diff options
| author | J. Bruce Fields <bfields@citi.umich.edu> | 2009-12-13 20:21:48 -0500 |
|---|---|---|
| committer | J. Bruce Fields <bfields@citi.umich.edu> | 2009-12-15 15:01:44 -0500 |
| commit | 774b147828e32ec698e49d95d0498fc71da7082d (patch) | |
| tree | a6fbbe083696229eff979e11a4fda1df3dd382f8 | |
| parent | 03a816b46d7eba78da11e4025f0af195b32fa464 (diff) | |
nfsd: make V4ROOT exports read-only
I can't see any use for writeable V4ROOT exports.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
| -rw-r--r-- | fs/nfsd/export.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c index 18ac20ffedd2..7d5ba1b0ffcf 100644 --- a/fs/nfsd/export.c +++ b/fs/nfsd/export.c | |||
| @@ -355,7 +355,7 @@ static struct svc_export *svc_export_update(struct svc_export *new, | |||
| 355 | struct svc_export *old); | 355 | struct svc_export *old); |
| 356 | static struct svc_export *svc_export_lookup(struct svc_export *); | 356 | static struct svc_export *svc_export_lookup(struct svc_export *); |
| 357 | 357 | ||
| 358 | static int check_export(struct inode *inode, int flags, unsigned char *uuid) | 358 | static int check_export(struct inode *inode, int *flags, unsigned char *uuid) |
| 359 | { | 359 | { |
| 360 | 360 | ||
| 361 | /* | 361 | /* |
| @@ -367,6 +367,13 @@ static int check_export(struct inode *inode, int flags, unsigned char *uuid) | |||
| 367 | !S_ISREG(inode->i_mode)) | 367 | !S_ISREG(inode->i_mode)) |
| 368 | return -ENOTDIR; | 368 | return -ENOTDIR; |
| 369 | 369 | ||
| 370 | /* | ||
| 371 | * Mountd should never pass down a writeable V4ROOT export, but, | ||
| 372 | * just to make sure: | ||
| 373 | */ | ||
| 374 | if (*flags & NFSEXP_V4ROOT) | ||
| 375 | *flags |= NFSEXP_READONLY; | ||
| 376 | |||
| 370 | /* There are two requirements on a filesystem to be exportable. | 377 | /* There are two requirements on a filesystem to be exportable. |
| 371 | * 1: We must be able to identify the filesystem from a number. | 378 | * 1: We must be able to identify the filesystem from a number. |
| 372 | * either a device number (so FS_REQUIRES_DEV needed) | 379 | * either a device number (so FS_REQUIRES_DEV needed) |
| @@ -375,7 +382,7 @@ static int check_export(struct inode *inode, int flags, unsigned char *uuid) | |||
| 375 | * This means that s_export_op must be set. | 382 | * This means that s_export_op must be set. |
| 376 | */ | 383 | */ |
| 377 | if (!(inode->i_sb->s_type->fs_flags & FS_REQUIRES_DEV) && | 384 | if (!(inode->i_sb->s_type->fs_flags & FS_REQUIRES_DEV) && |
| 378 | !(flags & NFSEXP_FSID) && | 385 | !(*flags & NFSEXP_FSID) && |
| 379 | uuid == NULL) { | 386 | uuid == NULL) { |
| 380 | dprintk("exp_export: export of non-dev fs without fsid\n"); | 387 | dprintk("exp_export: export of non-dev fs without fsid\n"); |
| 381 | return -EINVAL; | 388 | return -EINVAL; |
| @@ -590,7 +597,7 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen) | |||
| 590 | goto out4; | 597 | goto out4; |
| 591 | } | 598 | } |
| 592 | 599 | ||
| 593 | err = check_export(exp.ex_path.dentry->d_inode, exp.ex_flags, | 600 | err = check_export(exp.ex_path.dentry->d_inode, &exp.ex_flags, |
| 594 | exp.ex_uuid); | 601 | exp.ex_uuid); |
| 595 | if (err) | 602 | if (err) |
| 596 | goto out4; | 603 | goto out4; |
| @@ -1029,7 +1036,7 @@ exp_export(struct nfsctl_export *nxp) | |||
| 1029 | goto finish; | 1036 | goto finish; |
| 1030 | } | 1037 | } |
| 1031 | 1038 | ||
| 1032 | err = check_export(path.dentry->d_inode, nxp->ex_flags, NULL); | 1039 | err = check_export(path.dentry->d_inode, &nxp->ex_flags, NULL); |
| 1033 | if (err) goto finish; | 1040 | if (err) goto finish; |
| 1034 | 1041 | ||
| 1035 | err = -ENOMEM; | 1042 | err = -ENOMEM; |