[Devel] [PATCH RHEL7 COMMIT] ms/fs: Don't leak MNT_INTERNAL away from internal mounts
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Apr 27 13:13:20 MSK 2018
The commit is pushed to "branch-rh7-3.10.0-693.21.1.vz7.47.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-693.21.1.vz7.47.1
------>
commit 4f34ee3327bedea25f0057a123b9fb7621e62cf7
Author: Al Viro <viro at zeniv.linux.org.uk>
Date: Fri Apr 27 13:13:20 2018 +0300
ms/fs: Don't leak MNT_INTERNAL away from internal mounts
commit 16a34adb9392b2fe4195267475ab5b472e55292c upstream.
We want it only for the stuff created by SB_KERNMOUNT mounts, *not* for
their copies. As it is, creating a deep stack of bindings of /proc/*/ns/*
somewhere in a new namespace and exiting yields a stack overflow.
Cc: stable at kernel.org
Reported-by: Alexander Aring <aring at mojatatu.com>
Bisected-by: Kirill Tkhai <ktkhai at virtuozzo.com>
Tested-by: Kirill Tkhai <ktkhai at virtuozzo.com>
Tested-by: Alexander Aring <aring at mojatatu.com>
Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
[Problem commit existing in our kernel,
but it doesn't reproduce with our config:
https://www.spinics.net/lists/netdev/msg496514.html]
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
fs/namespace.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/namespace.c b/fs/namespace.c
index 46b521b8d16a..98e5fb577e15 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1014,7 +1014,8 @@ static struct mount *clone_mnt(struct mount *old, struct dentry *root,
goto out_free;
}
- mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~(MNT_WRITE_HOLD|MNT_MARKED);
+ mnt->mnt.mnt_flags = old->mnt.mnt_flags;
+ mnt->mnt.mnt_flags &= ~(MNT_WRITE_HOLD|MNT_MARKED|MNT_INTERNAL);
/* Don't allow unprivileged users to change mount flags */
if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY))
mnt->mnt.mnt_flags |= MNT_LOCK_READONLY;
More information about the Devel
mailing list