summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2019-05-12 18:16:04 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2019-05-25 18:00:01 -0400
commit059338aae33165179352a26b58d815801072c87d (patch)
treead75b40c28596ac0ccd50a2588f7e1444243a811
parentd5f68d330c156774bf69059e434b5d8acea3b92e (diff)
move mount_capable() calls to vfs_get_tree()
sget_fc() is called only from ->get_tree() instances and the only instance not calling it is legacy_get_tree(), which calls mount_capable() directly. In all sget_fc() callers the checks could be moved to the very beginning of ->get_tree() - ->user_ns is not changed in between. So lifting the checks to the only caller of ->get_tree() is OK. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/fs_context.c5
-rw-r--r--fs/super.c12
2 files changed, 6 insertions, 11 deletions
diff --git a/fs/fs_context.c b/fs/fs_context.c
index bc5a5f5f1853..a47ccd5a4a78 100644
--- a/fs/fs_context.c
+++ b/fs/fs_context.c
@@ -662,11 +662,6 @@ static int legacy_get_tree(struct fs_context *fc)
struct super_block *sb;
struct dentry *root;
- if (!(fc->sb_flags & (SB_KERNMOUNT|SB_SUBMOUNT))) {
- if (!mount_capable(fc))
- return -EPERM;
- }
-
root = fc->fs_type->mount(fc->fs_type, fc->sb_flags,
fc->source, ctx->legacy_data);
if (IS_ERR(root))
diff --git a/fs/super.c b/fs/super.c
index d1e2f46bad7e..2c38541cd89f 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -514,12 +514,6 @@ struct super_block *sget_fc(struct fs_context *fc,
struct user_namespace *user_ns = fc->global ? &init_user_ns : fc->user_ns;
int err;
- if (!(fc->sb_flags & SB_KERNMOUNT) &&
- fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) {
- if (!mount_capable(fc))
- return ERR_PTR(-EPERM);
- }
-
retry:
spin_lock(&sb_lock);
if (test) {
@@ -1421,6 +1415,12 @@ int vfs_get_tree(struct fs_context *fc)
if (fc->root)
return -EBUSY;
+ if (!(fc->sb_flags & SB_KERNMOUNT) &&
+ fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) {
+ if (!mount_capable(fc))
+ return -EPERM;
+ }
+
/* Get the mountable root in fc->root, with a ref on the root and a ref
* on the superblock.
*/