[RFC PATCH 08/27] containers, vfs: Honour CONTAINER_NEW_EMPTY_FS_NS
Al Viro
viro at zeniv.linux.org.uk
Sun Feb 17 00:11:52 UTC 2019
On Fri, Feb 15, 2019 at 04:08:29PM +0000, David Howells wrote:
> + mnt_ns = alloc_mnt_ns(container->cred->user_ns, false);
> + if (IS_ERR(mnt_ns)) {
> + ret = PTR_ERR(mnt_ns);
> + goto out_fd;
> + }
> +
> + mnt = real_mount(path->mnt);
> + mnt_add_count(mnt, 1);
> + mnt->mnt_ns = mnt_ns;
> + mnt_ns->root = mnt;
> + mnt_ns->mounts++;
> + list_add(&mnt->mnt_list, &mnt_ns->list);
> +
> + ret = -EBUSY;
> + spin_lock(&container->lock);
> + if (!container->ns->mnt_ns) {
> + container->ns->mnt_ns = mnt_ns;
> + write_seqcount_begin(&container->seq);
> + container->root.mnt = path->mnt;
> + container->root.dentry = path->dentry;
> + write_seqcount_end(&container->seq);
> + path_get(&container->root);
> + mnt_ns = NULL;
> + ret = 0;
> + }
Almost certainly buggered. Assumptions that we _won't_ get
to absolute root of namespace (it's overmounted and we are
chrooted into it, basically) had been made in quite a few
places. The thing you are creating is *not* like normal
namespaces in that respect.
More information about the Linux-security-module-archive
mailing list