On Sun, Mar 3, 2019 at 5:14 PM Masami Hiramatsu <mhiramat@kernel.org> wrote:
>
> I think it comes from WARN_ON_ONCE(!segment_eq(get_fs(), USER_DS)) in
> user_access_ok(). The call trace shows that strndup_user might be called
> from kernel daemon context.

Ahh, yes.

We've had this before. We've gotten rid of the actual "use system
calls", but we still have some of the init sequence in particular just
calling the wrappers instead.

And yes, ksys_mount() takes __user pointers.

It would be a lot better to use "do_mount()", which is the interface
that takes actual "char *" pointers.

                    Linus