diff options
author | Eric W. Biederman | 2013-01-31 04:23:54 -0800 |
---|---|---|
committer | Eric W. Biederman | 2013-02-13 06:00:38 -0800 |
commit | f74f70f8b10b435f5f20247e70d1d86b53a59685 (patch) | |
tree | 0ba5bd2d8e1f3cb795c66e134c7bc1d4572016aa | |
parent | 66fdb93f882d21612a5287cd1303c9b1391ebf5d (diff) |
afs: Only allow mounting afs in the intial network namespace
rxrpc sockets only work in the initial network namespace so it isn't
possible to support afs in any other network namespace.
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-rw-r--r-- | fs/afs/super.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/afs/super.c b/fs/afs/super.c index 43165009428d..7c31ec399575 100644 --- a/fs/afs/super.c +++ b/fs/afs/super.c @@ -24,6 +24,8 @@ #include <linux/parser.h> #include <linux/statfs.h> #include <linux/sched.h> +#include <linux/nsproxy.h> +#include <net/net_namespace.h> #include "internal.h" #define AFS_FS_MAGIC 0x6B414653 /* 'kAFS' */ @@ -363,6 +365,10 @@ static struct dentry *afs_mount(struct file_system_type *fs_type, memset(¶ms, 0, sizeof(params)); + ret = -EINVAL; + if (current->nsproxy->net_ns != &init_net) + goto error; + /* parse the options and device name */ if (options) { ret = afs_parse_options(¶ms, options, &dev_name); |