lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 28 Nov 2022 06:49:36 -0500
From:   Jeff Layton <jlayton@...nel.org>
To:     Richard Weinberger <richard@....at>
Cc:     linux-nfs <linux-nfs@...r.kernel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        chuck lever <chuck.lever@...cle.com>, anna <anna@...nel.org>,
        trond myklebust <trond.myklebust@...merspace.com>,
        Al Viro <viro@...iv.linux.org.uk>, raven <raven@...maw.net>,
        chris chilvers <chris.chilvers@...sbroker.com>,
        david young <david.young@...sbroker.com>,
        luis turcitu <luis.turcitu@...sbroker.com>,
        david <david@...ma-star.at>
Subject: Re: [PATCH 2/3] fs: namei: Allow follow_down() to uncover auto
 mounts

On Sun, 2022-11-27 at 22:29 +0100, Richard Weinberger wrote:
> ----- Ursprüngliche Mail -----
> > Von: "Jeff Layton" <jlayton@...nel.org>
> > > So, in nfsd_cross_mnt() the follow_down() helper should use LOOKUP_AUTOMOUNT
> > > only
> > > if exp->ex_flags & NFSEXP_CROSSMOUNT is true?
> > > Sounds sane, thanks for the pointer.
> > > 
> > 
> > Yeah, I think so. I do wonder if we ought to make any provision for
> > "nohide" exports, but since you have to enumerate those explicitly, it
> > shouldn't be a huge problem for someone to just ensure that they're
> > mounted beforehand.
> 
> TBH, I didn't invest much into the nohide feature wrt. NFS re-exporting.
> What problem do you have in mind?
> 

nohide is sort of complimentary to crossmnt. You can achieve the same
effect as crossmnt by adding explicit exports for all the children and
marking them "nohide".

The point here is that you have to explicitly create exports for the
child mounts in that case, and if you're doing that then it's not a
burden for the admin to make sure they're mounted before exporting.

So, I don't think we need to worry about nohide here after all.

> I wonder also what NFS client folks think about my changes before I send
> the next revision (with Jeff's comments addressed).
-- 
Jeff Layton <jlayton@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