[PATCH][xenial SRU] UBUNTU: SAUCE: (namespace) Bypass sget() capability check for nfs

[Seth Forshee]

BugLink: http://bugs.launchpad.net/bugs/1603719

302cabb "UBUNTU: SAUCE: (namespace) Sync with upstream s_user_ns
patches" added a capability check to sget() which causes a
regression for automatic submounts, which may happen in the
context of an unprivileged user. The capability check is not
necessary in this case.

The check can be bypassed by using sget_userns() instead.
init_user_namespace should be used for the user ns since nfs does
not support unprivileged mounting. This change makes the nfs
mount behavior in xenial functionally identical to upstream.

Signed-off-by: Seth Forshee <seth.forshee at canonical.com>
---
 fs/nfs/super.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index f126828..8a57020 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -2559,7 +2559,8 @@ struct dentry *nfs_fs_mount_common(struct nfs_server *server,
 			sb_mntdata.mntflags |= MS_SYNCHRONOUS;
 
 	/* Get a superblock - note that we may end up sharing one that already exists */
-	s = sget(nfs_mod->nfs_fs, compare_super, nfs_set_super, flags, &sb_mntdata);
+	s = sget_userns(nfs_mod->nfs_fs, compare_super, nfs_set_super, flags,
+			&init_user_ns, &sb_mntdata);
 	if (IS_ERR(s)) {
 		mntroot = ERR_CAST(s);
 		goto out_err_nosb;
-- 
2.7.4