Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/fs
History
Eric W. Biederman e888799d92 mnt: Only change user settable mount flags in remount 
commit a6138db815 upstream.

Kenton Varda <kenton@sandstorm.io> discovered that by remounting a
read-only bind mount read-only in a user namespace the
MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
to the remount a read-only mount read-write.

Correct this by replacing the mask of mount flags to preserve
with a mask of mount flags that may be changed, and preserve
all others.   This ensures that any future bugs with this mask and
remount will fail in an easy to detect way where new mount flags
simply won't change.

Change-Id: I42178b32592b2ccc688d096b420304e93abeaba0
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Francis Moreau <francis.moro@gmail.com>
Signed-off-by: Zefan Li <lizefan@huawei.com>
2016-10-29 23:12:11 +08:00
..
9p
adfs
affs
afs
autofs4
befs
bfs
btrfs
cachefiles
ceph
cifs freezer: add unsafe versions of freezable helpers for CIFS 2013-07-12 14:22:55 -07:00
coda
configfs
cramfs
debugfs
devpts
dlm
ecryptfs eCryptfs: Remove buggy and unnecessary write in file name decode routine 2016-10-29 23:12:10 +08:00
efs
exofs
exportfs
ext2
ext3
ext4 ext4: protect group inode free counting with group lock 2013-04-18 16:07:55 -07:00
fat
freevxfs
fscache
fuse fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
gfs2
hfs
hfsplus
hostfs
hpfs
hppfs
hugetlbfs
isofs
jbd
jbd2
jffs2
jfs
lockd
logfs
minix
ncpfs fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
nfs freezer: add unsafe versions of freezable helpers for NFS 2013-07-12 14:22:55 -07:00
nfs_common
nfsd
nilfs2
nls
notify
ntfs fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
ocfs2
omfs
openpromfs
proc BACKPORT: pagemap: do not leak physical addresses to non-privileged userspace 2016-01-12 17:15:28 -05:00
pstore
qnx4
qnx6
quota
ramfs
reiserfs
romfs
squashfs
sysfs
sysv
ubifs
udf
ufs
xfs fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
yaffs2 fs: yaffs2: Add null pointer check before dereferencing inode 2013-02-27 18:19:17 -08:00
aio.c UPSTREAM: vfs: make AIO use the proper rw_verify_area() area helpers 2016-06-20 19:00:55 +00:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf.c
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
binfmt_som.c
bio-integrity.c
bio.c
block_dev.c
buffer.c block: fix infinite loop in __getblk_slow 2013-03-15 17:09:41 -07:00
char_dev.c
compat.c
compat_binfmt_elf.c
compat_ioctl.c fs: Add TTY PM IOCTLs to compat table 2016-10-29 23:08:34 +08:00
dcache.c get rid of ->mnt_longterm 2015-07-13 11:17:44 -07:00
dcookies.c
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c epoll: use freezable blocking call 2013-07-12 14:22:57 -07:00
exec.c fs: take i_mutex during prepare_binprm for set[ug]id executables 2016-10-29 23:12:10 +08:00
fcntl.c
fhandle.c vfs: read file_handle only once in handle_to_path 2016-10-29 23:12:11 +08:00
fifo.c
file.c
file_table.c brlocks/lglocks: API cleanups 2015-07-13 11:17:41 -07:00
filesystems.c
fs-writeback.c ext4: fix potential deadlock in ext4_nonda_switch() 2013-03-15 17:09:42 -07:00
fs_struct.c get rid of ->mnt_longterm 2015-07-13 11:17:44 -07:00
generic_acl.c
inode.c fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
internal.h get rid of ->mnt_longterm 2015-07-13 11:17:44 -07:00
ioctl.c
ioprio.c
Kconfig
Kconfig.binfmt
libfs.c
locks.c
Makefile
mbcache.c
mount.h proc: Usable inode numbers for the namespace file descriptors. 2015-07-13 11:18:01 -07:00
mpage.c
namei.c VFS: Comment mount following code 2015-07-13 11:17:48 -07:00
namespace.c mnt: Only change user settable mount flags in remount 2016-10-29 23:12:11 +08:00
no-block.c
open.c vfs: check if f_count is 0 or negative 2014-12-04 13:01:58 -08:00
pipe.c pipe: iovec: Fix OOB read in pipe_read() 2016-03-24 09:36:08 -07:00
pnode.c VFS: Make clone_mnt()/copy_tree()/collect_mounts() return errors 2015-07-13 11:17:46 -07:00
pnode.h vfs: Only support slave subtrees across different user namespaces 2015-07-13 11:17:56 -07:00
posix_acl.c
proc_namespace.c get rid of magic in proc_namespace.c 2015-07-13 11:17:45 -07:00
read_write.c
read_write.h
readdir.c
select.c select: use freezable blocking call 2013-07-12 14:22:58 -07:00
seq_file.c fs/seq_file: Use vmalloc by default for allocations > PAGE_SIZE 2014-11-18 15:13:24 -08:00
signalfd.c
splice.c fs: introduce inode operation ->update_time 2015-07-13 11:17:49 -07:00
stack.c
stat.c
statfs.c
super.c
sync.c
timerfd.c
utimes.c
xattr.c
xattr_acl.c