diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2013-01-31 04:23:54 -0800 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2013-02-13 06:00:38 -0800 |
commit | f74f70f8b10b435f5f20247e70d1d86b53a59685 (patch) | |
tree | 0ba5bd2d8e1f3cb795c66e134c7bc1d4572016aa | |
parent | 66fdb93f882d21612a5287cd1303c9b1391ebf5d (diff) |
afs: Only allow mounting afs in the intial network namespace
rxrpc sockets only work in the initial network namespace so it isn't
possible to support afs in any other network namespace.
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-rw-r--r-- | fs/afs/super.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/afs/super.c b/fs/afs/super.c index 43165009428..7c31ec39957 100644 --- a/fs/afs/super.c +++ b/fs/afs/super.c @@ -24,6 +24,8 @@ #include <linux/parser.h> #include <linux/statfs.h> #include <linux/sched.h> +#include <linux/nsproxy.h> +#include <net/net_namespace.h> #include "internal.h" #define AFS_FS_MAGIC 0x6B414653 /* 'kAFS' */ @@ -363,6 +365,10 @@ static struct dentry *afs_mount(struct file_system_type *fs_type, memset(¶ms, 0, sizeof(params)); + ret = -EINVAL; + if (current->nsproxy->net_ns != &init_net) + goto error; + /* parse the options and device name */ if (options) { ret = afs_parse_options(¶ms, options, &dev_name); |