summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2013-01-25 16:37:44 -0800
committerEric W. Biederman <ebiederm@xmission.com>2013-01-26 22:22:38 -0800
commitb3c6761d9b5cc82deea7416d11c2118f6380e99c (patch)
tree1b87793fb6b27d5c298b02809800180b8ba0b449
parentec2aa8e8dd7d35524a68c89b9e7ceb07fb002561 (diff)
downloadop-kernel-dev-b3c6761d9b5cc82deea7416d11c2118f6380e99c.zip
op-kernel-dev-b3c6761d9b5cc82deea7416d11c2118f6380e99c.tar.gz
userns: Allow the userns root to mount ramfs.
There is no backing store to ramfs and file creation rules are the same as for any other filesystem so it is semantically safe to allow unprivileged users to mount it. The memory control group successfully limits how much memory ramfs can consume on any system that cares about a user namespace root using ramfs to exhaust memory the memory control group can be deployed. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-rw-r--r--fs/ramfs/inode.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c
index eab8c09..c24f1e1 100644
--- a/fs/ramfs/inode.c
+++ b/fs/ramfs/inode.c
@@ -260,6 +260,7 @@ static struct file_system_type ramfs_fs_type = {
.name = "ramfs",
.mount = ramfs_mount,
.kill_sb = ramfs_kill_sb,
+ .fs_flags = FS_USERNS_MOUNT,
};
static struct file_system_type rootfs_fs_type = {
.name = "rootfs",
OpenPOWER on IntegriCloud