On Sat, Oct 01, 2016 at 06:01:34PM +0200, Martin Natano wrote:
> After committing the new MNT_NOPERM flag I got some complaints that my
> code doesn't work by people that recompiled mount_ffs, but didn't reboot
> to the new kernel. I don't blame them; in that situation sys_mount()
> silently ignores the unknown flag. IMHO we should check the flags more
> strictly. Ok?
I think we once had a simmilar problem, when someone tried to unmount
with MNT_DOOMED. So I like to check all flags at the beginning of
the system call.
But I think you should remove these from the mask:
/*
* Flags set by internal operations.
*/
#define MNT_LOCAL 0x00001000 /* filesystem is stored locally */
#define MNT_QUOTA 0x00002000 /* quotas are enabled on filesystem */
#define MNT_ROOTFS 0x00004000 /* identifies the root filesystem */
And I want this check also for sys_unmount().
bluhm
> Index: sys/mount.h
> ===================================================================
> RCS file: /cvs/src/sys/sys/mount.h,v
> retrieving revision 1.127
> diff -u -p -r1.127 mount.h
> --- sys/mount.h 10 Sep 2016 16:53:30 -0000 1.127
> +++ sys/mount.h 1 Oct 2016 15:36:11 -0000
> @@ -414,6 +414,11 @@ struct mount {
> #define MNT_DOOMED 0x08000000 /* device behind filesystem is gone */
>
> /*
> + * All mount flags.
> + */
> +#define MNT_FLAGMASK 0x0e0fffff
> +
> +/*
> * Flags for various system call interfaces.
> *
> * waitfor flags to vfs_sync() and getfsstat()
> Index: kern/vfs_syscalls.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v
> retrieving revision 1.265
> diff -u -p -r1.265 vfs_syscalls.c
> --- kern/vfs_syscalls.c 10 Sep 2016 16:53:30 -0000 1.265
> +++ kern/vfs_syscalls.c 1 Oct 2016 15:36:11 -0000
> @@ -117,6 +117,9 @@ sys_mount(struct proc *p, void *v, regis
> if ((error = suser(p, 0)))
> return (error);
>
> + if (flags & ~MNT_FLAGMASK)
> + return (EINVAL);
> +
> /*
> * Mount points must fit in MNAMELEN, not MAXPATHLEN.
> */
