From nobody Fri Dec 16 21:02:29 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NYhPf029jzZdLR; Fri, 16 Dec 2022 21:02:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NYhPd6MQHz3xTX; Fri, 16 Dec 2022 21:02:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1671224549; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g3I5/J2nJaAYjwUH1DACR2fDffqib5adXRkftv/2vTg=; b=pSAfVnD1ahSQM+vd8G7aEVrMqHEhIpNm9CRkMLXJ9UfaRnOlK+zmzQdm7DcDV2oVuvwig5 hpwqFRm/CaJb/aLYojyQLoUaHr0wOAE+2USro4rVO9n3dOOoqAheGqrhbjC3rvv4UN66Rd YQlxJMOfQxNMYIv+v9rorKz9tUIXiKuLhBCKS/wMbDOZXSGnUNUsbFeWKX8CMRfwrBBeFn QerO+ijio46uPy5iyOU0rRvL+vXn+Hhoe7DwCEDG1jHPYnNbRZVnKjf8/n1nkUdxwW7X+d 1x5l79nFP5oEeC8pg64zt7Sfc/NM04WrgGROHIbMznGQsW0Hu3u5cZyrlcB5mA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1671224549; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g3I5/J2nJaAYjwUH1DACR2fDffqib5adXRkftv/2vTg=; b=BgXd4zzv8lNbSf1AcpuGEPFdIa9X7H85MO3oeVGcc3ZAGonEFRqVldN1CKaVnirzIULX5P mENC7i0FdUeIR/wSdF8a2zm1+PKhdhu8RYNVPur0vEqaSRw0Ukm/k3LGmVL39n4m9FWf6o fNeyolLDDoHK/yWcM30R9vYPv8OpvGGBFAYH92wtlCkosIElW37Dh5CX8FV+jG6EXXURsx xzZpkhYag1YLug09TI2VwN7T9o1hiv1Qu63PY6kSl7ohbUnhgfuMVyNcTWlKCB9I8QbejI oYAoI9iE7jzw5eeb1A4L7IA8e0XSzdIbDuDzJ3+E/FmSF1SAON3iYYAbsHEzTw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1671224549; a=rsa-sha256; cv=none; b=yiK7wp/A19fQZ+S6W88F0USLiBaM4q5hZhOq65aLcBjcjW9eB9KnoPcFtSx+9QdKxX4zlN +B+9F7Q1rgvIlVaYsRAFLZ/slnJmptOJ3x3KOcvJmenGFaWeRXy5GbDyx9qxsvbW4zMtpn 3HYKVPXuSecqf1j8OsVVhDBcxZ29JeQdohSnk7162q53mVQe4/Ztzndd16TkP8RU9bk5O6 v7Z46y8qo/+6/DLDyN2oxRiaa2YCjKkitJy6cqEilQf3HqA3POOORWjAZGDV0eMg3S11SV pwZd1cY1yOvLrqxv2Q4iyger5omUxG2WcqYsJPLmC4stkPPrnjTKYudfBhKmgg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NYhPd5QFSzRf1; Fri, 16 Dec 2022 21:02:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2BGL2Tn6070157; Fri, 16 Dec 2022 21:02:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2BGL2TJS070156; Fri, 16 Dec 2022 21:02:29 GMT (envelope-from git) Date: Fri, 16 Dec 2022 21:02:29 GMT Message-Id: <202212162102.2BGL2TJS070156@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Rick Macklem Subject: git: 195f1b124da4 - main - vfs_mount.c: fix vfs_domount() for PRIV_VFS_MOUNT_EXPORTED List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 195f1b124da4bf73d951cd251dffd9485672fe0a Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=195f1b124da4bf73d951cd251dffd9485672fe0a commit 195f1b124da4bf73d951cd251dffd9485672fe0a Author: Rick Macklem AuthorDate: 2022-12-16 21:01:23 +0000 Commit: Rick Macklem CommitDate: 2022-12-16 21:01:23 +0000 vfs_mount.c: fix vfs_domount() for PRIV_VFS_MOUNT_EXPORTED It appears that, prior to r158857 vfs_domount() checked suser() when MNT_EXPORTED was specified. r158857 appears to have broken this, since MNT_EXPORTED was no longer set when mountd.c was converted to use nmount(2). r164033 replaced the suser() check with priv_check(td, PRIV_VFS_MOUNT_EXPORTED), which does the same thing (ie. checks for effective uid == 0 assuming suses_enabled is set). This patch restores this check by setting MNT_EXPORTED when the "export" mount option is specified to nmount(). I think this is reasonable since only mountd(8) should be setting exports and I doubt any non-root mounted file system would be setting its own exports. Reviewed by: kib, markj MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D37718 --- sys/kern/vfs_mount.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c index f49312ed4f57..bf8fd3b1c179 100644 --- a/sys/kern/vfs_mount.c +++ b/sys/kern/vfs_mount.c @@ -924,6 +924,8 @@ vfs_donmount(struct thread *td, uint64_t fsflags, struct uio *fsoptions) fsflags |= MNT_SYNCHRONOUS; else if (strcmp(opt->name, "union") == 0) fsflags |= MNT_UNION; + else if (strcmp(opt->name, "export") == 0) + fsflags |= MNT_EXPORTED; else if (strcmp(opt->name, "automounted") == 0) { fsflags |= MNT_AUTOMOUNTED; do_freeopt = 1;