Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull user-namespace fix from Eric Biederman:
 "Eric Windish recently reported a really bug that allows mounting fresh
  copies of proc and sysfs when it really should not be allowed.  The
  code attempted to verify that proc and sysfs were fully visible but
  there is a test missing to ensure that the root of the filesystem is
  visible.  Doh!

  The following patch fixes that.

  This fixes a containment issue that the docker folks are seeing"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  mnt: Fix fs_fully_visible to verify the root directory is visible

1 files changed, 6 insertions, 0 deletions

diff --git a/fs/namespace.c b/fs/namespace.c
index 1f4f9dac6e5a..1b9e11167bae 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3179,6 +3179,12 @@ bool fs_fully_visible(struct file_system_type *type)
                 if (mnt->mnt.mnt_sb->s_type != type)
                         continue;
 
+                /* This mount is not fully visible if it's root directory
+                 * is not the root directory of the filesystem.
+                 */
+                if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root)
+                        continue;
+
                 /* This mount is not fully visible if there are any child mounts
                  * that cover anything except for empty directories.
                  */