From a157a9ab24f218ee8f5007e4d6d5c65c9c0353f2 Mon Sep 17 00:00:00 2001
From: shangyibin <shangyibin1@huawei.com>
Date: Sat, 19 Feb 2022 18:02:46 +0800
Subject: [PATCH] fix by ignoring EINVAL on remount of proc cherry-pick from:
 0b7633309620df26f57673682eca33806b3826e7

---
 ...y-ignoring-EINVAL-on-remount-of-proc.patch | 40 +++++++++++++++++++
 util-linux.spec                               | 24 ++++++-----
 2 files changed, 53 insertions(+), 11 deletions(-)
 create mode 100644 backport-fix-by-ignoring-EINVAL-on-remount-of-proc.patch

diff --git a/backport-fix-by-ignoring-EINVAL-on-remount-of-proc.patch b/backport-fix-by-ignoring-EINVAL-on-remount-of-proc.patch
new file mode 100644
index 0000000..38d663e
--- /dev/null
+++ b/backport-fix-by-ignoring-EINVAL-on-remount-of-proc.patch
@@ -0,0 +1,40 @@
+From 1961dccea09176a401bc8fc5e1769ab426308314 Mon Sep 17 00:00:00 2001
+From: benaryorg <binary@benary.org>
+Date: Fri, 4 Jun 2021 12:34:52 +0000
+Subject: [PATCH] fix #648 by ignoring EINVAL on-remount of proc
+
+When using --mount-proc=/some/path then unshare fails if the path provided is not already mounted due to the mount(2) call to change the propagation of the mount.
+In such a case mount(2) returns EINVAL, which however is used for a variety of other errors.
+If this error is ignored mistakenly the effects however should be neglible since:
+
+1. the mount of proc afterwards happens regardless, errors of which are not ignored
+2. the propagation change of root uses MS_REC, which shold already change the propagation of all mounts recursively
+
+Furthermore /proc is not touched if --mount-proc specifies a different mount point.
+This should not cause too much unexpected behaviour due to point 2 from above in any case.
+Specifying --mount-proc with a different path also means that unshare(3) is not instructed to touch /proc, thus /proc not being touched should not be unexpected.
+As a side note, if unshare is called with /proc as an (implicit) parameter to --mount-proc then /proc is a stacked mount, meaning if /proc is unmounted it in the namespace the host /proc is visible again, thus not touching /proc with a different parameter does not constitute more information leakage than the alternative, quite contary it may even be the desired behaviour.
+
+Signed-off-by: benaryorg <binary@benary.org>
+---
+ sys-utils/unshare.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c
+index e5627d3c64..820691ba35 100644
+--- a/sys-utils/unshare.c
++++ b/sys-utils/unshare.c
+@@ -650,8 +650,11 @@ int main(int argc, char *argv[])
+ 		err(EXIT_FAILURE, _("cannot chdir to '%s'"), newdir);
+ 
+ 	if (procmnt) {
+-		if (!newroot && mount("none", procmnt, NULL, MS_PRIVATE|MS_REC, NULL) != 0)
+-			err(EXIT_FAILURE, _("cannot change %s filesystem propagation"), procmnt);
++		if (!newroot && mount("none", procmnt, NULL, MS_PRIVATE|MS_REC, NULL))
++			/* custom procmnt means that proc is very likely not mounted, causing EINVAL
++			   ignoring the error in this specific instance is safe */
++			if(errno != EINVAL)
++				err(EXIT_FAILURE, _("cannot change %s filesystem propagation"), procmnt);
+ 		if (mount("proc", procmnt, "proc", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) != 0)
+ 			err(EXIT_FAILURE, _("mount %s failed"), procmnt);
+ 	}
diff --git a/util-linux.spec b/util-linux.spec
index 1bcc51c..36f1df7 100644
--- a/util-linux.spec
+++ b/util-linux.spec
@@ -24,16 +24,18 @@ Patch6002:      backport-CVE-2021-3996.patch
 Patch6003:      realloc-buffer-when-header-size-changed.patch
 Patch6004:      fix-size-use-for-stdin.patch
 Patch6005:      segmentation-fault-on-invalid-unicode-input-passed-to-s-option.patch
-Patch6006:      backport-su-bash-completion-offer-usernames-rather-than-files.patch 
-Patch6007:      backport-Fix-memory-leaks-in-the-chcpu.patch 
-Patch6008:      backport-logger-fix-prio-prefix-doesn-t-use-priority-default.patch 
-Patch6009:      backport-vipw-flush-stdout-before-getting-answer.patch 
-Patch6010:      backport-login-Restore-tty-size-after-calling-vhangup.patch 
-Patch6011:      backport-Forward-value-of-sector_size-instead-of-its-address.patch 
-Patch6012:      backport-libfdisk-dereference-of-possibly-NULL-gcc-analyzer.patch 
-Patch6013:      backport-libfdisk-check-calloc-return-gcc-analyzer.patch
-Patch6014:      backport-mcookie-fix-infinite-loop-when-use-f.patch
-Patch6015:      backport-sfdisk-write-empty-label-also-when-only-ignored-part.patch
+Patch6006:      backport-fix-by-ignoring-EINVAL-on-remount-of-proc.patch
+Patch6007:      backport-su-bash-completion-offer-usernames-rather-than-files.patch 
+Patch6008:      backport-Fix-memory-leaks-in-the-chcpu.patch 
+Patch6009:      backport-logger-fix-prio-prefix-doesn-t-use-priority-default.patch 
+Patch6010:      backport-vipw-flush-stdout-before-getting-answer.patch 
+Patch6011:      backport-login-Restore-tty-size-after-calling-vhangup.patch 
+Patch6012:      backport-Forward-value-of-sector_size-instead-of-its-address.patch 
+Patch6013:      backport-libfdisk-dereference-of-possibly-NULL-gcc-analyzer.patch 
+Patch6014:      backport-libfdisk-check-calloc-return-gcc-analyzer.patch
+Patch6015:      backport-mcookie-fix-infinite-loop-when-use-f.patch
+Patch6016:      backport-sfdisk-write-empty-label-also-when-only-ignored-part.patch
+
 
 Patch9000:      Add-check-to-resolve-uname26-version-test-failed.patch
 Patch9001:      SKIPPED-no-root-permissions-test.patch
@@ -411,7 +413,7 @@ fi
 - Type:bugfix
 - ID:NA
 - SUG:NA
-- DESC:Sync community patches
+- DESC:fix by ignoring EINVAL on remount of proc
 
 * Fri Feb 18 2022 shangyibin<shangyibin1@h-partners.com> - 2.37.2-4
 - Type:bugfix