[Devel] [PATCH v4 VZ10 1/1] fs: namespace: transform mount flags to comma separated values

Vladimir Riabchun vladimir.riabchun at virtuozzo.com
Wed Jun 3 18:15:33 MSK 2026



On 6/3/26 17:03, Vasileios Almpanis wrote:
> In legacy mount callpaths, userspace might pass mount options as
> flags. These flags escape our checks in ve_devmnt_process allowing
> devices to be mounted inside containers with options not specified in
> the allowed field. Introduce helpers that take these flags and
> already existing tables of flag -> string representation to construct
> a comma separated value string from them, and append them to userspace
> provided data. Then pass this string to parse_monolithic_mount_data
> enforcing the same checks symmetrically in both mount and fsconfig
> syscalls.
> 
> In the remount path, run legacy_merge_mount_data() before
> ve_devmnt_process() so container device mount policy sees MS_* flags
> from the legacy mount(2) API, not only the user-supplied option string.
> Keep ve_prepare_mount_options() for legacy parsers that do not use
> generic_parse_monolithic().
> 
> https://virtuozzo.atlassian.net/browse/VSTOR-132330
> Signed-off-by: Vasileios Almpanis <vasileios.almpanis at virtuozzo.com>

Reviewed-by: Vladimir Riabchun <vladimir.riabchun at virtuozzo.com>

> 
> Feature: ve: ve generic structures
> ...

-- 
Best regards, Riabchun Vladimir
Linux Kernel Developer, Virtuozzo



More information about the Devel mailing list