lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <59c322dc49c3cc76a4b6a2de35106c61@manguebit.com>
Date: Wed, 17 Apr 2024 18:25:19 -0300
From: Paulo Alcantara <pc@...guebit.com>
To: David Howells <dhowells@...hat.com>
Cc: dhowells@...hat.com, Steve French <sfrench@...ba.org>, Shyam Prasad N
 <sprasad@...rosoft.com>, linux-cifs@...r.kernel.org,
 linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] cifs: Fix reacquisition of volume cookie on still-live
 connection

David Howells <dhowells@...hat.com> writes:

> Paulo Alcantara <pc@...guebit.com> wrote:
>
>> Consider the following example where a tcon is reused from different
>> CIFS superblocks:
>> 
>>   mount.cifs //srv/share /mnt/1 -o ${opts} # new super, new tcon
>>   mount.cifs //srv/share/dir /mnt/2 -o ${opts} # new super, reused tcon
>> 
>> So, /mnt/1/dir/foo and /mnt/2/foo will lead to different inodes.
>> 
>> The two mounts are accessing the same tcon (\\srv\share) but the new
>> superblock was created because the prefix path "\dir" didn't match in
>> cifs_match_super().  Trust me, that's a very common scenario.
>
> Why does it need to lead to a different superblock, assuming ${opts} is the
> same in both cases?  Can we not do as NFS does and share the superblock,
> walking during the mount process through the directory prefix to the root
> object?

I don't know why it was designed that way, but the reason we have two
different superblocks with ${opts} being the same is because cifs.ko
relies on the value of cifs_sb_info::prepath to build paths out of
dentries.  See build_path_from_dentry().  So, when you access
/mnt/2/foo, cifs.ko will build a path like '[optional tree name prefix]
+ cifs_sb_info::prepath + \foo' and then reuse connections
(server+session+tcon) from first superblock to perform I/O on that file.

> In other words, why does:
>
>     mount.cifs //srv/share /mnt/1 -o ${opts}
>     mount.cifs //srv/share/dir /mnt/2 -o ${opts}
>
> give you a different result to:
>
>     mount.cifs //srv/share /mnt/1 -o ${opts}
>     mount --bind /mnt/1/dir /mnt/2

Honestly, I don't know how bind works at VFS level.  I see that the new
superblock isn't created and when I access /mnt/2/foo,
build_path_from_dentry() correctly returns '\dir\foo'.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