Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Read mount id also on legacy kernels #4590

Merged
merged 2 commits into from
Oct 6, 2021
Merged

Read mount id also on legacy kernels #4590

merged 2 commits into from
Oct 6, 2021

Conversation

smitsohu
Copy link
Collaborator

@smitsohu smitsohu commented Oct 5, 2021

Recursive remounting (noexec, read-only, read-write) currently needs a mount id. So far this id could not be obtained on kernels before 3.15.

Add support for recursive remounting also on legacy kernels, like frequently found on mobile devices. Should help SailfishOS community ports.

@smitsohu smitsohu force-pushed the mountid branch 3 times, most recently from 35fcfe7 to 44d8726 Compare October 5, 2021 17:17
@kmk3
Copy link
Collaborator

kmk3 commented Oct 6, 2021

@smitsohu commented on Oct 5:

Recursive remounting (noexec, read-only, read-write) currently needs a
mount id. So far this id could not be obtained on kernels before 3.15.

Add support for recursive remounting also on legacy kernels, like frequently
found on mobile devices. Should help SailfishOS community ports.

Interesting, I've always wondered why firejail explicitly aims to support old
kernels ("3.x or newer") and mobile phones would explain it all.

@smitsohu
mountinfo: get mount id from failed call to name_to_handle_at
a78d014 
Enables recursive remounting on very old kernels, which has some relevance
for SailfishOS community ports.
@smitsohu
Copy link
Collaborator Author

smitsohu commented Oct 6, 2021
edited
Loading

Interesting, I've always wondered why firejail explicitly aims to support old
kernels ("3.x or newer") and mobile phones would explain it all.

Just checked, this 3.x support statement dates back to the very first Firejail release in 2015, when 3.x kernels were quite new.

Six years later Firejail is still doing ok on these outdated kernels, and this has found (new) users. I guess that's the story more or less.

@smitsohu
Copy link
Collaborator Author

smitsohu commented Oct 6, 2021
edited
Loading

I updated the pull request to remove what was probably unnecessary root permissions.

As these changes are quite boring in its current form, I'll go ahead and merge.

@smitsohu smitsohu merged commit f02a218 into netblue30:master Oct 6, 2021
@smitsohu smitsohu deleted the mountid branch October 6, 2021 21:10
@kmk3
Copy link
Collaborator

kmk3 commented Oct 7, 2021
edited
Loading

@smitsohu commented on Oct 6:

Interesting, I've always wondered why firejail explicitly aims to support
old kernels ("3.x or newer") and mobile phones would explain it all.

Just checked, this 3.x support statement dates back to the very first
Firejail release in 2015, when 3.x kernels were quite new.

Six years later Firejail is still doing ok on these outdated kernels, and
this has found (new) users. I guess that's the story more or less.

Quite fascinating that firejail apparently only started to be used on mobile on
these kernels after they were closer to being legacy.

IIRC Android started to become a big deal around the times of Linux 3.x, so
that makes a lot of sense as well.

Cc: @spiiroin @Tomin1 (from SailfishOS)

@Tomin1
Copy link
Contributor

Tomin1 commented Oct 11, 2021

The oldest kernels we use in Sailfish OS are 3.10 and 3.18.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
Release 0.9.68
Status: To Document (RELNOTES/man)
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@smitsohu @kmk3 @Tomin1