net-test: do not allow propagation of mount flags to parent namespace
on a cuttlefish x86_64 aosp3 device without this change:
$ adbz shell cat /proc/mounts | egrep ' /(|proc|sys) '
/dev/block/dm-2 / ext4 ro,seclabel,noatime,errors=panic 0 0
proc /proc proc rw,relatime,gid=3009,hidepid=2 0 0
sysfs /sys sysfs rw,seclabel,relatime 0 0
$ atest vts_kernel_net_tests
...
$ adbz shell cat /proc/mounts | egrep ' /(|proc|sys) '
/dev/block/dm-2 / ext4 ro,seclabel,noatime,errors=panic 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime,gid=3009,hidepid=2 0 0
sysfs /sys sysfs rw,seclabel,nosuid,nodev,noexec,relatime 0 0
with this change there is no longer a difference.
(This explains why I saw this mount syscall while strace'ing unshare)
Bug: 149894399
Test: ran 'atest vts_kernel_net_tests'
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia64be091b58f97fdf7e0c24ca6599b1aecd3bcdf
Merged-In: Ia64be091b58f97fdf7e0c24ca6599b1aecd3bcdf
diff --git a/net/test/namespace.py b/net/test/namespace.py
index 0045588..986fb59 100644
--- a/net/test/namespace.py
+++ b/net/test/namespace.py
@@ -132,6 +132,7 @@
try:
# DumpMounts('Before:')
+ Mount('none', '/', None, MS_REC|MS_PRIVATE)
ReMountProc()
ReMountSys()
# DumpMounts('After:')