Merge "minijail: fix gen_constants to be portable"
diff --git a/libminijail.c b/libminijail.c
index 5ccb9c1..2497115 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -800,6 +800,9 @@
return -errno;
if (chroot("/"))
return -errno;
+ /* Set correct CWD for getcwd(3). */
+ if (chdir("/"))
+ return -errno;
return 0;
}
@@ -821,7 +824,7 @@
* and make our own. However, if we are in a new user namespace, /proc
* is not seen as mounted, so don't return error if umount() fails.
*/
- if (umount(kProcPath) && !j->flags.userns)
+ if (umount2(kProcPath, MNT_DETACH) && !j->flags.userns)
return -errno;
if (mount("", kProcPath, "proc", kSafeFlags | MS_RDONLY, ""))
return -errno;
@@ -992,8 +995,17 @@
if (j->flags.enter_vfs && setns(j->mountns_fd, CLONE_NEWNS))
pdie("setns(CLONE_NEWNS)");
- if (j->flags.vfs && unshare(CLONE_NEWNS))
- pdie("unshare(vfs)");
+ if (j->flags.vfs) {
+ if (unshare(CLONE_NEWNS))
+ pdie("unshare(vfs)");
+ /*
+ * Remount all filesystems as private. If they are shared
+ * new bind mounts will creep out of our namespace.
+ * https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt
+ */
+ if (mount(NULL, "/", NULL, MS_REC | MS_PRIVATE, NULL))
+ pdie("mount(/, private)");
+ }
if (j->flags.net && unshare(CLONE_NEWNET))
pdie("unshare(net)");
