mirror of
https://github.com/torvalds/linux.git
synced 2025-11-30 23:16:01 +07:00
330e2c5148
When a process tries to access an entry in /afs, normally what happens is
that an automount dentry is created by ->lookup() and then triggered, which
jumps through the ->d_automount() op. Currently, afs_dynroot_lookup() does
not do cell DNS lookup, leaving that to afs_d_automount() to perform -
however, it is possible to use access() or stat() on the automount point,
which will always return successfully, have briefly created an afs_cell
record if one did not already exist.
This means that something like:
test -d "/afs/.west" && echo Directory exists
will print "Directory exists" even though no such cell is configured. This
breaks the "west" python module available on PIP as it expects this access
to fail.
Now, it could be possible to make afs_dynroot_lookup() perform the DNS[*]
lookup, but that would make "ls --color /afs" do this for each cell in /afs
that is listed but not yet probed. kafs-client, probably wrongly, preloads
the entire cell database and all the known cells are then listed in /afs -
and doing ls /afs would be very, very slow, especially if any cell supplied
addresses but was wholly inaccessible.
[*] When I say "DNS", actually read getaddrinfo(), which could use any one
of a host of mechanisms. Could also use static configuration.
To fix this, make the following changes:
(1) Create an enum to specify the origination point of a call to
afs_lookup_cell() and pass this value into that function in place of
the "excl" parameter (which can be derived from it). There are six
points of origination:
- Cell preload through /proc/net/afs/cells
- Root cell config through /proc/net/afs/rootcell
- Lookup in dynamic root
- Automount trigger
- Direct mount with mount() syscall
- Alias check where YFS tells us the cell name is different
(2) Add an extra state into the afs_cell state machine to indicate a cell
that's been initialised, but not yet looked up. This is separate from
one that can be considered active and has been looked up at least
once.
(3) Make afs_lookup_cell() vary its behaviour more, depending on where it
was called from:
If called from preload or root cell config, DNS lookup will not happen
until we definitely want to use the cell (dynroot mount, automount,
direct mount or alias check). The cell will appear in /afs but stat()
won't trigger DNS lookup.
If the cell already exists, dynroot will not wait for the DNS lookup
to complete. If the cell did not already exist, dynroot will wait.
If called from automount, direct mount or alias check, it will wait
for the DNS lookup to complete.
(4) Make afs_lookup_cell() return an error if lookup failed in one way or
another. We try to return -ENOENT if the DNS says the cell does not
exist and -EDESTADDRREQ if we couldn't access the DNS.
Reported-by: Markus Suvanto <markus.suvanto@gmail.com>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220685
Signed-off-by: David Howells <dhowells@redhat.com>
Link: https://patch.msgid.link/1784747.1761158912@warthog.procyon.org.uk
Fixes: 1d0b929fc0 ("afs: Change dynroot to create contents on demand")
Tested-by: Markus Suvanto <markus.suvanto@gmail.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
227 lines
5.2 KiB
C
227 lines
5.2 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/* mountpoint management
|
|
*
|
|
* Copyright (C) 2002 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
*/
|
|
|
|
#include <linux/kernel.h>
|
|
#include <linux/module.h>
|
|
#include <linux/init.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/pagemap.h>
