Skip to content

Commit d43dbf7

Browse files
braunerbrauner
committed
mount: ensure we don't pointlessly walk the mount tree
This logic got broken recently. Add it back. Fixes: 474f782 ("fs: add copy_mount_setattr() helper") Link: https://lore.kernel.org/20250409-sektflaschen-gecko-27c021fbd222@brauner Tested-by: Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
1 parent b2b4483 commit d43dbf7

File tree

1 file changed

+18
-12
lines changed

1 file changed

+18
-12
lines changed

fs/namespace.c

Lines changed: 18 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -5189,8 +5189,8 @@ static void finish_mount_kattr(struct mount_kattr *kattr)
51895189
mnt_idmap_put(kattr->mnt_idmap);
51905190
}
51915191

5192-
static int copy_mount_setattr(struct mount_attr __user *uattr, size_t usize,
5193-
struct mount_kattr *kattr)
5192+
static int wants_mount_setattr(struct mount_attr __user *uattr, size_t usize,
5193+
struct mount_kattr *kattr)
51945194
{
51955195
int ret;
51965196
struct mount_attr attr;
@@ -5213,9 +5213,13 @@ static int copy_mount_setattr(struct mount_attr __user *uattr, size_t usize,
52135213
if (attr.attr_set == 0 &&
52145214
attr.attr_clr == 0 &&
52155215
attr.propagation == 0)
5216-
return 0;
5216+
return 0; /* Tell caller to not bother. */
5217+
5218+
ret = build_mount_kattr(&attr, usize, kattr);
5219+
if (ret < 0)
5220+
return ret;
52175221

5218-
return build_mount_kattr(&attr, usize, kattr);
5222+
return 1;
52195223
}
52205224

52215225
SYSCALL_DEFINE5(mount_setattr, int, dfd, const char __user *, path,
@@ -5247,8 +5251,8 @@ SYSCALL_DEFINE5(mount_setattr, int, dfd, const char __user *, path,
52475251
if (flags & AT_RECURSIVE)
52485252
kattr.kflags |= MOUNT_KATTR_RECURSE;
52495253

5250-
err = copy_mount_setattr(uattr, usize, &kattr);
5251-
if (err)
5254+
err = wants_mount_setattr(uattr, usize, &kattr);
5255+
if (err <= 0)
52525256
return err;
52535257

52545258
err = user_path_at(dfd, path, kattr.lookup_flags, &target);
@@ -5282,15 +5286,17 @@ SYSCALL_DEFINE5(open_tree_attr, int, dfd, const char __user *, filename,
52825286
if (flags & AT_RECURSIVE)
52835287
kattr.kflags |= MOUNT_KATTR_RECURSE;
52845288

5285-
ret = copy_mount_setattr(uattr, usize, &kattr);
5286-
if (ret)
5289+
ret = wants_mount_setattr(uattr, usize, &kattr);
5290+
if (ret < 0)
52875291
return ret;
52885292

5289-
ret = do_mount_setattr(&file->f_path, &kattr);
5290-
if (ret)
5291-
return ret;
5293+
if (ret) {
5294+
ret = do_mount_setattr(&file->f_path, &kattr);
5295+
if (ret)
5296+
return ret;
52925297

5293-
finish_mount_kattr(&kattr);
5298+
finish_mount_kattr(&kattr);
5299+
}
52945300
}
52955301

52965302
fd = get_unused_fd_flags(flags & O_CLOEXEC);

0 commit comments

Comments
 (0)