diff options
| author | Mark Brown <broonie@opensource.wolfsonmicro.com> | 2013-04-17 14:24:35 +0100 |
|---|---|---|
| committer | Mark Brown <broonie@opensource.wolfsonmicro.com> | 2013-04-17 14:24:35 +0100 |
| commit | 753e23ea588d353da9d0a2672828336453607265 (patch) | |
| tree | a0eb4875ecde41725fe890e27f52d69812031ea1 /ipc/mqueue.c | |
| parent | c999836d37c6c1125e856f68877ae13952baa61a (diff) | |
| parent | 41ef2d5678d83af030125550329b6ae8b74618fa (diff) | |
| download | lwn-753e23ea588d353da9d0a2672828336453607265.tar.gz lwn-753e23ea588d353da9d0a2672828336453607265.zip | |
Merge tag 'v3.9-rc7' into asoc-dma
Linux 3.9-rc7
Diffstat (limited to 'ipc/mqueue.c')
| -rw-r--r-- | ipc/mqueue.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 3953fda2e8bd..e4e47f647446 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -330,8 +330,16 @@ static struct dentry *mqueue_mount(struct file_system_type *fs_type, int flags, const char *dev_name, void *data) { - if (!(flags & MS_KERNMOUNT)) - data = current->nsproxy->ipc_ns; + if (!(flags & MS_KERNMOUNT)) { + struct ipc_namespace *ns = current->nsproxy->ipc_ns; + /* Don't allow mounting unless the caller has CAP_SYS_ADMIN + * over the ipc namespace. + */ + if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN)) + return ERR_PTR(-EPERM); + + data = ns; + } return mount_ns(fs_type, flags, data, mqueue_fill_super); } |