From: Sasha Levin <sasha.levin@oracle.com>
To: stable@vger.kernel.org, stable-commits@vger.kernel.org
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
Sasha Levin <sasha.levin@oracle.com>
Subject: [added to the 3.18 stable tree] mnt: Update fs_fully_visible to test for permanently empty directories
Date: Thu, 30 Jul 2015 22:10:07 -0400 [thread overview]
Message-ID: <1438308644-15635-7-git-send-email-sasha.levin@oracle.com> (raw)
In-Reply-To: <1438308644-15635-1-git-send-email-sasha.levin@oracle.com>
From: "Eric W. Biederman" <ebiederm@xmission.com>
This patch has been added to the 3.18 stable tree. If you have any
objections, please let us know.
===============
[ Upstream commit 7236c85e1be51a9e25ba0f6e087a66ca89605a49 ]
fs_fully_visible attempts to make fresh mounts of proc and sysfs give
the mounter no more access to proc and sysfs than if they could have
by creating a bind mount. One aspect of proc and sysfs that makes
this particularly tricky is that there are other filesystems that
typically mount on top of proc and sysfs. As those filesystems are
mounted on empty directories in practice it is safe to ignore them.
However testing to ensure filesystems are mounted on empty directories
has not been something the in kernel data structures have supported so
the current test for an empty directory which checks to see
if nlink <= 2 is a bit lacking.
proc and sysfs have recently been modified to use the new empty_dir
infrastructure to create all of their dedicated mount points. Instead
of testing for S_ISDIR(inode->i_mode) && i_nlink <= 2 to see if a
directory is empty, test for is_empty_dir_inode(inode). That small
change guaranteess mounts found on proc and sysfs really are safe to
ignore, because the directories are not only empty but nothing can
ever be added to them. This guarantees there is nothing to worry
about when mounting proc and sysfs.
Cc: stable@vger.kernel.org
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
---
fs/namespace.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/fs/namespace.c b/fs/namespace.c
index da23ad8..5755f48 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3175,9 +3175,8 @@ static bool fs_fully_visible(struct file_system_type *type, int *new_mnt_flags)
/* Only worry about locked mounts */
if (!(mnt->mnt.mnt_flags & MNT_LOCKED))
continue;
- if (!S_ISDIR(inode->i_mode))
- goto next;
- if (inode->i_nlink > 2)
+ /* Is the directory permanetly empty? */
+ if (!is_empty_dir_inode(inode))
goto next;
}
/* Preserve the locked attributes */
--
2.1.4
next prev parent reply other threads:[~2015-07-31 2:11 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-31 2:10 [added to the 3.18 stable tree] VFS: Introduce inode-getting helpers for layered/unioned fs environments Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] fs: Add helper functions for permanently empty directories Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] sysctl: Allow creating permanently empty directories that serve as mountpoints Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] proc: Allow creating permanently empty directories that serve as mount points Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] kernfs: Add support for always empty directories Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] sysfs: Add support for permanently empty directories to serve as mount points Sasha Levin
2015-07-31 2:10 ` Sasha Levin [this message]
2015-07-31 2:10 ` [added to the 3.18 stable tree] sysfs: Create mountpoints with sysfs_create_mount_point Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ACPI / init: Switch over platform to the ACPI mode later Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] iio: accel: kxcjk-1013: add the "KXCJ9000" ACPI id Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] spi: pl022: Specify 'num-cs' property as required in devicetree binding Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] iio: twl4030-madc: Pass the IRQF_ONESHOT flag Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ALSA: usb-audio: Add support for Akai MPC Element USB MIDI controller Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ALSA: usb-audio: Fix audio output on Roland SC-D70 sound module Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ALSA: usb-audio: Add MIDI support for Steinberg MI2/MI4 Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] dm btree remove: fix bug in redistribute3 Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] kbuild: Allow arch Makefiles to override {cpp,ld,c}flags Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ARC: Override toplevel default -O2 with -O3 Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] crypto: omap-des - Fix unmapping of dma channels Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] USB: option: add 2020:4000 ID Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] USB: cp210x: add ID for Aruba Networks controllers Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] dm btree: silence lockdep lock inversion in dm_btree_del() Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] usb: musb: host: rely on port_mode to call musb_start() Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] usb: f_mass_storage: limit number of reported LUNs Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] s390/sclp: clear upper register halves in _sclp_print_early Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] drm: add a check for x/y in drm_mode_setcrtc Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] bio integrity: do not assume bio_integrity_pool exists if bioset exists Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ARM: dts: mx23: fix iio-hwmon support Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] tracing: Have branch tracer use recursive field of task struct Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] drivers: net: cpsw: fix crash while accessing second slave ethernet interface Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] USB: serial: Destroy serial_minors IDR on module exit Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] Btrfs: fix memory leak in the extent_same ioctl Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] can: rcar_can: fix IRQ check Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ARC: make sure instruction_pointer() returns unsigned value Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] can: c_can: Fix default pinmux glitch at init Sasha Levin
2015-07-31 6:30 ` Heiko Carstens
2015-07-31 7:06 ` Marc Kleine-Budde
2015-07-31 2:10 ` [added to the 3.18 stable tree] Btrfs: fix file corruption after cloning inline extents Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] staging: vt6656: check ieee80211_bss_conf bssid not NULL Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] st: null pointer dereference panic caused by use after kref_put by st_open Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] drm/radeon: add a dpm quirk for Sapphire Radeon R9 270X 2GB GDDR5 Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] drm/radeon: Don't flush the GART TLB if rdev->gart.ptr == NULL Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] drm/radeon: fix user ptr race condition Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] genirq: Prevent resend to interrupts marked IRQ_NESTED_THREAD Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] ARM: 8404/1: dma-mapping: fix off-by-one error in bitmap size check Sasha Levin
2015-07-31 2:10 ` [added to the 3.18 stable tree] Revert "can: fix loss of CAN frames in raw_rcv" Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1438308644-15635-7-git-send-email-sasha.levin@oracle.com \
--to=sasha.levin@oracle.com \
--cc=ebiederm@xmission.com \
--cc=stable-commits@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.