From 3b6cee7bc4b2f7858e9202293104acda8826bb68 Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Sun, 25 Oct 2009 21:18:19 -0400 Subject: [PATCH] nfsd4: don't continue "under" mounts in V4ROOT case If /A/mount/point/ has filesystem "B" mounted on top of it, and if "A" is exported, but not "B", then the nfs server has always returned to the client a filehandle for the mountpoint, instead of for the root of "B", allowing the client to see the subtree of "A" that would otherwise be hidden by B. Disable this behavior in the case of V4ROOT exports; we implement the path restrictions of V4ROOT exports by treating *every* directory as if it were a mountpoint, and allowing traversal *only* if the new directory is exported. Signed-off-by: J. Bruce Fields --- fs/nfsd/vfs.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index 04bdba1..7e2fdd5 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -99,8 +99,16 @@ nfsd_cross_mnt(struct svc_rqst *rqstp, struct dentry **dpp, exp2 = rqst_exp_get_by_name(rqstp, &path); if (IS_ERR(exp2)) { - if (PTR_ERR(exp2) != -ENOENT) - err = PTR_ERR(exp2); + err = PTR_ERR(exp2); + /* + * We normally allow NFS clients to continue + * "underneath" a mountpoint that is not exported. + * The exception is V4ROOT, where no traversal is ever + * allowed without an explicit export of the new + * directory. + */ + if (err == -ENOENT && !(exp->ex_flags & NFSEXP_V4ROOT)) + err = 0; path_put(&path); goto out; } -- 1.8.2.3