[Devel] [PATCH v4 VZ10 1/1] fs: namespace: transform mount flags to comma separated values
Vladimir Riabchun
vladimir.riabchun at virtuozzo.com
Wed Jun 3 18:15:33 MSK 2026
On 6/3/26 17:03, Vasileios Almpanis wrote:
> In legacy mount callpaths, userspace might pass mount options as
> flags. These flags escape our checks in ve_devmnt_process allowing
> devices to be mounted inside containers with options not specified in
> the allowed field. Introduce helpers that take these flags and
> already existing tables of flag -> string representation to construct
> a comma separated value string from them, and append them to userspace
> provided data. Then pass this string to parse_monolithic_mount_data
> enforcing the same checks symmetrically in both mount and fsconfig
> syscalls.
>
> In the remount path, run legacy_merge_mount_data() before
> ve_devmnt_process() so container device mount policy sees MS_* flags
> from the legacy mount(2) API, not only the user-supplied option string.
> Keep ve_prepare_mount_options() for legacy parsers that do not use
> generic_parse_monolithic().
>
> https://virtuozzo.atlassian.net/browse/VSTOR-132330
> Signed-off-by: Vasileios Almpanis <vasileios.almpanis at virtuozzo.com>
Reviewed-by: Vladimir Riabchun <vladimir.riabchun at virtuozzo.com>
>
> Feature: ve: ve generic structures
> ...
--
Best regards, Riabchun Vladimir
Linux Kernel Developer, Virtuozzo
More information about the Devel
mailing list