kernel-fxtec-pro1x/tools
Eric W. Biederman db181ce011 mnt: Add tests for unprivileged remount cases that have found to be faulty
Kenton Varda <kenton@sandstorm.io> discovered that by remounting a
read-only bind mount read-only in a user namespace the
MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
to the remount a read-only mount read-write.

Upon review of the code in remount it was discovered that the code allowed
nosuid, noexec, and nodev to be cleared.  It was also discovered that
the code was allowing the per mount atime flags to be changed.

The first naive patch to fix these issues contained the flaw that using
default atime settings when remounting a filesystem could be disallowed.

To avoid this problems in the future add tests to ensure unprivileged
remounts are succeeding and failing at the appropriate times.

Cc: stable@vger.kernel.org
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2014-07-31 17:13:15 -07:00
..
cgroup cgroups: fix cgroup_event_listener error handling 2013-01-08 10:00:44 -08:00
firewire tools/firewire: nosy-dump: check for allocation failure 2012-12-02 20:10:18 +01:00
hv Tools: hv: Handle the case when the target file exists correctly 2014-04-16 14:10:36 -07:00
include perf tools: Move ACCESS_ONCE from perf.h header 2014-05-05 17:49:07 +02:00
lguest tools/lguest: offer VIRTIO_F_ANY_LAYOUT for net device. 2013-07-15 11:18:32 +09:30
lib Merge branch 'liblockdep-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux into locking/urgent 2014-07-16 14:57:27 +02:00
net tools: bpf_jit_disasm: increase image buffer size 2014-05-16 16:44:08 -04:00
nfsd NFSD: Added fault injection script 2011-11-07 21:10:47 -05:00
perf perf symbols: Get kernel start address by symbol name 2014-06-20 09:34:22 +02:00
power Merge branches 'acpi-tools' and 'pm-tools' 2014-06-03 23:13:34 +02:00
scripts tools lib traceevent: Add global QUIET_CC_FPIC build output 2013-12-19 16:18:10 -03:00
testing mnt: Add tests for unprivileged remount cases that have found to be faulty 2014-07-31 17:13:15 -07:00
thermal/tmon tmon: set umask to a reasonable value 2014-07-01 22:00:51 +08:00
usb tools: ffs-test: fix header values endianess 2014-06-30 13:23:58 -05:00
virtio tools: Consolidate types.h 2014-05-01 21:22:39 +02:00
vm tools/vm/page-types.c: catch sigbus if raced with truncate 2014-06-04 16:53:51 -07:00
Makefile tools/liblockdep: Build liblockdep from tools/Makefile 2014-05-08 13:34:45 -04:00