*/
#include <linux/config.h>
+#include <linux/syscalls.h>
#include <linux/slab.h>
#include <linux/sched.h>
#include <linux/smp_lock.h>
#include <linux/namei.h>
#include <linux/security.h>
#include <linux/mount.h>
-#include <linux/vs_base.h>
-
+#include <linux/vserver/namespace.h>
+#include <linux/vserver/xid.h>
#include <asm/uaccess.h>
#include <asm/unistd.h>
#endif
/* spinlock for vfsmount related operations, inplace of dcache_lock */
-spinlock_t vfsmount_lock __cacheline_aligned_in_smp = SPIN_LOCK_UNLOCKED;
+ __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
static struct list_head *mount_hashtable;
static int hash_mask, hash_bits;
return found;
}
-EXPORT_SYMBOL(lookup_mnt);
-
static inline int check_mnt(struct vfsmount *mnt)
{
return mnt->mnt_namespace == current->namespace;
mnt->mnt_mountpoint = mnt->mnt_root;
mnt->mnt_parent = mnt;
mnt->mnt_namespace = old->mnt_namespace;
+ mnt->mnt_xid = old->mnt_xid;
/* stick the duplicate mount on the same expiry list
* as the original if that was on one */
seq_escape(m, s, " \t\n\\");
}
+static int mnt_is_reachable(struct vfsmount *mnt)
+{
+ struct vfsmount *root_mnt;
+ struct dentry *root, *point;
+ int ret;
+
+ if (mnt == mnt->mnt_namespace->root)
+ return 1;
+
+ spin_lock(&dcache_lock);
+ root_mnt = current->fs->rootmnt;
+ root = current->fs->root;
+ point = root;
+
+ while ((mnt != mnt->mnt_parent) && (mnt != root_mnt)) {
+ point = mnt->mnt_mountpoint;
+ mnt = mnt->mnt_parent;
+ }
+
+ ret = (mnt == root_mnt) && is_subdir(point, root);
+
+ spin_unlock(&dcache_lock);
+
+ return ret;
+}
+
static int show_vfsmnt(struct seq_file *m, void *v)
{
struct vfsmount *mnt = v;
int err = 0;
static struct proc_fs_info {
- int flag;
- char *str;
+ int s_flag;
+ int mnt_flag;
+ char *set_str;
+ char *unset_str;
} fs_info[] = {
- { MS_SYNCHRONOUS, ",sync" },
- { MS_DIRSYNC, ",dirsync" },
- { MS_MANDLOCK, ",mand" },
- { MS_NOATIME, ",noatime" },
- { MS_NODIRATIME, ",nodiratime" },
- { 0, NULL }
+ { MS_RDONLY, MNT_RDONLY, "ro", "rw" },
+ { MS_SYNCHRONOUS, 0, ",sync", NULL },
+ { MS_DIRSYNC, 0, ",dirsync", NULL },
+ { MS_MANDLOCK, 0, ",mand", NULL },
+ { MS_NOATIME, MNT_NOATIME, ",noatime", NULL },
+ { MS_NODIRATIME, MNT_NODIRATIME, ",nodiratime", NULL },
+ { MS_TAGXID, MS_TAGXID, ",tagxid", NULL },
+ { 0, MNT_NOSUID, ",nosuid", NULL },
+ { 0, MNT_NODEV, ",nodev", NULL },
+ { 0, MNT_NOEXEC, ",noexec", NULL },
+ { 0, 0, NULL, NULL }
};
- static struct proc_fs_info mnt_info[] = {
