diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-12 17:31:45 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-25 17:59:59 -0400 |
commit | 20284ab7427ffac514faf44fd9eb50e5745f4474 (patch) | |
tree | 6babbbfbcb3fea8deef55d2d03088218e1fe591b | |
parent | fd912087f4a897cfdf8274f8085c501742638be2 (diff) |
switch mount_capable() to fs_context
now both callers of mount_capable() have access to fs_context;
the only difference is that for sget_fc() we have the possibility
of fc->global being true, while for legacy_get_tree() it's guaranteed
to be impossible. Unify to more generic variant...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | fs/fs_context.c | 2 | ||||
-rw-r--r-- | fs/internal.h | 2 | ||||
-rw-r--r-- | fs/super.c | 11 |
3 files changed, 9 insertions, 6 deletions
diff --git a/fs/fs_context.c b/fs/fs_context.c index d75ba0eb8c5b..bc5a5f5f1853 100644 --- a/fs/fs_context.c +++ b/fs/fs_context.c @@ -663,7 +663,7 @@ static int legacy_get_tree(struct fs_context *fc) struct dentry *root; if (!(fc->sb_flags & (SB_KERNMOUNT|SB_SUBMOUNT))) { - if (!mount_capable(fc->fs_type, fc->user_ns)) + if (!mount_capable(fc)) return -EPERM; } diff --git a/fs/internal.h b/fs/internal.h index 65db901420af..b089a489da1f 100644 --- a/fs/internal.h +++ b/fs/internal.h @@ -114,7 +114,7 @@ extern struct file *alloc_empty_file_noaccount(int, const struct cred *); extern int reconfigure_super(struct fs_context *); extern bool trylock_super(struct super_block *sb); extern struct super_block *user_get_super(dev_t); -extern bool mount_capable(struct file_system_type *, struct user_namespace *); +extern bool mount_capable(struct fs_context *); /* * open.c diff --git a/fs/super.c b/fs/super.c index bdb03255c7ea..d1e2f46bad7e 100644 --- a/fs/super.c +++ b/fs/super.c @@ -476,12 +476,15 @@ void generic_shutdown_super(struct super_block *sb) EXPORT_SYMBOL(generic_shutdown_super); -bool mount_capable(struct file_system_type *type, struct user_namespace *userns) +bool mount_capable(struct fs_context *fc) { - if (!(type->fs_flags & FS_USERNS_MOUNT)) + struct user_namespace *user_ns = fc->global ? &init_user_ns + : fc->user_ns; + + if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT)) return capable(CAP_SYS_ADMIN); else - return ns_capable(userns, CAP_SYS_ADMIN); + return ns_capable(user_ns, CAP_SYS_ADMIN); } /** @@ -513,7 +516,7 @@ struct super_block *sget_fc(struct fs_context *fc, if (!(fc->sb_flags & SB_KERNMOUNT) && fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) { - if (!mount_capable(fc->fs_type, user_ns)) + if (!mount_capable(fc)) return ERR_PTR(-EPERM); } |