Re: [PATCH 3.8 08/13] mnt: Only change user settable mount flags in remount

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Zefan Li,

I'm really not sure but this patch might be needed for 3.4 too.

Thanks

On 09/03/2014 06:15 PM, Francis Moreau wrote:
> Hello,
> 
> Is it also needed by 3.2.x and 3.4.x ?
> 
> Thanks
> 
> On 08/25/2014 06:54 PM, Kamal Mostafa wrote:
>> 3.8.13.28 -stable review patch.  If anyone has any objections, please let me know.
>>
>> ------------------
>>
>> From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
>>
>> commit a6138db815df5ee542d848318e5dae681590fccd upstream.
>>
>> Kenton Varda <kenton@xxxxxxxxxxxx> discovered that by remounting a
>> read-only bind mount read-only in a user namespace the
>> MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
>> to the remount a read-only mount read-write.
>>
>> Correct this by replacing the mask of mount flags to preserve
>> with a mask of mount flags that may be changed, and preserve
>> all others.   This ensures that any future bugs with this mask and
>> remount will fail in an easy to detect way where new mount flags
>> simply won't change.
>>
>> Acked-by: Serge E. Hallyn <serge.hallyn@xxxxxxxxxx>
>> Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
>> Signed-off-by: Kamal Mostafa <kamal@xxxxxxxxxxxxx>
>> ---
>>  fs/namespace.c        | 2 +-
>>  include/linux/mount.h | 4 +++-
>>  2 files changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/namespace.c b/fs/namespace.c
>> index 5dd7709..ddbd5bc 100644
>> --- a/fs/namespace.c
>> +++ b/fs/namespace.c
>> @@ -1782,7 +1782,7 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
>>  		err = do_remount_sb(sb, flags, data, 0);
>>  	if (!err) {
>>  		br_write_lock(&vfsmount_lock);
>> -		mnt_flags |= mnt->mnt.mnt_flags & MNT_PROPAGATION_MASK;
>> +		mnt_flags |= mnt->mnt.mnt_flags & ~MNT_USER_SETTABLE_MASK;
>>  		mnt->mnt.mnt_flags = mnt_flags;
>>  		br_write_unlock(&vfsmount_lock);
>>  	}
>> diff --git a/include/linux/mount.h b/include/linux/mount.h
>> index 73005f9..16fc05d 100644
>> --- a/include/linux/mount.h
>> +++ b/include/linux/mount.h
>> @@ -42,7 +42,9 @@ struct mnt_namespace;
>>   * flag, consider how it interacts with shared mounts.
>>   */
>>  #define MNT_SHARED_MASK	(MNT_UNBINDABLE)
>> -#define MNT_PROPAGATION_MASK	(MNT_SHARED | MNT_UNBINDABLE)
>> +#define MNT_USER_SETTABLE_MASK  (MNT_NOSUID | MNT_NODEV | MNT_NOEXEC \
>> +				 | MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME \
>> +				 | MNT_READONLY)
>>  
>>  
>>  #define MNT_INTERNAL	0x4000
>>
> 

--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]