From patchwork Mon Jan 11 21:01:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "J. Bruce Fields" X-Patchwork-Id: 12011659 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.3 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 005CFC4332B for ; Mon, 11 Jan 2021 21:02:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AE9F522D5A for ; Mon, 11 Jan 2021 21:02:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729150AbhAKVCO (ORCPT ); Mon, 11 Jan 2021 16:02:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37652 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729194AbhAKVCK (ORCPT ); Mon, 11 Jan 2021 16:02:10 -0500 Received: from fieldses.org (fieldses.org [IPv6:2600:3c00:e000:2f7::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A231C061786 for ; Mon, 11 Jan 2021 13:01:30 -0800 (PST) Received: by fieldses.org (Postfix, from userid 2815) id 29E206F32; Mon, 11 Jan 2021 16:01:29 -0500 (EST) DKIM-Filter: OpenDKIM Filter v2.11.0 fieldses.org 29E206F32 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fieldses.org; s=default; t=1610398889; bh=mt0fPOyyciegWxIp8IGOQG0zh7e6QFxUYU2Dl3js/CM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HybagwogAn2F0cchwB7Q249R804oxPROcysvCD6edOuXvaGSksvlADRBPi/+Barkk 6BTz+8qzX0GbijPUbmg+JpnNs1+nDQxr44b4GmG4od33dW5FNlwUvcnn0gxdA9WA7B Oe5CU96Jy/xZC7xvpttf+eqseoDctLM+6iM2/EEQ= Date: Mon, 11 Jan 2021 16:01:29 -0500 From: "J. Bruce Fields" To: Chuck Lever Cc: =?utf-8?b?5ZC05byC?= , linux-nfs@vger.kernel.org Subject: [PATCH] nfsd4: readdirplus shouldn't return parent of export Message-ID: <20210111210129.GA11652@fieldses.org> References: <20210105165633.GC14893@fieldses.org> <20210108152017.GA4183@fieldses.org> <20210108164433.GB8699@fieldses.org> <20210110201740.GA8789@fieldses.org> <20210110202815.GB8789@fieldses.org> <20210111192507.GB2600@fieldses.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210111192507.GB2600@fieldses.org> User-Agent: Mutt/1.5.21 (2010-09-15) Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: "J. Bruce Fields" If you export a subdirectory of a filesystem, a READDIRPLUS on the root of that export will return the filehandle of the parent with the ".." entry. The filehandle is optional, so let's just not return the filehandle for ".." if we're at the root of an export. Note that once the client learns one filehandle outside of the export, they can trivially access the rest of the export using further lookups. However, it is also not very difficult to guess filehandles outside of the export. So exporting a subdirectory of a filesystem should considered equivalent to providing access to the entire filesystem. To avoid confusion, we recommend only exporting entire filesystems. Reported-by: 吴异 Signed-off-by: J. Bruce Fields --- fs/nfsd/nfs3xdr.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c index 821db21ba072..34b880211e5e 100644 --- a/fs/nfsd/nfs3xdr.c +++ b/fs/nfsd/nfs3xdr.c @@ -865,9 +865,14 @@ compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp, if (isdotent(name, namlen)) { if (namlen == 2) { dchild = dget_parent(dparent); - /* filesystem root - cannot return filehandle for ".." */ + /* + * Don't return filehandle for ".." if we're at OA+ * the filesystem or export root: + */ if (dchild == dparent) goto out; + if (dparent == exp->ex_path.dentry) + goto out; } else dchild = dget(dparent); } else