mnt: Implicitly add MNT_NODEV on remount when it was implicitly added by mount

commit 3e1866410f11356a9fd869beb3e95983dc79c067 upstream. Now that remount is properly enforcing the rule that you can't remove nodev at least sandstorm.io is breaking when performing a remount. It turns out that there is an easy intuitive solution implicitly add nodev on remount when nodev was implicitly added on mount. Tested-by: Cedric Bosdonnat <cbosdonnat@suse.com> Tested-by: Richard Weinberger <richard@nod.at> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Eric W. Biederman <ebiederm@xmission.com> 2014-08-13 01:33:38 -0700
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-01-08 10:27:47 -0800
commit: 363eafe02e1e0583dbe4435fe3bc447e2c3ddf4b (patch)
tree: 29c46ad77d25ef67cb3d5bf502a95f89515c4e21
parent: 725a7308ec9dc4fef461467f35d88bb2a3c6069e (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 27006d8fd33b..743d0f37fb2d 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1957,7 +1957,13 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
 	    !(mnt_flags & MNT_NODEV)) {
-		return -EPERM;
+		/* Was the nodev implicitly added in mount? */
+		if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
+		    !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
+			mnt_flags |= MNT_NODEV;
+		} else {
+			return -EPERM;
+		}
 	}
 	if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
 	    !(mnt_flags & MNT_NOSUID)) {
author	Eric W. Biederman <ebiederm@xmission.com>	2014-08-13 01:33:38 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2015-01-08 10:27:47 -0800
commit	363eafe02e1e0583dbe4435fe3bc447e2c3ddf4b (patch)
tree	29c46ad77d25ef67cb3d5bf502a95f89515c4e21
parent	725a7308ec9dc4fef461467f35d88bb2a3c6069e (diff)