reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-10-07 00:53:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

executor/linux: change mount propagation type to private

Browse Source 
unshare(CLONE_NEWNS) might not be sufficient for making all test processes run in
separate mount namespace, for "mount --make-rshared /" request issued by systemd
causes mount operations issued by test processes visible from outside of test
processes. Issue "mount --make-rprivate /" request after unshare(CLONE_NEWNS).
This commit is contained in:
Tetsuo Handa 2020-08-26 18:52:10 +09:00 committed by Dmitry Vyukov
parent 344da168cb
commit 318430cbb3
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
executor/common_linux.h
View File

@ -3318,6 +3318,9 @@ static void sandbox_common()
if (unshare(CLONE_NEWNS)) {
debug("unshare(CLONE_NEWNS): %d\n", errno);
}
if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL)) {
debug("mount(\"/\", MS_REC | MS_PRIVATE): %d\n", errno);
}
if (unshare(CLONE_NEWIPC)) {
debug("unshare(CLONE_NEWIPC): %d\n", errno);
}

3
pkg/csource/generated.go
View File

@ -7576,6 +7576,9 @@ static void sandbox_common()
if (unshare(CLONE_NEWNS)) {
debug("unshare(CLONE_NEWNS): %d\n", errno);
}
if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL)) {
debug("mount(\"/\", MS_REC | MS_PRIVATE): %d\n", errno);
}
if (unshare(CLONE_NEWIPC)) {
debug("unshare(CLONE_NEWIPC): %d\n", errno);
}