Bug 813563

Summary: Wrong combination of mount() MS_* flags
Product: [Fedora] Fedora Reporter: Milan Broz <mbroz>
Component: systemdAssignee: systemd-maint
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: johannbg, kzak, lpoetter, mads, metherid, notting, plautrba, pvrabec, systemd-maint
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-09-12 03:33:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milan Broz 2012-04-17 21:38:30 UTC 
Description of problem:

There are several places in systemd code where mount() is called with flags combination which is not supported by kernel implementaton, e.g.

namespace.c: r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|MS_UNBINDABLE|flags, NULL);

  - MS_UNBINDABLE|flags will be ignored, MS_REMOUNT can change only readonly flags (moreover, flag can contain MS_SHARED etc)

nspawn.c: if (mount(arg_directory, "/", "bind", MS_BIND|MS_MOVE, NULL) < 0) {

  - what this should do? kernel will never reach MS_MOVE processing...

...

Version-Release number of selected component (if applicable):

systemd-44-4.fc18
Comment 1 Karel Zak 2012-04-17 21:44:20 UTC 
Note, see kernel do_mount() in fs/namespace.c:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=blob;f=fs/namespace.c;h=e6081996c9a2f9d26525740545445630c4737583;hb=HEAD#l2178

it's pretty obvious how you can mix mount flags.
Comment 2 Kay Sievers 2012-04-18 12:24:01 UTC 
Right, seems luckily they are just silently ignored, and should not have
caused any harm.

MS_UNBINDABLE and MS_MOVE are removed now from the sources.

Thanks!
Comment 3 Milan Broz 2012-04-18 12:59:28 UTC 
Still not complete I am afraid, but this one is just nitpicking seems :-)

r = mount(NULL, where, NULL, MS_REMOUNT|MS_BIND|flags, NULL);

flags can contain MS_SHARED...

see ns-test.c:

setup_namespace((char**) writable, (char**) readable, (char**) inaccessible, true, MS_SHARED) ... propagates to apply_mount flags where can be combined with MS_REMOUNT.
Comment 4 Kay Sievers 2012-04-18 18:34:39 UTC 
It's also in src/core/execute.c, which is used for private /tmp.
Comment 5 Lennart Poettering 2012-09-12 03:33:54 UTC 
Fixed in git/F18 since a while.