From 85569e8dd488d17fbe47ab6aa403b5df3bb3dbe2 Mon Sep 17 00:00:00 2001 From: Andrey Vagin Date: Mon, 21 Apr 2014 18:23:49 +0400 Subject: [PATCH] mount: prevent dumping nested mount namespace without mnt_id in fdinfo When we don't know mnt_id, we don't know to which namespace a file belongs. Signed-off-by: Andrey Vagin Signed-off-by: Pavel Emelyanov --- cr-check.c | 2 +- include/proc_parse.h | 2 ++ mount.c | 9 ++++++++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/cr-check.c b/cr-check.c index 210365997..333d5939d 100644 --- a/cr-check.c +++ b/cr-check.c @@ -249,7 +249,7 @@ static int check_one_sfd(union fdinfo_entries *e, void *arg) return 0; } -static int check_mnt_id(void) +int check_mnt_id(void) { struct fdinfo_common fdinfo = { .mnt_id = -1 }; int ret; diff --git a/include/proc_parse.h b/include/proc_parse.h index d57ea272d..a1dfd7a44 100644 --- a/include/proc_parse.h +++ b/include/proc_parse.h @@ -176,4 +176,6 @@ extern int parse_file_locks(void); struct pid; extern int parse_threads(int pid, struct pid **_t, int *_n); +extern int check_mnt_id(void); + #endif /* __CR_PROC_PARSE_H__ */ diff --git a/mount.c b/mount.c index 270f53728..12ff5bddf 100644 --- a/mount.c +++ b/mount.c @@ -1902,7 +1902,7 @@ err: int dump_mnt_namespaces(void) { struct ns_id *ns; - int ret = 0; + int ret = 0, n = 0; for (ns = ns_ids; ns; ns = ns->next) { /* Skip current namespaces, which are in the list too */ @@ -1917,6 +1917,13 @@ int dump_mnt_namespaces(void) if (!(ns->nd->cflag & CLONE_NEWNS)) continue; + n++; + + if (n == 2 && check_mnt_id()) { + pr_err("Nested mount namespaces are not supported " + "without mnt_id in fdinfo\n"); + return -1; + } pr_info("Dump MNT namespace (mountpoints) %d via %d\n", ns->id, ns->pid); ret = dump_mnt_ns(ns);