lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 20 Jun 2014 10:39:22 +0200
From:	Philippe De Muyter <>
Cc:	Philippe De Muyter <>,
	Al Viro <>,
	Dave Chinner <>,
	Andrew Morton <>,
Subject: [PATCH] VFS: mount must return EACCES, not EROFS

mount must return EACCES, not EROFS, when one attempts to mount a
read-only filesystem in read-write mode, but the file-system layer
only transmits the error given by the block layer, and many block
drivers return EROFS in that case, so let's fix it in do_mount.

Actually it is only a small problem for a user using the mount(1)
command, because EROFS is actually a more explicit answer than
EACCES, but init/do_mounts.c checks only for EACCES, not EROFS,
to decide to retry to mount the root file-system in read-only mode,
and so we are left with an unbootable kernel, and with a cryptic
error message (*) if the root partition happens to be read-only

(*): VFS: Cannot open root device "mmcblk0p2" or unknown-block(179,2):
error -30

Signed-off-by: Philippe De Muyter <>
Cc: Al Viro <>
Cc: Dave Chinner <>
Cc: Andrew Morton <>
 fs/namespace.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 182bc41..6291a3f 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2411,6 +2411,8 @@ long do_mount(const char *dev_name, const char *dir_name,
 	retval = security_sb_mount(dev_name, &path,
 				   type_page, flags, data_page);
+	if (retval == -EROFS)
+		retval = -EACCES;
 	if (!retval && !may_mount())
 		retval = -EPERM;
 	if (retval)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists