libmount: don't hold write fd to mounted device

Avoid holding writeable fd to a loop device that is being mounted. In
the hardened configurations (CONFIG_BLK_DEV_WRITE_MOUNTED = n) the
kernel wants to make sure nobody else has the block device writeably
open when mounting so this makes the mount fail.

Reported-by: JunChao Sun <sunjunchao2870@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Acked-by: Christian Brauner <brauner@kernel.org>

diff --git a/libmount/src/hook_loopdev.c b/libmount/src/hook_loopdev.c
index 8c8f7f2187328e2f8bb8ae231ab75e8d562822ec..e2114b0cbebe26e4ac8b8ac8a1cbc3e37bc8b31a 100644 (file)
--- a/libmount/src/hook_loopdev.c
+++ b/libmount/src/hook_loopdev.c
@@ -356,15 +356,19 @@ success:
                         */
                        mnt_optlist_append_flags(ol, MS_RDONLY, cxt->map_linux);
 
-               /* we have to keep the device open until mount(1),
-                * otherwise it will be auto-cleared by kernel
+               /*
+                * We have to keep the device open until mount(1), otherwise it
+                * will be auto-cleared by kernel. However we don't want to
+                * keep writeable fd as kernel wants to block all writers to
+                * the device being mounted (in the more hardened
+                * configurations). So grab read-only fd instead.
                 */
-               hd->loopdev_fd = loopcxt_get_fd(&lc);
+               hd->loopdev_fd = open(lc.device, O_RDONLY | O_CLOEXEC);
                if (hd->loopdev_fd < 0) {
-                       DBG(LOOP, ul_debugobj(cxt, "failed to get loopdev FD"));
+                       DBG(LOOP,
+                           ul_debugobj(cxt, "failed to reopen loopdev FD"));
                        rc = -errno;
-               } else
-                       loopcxt_set_fd(&lc, -1, 0);
+               }
        }
 done:
        loopcxt_deinit(&lc);