|
|
#include <linux/mount.h>
|
|
#include <linux/namei.h>
|
|
#include <linux/gfp.h>
|
|
#include <linux/fs_context.h>
|
|
#include "internal.h"
|
|
|
|
|
|
static struct dentry *afs_mntpt_lookup(struct inode *dir,
|
|
struct dentry *dentry,
|
|
unsigned int flags);
|
|
static int afs_mntpt_open(struct inode *inode, struct file *file);
|
|
static void afs_mntpt_expiry_timed_out(struct work_struct *work);
|
|
|
|
const struct file_operations afs_mntpt_file_operations = {
|
|
.open = afs_mntpt_open,
|
|
.llseek = noop_llseek,
|
|
};
|
|
|
|
const struct inode_operations afs_mntpt_inode_operations = {
|
|
.lookup = afs_mntpt_lookup,
|
|
.readlink = afs_readlink,
|
|
.getattr = afs_getattr,
|
|
};
|
|
|
|
const struct inode_operations afs_autocell_inode_operations = {
|
|
.getattr = afs_getattr,
|
|
};
|
|
|
|
static LIST_HEAD(afs_vfsmounts);
|
|
static DECLARE_DELAYED_WORK(afs_mntpt_expiry_timer, afs_mntpt_expiry_timed_out);
|
|
|
|
static unsigned long afs_mntpt_expiry_timeout = 10 * 60;
|
|
|
|
static const char afs_root_volume[] = "root.cell";
|
|
|
|
/*
|
|
* no valid lookup procedure on this sort of dir
|
|
*/
|
|
static struct dentry *afs_mntpt_lookup(struct inode *dir,
|
|
struct dentry *dentry,
|
|
unsigned int flags)
|
|
{
|
|
_enter("%p,%p{%pd2}", dir, dentry, dentry);
|
|
return ERR_PTR(-EREMOTE);
|
|
}
|
|
|
|
/*
|
|
* no valid open procedure on this sort of dir
|
|
*/
|
|
static int afs_mntpt_open(struct inode *inode, struct file *file)
|
|
{
|
|
_enter("%p,%p{%pD2}", inode, file, file);
|
|
return -EREMOTE;
|
|
}
|
|
|
|
/*
|
|
* Set the parameters for the proposed superblock.
|
|
*/
|
|
static int afs_mntpt_set_params(struct fs_context *fc, struct dentry *mntpt)
|
|
{
|
|
struct afs_fs_context *ctx = fc->fs_private;
|
|
struct afs_super_info *src_as = AFS_FS_S(mntpt->d_sb);
|
|
struct afs_vnode *vnode = AFS_FS_I(d_inode(mntpt));
|
|
struct afs_cell *cell;
|
|
const char *p;
|
|
int ret;
|
|
|
|
if (fc->net_ns != src_as->net_ns) {
|
|
put_net(fc->net_ns);
|
|
fc->net_ns = get_net(src_as->net_ns);
|
|
}
|
|
|
|
if (src_as->volume && src_as->volume->type == AFSVL_RWVOL) {
|
|
ctx->type = AFSVL_RWVOL;
|
|
ctx->force = true;
|
|
}
|
|
if (ctx->cell) {
|
|
afs_unuse_cell(ctx->cell, afs_cell_trace_unuse_mntpt);
|
|
ctx->cell = NULL;
|
|
}
|
|
if (test_bit(AFS_VNODE_PSEUDODIR, &vnode->flags)) {
|
|
/* if the directory is a pseudo directory, use the d_name */
|
|
unsigned size = mntpt->d_name.len;
|
|
|
|
if (size < 2)
|
|
return -ENOENT;
|
|
|
|
p = mntpt->d_name.name;
|
|
if (mntpt->d_name.name[0] == '.') {
|
|
size--;
|
|
p++;
|
|
ctx->type = AFSVL_RWVOL;
|
|
ctx->force = true;
|
|
}
|
|
if (size > AFS_MAXCELLNAME)
|
|
return -ENAMETOOLONG;
|
|
|
|
cell = afs_lookup_cell(ctx->net, p, size, NULL,
|
|
AFS_LOOKUP_CELL_MOUNTPOINT,
|
|
afs_cell_trace_use_lookup_mntpt);
|
|
if (IS_ERR(cell)) {
|
|
pr_err("kAFS: unable to lookup cell '%pd'\n", mntpt);
|
|
return PTR_ERR(cell);
|
|
}
|
|
ctx->cell = cell;
|
|
|
|
ctx->volname = afs_root_volume;
|
|
ctx->volnamesz = sizeof(afs_root_volume) - 1;
|
|
} else {
|
|
/* read the contents of the AFS special symlink */
|
|
DEFINE_DELAYED_CALL(cleanup);
|
|
const char *content;
|
|
loff_t size = i_size_read(d_inode(mntpt));
|
|
|
|
if (src_as->cell)
|
|
ctx->cell = afs_use_cell(src_as->cell, afs_cell_trace_use_mntpt);
|
|
|
|
if (size < 2 || size > PAGE_SIZE - 1)
|
|
return -EINVAL;
|
|
|
|
content = afs_get_link(mntpt, d_inode(mntpt), &cleanup);
|
|
if (IS_ERR(content)) {
|
|
do_delayed_call(&cleanup);
|
|
return PTR_ERR(content);
|
|
}
|
|
|
|
ret = -EINVAL;
|
|
if (content[size - 1] == '.')
