My edit is based on experiments and reading Linux code You will find C code I used for experiments below v1: https://lore.kernel.org/linux-man/20250822114315.1571537-1-safinaskar@xxxxxxxxxxxx/ Askar Safin (1): man2/mount.2: expand and clarify docs for MS_REMOUNT | MS_BIND man/man2/mount.2 | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) -- 2.47.2 // You need to be root in initial user namespace #define _GNU_SOURCE #include <stdio.h> #include <stdlib.h> #include <stdbool.h> #include <string.h> #include <unistd.h> #include <fcntl.h> #include <sched.h> #include <errno.h> #include <sys/stat.h> #include <sys/mount.h> #include <sys/syscall.h> #include <sys/sysmacros.h> #include <linux/openat2.h> #define MY_ASSERT(cond) do { \ if (!(cond)) { \ fprintf (stderr, "%d: %s: assertion failed\n", __LINE__, #cond); \ exit (1); \ } \ } while (0) int main (void) { // Init { MY_ASSERT (chdir ("/") == 0); MY_ASSERT (unshare (CLONE_NEWNS) == 0); MY_ASSERT (mount (NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp", "tmpfs", 0, NULL) == 0); } MY_ASSERT (mkdir ("/tmp/a", 0777) == 0); MY_ASSERT (mkdir ("/tmp/b", 0777) == 0); // MS_REMOUNT sets options for superblock { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_RDONLY, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // MS_REMOUNT | MS_BIND sets options for vfsmount { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND | MS_RDONLY, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/b/c") == 0); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // fspick sets options for superblock { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); { int fsfd = fspick (AT_FDCWD, "/tmp/a", 0); MY_ASSERT (fsfd >= 0); MY_ASSERT (fsconfig (fsfd, FSCONFIG_SET_FLAG, "ro", NULL, 0) == 0); MY_ASSERT (fsconfig (fsfd, FSCONFIG_CMD_RECONFIGURE, NULL, NULL, 0) == 0); MY_ASSERT (close (fsfd) == 0); } MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // mount_setattr sets options for vfsmount { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); { struct mount_attr attr; memset (&attr, 0, sizeof attr); attr.attr_set = MOUNT_ATTR_RDONLY; MY_ASSERT (mount_setattr (AT_FDCWD, "/tmp/a", 0, &attr, sizeof attr) == 0); } MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/b/c") == 0); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // "ro" as a string works for MS_REMOUNT { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT, "ro") == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // "ro" as a string doesn't work for MS_REMOUNT | MS_BIND // Option string is ignored { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount ("/tmp/a", "/tmp/b", NULL, MS_BIND, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND, "ro") == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); MY_ASSERT (mkdir ("/tmp/b/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/b/c") == 0); MY_ASSERT (umount ("/tmp/a") == 0); MY_ASSERT (umount ("/tmp/b") == 0); } // Removing MS_RDONLY makes mount writable again (in case of MS_REMOUNT | MS_BIND) // Same for other options (not tested, but I did read code) { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND | MS_RDONLY, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (umount ("/tmp/a") == 0); } // Removing "ro" from option string makes mount writable again (in case of MS_REMOUNT) // I. e. mount(2) works exactly as documented // This works even if option string is NULL, i. e. NULL works as default option string { typedef const char *c_string; c_string opts[3] = {NULL, "", "rw"}; for (int i = 0; i != 3; ++i) { for (int j = 0; j != 3; ++j) { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, opts[i]) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT, "ro") == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT, opts[j]) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (umount ("/tmp/a") == 0); } } } // Removing MS_RDONLY makes mount writable again (in case of MS_REMOUNT) // I. e. mount(2) works exactly as documented { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_RDONLY, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); MY_ASSERT (errno == EROFS); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); MY_ASSERT (umount ("/tmp/a") == 0); } // Setting MS_RDONLY (without other flags) removes all other flags, such as MS_NODEV (in case of MS_REMOUNT | MS_BIND) { MY_ASSERT (mount (NULL, "/tmp/a", "tmpfs", 0, NULL) == 0); MY_ASSERT (mknod ("/tmp/a/mynull", S_IFCHR | 0666, makedev (1, 3)) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); { int fd = open ("/tmp/a/mynull", O_WRONLY); MY_ASSERT (fd >= 0); MY_ASSERT (write (fd, "a", 1) == 1); MY_ASSERT (close (fd) == 0); } MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND | MS_NODEV, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == 0); MY_ASSERT (rmdir ("/tmp/a/c") == 0); MY_ASSERT (open ("/tmp/a/mynull", O_WRONLY) == -1); MY_ASSERT (mount (NULL, "/tmp/a", NULL, MS_REMOUNT | MS_BIND | MS_RDONLY, NULL) == 0); MY_ASSERT (mkdir ("/tmp/a/c", 0777) == -1); { int fd = open ("/tmp/a/mynull", O_WRONLY); MY_ASSERT (fd >= 0); MY_ASSERT (write (fd, "a", 1) == 1); MY_ASSERT (close (fd) == 0); } MY_ASSERT (umount ("/tmp/a") == 0); } printf ("All tests passed\n"); exit (0); }
