Commit 12f147dd authored by Al Viro's avatar Al Viro
Browse files

do_change_type(): refuse to operate on unmounted/not ours mounts 



Ensure that propagation settings can only be changed for mounts located
in the caller's mount namespace. This change aligns permission checking
with the rest of mount(2).

Reviewed-by: default avatarChristian Brauner <brauner@kernel.org>
Fixes: 07b20889 ("beginning of the shared-subtree proper")
Reported-by: default avatar"Orlando, Noah" <Noah.Orlando@deshaw.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent c28f922c

fs/namespace.c

+4 −0
Original line number Diff line number Diff line
@@ -2959,6 +2959,10 @@ static int do_change_type(struct path *path, int ms_flags) 
		return -EINVAL;



	namespace_lock();

	if (!check_mnt(mnt)) {

		err = -EINVAL;

		goto out_unlock;

	}

	if (type == MS_SHARED) {

		err = invent_group_ids(mnt, recurse);

		if (err)