mqueue: set ->user_ns before ->get_tree()

... so that we could lift the capability checks into ->get_tree()
caller

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 5 insertions, 4 deletions

diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 216cad1ff0d0..9f8e4cbcec00 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -364,8 +364,6 @@ static int mqueue_get_tree(struct fs_context *fc)
 {
         struct mqueue_fs_context *ctx = fc->fs_private;
 
-        put_user_ns(fc->user_ns);
-        fc->user_ns = get_user_ns(ctx->ipc_ns->user_ns);
         fc->s_fs_info = ctx->ipc_ns;
         return vfs_get_super(fc, vfs_get_keyed_super, mqueue_fill_super);
 }
@@ -374,8 +372,7 @@ static void mqueue_fs_context_free(struct fs_context *fc)
 {
         struct mqueue_fs_context *ctx = fc->fs_private;
 
-        if (ctx->ipc_ns)
-                put_ipc_ns(ctx->ipc_ns);
+        put_ipc_ns(ctx->ipc_ns);
         kfree(ctx);
 }
 
@@ -388,6 +385,8 @@ static int mqueue_init_fs_context(struct fs_context *fc)
                 return -ENOMEM;
 
         ctx->ipc_ns = get_ipc_ns(current->nsproxy->ipc_ns);
+        put_user_ns(fc->user_ns);
+        fc->user_ns = get_user_ns(ctx->ipc_ns->user_ns);
         fc->fs_private = ctx;
         fc->ops = &mqueue_fs_context_ops;
         return 0;
@@ -406,6 +405,8 @@ static struct vfsmount *mq_create_mount(struct ipc_namespace *ns)
         ctx = fc->fs_private;
         put_ipc_ns(ctx->ipc_ns);
         ctx->ipc_ns = get_ipc_ns(ns);
+        put_user_ns(fc->user_ns);
+        fc->user_ns = get_user_ns(ctx->ipc_ns->user_ns);
 
         mnt = fc_mount(fc);
         put_fs_context(fc);