diff options
| author | Alexey Gladkov <legion@kernel.org> | 2026-04-27 10:26:07 +0200 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2026-05-11 23:13:02 +0200 |
| commit | 05dab768fc2dc7eb9b827201bb39bb5be54bce49 (patch) | |
| tree | dc739e81c696361e93b6bb3a1d90aeb8a59d3286 /include/linux | |
| parent | 1991a8f6932124d880e847885da20a98948b6fed (diff) | |
proc: handle subset=pid separately in userns visibility checks
When procfs is mounted with subset=pid, only the dynamic process-related
part of the filesystem remains visible. That part cannot be hidden by
overmounts, so checking whether an existing procfs mount is fully
visible does not make sense for this mode.
At the same time, a subset=pid procfs mount must not be used as evidence
that a later procfs mount would not reveal additional information. It
provides a restricted view of procfs, not the full filesystem view.
Mark subset=pid procfs instances as restricted variants. Ignore
restricted variants when looking for an already-visible mount, and allow
new restricted variants without consulting mnt_already_visible().
Signed-off-by: Alexey Gladkov <legion@kernel.org>
Link: https://patch.msgid.link/4d5e760c3d534dd2e05578d119cc408450053a98.1777278334.git.legion@kernel.org
Reviewed-by: Aleksa Sarai <aleksa@amutable.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/fs/super_types.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs/super_types.h b/include/linux/fs/super_types.h index 182efbeb9520..a6cdc8f6de4e 100644 --- a/include/linux/fs/super_types.h +++ b/include/linux/fs/super_types.h @@ -326,6 +326,7 @@ struct super_block { #define SB_I_STABLE_WRITES 0x00000008 /* don't modify blks until WB is done */ /* sb->s_iflags to limit user namespace mounts */ +#define SB_I_RESTRICTED_VARIANT 0x00000010 #define SB_I_IMA_UNVERIFIABLE_SIGNATURE 0x00000020 #define SB_I_UNTRUSTED_MOUNTER 0x00000040 #define SB_I_EVM_HMAC_UNSUPPORTED 0x00000080 |