git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Al Viro <viro@zeniv.linux.org.uk>
	Fri, 6 Jun 2025 22:31:03 +0000 (18:31 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 19 Jun 2025 13:41:07 +0000 (15:41 +0200)
commit	917677d599e269bf0495e1a314f16232ed586b7b
tree	590de1ebcaa87fe8fd1b615b9591aed21292d01d	tree \| snapshot
parent	c3e3a011adebe5cfb286c7bdc5ff2f202b21e568	commit \| diff

do_move_mount(): split the checks in subtree-of-our-ns and entire-anon cases

commit 290da20e333955637f00647d9fff7c6e3c0b61e0 upstream.

... and fix the breakage in anon-to-anon case.  There are two cases
acceptable for do_move_mount() and mixing checks for those is making
things hard to follow.

One case is move of a subtree in caller's namespace.
        * source and destination must be in caller's namespace
* source must be detachable from parent
Another is moving the entire anon namespace elsewhere
* source must be the root of anon namespace
* target must either in caller's namespace or in a suitable
  anon namespace (see may_use_mount() for details).
* target must not be in the same namespace as source.

It's really easier to follow if tests are *not* mixed together...

Reviewed-by: Christian Brauner <brauner@kernel.org>
Fixes: 3b5260d12b1f ("Don't propagate mounts into detached trees")
Reported-by: Allison Karlitskaya <lis@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>