bd (diff)
downloadlinux-51dfcb076d1e1ce7006aa272cb7c4514740c7e47.tar.bz2
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull user-namespace fix from Eric Biederman: "Eric Windish recently reported a really bug that allows mounting fresh copies of proc and sysfs when it really should not be allowed. The code attempted to verify that proc and sysfs were fully visible but there is a test missing to ensure that the root of the filesystem is visible. Doh! The following patch fixes that. This fixes a containment issue that the docker folks are seeing" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: mnt: Fix fs_fully_visible to verify the root directory is visible
-rw-r--r--fs/namespace.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 1f4f9dac6e5a..1b9e11167bae 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3179,6 +3179,12 @@ bool fs_fully_visible(struct file_system_type *type)
if (mnt->mnt.mnt_sb->s_type != type)
continue;
+ /* This mount is not fully visible if it's root directory
+ * is not the root directory of the filesystem.
+ */
+ if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root)
+ continue;
+
/* This mount is not fully visible if there are any child mounts
* that cover anything except for empty directories.
*/