What to do about a few lines in vfs_domount() never executed?

Reply: Alan Somers : "Re: What to do about a few lines in vfs_domount() never executed?"
Reply: Tomoaki AOKI : "Re: What to do about a few lines in vfs_domount() never executed?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Rick Macklem <rick.macklem_at_gmail.com>
Date: Tue, 13 Dec 2022 22:19:39 UTC

Hi,

While working on getting mountd/nfsd to run in a vnet
prison, I came across the following lines near the
beginning of vfs_domount() in sys/kern/vfs_mount.c:

if (fsflags & MNT_EXPORTED) {
     error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED);
     if (error)
           return (error);
}

#1 - Since MNT_EXPORTED is never set in fsflags, this code never
     gets executed.
     --> I am asking what to do with the above code, since that
         changes for the patch that allows mountd to run in a vnet
         prison.
#2 - priv_check(td, PRIV_VFS_MOUNT_EXPORTED) always returns 0
     because nothing in sys/kern/kern_priv.c checks
     PRIV_VFS_MOUNT_EXPORTED.

I don't know what the original author's thinking was w.r.t. this.
Setting exports already checks that the mount operation can be
done by the requestor.

So, what do you think should be done with the above code snippet?
- Consider it cruft and delete it.
- Try and figure out what PRIV_VFS_MOUNT_EXPORTED should check?
- Leave it as is. After the patch that allows mountd to run in
  a vnet prison, MNT_EXPORTED will be set in fsflags, but the
  priv_check() call will just return 0. (A little overhead,
  but otherwise no semantics change.)

rick