git.baikalelectronics.ru Git - kernel.git/commit

author	Eric W. Biederman <ebiederm@xmission.com>
	Fri, 15 Nov 2013 05:22:25 +0000 (21:22 -0800)
committer	Eric W. Biederman <ebiederm@xmission.com>
	Wed, 27 Nov 2013 04:54:52 +0000 (20:54 -0800)
commit	0754ce7579afa781eee4de7f44ed58ce66a6445f
tree	1e91ad4811270d5fb3fd8bd64cd5cf096272c5d8	tree \| snapshot
parent	5ea19e0bccb9bf622d355f5d0ee4ba6dc9b3301e	commit \| diff

vfs: Fix a regression in mounting proc

Gao feng <gaofeng@cn.fujitsu.com> reported that commit
7347c1cb185e0d6f66dc946a6c5bd28b754b2683
userns: Better restrictions on when proc and sysfs can be mounted
caused a regression on mounting a new instance of proc in a mount
namespace created with user namespace privileges, when binfmt_misc
is mounted on /proc/sys/fs/binfmt_misc.

This is an unintended regression caused by the absolutely bogus empty
directory check in fs_fully_visible.  The check fs_fully_visible replaced
didn't even bother to attempt to verify proc was fully visible and
hiding proc files with any kind of mount is rare.  So for now fix
the userspace regression by allowing directory with nlink == 1
as /proc/sys/fs/binfmt_misc has.

I will have a better patch but it is not stable material, or
last minute kernel material.  So it will have to wait.

Cc: stable@vger.kernel.org
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Acked-by: Gao feng <gaofeng@cn.fujitsu.com>
Tested-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>