Module Name: src Committed By: mlelstv Date: Tue Feb 19 06:55:28 UTC 2019
Modified Files: src/sys/kern: vfs_syscalls.c Log Message: Don't allow MNT_UNION on the root, there is no covered filesystem. Fixes PR 53850 To generate a diff of this commit: cvs rdiff -u -r1.524 -r1.525 src/sys/kern/vfs_syscalls.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/vfs_syscalls.c diff -u src/sys/kern/vfs_syscalls.c:1.524 src/sys/kern/vfs_syscalls.c:1.525 --- src/sys/kern/vfs_syscalls.c:1.524 Tue Feb 5 13:50:10 2019 +++ src/sys/kern/vfs_syscalls.c Tue Feb 19 06:55:28 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls.c,v 1.524 2019/02/05 13:50:10 kamil Exp $ */ +/* $NetBSD: vfs_syscalls.c,v 1.525 2019/02/19 06:55:28 mlelstv Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -70,7 +70,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.524 2019/02/05 13:50:10 kamil Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.525 2019/02/19 06:55:28 mlelstv Exp $"); #ifdef _KERNEL_OPT #include "opt_fileassoc.h" @@ -278,6 +278,15 @@ mount_update(struct lwp *l, struct vnode goto out; } + /* + * Enabling MNT_UNION requires a covered mountpoint and + * must not happen on the root mount. + */ + if ((flags & MNT_UNION) != 0 && mp->mnt_vnodecovered == NULLVP) { + error = EOPNOTSUPP; + goto out; + } + error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_MOUNT, KAUTH_REQ_SYSTEM_MOUNT_UPDATE, mp, KAUTH_ARG(flags), data); if (error)