[PATCH 04/43] separate copying and locking mount tree on cross-userns copies
David Howells
dhowells at redhat.com
Tue Feb 26 15:44:18 UTC 2019
Alan Jenkins <alan.christopher.jenkins at gmail.com> wrote:
> I can see that this covers copy_mnt_ns(). It should also cover what will
> happen in future, if you pass an OPEN_TREE_CLONE fd to a process with a
> different mnt_ns and mnt_ns->user_ns, and that process mounts the fd using
> move_mount(). However, I can't work out how this covers mount propagation
> across namespaces.
>
> The comment "Notice when we are propagating across user namespaces" is moved
> to attach_recursive_mnt(). I can't find any call to attach_recursive_mount()
> inside the mount propagation code. Am I overlooking something?
You've spelt the function name two different ways?
Further, attach_recursive_mnt() calls propagation, not the other way round.
David (& Al)
More information about the Linux-security-module-archive
mailing list