lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8967d08f-712c-5b64-efdc-4426e2b9d63a@themaw.net>
Date:   Tue, 13 Dec 2022 17:09:10 +0800
From:   Ian Kent <raven@...maw.net>
To:     Jeff Layton <jlayton@...nel.org>,
        Richard Weinberger <richard@....at>, linux-nfs@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        chuck.lever@...cle.com, anna@...nel.org,
        trond.myklebust@...merspace.com, viro@...iv.linux.org.uk,
        chris.chilvers@...sbroker.com, david.young@...sbroker.com,
        luis.turcitu@...sbroker.com, david@...ma-star.at,
        benmaynard@...gle.com
Subject: Re: [PATCH 0/3 v2] NFS: NFSD: Allow crossing mounts when re-exporting

On 13/12/22 01:06, Jeff Layton wrote:
> On Wed, 2022-12-07 at 09:43 +0100, Richard Weinberger wrote:
>> Currently when re-exporting a NFS share the NFS cross mount feature does
>> not work [0].
>> This patch series outlines an approach to address the problem.
>>
>> Crossing mounts does not work for two reasons:
>>
>> 1. As soon the NFS client (on the re-exporting server) sees a different
>> filesystem id, it installs an automount. That way the other filesystem
>> will be mounted automatically when someone enters the directory.
>> But the cross mount logic of KNFS does not know about automount.
>> This patch series addresses the problem and teach both KNFSD
>> and the exportfs logic of NFS to deal with automount.
>>
>> 2. When KNFSD detects crossing of a mount point, it asks rpc.mountd to install
>> a new export for the target mount point. Beside of authentication rpc.mountd
>> also has to find a filesystem id for the new export. Is the to be exported
>> filesystem a NFS share, rpc.mountd cannot derive a filesystem id from it and
>> refuses to export. In the logs you'll see errors such as:
>>
>> mountd: Cannot export /srv/nfs/vol0, possibly unsupported filesystem or fsid= required
>>
>> To deal with that I've changed rpc.mountd to use generate and store fsids [1].
>> Since the kernel side of my changes did change for a long time I decided to
>> try upstreaming it first.
>> A 3rd iteration of my rpc.mountd will happen soon.
>>
>> [0] https://marc.info/?l=linux-nfs&m=161653016627277&w=2
>> [1] https://lore.kernel.org/linux-nfs/20220217131531.2890-1-richard@nod.at/
>>
>> Changes since v1:
>> https://lore.kernel.org/linux-nfs/20221117191151.14262-1-richard@nod.at/
>>
>> - Use LOOKUP_AUTOMOUNT only when NFSEXP_CROSSMOUNT is set (Jeff Layton)
>>
>> Richard Weinberger (3):
>>    NFSD: Teach nfsd_mountpoint() auto mounts
>>    fs: namei: Allow follow_down() to uncover auto mounts
>>    NFS: nfs_encode_fh: Remove S_AUTOMOUNT check
>>
>>   fs/namei.c            | 6 +++---
>>   fs/nfs/export.c       | 2 +-
>>   fs/nfsd/vfs.c         | 8 ++++++--
>>   include/linux/namei.h | 2 +-
>>   4 files changed, 11 insertions(+), 7 deletions(-)
>>
> This set looks reasonable to me.
>
> Reviewed-by: Jeff Layton <jlayton@...nel.org>

Right, looks ok to me too, at least from the POV of that follow_down()

change.


Reviewed-by: Ian Kent <raven@...maw.net>


Ian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