From d7d8a0a5aee841dd7958b0e6bc3b544016d19c24 Mon Sep 17 00:00:00 2001
From: Andrei Vagin <avagin@google.com>
Date: Tue, 1 Jun 2021 15:31:37 -0700
Subject: vfs: Don't allow to mount anything on top of detached mounts

PiperOrigin-RevId: 376932659
---
 pkg/sentry/vfs/mount.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/sentry/vfs/mount.go b/pkg/sentry/vfs/mount.go
index 82fd382c2..f93da3af1 100644
--- a/pkg/sentry/vfs/mount.go
+++ b/pkg/sentry/vfs/mount.go
@@ -220,7 +220,7 @@ func (vfs *VirtualFilesystem) ConnectMountAt(ctx context.Context, creds *auth.Cr
 	vdDentry := vd.dentry
 	vdDentry.mu.Lock()
 	for {
-		if vdDentry.dead {
+		if vd.mount.umounted || vdDentry.dead {
 			vdDentry.mu.Unlock()
 			vfs.mountMu.Unlock()
 			vd.DecRef(ctx)
-- 
cgit v1.2.3