git: 99187c3a44c2 - main - prison_check_nfsd: Add check for enforce_statfs != 0
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 02 Feb 2023 00:03:25 UTC
The branch main has been updated by rmacklem:
URL: https://cgit.FreeBSD.org/src/commit/?id=99187c3a44c2c3e168e462a30d45af075748195f
commit 99187c3a44c2c3e168e462a30d45af075748195f
Author: Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-02-02 00:02:20 +0000
Commit: Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-02-02 00:02:20 +0000
prison_check_nfsd: Add check for enforce_statfs != 0
Since mountd(8) will not be able to do exports
when running in a vnet prison if enforce_statfs is
set to 0, add a check for this to prison_check_nfsd().
Reviewed by: jamie, markj
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D38189
---
sys/kern/kern_jail.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 0820de9d5ac0..4c1e3ff40c58 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -3491,6 +3491,8 @@ prison_check(struct ucred *cred1, struct ucred *cred2)
* - The root directory (pr_root) of the prison must be
* a file system mount point, so the mountd can hang
* export information on it.
+ * - The prison's enforce_statfs cannot be 0, so that
+ * mountd(8) can do exports.
*/
bool
prison_check_nfsd(struct ucred *cred)
@@ -3502,6 +3504,8 @@ prison_check_nfsd(struct ucred *cred)
return (false);
if ((cred->cr_prison->pr_root->v_vflag & VV_ROOT) == 0)
return (false);
+ if (cred->cr_prison->pr_enforce_statfs == 0)
+ return (false);
return (true);
}