Skip to content

Commit

Permalink
Move rootfs check to inside mountMu.
Browse files Browse the repository at this point in the history 
Reported-by: syzbot+811d3f0d101cfe1b1737@syzkaller.appspotmail.com
PiperOrigin-RevId: 578631715
  • Loading branch information
@manninglucas @gvisor-bot
manninglucas authored and gvisor-bot committed Nov 1, 2023
1 parent 9c0d595 commit 429f7c4
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions pkg/sentry/vfs/mount.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1040,10 +1040,7 @@ retry:
if oldRoot.mount.root != oldRoot.dentry {
return newRoot, oldRoot, linuxerr.EINVAL
}
// The current root and the new root cannot be on the rootfs mount.
if oldRoot.mount.parent() == nil || newRoot.mount.parent() == nil {
return newRoot, oldRoot, linuxerr.EINVAL
}

// The current root and the new root must be in the context's mount namespace.
ns := MountNamespaceFromContext(ctx)
defer ns.DecRef(ctx)
Expand All @@ -1053,6 +1050,12 @@ retry:
return newRoot, oldRoot, linuxerr.EINVAL
}

// The current root and the new root cannot be on the rootfs mount.
if oldRoot.mount.parent() == nil || newRoot.mount.parent() == nil {
vfs.unlockMounts(ctx)
return newRoot, oldRoot, linuxerr.EINVAL
}

// Either the mount point at new_root, or the parent mount of that mount
// point, has propagation type MS_SHARED.
if newRootParent := newRoot.mount.parent(); newRoot.mount.isShared || newRootParent.isShared {
Expand Down

0 comments on commit 429f7c4

Please sign in to comment.