diff options
| author | Maciej Żenczykowski <maze@google.com> | 2020-05-26 20:13:40 +0000 |
|---|---|---|
| committer | Maciej Zenczykowski <maze@google.com> | 2020-05-26 20:31:21 +0000 |
| commit | 8729a90040f2aeaab4fc9423cd2667a4efb64d4d (patch) | |
| tree | 30f3ff195a4173492f7fdf1824f015c3e6a30736 | |
| parent | 14a5302274d77109b68091f04b0a7e55622d9c5d (diff) | |
| download | tests-8729a90040f2aeaab4fc9423cd2667a4efb64d4d.tar.gz | |
net-test: do not allow propagation of mount flags to parent namespace
on a cuttlefish x86_64 aosp3 device without this change:
$ adbz shell cat /proc/mounts | egrep ' /(|proc|sys) '
/dev/block/dm-2 / ext4 ro,seclabel,noatime,errors=panic 0 0
proc /proc proc rw,relatime,gid=3009,hidepid=2 0 0
sysfs /sys sysfs rw,seclabel,relatime 0 0
$ atest vts_kernel_net_tests
...
$ adbz shell cat /proc/mounts | egrep ' /(|proc|sys) '
/dev/block/dm-2 / ext4 ro,seclabel,noatime,errors=panic 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime,gid=3009,hidepid=2 0 0
sysfs /sys sysfs rw,seclabel,nosuid,nodev,noexec,relatime 0 0
with this change there is no longer a difference.
(This explains why I saw this mount syscall while strace'ing unshare)
Bug: 149894399
Test: ran 'atest vts_kernel_net_tests'
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia64be091b58f97fdf7e0c24ca6599b1aecd3bcdf
Merged-In: Ia64be091b58f97fdf7e0c24ca6599b1aecd3bcdf
| -rw-r--r-- | net/test/namespace.py | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/test/namespace.py b/net/test/namespace.py index 0045588..986fb59 100644 --- a/net/test/namespace.py +++ b/net/test/namespace.py @@ -132,6 +132,7 @@ def IfPossibleEnterNewNetworkNamespace(): try: # DumpMounts('Before:') + Mount('none', '/', None, MS_REC|MS_PRIVATE) ReMountProc() ReMountSys() # DumpMounts('After:') |