diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-12 18:16:04 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2019-05-25 18:00:01 -0400 |
commit | 059338aae33165179352a26b58d815801072c87d (patch) | |
tree | ad75b40c28596ac0ccd50a2588f7e1444243a811 | |
parent | d5f68d330c156774bf69059e434b5d8acea3b92e (diff) |
move mount_capable() calls to vfs_get_tree()
sget_fc() is called only from ->get_tree() instances and
the only instance not calling it is legacy_get_tree(),
which calls mount_capable() directly.
In all sget_fc() callers the checks could be moved to the
very beginning of ->get_tree() - ->user_ns is not changed
in between. So lifting the checks to the only caller of
->get_tree() is OK.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | fs/fs_context.c | 5 | ||||
-rw-r--r-- | fs/super.c | 12 |
2 files changed, 6 insertions, 11 deletions
diff --git a/fs/fs_context.c b/fs/fs_context.c index bc5a5f5f1853..a47ccd5a4a78 100644 --- a/fs/fs_context.c +++ b/fs/fs_context.c @@ -662,11 +662,6 @@ static int legacy_get_tree(struct fs_context *fc) struct super_block *sb; struct dentry *root; - if (!(fc->sb_flags & (SB_KERNMOUNT|SB_SUBMOUNT))) { - if (!mount_capable(fc)) - return -EPERM; - } - root = fc->fs_type->mount(fc->fs_type, fc->sb_flags, fc->source, ctx->legacy_data); if (IS_ERR(root)) diff --git a/fs/super.c b/fs/super.c index d1e2f46bad7e..2c38541cd89f 100644 --- a/fs/super.c +++ b/fs/super.c @@ -514,12 +514,6 @@ struct super_block *sget_fc(struct fs_context *fc, struct user_namespace *user_ns = fc->global ? &init_user_ns : fc->user_ns; int err; - if (!(fc->sb_flags & SB_KERNMOUNT) && - fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) { - if (!mount_capable(fc)) - return ERR_PTR(-EPERM); - } - retry: spin_lock(&sb_lock); if (test) { @@ -1421,6 +1415,12 @@ int vfs_get_tree(struct fs_context *fc) if (fc->root) return -EBUSY; + if (!(fc->sb_flags & SB_KERNMOUNT) && + fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) { + if (!mount_capable(fc)) + return -EPERM; + } + /* Get the mountable root in fc->root, with a ref on the root and a ref * on the superblock. */ |