switch mount_capable() to fs_context

now both callers of mount_capable() have access to fs_context; the only difference is that for sget_fc() we have the possibility of fc->global being true, while for legacy_get_tree() it's guaranteed to be impossible. Unify to more generic variant... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Al Viro <viro@zeniv.linux.org.uk> 2019-05-12 17:31:45 -0400
committer: Al Viro <viro@zeniv.linux.org.uk> 2019-05-25 17:59:59 -0400
commit: 20284ab7427ffac514faf44fd9eb50e5745f4474 (patch)
tree: 6babbbfbcb3fea8deef55d2d03088218e1fe591b /fs/super.c
parent: fd912087f4a897cfdf8274f8085c501742638be2 (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/fs/super.c b/fs/super.c
index bdb03255c7ea..d1e2f46bad7e 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -476,12 +476,15 @@ void generic_shutdown_super(struct super_block *sb)
 
 EXPORT_SYMBOL(generic_shutdown_super);
 
-bool mount_capable(struct file_system_type *type, struct user_namespace *userns)
+bool mount_capable(struct fs_context *fc)
 {
-	if (!(type->fs_flags & FS_USERNS_MOUNT))
+	struct user_namespace *user_ns = fc->global ? &init_user_ns
+						    : fc->user_ns;
+
+	if (!(fc->fs_type->fs_flags & FS_USERNS_MOUNT))
 		return capable(CAP_SYS_ADMIN);
 	else
-		return ns_capable(userns, CAP_SYS_ADMIN);
+		return ns_capable(user_ns, CAP_SYS_ADMIN);
 }
 
 /**
@@ -513,7 +516,7 @@ struct super_block *sget_fc(struct fs_context *fc,
 
 	if (!(fc->sb_flags & SB_KERNMOUNT) &&
 	    fc->purpose != FS_CONTEXT_FOR_SUBMOUNT) {
-		if (!mount_capable(fc->fs_type, user_ns))
+		if (!mount_capable(fc))
 			return ERR_PTR(-EPERM);
 	}
author	Al Viro <viro@zeniv.linux.org.uk>	2019-05-12 17:31:45 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	2019-05-25 17:59:59 -0400
commit	20284ab7427ffac514faf44fd9eb50e5745f4474 (patch)
tree	6babbbfbcb3fea8deef55d2d03088218e1fe591b /fs/super.c
parent	fd912087f4a897cfdf8274f8085c501742638be2 (diff)