- { MNT_NOSUID, ",nosuid" },
- { MNT_NODEV, ",nodev" },
- { MNT_NOEXEC, ",noexec" },
- { 0, NULL }
- };
- struct proc_fs_info *fs_infop;
+ struct proc_fs_info *p;
+ unsigned long s_flags = mnt->mnt_sb->s_flags;
+ int mnt_flags = mnt->mnt_flags;
if (vx_flags(VXF_HIDE_MOUNT, 0))
return 0;
+ if (!mnt_is_reachable(mnt))
+ return 0;
- mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
- seq_putc(m, ' ');
- seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
- seq_putc(m, ' ');
- mangle(m, mnt->mnt_sb->s_type->name);
- seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
- for (fs_infop = fs_info; fs_infop->flag; fs_infop++) {
- if (mnt->mnt_sb->s_flags & fs_infop->flag)
- seq_puts(m, fs_infop->str);
+ if (!vx_check(0, VX_ADMIN|VX_WATCH) &&
+ mnt == current->fs->rootmnt) {
+ seq_puts(m, "/dev/root / ");
+ } else {
+ mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
+ seq_putc(m, ' ');
+ seq_path(m, mnt, mnt->mnt_root, " \t\n\\");
+ seq_putc(m, ' ');
}
- for (fs_infop = mnt_info; fs_infop->flag; fs_infop++) {
- if (mnt->mnt_flags & fs_infop->flag)
- seq_puts(m, fs_infop->str);
+ mangle(m, mnt->mnt_sb->s_type->name);
+ seq_putc(m, ' ');
+ for (p = fs_info; (p->s_flag | p->mnt_flag) ; p++) {
+ if ((s_flags & p->s_flag) || (mnt_flags & p->mnt_flag)) {
+ if (p->set_str)
+ seq_puts(m, p->set_str);
+ } else {
+ if (p->unset_str)
+ seq_puts(m, p->unset_str);
+ }
}
+ if (mnt->mnt_flags & MNT_XID)
+ seq_printf(m, ",xid=%d", mnt->mnt_xid);
if (mnt->mnt_sb->s_op->show_options)
err = mnt->mnt_sb->s_op->show_options(m, mnt);
seq_puts(m, " 0 0\n");
EXPORT_SYMBOL(may_umount);
-static inline void __umount_tree(struct vfsmount *mnt, struct list_head *kill)
+static inline void __umount_list(struct list_head *kill)
{
+ struct vfsmount *mnt;
+
while (!list_empty(kill)) {
mnt = list_entry(kill->next, struct vfsmount, mnt_list);
list_del_init(&mnt->mnt_list);
list_del(&p->mnt_list);
list_add(&p->mnt_list, &kill);
}
- __umount_tree(mnt, &kill);
+ __umount_list(&kill);
}
void umount_unused(struct vfsmount *mnt, struct fs_struct *fs)
list_del(&p->mnt_list);
list_add(&p->mnt_list, &kill);
}
- __umount_tree(mnt, &kill);
+ __umount_list(&kill);
}
static int do_umount(struct vfsmount *mnt, int flags)
down_write(&sb->s_umount);
if (!(sb->s_flags & MS_RDONLY)) {
lock_kernel();
+ DQUOT_OFF(sb);
retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
unlock_kernel();
}
/*
* do loopback mount.
