diff options
author | Christoph Hellwig <hch@lst.de> | 2020-07-22 11:26:13 +0200 |
---|---|---|
committer | Christoph Hellwig <hch@lst.de> | 2020-07-31 08:17:52 +0200 |
commit | 4b7ca5014cbef51cdb99fd644eae4f3773747a05 (patch) | |
tree | 694867036c56c7e99e0dd8754af9526d8d00c04c /fs/init.c | |
parent | db63f1e315384590b979f8f74abd1b5363b69894 (diff) |
init: add an init_chroot helper
Add a simple helper to chroot with a kernel space file name and switch
the early init code over to it. Remove the now unused ksys_chroot.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Diffstat (limited to 'fs/init.c')
-rw-r--r-- | fs/init.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/fs/init.c b/fs/init.c index 64d4e12eba93..2c78f24814dd 100644 --- a/fs/init.c +++ b/fs/init.c @@ -9,6 +9,7 @@ #include <linux/fs.h> #include <linux/fs_struct.h> #include <linux/init_syscalls.h> +#include <linux/security.h> #include "internal.h" int __init init_mount(const char *dev_name, const char *dir_name, @@ -54,6 +55,29 @@ int __init init_chdir(const char *filename) return error; } +int __init init_chroot(const char *filename) +{ + struct path path; + int error; + + error = kern_path(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path); + if (error) + return error; + error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); + if (error) + goto dput_and_out; + error = -EPERM; + if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) + goto dput_and_out; + error = security_path_chroot(&path); + if (error) + goto dput_and_out; + set_fs_root(current->fs, &path); +dput_and_out: + path_put(&path); + return error; +} + int __init init_unlink(const char *pathname) { return do_unlinkat(AT_FDCWD, getname_kernel(pathname)); |