diff options
| author | Jeff Layton <jlayton@kernel.org> | 2021-08-19 14:56:38 -0400 |
|---|---|---|
| committer | Jeff Layton <jlayton@kernel.org> | 2021-08-23 06:15:36 -0400 |
| commit | f7e33bdbd6d1bdf9c3df8bba5abcf3399f957ac3 (patch) | |
| tree | 00770e117522b347bb99858aa9069171f0c8b779 /fs/namespace.c | |
| parent | 2f488f698fda820f8e6fa0407630154eceb145d6 (diff) | |
fs: remove mandatory file locking support
We added CONFIG_MANDATORY_FILE_LOCKING in 2015, and soon after turned it
off in Fedora and RHEL8. Several other distros have followed suit.
I've heard of one problem in all that time: Someone migrated from an
older distro that supported "-o mand" to one that didn't, and the host
had a fstab entry with "mand" in it which broke on reboot. They didn't
actually _use_ mandatory locking so they just removed the mount option
and moved on.
This patch rips out mandatory locking support wholesale from the kernel,
along with the Kconfig option and the Documentation file. It also
changes the mount code to ignore the "mand" mount option instead of
erroring out, and to throw a big, ugly warning.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Diffstat (limited to 'fs/namespace.c')
| -rw-r--r-- | fs/namespace.c | 29 |
1 files changed, 10 insertions, 19 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index 97adcb5ab5d5..20caa4b4c539 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1715,22 +1715,14 @@ static inline bool may_mount(void) return ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN); } -#ifdef CONFIG_MANDATORY_FILE_LOCKING -static bool may_mandlock(void) +static void warn_mandlock(void) { - pr_warn_once("======================================================\n" - "WARNING: the mand mount option is being deprecated and\n" - " will be removed in v5.15!\n" - "======================================================\n"); - return capable(CAP_SYS_ADMIN); + pr_warn_once("=======================================================\n" + "WARNING: The mand mount option has been deprecated and\n" + " and is ignored by this kernel. Remove the mand\n" + " option from the mount to silence this warning.\n" + "=======================================================\n"); } -#else -static inline bool may_mandlock(void) -{ - pr_warn("VFS: \"mand\" mount option not supported"); - return false; -} -#endif static int can_umount(const struct path *path, int flags) { @@ -3197,8 +3189,8 @@ int path_mount(const char *dev_name, struct path *path, return ret; if (!may_mount()) return -EPERM; - if ((flags & SB_MANDLOCK) && !may_mandlock()) - return -EPERM; + if (flags & SB_MANDLOCK) + warn_mandlock(); /* Default to relatime unless overriden */ if (!(flags & MS_NOATIME)) @@ -3581,9 +3573,8 @@ SYSCALL_DEFINE3(fsmount, int, fs_fd, unsigned int, flags, if (fc->phase != FS_CONTEXT_AWAITING_MOUNT) goto err_unlock; - ret = -EPERM; - if ((fc->sb_flags & SB_MANDLOCK) && !may_mandlock()) - goto err_unlock; + if (fc->sb_flags & SB_MANDLOCK) + warn_mandlock(); newmount.mnt = vfs_create_mount(fc); if (IS_ERR(newmount.mnt)) { |