*/
-static int do_loopback(struct nameidata *nd, char *old_name, int recurse)
+static int do_loopback(struct nameidata *nd, char *old_name, xid_t xid, unsigned long flags, int mnt_flags)
{
struct nameidata old_nd;
struct vfsmount *mnt = NULL;
+ int recurse = flags & MS_REC;
int err = mount_is_safe(nd);
+
if (err)
return err;
if (!old_name || !*old_name)
list_del_init(&mnt->mnt_fslink);
spin_unlock(&vfsmount_lock);
+ if (flags & MS_XID) {
+ mnt->mnt_xid = xid;
+ mnt->mnt_flags |= MNT_XID;
+ }
err = graft_tree(mnt, nd);
if (err) {
spin_lock(&vfsmount_lock);
spin_unlock(&vfsmount_lock);
} else
mntput(mnt);
+ mnt->mnt_flags = mnt_flags;
}
up_write(¤t->namespace->sem);
*/
static int do_remount(struct nameidata *nd, int flags, int mnt_flags,
- void *data)
+ void *data, xid_t xid)
{
int err;
struct super_block * sb = nd->mnt->mnt_sb;
- if (!capable(CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_REMOUNT))
return -EPERM;
if (!check_mnt(nd->mnt))
if (nd->dentry != nd->mnt->mnt_root)
return -EINVAL;
+ if (vx_ccaps(VXC_SECURE_REMOUNT))
+ mnt_flags |= MNT_NODEV;
down_write(&sb->s_umount);
err = do_remount_sb(sb, flags, data, 0);
- if (!err)
+ if (!err) {
nd->mnt->mnt_flags=mnt_flags;
+ if (flags & MS_XID)
+ nd->mnt->mnt_xid = xid;
+ }
up_write(&sb->s_umount);
if (!err)
security_sb_post_remount(nd->mnt, flags, data);
struct nameidata old_nd, parent_nd;
struct vfsmount *p;
int err = 0;
- if (!capable(CAP_SYS_ADMIN))
+ if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT))
return -EPERM;
if (!old_name || !*old_name)
return -EINVAL;
EXPORT_SYMBOL_GPL(mark_mounts_for_expiry);
-int copy_mount_options (const void __user *data, unsigned long *where)
+/*
+ * Some copy_from_user() implementations do not return the exact number of
+ * bytes remaining to copy on a fault. But copy_mount_options() requires that.
+ * Note that this function differs from copy_from_user() in that it will oops
+ * on bad values of `to', rather than returning a short copy.
+ */
+static long
+exact_copy_from_user(void *to, const void __user *from, unsigned long n)
+{
+ char *t = to;
+ const char __user *f = from;
+ char c;
+
+ if (!access_ok(VERIFY_READ, from, n))
+ return n;
+
+ while (n) {
+ if (__get_user(c, f)) {
+ memset(t, 0, n);
+ break;
+ }
+ *t++ = c;
+ f++;
+ n--;
+ }
+ return n;
+}
+
+int copy_mount_options(const void __user *data, unsigned long *where)
{
int i;
unsigned long page;
if (size > PAGE_SIZE)
size = PAGE_SIZE;
- i = size - copy_from_user((void *)page, data, size);
+ i = size - exact_copy_from_user((void *)page, data, size);
if (!i) {
free_page(page);
return -EFAULT;
struct nameidata nd;
int retval = 0;
int mnt_flags = 0;
+ xid_t xid = 0;
/* Discard magic */
if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
if (data_page)
((char *)data_page)[PAGE_SIZE - 1] = 0;
+ retval = vx_parse_xid(data_page, &xid, 1);
+ if (retval) {
+ mnt_flags |= MNT_XID;
+ /* bind and re-mounts get xid flag */
+ if (flags & (MS_BIND|MS_REMOUNT))
+ flags |= MS_XID;
+ }
+
/* Separate the per-mountpoint flags */
+ if (flags & MS_RDONLY)
+ mnt_flags |= MNT_RDONLY;
if (flags & MS_NOSUID)
mnt_flags |= MNT_NOSUID;
if (flags & MS_NODEV)
mnt_flags |= MNT_NODEV;
if (flags & MS_NOEXEC)
mnt_flags |= MNT_NOEXEC;
+ if (flags & MS_NOATIME)
+ mnt_flags |= MNT_NOATIME;
+ if (flags & MS_NODIRATIME)
+ mnt_flags |= MNT_NODIRATIME;
flags &= ~(MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_ACTIVE);
if (vx_ccaps(VXC_SECURE_MOUNT))
if (flags & MS_REMOUNT)
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
- data_page);
+ data_page, xid);
else if (flags & MS_BIND)
- retval = do_loopback(&nd, dev_name, flags & MS_REC);
+ retval = do_loopback(&nd, dev_name, xid, flags, mnt_flags);
else if (flags & MS_MOVE)
retval = do_move_mount(&nd, dev_name);
else
if (!(flags & CLONE_NEWNS))
return 0;
- if (!capable(CAP_SYS_ADMIN)) {
+ if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) {
put_namespace(namespace);
return -EPERM;
}
}
}
-EXPORT_SYMBOL(set_fs_root);
+EXPORT_SYMBOL_GPL(set_fs_root);
/*
* Replace the fs->{pwdmnt,pwd} with {mnt,dentry}. Put the old values.
