[3.16.y-ckt stable] Patch "mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount" has been added to staging queue

Luis Henriques luis.henriques at canonical.com
Wed Jan 7 10:29:45 UTC 2015 

This is a note to let you know that I have just added a patch titled

    mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.16.y-queue

This patch is scheduled to be released in version 3.16.7-ckt4.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.16.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 0f1f16ed44b4872aec2de323817b9d0a97a5c59b Mon Sep 17 00:00:00 2001
From: "Eric W. Biederman" <ebiederm at xmission.com>
Date: Wed, 13 Aug 2014 01:33:38 -0700
Subject: mnt: Implicitly add MNT_NODEV on remount when it was implicitly added
 by mount

commit 3e1866410f11356a9fd869beb3e95983dc79c067 upstream.

Now that remount is properly enforcing the rule that you can't remove
nodev at least sandstorm.io is breaking when performing a remount.

It turns out that there is an easy intuitive solution implicitly
add nodev on remount when nodev was implicitly added on mount.

Tested-by: Cedric Bosdonnat <cbosdonnat at suse.com>
Tested-by: Richard Weinberger <richard at nod.at>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 fs/namespace.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index f24161a45b06..e718c7a0437a 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1973,7 +1973,13 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 	    !(mnt_flags & MNT_NODEV)) {
-		return -EPERM;
+		/* Was the nodev implicitly added in mount? */
+		if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
+		    !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
+			mnt_flags |= MNT_NODEV;
+		} else {
+			return -EPERM;
+		}
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 	    !(mnt_flags & MNT_NOSUID)) {
--
2.1.4

More information about the kernel-team mailing list