[3.13.y-ckt stable] Patch "mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount" has been added to staging queue

Kamal Mostafa kamal at canonical.com
Wed Jan 28 22:19:58 UTC 2015 

This is a note to let you know that I have just added a patch titled

    mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

to the linux-3.13.y-queue branch of the 3.13.y-ckt extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue

This patch is scheduled to be released in version 3.13.11-ckt15.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.13.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Kamal

------

>From 6083607fd351ca74a0713c27cec7bf6448f709e2 Mon Sep 17 00:00:00 2001
From: "Eric W. Biederman" <ebiederm at xmission.com>
Date: Wed, 13 Aug 2014 01:33:38 -0700
Subject: mnt: Implicitly add MNT_NODEV on remount when it was implicitly added
 by mount

commit 3e1866410f11356a9fd869beb3e95983dc79c067 upstream.

Now that remount is properly enforcing the rule that you can't remove
nodev at least sandstorm.io is breaking when performing a remount.

It turns out that there is an easy intuitive solution implicitly
add nodev on remount when nodev was implicitly added on mount.

Tested-by: Cedric Bosdonnat <cbosdonnat at suse.com>
Tested-by: Richard Weinberger <richard at nod.at>
Signed-off-by: "Eric W. Biederman" <ebiederm at xmission.com>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
 fs/namespace.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index fe2b527..32f2b2d 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1945,7 +1945,13 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 	    !(mnt_flags & MNT_NODEV)) {
-		return -EPERM;
+		/* Was the nodev implicitly added in mount? */
+		if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
+		    !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
+			mnt_flags |= MNT_NODEV;
+		} else {
+			return -EPERM;
+		}
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 	    !(mnt_flags & MNT_NOSUID)) {
--
1.9.1

More information about the kernel-team mailing list