Unverified Commit f3107df3 authored by Christian Brauner's avatar Christian Brauner
Browse files

fs: relax permissions for statmount() 

It is sufficient to have capabilities in the owning user namespace of
the mount namespace to stat a mount regardless of whether it's reachable
or not.

Link: https://lore.kernel.org/r/bf5961d71ec479ba85806766b0d8d96043e67bba.1719243756.git.josef@toxicpanda.com


Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
parent dd7cb142

fs/namespace.c

+2 −1
Original line number Diff line number Diff line
@@ -4930,6 +4930,7 @@ static int copy_statmount_to_user(struct kstatmount *s) 
static int do_statmount(struct kstatmount *s)

{

	struct mount *m = real_mount(s->mnt);

	struct mnt_namespace *ns = m->mnt_ns;

	int err;



	/*
@@ -4937,7 +4938,7 @@ static int do_statmount(struct kstatmount *s) 
	 * mounts to show users.

	 */

	if (!is_path_reachable(m, m->mnt.mnt_root, &s->root) &&

	    !ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN))

	    !ns_capable_noaudit(ns->user_ns, CAP_SYS_ADMIN))

		return -EPERM;



	err = security_sb_statfs(s->mnt->mnt_root);