From e82b77e9696a6dada96a7f3ea3ec20a63e8e7b9e Mon Sep 17 00:00:00 2001
From: Karel Zak
Date: Mon, 28 May 2018 15:46:28 +0200
Subject: libmount: accept another flags on MS_REMOUNT|MS_BIND

The current libmount MS_REMOUNT|MS_BIND support is restricted to
MS_RDONLY (read-only bind mount). This is too restrictive as Linux
kernel supports bind-remount for arbitrary VFS flags.

After this update you can use

 # mount /dev/sdc1 /mnt/A
 # mount --bind -onosuid,noexec /mnt/A /mnt/B

 # findmnt /dev/sdc1 -oTARGET,SOURCE,FS-OPTIONS,VFS-OPTIONS
 TARGET SOURCE    FS-OPTIONS                 VFS-OPTIONS
 /mnt/A /dev/sdc1 rw,stripe=512,data=ordered rw,relatime
 /mnt/B /dev/sdc1 rw,stripe=512,data=ordered rw,nosuid,noexec,relatime

The "mount --bind" is composed from two syscalls of course (1st is
bind, 2nd is bind,remount,nosuid,noexec).

Addresses: https://github.com/karelzak/util-linux/issues/637
Signed-off-by: Karel Zak <kzak@redhat.com>
---
 libmount/src/mountP.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'libmount/src/mountP.h')

diff --git a/libmount/src/mountP.h b/libmount/src/mountP.h
index d47d26442..4ce891cda 100644
--- a/libmount/src/mountP.h
+++ b/libmount/src/mountP.h
@@ -361,6 +361,9 @@ struct libmnt_context
 /* default flags */
 #define MNT_FL_DEFAULT		0
 
+/* Flags usable with MS_BIND|MS_REMOUNT */
+#define MNT_BIND_SETTABLE	(MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOATIME|MS_NODIRATIME|MS_RELATIME|MS_RDONLY)
+
 /* lock.c */
 extern int mnt_lock_use_simplelock(struct libmnt_lock *ml, int enable);
 
-- 
cgit v1.2.3-55-g7522