[Devel] [PATCH v4 VZ10 1/1] fs: namespace: transform mount flags to comma separated values

Pavel Tikhomirov ptikhomirov at virtuozzo.com
Fri Jun 5 13:39:45 MSK 2026



On 6/3/26 17:15, Vladimir Riabchun wrote:
> 
> 
> On 6/3/26 17:03, Vasileios Almpanis wrote:
>> In legacy mount callpaths, userspace might pass mount options as
>> flags. These flags escape our checks in ve_devmnt_process allowing
>> devices to be mounted inside containers with options not specified in
>> the allowed field. Introduce helpers that take these flags and
>> already existing tables of flag -> string representation to construct
>> a comma separated value string from them, and append them to userspace
>> provided data. Then pass this string to parse_monolithic_mount_data
>> enforcing the same checks symmetrically in both mount and fsconfig
>> syscalls.
>>
>> In the remount path, run legacy_merge_mount_data() before
>> ve_devmnt_process() so container device mount policy sees MS_* flags
>> from the legacy mount(2) API, not only the user-supplied option string.
>> Keep ve_prepare_mount_options() for legacy parsers that do not use
>> generic_parse_monolithic().
>>
>> https://virtuozzo.atlassian.net/browse/VSTOR-132330
>> Signed-off-by: Vasileios Almpanis <vasileios.almpanis at virtuozzo.com>
> 
> Reviewed-by: Vladimir Riabchun <vladimir.riabchun at virtuozzo.com>

Reviewed-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>

> 
>>
>> Feature: ve: ve generic structures
>> ...
> 

-- 
Best regards, Pavel Tikhomirov
Senior Software Developer, Virtuozzo.



More information about the Devel mailing list