switch mount_capable() to fs_context
now both callers of mount_capable() have access to fs_context; the only difference is that for sget_fc() we have the possibility of fc->global being true, while for legacy_get_tree() it's guaranteed to be impossible. Unify to more generic variant... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
fd912087f4
commit
20284ab742
@ -663,7 +663,7 @@ static int legacy_get_tree(struct fs_context *fc)
|
||||
struct dentry *root;
|
||||
|
||||
if (!(fc->sb_flags & (SB_KERNMOUNT|SB_SUBMOUNT))) {
|
||||
if (!mount_capable(fc->fs_type, fc->user_ns))
|
||||
if (!mount_capable(fc))
|
||||
return -EPERM;
|
||||
}
|
||||
|
||||
|
@ -114,7 +114,7 @@ extern struct file *alloc_empty_file_noaccount(int, const struct cred *);
|
||||
extern int reconfigure_super(struct fs_context *);
|
||||
extern bool trylock_super(struct super_block *sb);
|
||||
extern struct super_block *user_get_super(dev_t);
|
||||
extern bool mount_capable(struct file_system_type *, struct user_namespace *);
|
||||
extern bool mount_capable(struct fs_context *);
|
||||
|
||||
/*
|
||||
* open.c
|
||||
|
11
fs/super.c
11
fs/super.c
@ -476,12 +476,15 @@ void generic_shutdown_super(struct super_block *sb)
|
||||
|
||||
EXPORT_SYMBOL(generic_shutdown_super);
|
||||
|
||||
bool mount_capable(struct file_system_type *type, struct user_namespace *userns)
|
||||
bool mount_capable(struct fs_context *fc)
|
||||
{
|
||||
if (!(type->fs_flags & FS_USERNS_MOUNT))
|
||||
struct user_namespace *user_ns = fc->global ? &init_user_ns
|
||||
: fc->user_ns;
|
||||
|
||||
if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT))
|
||||
return capable(CAP_SYS_ADMIN);
|
||||
else
|
||||
return ns_capable(userns, CAP_SYS_ADMIN);
|
||||
return ns_capable(user_ns, CAP_SYS_ADMIN);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -513,7 +516,7 @@ struct super_block *sget_fc(struct fs_context *fc,
|
||||
|
||||
if (!(fc->sb_flags & SB_KERNMOUNT) &&
|
||||
fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) {
|
||||
if (!mount_capable(fc->fs_type, user_ns))
|
||||
if (!mount_capable(fc))
|
||||
return ERR_PTR(-EPERM);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user