|
|
ret = vfs_parse_fs_qstr(fc, "source",
|
|
&QSTR_LEN(content, size - 1));
|
|
do_delayed_call(&cleanup);
|
|
if (ret < 0)
|
|
return ret;
|
|
|
|
/* Don't cross a backup volume mountpoint from a backup volume */
|
|
if (src_as->volume && src_as->volume->type == AFSVL_BACKVOL &&
|
|
ctx->type == AFSVL_BACKVOL)
|
|
return -ENODEV;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* create a vfsmount to be automounted
|
|
*/
|
|
static struct vfsmount *afs_mntpt_do_automount(struct dentry *mntpt)
|
|
{
|
|
struct fs_context *fc;
|
|
struct vfsmount *mnt;
|
|
int ret;
|
|
|
|
BUG_ON(!d_inode(mntpt));
|
|
|
|
fc = fs_context_for_submount(&afs_fs_type, mntpt);
|
|
if (IS_ERR(fc))
|
|
return ERR_CAST(fc);
|
|
|
|
ret = afs_mntpt_set_params(fc, mntpt);
|
|
if (!ret)
|
|
mnt = fc_mount(fc);
|
|
else
|
|
mnt = ERR_PTR(ret);
|
|
|
|
put_fs_context(fc);
|
|
return mnt;
|
|
}
|
|
|
|
/*
|
|
* handle an automount point
|
|
*/
|
|
struct vfsmount *afs_d_automount(struct path *path)
|
|
{
|
|
struct vfsmount *newmnt;
|
|
|
|
_enter("{%pd}", path->dentry);
|
|
|
|
newmnt = afs_mntpt_do_automount(path->dentry);
|
|
if (IS_ERR(newmnt))
|
|
return newmnt;
|
|
|
|
mnt_set_expiry(newmnt, &afs_vfsmounts);
|
|
queue_delayed_work(afs_wq, &afs_mntpt_expiry_timer,
|
|
afs_mntpt_expiry_timeout * HZ);
|
|
_leave(" = %p", newmnt);
|
|
return newmnt;
|
|
}
|
|
|
|
/*
|
|
* handle mountpoint expiry timer going off
|
|
*/
|
|
static void afs_mntpt_expiry_timed_out(struct work_struct *work)
|
|
{
|
|
_enter("");
|
|
|
|
if (!list_empty(&afs_vfsmounts)) {
|
|
mark_mounts_for_expiry(&afs_vfsmounts);
|
|
queue_delayed_work(afs_wq, &afs_mntpt_expiry_timer,
|
|
afs_mntpt_expiry_timeout * HZ);
|
|
}
|
|
|
|
_leave("");
|
|
}
|
|
|
|
/*
|
|
* kill the AFS mountpoint timer if it's still running
|
|
*/
|
|
void afs_mntpt_kill_timer(void)
|
|
{
|
|
_enter("");
|
|
|
|
ASSERT(list_empty(&afs_vfsmounts));
|
|
cancel_delayed_work_sync(&afs_mntpt_expiry_timer);
|
|
}
|