diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2025-06-06 18:31:03 -0400 | 
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2025-06-07 00:41:20 -0400 | 
| commit | 290da20e333955637f00647d9fff7c6e3c0b61e0 (patch) | |
| tree | 718213139fc7a508b217297d387d3c911224fd52 /lib/net_utils.c | |
| parent | 4954346d80fb047cb78776d9f2ebd6a050f80c5f (diff) | |
do_move_mount(): split the checks in subtree-of-our-ns and entire-anon cases
... and fix the breakage in anon-to-anon case.  There are two cases
acceptable for do_move_mount() and mixing checks for those is making
things hard to follow.
One case is move of a subtree in caller's namespace.
        * source and destination must be in caller's namespace
	* source must be detachable from parent
Another is moving the entire anon namespace elsewhere
	* source must be the root of anon namespace
	* target must either in caller's namespace or in a suitable
	  anon namespace (see may_use_mount() for details).
	* target must not be in the same namespace as source.
It's really easier to follow if tests are *not* mixed together...
Reviewed-by: Christian Brauner <brauner@kernel.org>
Fixes: 3b5260d12b1f ("Don't propagate mounts into detached trees")
Reported-by: Allison Karlitskaya <lis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'lib/net_utils.c')
0 files changed, 0 insertions, 0 deletions
