mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

commit 3e1866410f11356a9fd869beb3e95983dc79c067 upstream. Now that remount is properly enforcing the rule that you can't remove nodev at least sandstorm.io is breaking when performing a remount. It turns out that there is an easy intuitive solution implicitly add nodev on remount when nodev was implicitly added on mount. Tested-by: Cedric Bosdonnat <cbosdonnat@suse.com> Tested-by: Richard Weinberger <richard@nod.at> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Eric W. Biederman <ebiederm@xmission.com> 2014-08-13 01:33:38 -0700
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-01-08 10:00:49 -0800
commit: aad34f76b15f8bd2597f41933bc604e0b6e3c211 (patch)
tree: 19b415de39a1c9c6a65c510941c822b86d549879
parent: 46b4fd75fc6619352d8909c424a99cebb42b4ac5 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 95665613cd93..dc6914730579 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1966,7 +1966,13 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 	    !(mnt_flags & MNT_NODEV)) {
-		return -EPERM;
+		/* Was the nodev implicitly added in mount? */
+		if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
+		    !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
+			mnt_flags |= MNT_NODEV;
+		} else {
+			return -EPERM;
+		}
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 	    !(mnt_flags & MNT_NOSUID)) {
author	Eric W. Biederman <ebiederm@xmission.com>	2014-08-13 01:33:38 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2015-01-08 10:00:49 -0800
commit	aad34f76b15f8bd2597f41933bc604e0b6e3c211 (patch)
tree	19b415de39a1c9c6a65c510941c822b86d549879
parent	46b4fd75fc6619352d8909c424a99cebb42b4ac5 (diff)