From: Christian Brauner <christian.brauner@xxxxxxxxxx> So far ecryptfs only verified that the superblock wasn't read-only but didn't check whether the mount was. This made sense when we did not use a private mount because the read-only state could change at any point. Now that we have a private mount and mount properties can't change behind our back extend the read-only check to include the vfsmount. The __mnt_is_readonly() helper will check both the mount and the superblock. Note that before we checked root->d_sb and now we check mnt->mnt_sb but since we have a matching <vfsmount, dentry> pair here this is only syntactical change, not a semantic one. Overlayfs and cachefiles have been changed to check this as well. Cc: Amir Goldstein <amir73il@xxxxxxxxx> Cc: Tyler Hicks <code@xxxxxxxxxxx> Cc: ecryptfs@xxxxxxxxxxxxxxx Cc: linux-fsdevel@xxxxxxxxxxxxxxx Signed-off-by: Christian Brauner <christian.brauner@xxxxxxxxxx> --- fs/ecryptfs/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c index 3ba2c0f349a3..4e5aeec91e95 100644 --- a/fs/ecryptfs/main.c +++ b/fs/ecryptfs/main.c @@ -571,7 +571,7 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags * 1) The lower mount is ro * 2) The ecryptfs_encrypted_view mount option is specified */ - if (sb_rdonly(path.dentry->d_sb) || mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) + if (__mnt_is_readonly(mnt) || mount_crypt_stat->flags & ECRYPTFS_ENCRYPTED_VIEW_ENABLED) s->s_flags |= SB_RDONLY; s->s_maxbytes = path.dentry->d_sb->s_maxbytes; -- 2.27.0