git: 0235e9e56947 - releng/14.4 - unmount(2): do not allow MNT_DEFERRED or MNT_RECURSE flags from userspace

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Colin Percival <cperciva_at_FreeBSD.org>
Date: Wed, 18 Feb 2026 01:53:04 UTC

The branch releng/14.4 has been updated by cperciva:

URL: https://cgit.FreeBSD.org/src/commit/?id=0235e9e56947c5419e2bef7562c2b7221b82c90f

commit 0235e9e56947c5419e2bef7562c2b7221b82c90f
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2026-02-02 22:38:32 +0000
Commit:     Colin Percival <cperciva@FreeBSD.org>
CommitDate: 2026-02-18 01:47:16 +0000

    unmount(2): do not allow MNT_DEFERRED or MNT_RECURSE flags from userspace
    
    (cherry picked from commit cd8d44173adc375b59a24b1363476c086a7c86b4)
    (cherry picked from commit a893e8463ab2741204debd17901539708ec3a970)
---
 sys/kern/vfs_mount.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c
index 85d14a943d01..5ca7c43269ce 100644
--- a/sys/kern/vfs_mount.c
+++ b/sys/kern/vfs_mount.c
@@ -1733,6 +1733,8 @@ kern_unmount(struct thread *td, const char *path, int flags)
 	int error;
 
 	AUDIT_ARG_VALUE(flags);
+	if ((flags & (MNT_DEFERRED | MNT_RECURSE)) != 0)
+		return (EINVAL);
 	if (jailed(td->td_ucred) || usermount == 0) {
 		error = priv_check(td, PRIV_VFS_UNMOUNT);
 		if (error)