diff options
author | J. Bruce Fields <bfields@citi.umich.edu> | 2009-12-14 02:21:48 +0100 |
---|---|---|
committer | J. Bruce Fields <bfields@citi.umich.edu> | 2009-12-15 21:01:44 +0100 |
commit | 774b147828e32ec698e49d95d0498fc71da7082d (patch) | |
tree | a6fbbe083696229eff979e11a4fda1df3dd382f8 /fs/nfsd | |
parent | nfsd: restrict filehandles accepted in V4ROOT case (diff) | |
download | linux-774b147828e32ec698e49d95d0498fc71da7082d.tar.xz linux-774b147828e32ec698e49d95d0498fc71da7082d.zip |
nfsd: make V4ROOT exports read-only
I can't see any use for writeable V4ROOT exports.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Diffstat (limited to 'fs/nfsd')
-rw-r--r-- | fs/nfsd/export.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c index 18ac20ffedd2..7d5ba1b0ffcf 100644 --- a/fs/nfsd/export.c +++ b/fs/nfsd/export.c @@ -355,7 +355,7 @@ static struct svc_export *svc_export_update(struct svc_export *new, struct svc_export *old); static struct svc_export *svc_export_lookup(struct svc_export *); -static int check_export(struct inode *inode, int flags, unsigned char *uuid) +static int check_export(struct inode *inode, int *flags, unsigned char *uuid) { /* @@ -367,6 +367,13 @@ static int check_export(struct inode *inode, int flags, unsigned char *uuid) !S_ISREG(inode->i_mode)) return -ENOTDIR; + /* + * Mountd should never pass down a writeable V4ROOT export, but, + * just to make sure: + */ + if (*flags & NFSEXP_V4ROOT) + *flags |= NFSEXP_READONLY; + /* There are two requirements on a filesystem to be exportable. * 1: We must be able to identify the filesystem from a number. * either a device number (so FS_REQUIRES_DEV needed) @@ -375,7 +382,7 @@ static int check_export(struct inode *inode, int flags, unsigned char *uuid) * This means that s_export_op must be set. */ if (!(inode->i_sb->s_type->fs_flags & FS_REQUIRES_DEV) && - !(flags & NFSEXP_FSID) && + !(*flags & NFSEXP_FSID) && uuid == NULL) { dprintk("exp_export: export of non-dev fs without fsid\n"); return -EINVAL; @@ -590,7 +597,7 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen) goto out4; } - err = check_export(exp.ex_path.dentry->d_inode, exp.ex_flags, + err = check_export(exp.ex_path.dentry->d_inode, &exp.ex_flags, exp.ex_uuid); if (err) goto out4; @@ -1029,7 +1036,7 @@ exp_export(struct nfsctl_export *nxp) goto finish; } - err = check_export(path.dentry->d_inode, nxp->ex_flags, NULL); + err = check_export(path.dentry->d_inode, &nxp->ex_flags, NULL); if (err) goto finish; err = -ENOMEM; |