lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed,  7 Dec 2022 09:43:06 +0100
From:   Richard Weinberger <richard@....at>
To:     linux-nfs@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        jlayton@...nel.org, chuck.lever@...cle.com, anna@...nel.org,
        trond.myklebust@...merspace.com, viro@...iv.linux.org.uk,
        raven@...maw.net, chris.chilvers@...sbroker.com,
        david.young@...sbroker.com, luis.turcitu@...sbroker.com,
        david@...ma-star.at, benmaynard@...gle.com,
        Richard Weinberger <richard@....at>
Subject: [PATCH 0/3 v2] NFS: NFSD: Allow crossing mounts when re-exporting

Currently when re-exporting a NFS share the NFS cross mount feature does
not work [0].
This patch series outlines an approach to address the problem.

Crossing mounts does not work for two reasons:

1. As soon the NFS client (on the re-exporting server) sees a different
filesystem id, it installs an automount. That way the other filesystem
will be mounted automatically when someone enters the directory.
But the cross mount logic of KNFS does not know about automount.
This patch series addresses the problem and teach both KNFSD
and the exportfs logic of NFS to deal with automount.

2. When KNFSD detects crossing of a mount point, it asks rpc.mountd to install
a new export for the target mount point. Beside of authentication rpc.mountd
also has to find a filesystem id for the new export. Is the to be exported
filesystem a NFS share, rpc.mountd cannot derive a filesystem id from it and
refuses to export. In the logs you'll see errors such as:

mountd: Cannot export /srv/nfs/vol0, possibly unsupported filesystem or fsid= required

To deal with that I've changed rpc.mountd to use generate and store fsids [1].
Since the kernel side of my changes did change for a long time I decided to
try upstreaming it first.
A 3rd iteration of my rpc.mountd will happen soon.

[0] https://marc.info/?l=linux-nfs&m=161653016627277&w=2
[1] https://lore.kernel.org/linux-nfs/20220217131531.2890-1-richard@nod.at/

Changes since v1:
https://lore.kernel.org/linux-nfs/20221117191151.14262-1-richard@nod.at/

- Use LOOKUP_AUTOMOUNT only when NFSEXP_CROSSMOUNT is set (Jeff Layton)

Richard Weinberger (3):
  NFSD: Teach nfsd_mountpoint() auto mounts
  fs: namei: Allow follow_down() to uncover auto mounts
  NFS: nfs_encode_fh: Remove S_AUTOMOUNT check

 fs/namei.c            | 6 +++---
 fs/nfs/export.c       | 2 +-
 fs/nfsd/vfs.c         | 8 ++++++--
 include/linux/namei.h | 2 +-
 4 files changed, 11 insertions(+), 7 deletions(-)

-- 
2.26.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