Acked-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
On 10/07/2015 10:59 AM, Andrew Vagin wrote:
Reported-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Signed-off-by: Andrew Vagin <ava...@openvz.org>
---
fs/namespace.c | 8 +++++++-
scripts/basic/fixdep | Bin 13875 -> 14262 bytes
2 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/fs/namespace.c b/fs/namespace.c
index 77a1ede..1377488 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2167,6 +2167,7 @@ static int do_new_mount(struct path *path, const char
*fstype, int flags,
struct file_system_type *type;
struct user_namespace *user_ns = current->nsproxy->mnt_ns->user_ns;
struct vfsmount *mnt;
+ struct user_namespace *root_user_ns;
int err;
if (!fstype)
@@ -2176,7 +2177,12 @@ static int do_new_mount(struct path *path, const char
*fstype, int flags,
if (!type)
return -ENODEV;
- if (user_ns != &init_user_ns) {
+ if (get_exec_env()->init_cred)
+ root_user_ns = get_exec_env()->init_cred->user_ns;
+ else
+ root_user_ns = &init_user_ns;
+
+ if (user_ns != root_user_ns) {
if (!(type->fs_flags & FS_USERNS_MOUNT)) {
put_filesystem(type);
return -EPERM;
--
Best regards, Tikhomirov Pavel
Software Developer, Odin.
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
