diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2016-07-23 11:20:44 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2016-07-23 14:51:26 -0500 |
| commit | aeaa4a79ff6a5ed912b7362f206cf8576fca538b (patch) | |
| tree | cfdd5207fef5e23cf7dc84691cd3301faa9688ec /security/tomoyo | |
| parent | 81754357770ebd900801231e7bc8d151ddc00498 (diff) | |
| download | op-kernel-dev-aeaa4a79ff6a5ed912b7362f206cf8576fca538b.zip op-kernel-dev-aeaa4a79ff6a5ed912b7362f206cf8576fca538b.tar.gz | |
fs: Call d_automount with the filesystems creds
Seth Forshee reported a mount regression in nfs autmounts
with "fs: Add user namespace member to struct super_block".
It turns out that the assumption that current->cred is something
reasonable during mount while necessary to improve support of
unprivileged mounts is wrong in the automount path.
To fix the existing filesystems override current->cred with the
init_cred before calling d_automount and restore current->cred after
d_automount completes.
To support unprivileged mounts would require a more nuanced cred
selection, so fail on unprivileged mounts for the time being. As none
of the filesystems that currently set FS_USERNS_MOUNT implement
d_automount this check is only good for preventing future problems.
Fixes: 6e4eab577a0c ("fs: Add user namespace member to struct super_block")
Tested-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'security/tomoyo')
0 files changed, 0 insertions, 0 deletions