}
}
-EXPORT_SYMBOL(set_fs_pwd);
-
static void chroot_fs_refs(struct nameidata *old_nd, struct nameidata *new_nd)
{
struct task_struct *g, *p;
}
/*
- * Moves the current root to put_root, and sets root/cwd of all processes
- * which had them on the old root to new_root.
+ * pivot_root Semantics:
+ * Moves the root file system of the current process to the directory put_old,
+ * makes new_root as the new root file system of the current process, and sets
+ * root/cwd of all processes which had them on the current root to new_root.
+ *
+ * Restrictions:
+ * The new_root and put_old must be directories, and must not be on the
+ * same file system as the current process root. The put_old must be
+ * underneath new_root, i.e. adding a non-zero number of /.. to the string
+ * pointed to by put_old must yield the same directory as new_root. No other
+ * file system may be mounted on put_old. After all, new_root is a mountpoint.
*
- * Note:
+ * Notes:
* - we don't move root/cwd if they are not at the root (reason: if something
* cared enough to change them, it's probably wrong to force them elsewhere)
* - it's okay to pick a root that isn't the root of a file system, e.g.
goto out2;
error = -EBUSY;
if (new_nd.mnt == user_nd.mnt || old_nd.mnt == user_nd.mnt)
- goto out2; /* loop */
+ goto out2; /* loop, on the same file system */
error = -EINVAL;
if (user_nd.mnt->mnt_root != user_nd.dentry)
- goto out2;
+ goto out2; /* not a mountpoint */
if (new_nd.mnt->mnt_root != new_nd.dentry)
goto out2; /* not a mountpoint */
tmp = old_nd.mnt; /* make sure we can reach put_old from new_root */
if (tmp != new_nd.mnt) {
for (;;) {
if (tmp->mnt_parent == tmp)
- goto out3;
+ goto out3; /* already mounted on put_old */
if (tmp->mnt_parent == new_nd.mnt)
break;
tmp = tmp->mnt_parent;
goto out3;
detach_mnt(new_nd.mnt, &parent_nd);
detach_mnt(user_nd.mnt, &root_parent);
- attach_mnt(user_nd.mnt, &old_nd);
- attach_mnt(new_nd.mnt, &root_parent);
+ attach_mnt(user_nd.mnt, &old_nd); /* mount old root on put_old */
+ attach_mnt(new_nd.mnt, &root_parent); /* mount new_root on / */
spin_unlock(&vfsmount_lock);
chroot_fs_refs(&user_nd, &new_nd);
security_sb_post_pivotroot(&user_nd, &new_nd);
void __init mnt_init(unsigned long mempages)
{
struct list_head *d;
- unsigned long order;
unsigned int nr_hash;
int i;
mnt_cache = kmem_cache_create("mnt_cache", sizeof(struct vfsmount),
0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL, NULL);
- order = 0;
mount_hashtable = (struct list_head *)
- __get_free_pages(GFP_ATOMIC, order);
+ __get_free_page(GFP_ATOMIC);
if (!mount_hashtable)
panic("Failed to allocate mount hash table\n");
* We don't guarantee that "sizeof(struct list_head)" is necessarily
* a power-of-two.
*/
- nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct list_head);
+ nr_hash = PAGE_SIZE / sizeof(struct list_head);
hash_bits = 0;
do {
hash_bits++;
nr_hash = 1UL << hash_bits;
hash_mask = nr_hash-1;
- printk("Mount-cache hash table entries: %d (order: %ld, %ld bytes)\n",
- nr_hash, order, (PAGE_SIZE << order));
+ printk("Mount-cache hash table entries: %d\n", nr_hash);
/* And initialize the newly allocated array */
d = mount_hashtable;
git://git.onelab.eu / linux-2.6.git / blobdiff