Skip to content
Commit 290da20e authored by Al Viro's avatar Al Viro
Browse files

do_move_mount(): split the checks in subtree-of-our-ns and entire-anon cases 



... and fix the breakage in anon-to-anon case.  There are two cases
acceptable for do_move_mount() and mixing checks for those is making
things hard to follow.

One case is move of a subtree in caller's namespace.
        * source and destination must be in caller's namespace
	* source must be detachable from parent
Another is moving the entire anon namespace elsewhere
	* source must be the root of anon namespace
	* target must either in caller's namespace or in a suitable
	  anon namespace (see may_use_mount() for details).
	* target must not be in the same namespace as source.

It's really easier to follow if tests are *not* mixed together...

Reviewed-by: default avatarChristian Brauner <brauner@kernel.org>
Fixes: 3b5260d1 ("Don't propagate mounts into detached trees")
Reported-by: default avatarAllison Karlitskaya <lis@redhat.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 4954346d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment