[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <53DBF99D.1050803@gentoo.org>
Date: Fri, 01 Aug 2014 16:33:33 -0400
From: Richard Yao <ryao@...too.org>
To: Mateusz Guzik <mguzik@...hat.com>
CC: kernel@...too.org, mthode@...ode.org, michael@...-team.de,
drobbins@...too.org, viro@...iv.linux.org.uk,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/1] vfs: Respect MS_RDONLY at bind mount creation
On 08/01/2014 03:20 PM, Mateusz Guzik wrote:
> On Fri, Aug 01, 2014 at 02:12:24PM -0400, Richard Yao wrote:
>> `mount -o bind,ro ...` suffers from a silent failure where the readonly
>> flag is ignored. The bind mount will be created rw whenever the target
>> is rw. Users typically workaround this by remounting readonly, but that
>> does not work when you want to define readonly bind mounts in fstab.
>> This is a major annoyance when dealing with recursive bind mounts
>> because the userland mount command does not expose the option to
>> recursively remount a subtree as readonly.
>>
>> Signed-off-by: Richard Yao <ryao@...too.org>
>> ---
>> fs/namespace.c | 12 +++++++++---
>> 1 file changed, 9 insertions(+), 3 deletions(-)
>>
>> diff --git a/fs/namespace.c b/fs/namespace.c
>> index 182bc41..0d23525 100644
>> --- a/fs/namespace.c
>> +++ b/fs/namespace.c
>> @@ -1827,11 +1827,12 @@ static bool has_locked_children(struct mount *mnt, struct dentry *dentry)
>> * do loopback mount.
>> */
>> static int do_loopback(struct path *path, const char *old_name,
>> - int recurse)
>> + unsigned long flags)
>> {
>> struct path old_path;
>> - struct mount *mnt = NULL, *old, *parent;
>> + struct mount *mnt = NULL, *old, *parent, *m;
>> struct mountpoint *mp;
>> + int recurse = flags & MS_REC;
>> int err;
>> if (!old_name || !*old_name)
>> return -EINVAL;
>> @@ -1871,6 +1872,10 @@ static int do_loopback(struct path *path, const char *old_name,
>> goto out2;
>> }
>>
>> + if (flags & MS_RDONLY)
>> + for (m = mnt; m; m = (recurse ? next_mnt(m, mnt) : NULL))
>> + mnt_make_readonly(m);
>> +
>> mnt->mnt.mnt_flags &= ~MNT_LOCKED;
>>
>> err = graft_tree(mnt, parent, mp);
>> @@ -2444,7 +2449,8 @@ long do_mount(const char *dev_name, const char *dir_name,
>> retval = do_remount(&path, flags & ~MS_REMOUNT, mnt_flags,
>> data_page);
>> else if (flags & MS_BIND)
>> - retval = do_loopback(&path, dev_name, flags & MS_REC);
>> + retval = do_loopback(&path, dev_name, flags & (MS_REC |
>> + MS_RDONLY));
>> else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
>> retval = do_change_type(&path, flags);
>> else if (flags & MS_MOVE)
>
> I don't really know this code, but have to ask.
>
> Would not it be much better to pass down info about rdonly request to
> copy_tree/clone_mnt (perhaps CL_MOUNT_RDONLY flag or a separate flags
> argument) and handle it there?
>
> This would avoid fishy-looking traversal before graft_tree, which even
> if correct should not be necessary.
>
I have a nagging feeling that people doing backports will hate me for
adding a power of 2 plus 1 bit, but your suggestion makes this more
readable. I will send v3 after I finish my regression tests.
Download attachment "signature.asc" of type "application/pgp-signature" (885 bytes)
Powered by blists - more mailing lists