Re: [Devel] [patch vz7 v2] do not allow rootfs umount

2016-06-14 Thread Andrey Vagin 
On Thu, Jun 09, 2016 at 10:30:48AM +0300, Vasily Averin wrote:
> In mainline rootfs is marked always as MNT_LOCKED,
> sys_umount checks this flag and fails its processing.
> Our kernels lacks for MNT_LOCKED flag, so we use another kind of check
> to prevent incorrect operation.
> 
> v2: use mnt_has_parent()
> 
> https://jira.sw.ru/browse/PSBM-46437
>

Acked-by: Andrey Vagin  
> Signed-off-by: Vasily Averin 

> diff --git a/fs/namespace.c b/fs/namespace.c
> index 988320b..4fb935a 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -1355,6 +1355,8 @@ SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
>   goto dput_and_out;
>   if (!check_mnt(mnt))
>   goto dput_and_out;
> + if (!mnt_has_parent(mnt))
> + goto dput_and_out;
>  
>   retval = do_umount(mnt, flags);
>  dput_and_out:

___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

[Devel] [patch vz7 v2] do not allow rootfs umount

2016-06-09 Thread Vasily Averin 
In mainline rootfs is marked always as MNT_LOCKED,
sys_umount checks this flag and fails its processing.
Our kernels lacks for MNT_LOCKED flag, so we use another kind of check
to prevent incorrect operation.

v2: use mnt_has_parent()

https://jira.sw.ru/browse/PSBM-46437

Signed-off-by: Vasily Averin 
diff --git a/fs/namespace.c b/fs/namespace.c
index 988320b..4fb935a 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1355,6 +1355,8 @@ SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
goto dput_and_out;
if (!check_mnt(mnt))
goto dput_and_out;
+   if (!mnt_has_parent(mnt))
+   goto dput_and_out;
 
retval = do_umount(mnt, flags);
 dput_and_out:
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel