Date: Tue, 21 May 2019 19:34:39 +0000 (UTC) From: Alan Somers <asomers@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r348062 - in projects/fuse2: sys/fs/fuse tests/sys/fs/fusefs Message-ID: <201905211934.x4LJYdgd084408@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: asomers Date: Tue May 21 19:34:39 2019 New Revision: 348062 URL: https://svnweb.freebsd.org/changeset/base/348062 Log: fusefs: Allow update mounts Allow "mount -u" to change some mount options for fusefs. Sponsored by: The FreeBSD Foundation Added: projects/fuse2/tests/sys/fs/fusefs/mount.cc (contents, props changed) Modified: projects/fuse2/sys/fs/fuse/fuse_ipc.h projects/fuse2/sys/fs/fuse/fuse_vfsops.c projects/fuse2/tests/sys/fs/fusefs/Makefile Modified: projects/fuse2/sys/fs/fuse/fuse_ipc.h ============================================================================== --- projects/fuse2/sys/fs/fuse/fuse_ipc.h Tue May 21 19:23:56 2019 (r348061) +++ projects/fuse2/sys/fs/fuse/fuse_ipc.h Tue May 21 19:34:39 2019 (r348062) @@ -206,6 +206,7 @@ struct fuse_data { int daemon_timeout; uint64_t notimpl; + uint64_t mnt_flag; }; #define FSESS_DEAD 0x0001 /* session is to be closed */ @@ -221,6 +222,11 @@ struct fuse_data { #define FSESS_NO_NAMECACHE 0x0400 /* disable name cache */ #define FSESS_NO_MMAP 0x0800 /* disable mmap */ #define FSESS_POSIX_LOCKS 0x2000 /* daemon supports POSIX locks */ +#define FSESS_MNTOPTS_MASK ( \ + FSESS_DAEMON_CAN_SPY | FSESS_PUSH_SYMLINKS_IN | \ + FSESS_DEFAULT_PERMISSIONS | FSESS_NO_ATTRCACHE | \ + FSESS_NO_READAHEAD | FSESS_NO_DATACACHE | \ + FSESS_NO_NAMECACHE | FSESS_NO_MMAP) enum fuse_data_cache_mode { FUSE_CACHE_UC, Modified: projects/fuse2/sys/fs/fuse/fuse_vfsops.c ============================================================================== --- projects/fuse2/sys/fs/fuse/fuse_vfsops.c Tue May 21 19:23:56 2019 (r348061) +++ projects/fuse2/sys/fs/fuse/fuse_vfsops.c Tue May 21 19:34:39 2019 (r348062) @@ -206,6 +206,57 @@ SDT_PROBE_DEFINE4(fusefs, , vfsops, mount_err, "char*" "struct mount*", "int"); static int +fuse_vfs_remount(struct mount *mp, struct thread *td, uint64_t mntopts, + uint32_t max_read, int daemon_timeout) +{ + int err = 0; + struct fuse_data *data = fuse_get_mpdata(mp); + /* Don't allow these options to be changed */ + const static unsigned long long cant_update_opts = + MNT_USER; /* Mount owner must be the user running the daemon */ + + FUSE_LOCK(); + + if ((mp->mnt_flag ^ data->mnt_flag) & cant_update_opts) { + err = EOPNOTSUPP; + SDT_PROBE4(fusefs, , vfsops, mount_err, + "Can't change these mount options during remount", + data, mp, err); + goto out; + } + if (((data->dataflags ^ mntopts) & FSESS_MNTOPTS_MASK) || + (data->max_read != max_read) || + (data->daemon_timeout != daemon_timeout)) { + // TODO: allow changing options where it makes sense + err = EOPNOTSUPP; + SDT_PROBE4(fusefs, , vfsops, mount_err, + "Can't change fuse mount options during remount", + data, mp, err); + goto out; + } + + if (fdata_get_dead(data)) { + err = ENOTCONN; + SDT_PROBE4(fusefs, , vfsops, mount_err, + "device is dead during mount", data, mp, err); + goto out; + } + + /* Sanity + permission checks */ + if (!data->daemoncred) + panic("fuse daemon found, but identity unknown"); + if (mntopts & FSESS_DAEMON_CAN_SPY) + err = priv_check(td, PRIV_VFS_FUSE_ALLOWOTHER); + if (err == 0 && td->td_ucred->cr_uid != data->daemoncred->cr_uid) + /* are we allowed to do the first mount? */ + err = priv_check(td, PRIV_VFS_FUSE_MOUNT_NONUSER); + +out: + FUSE_UNLOCK(); + return err; +} + +static int fuse_vfsop_mount(struct mount *mp) { int err; @@ -231,12 +282,8 @@ fuse_vfsop_mount(struct mount *mp) __mntopts = 0; td = curthread; - if (mp->mnt_flag & MNT_UPDATE) - return EOPNOTSUPP; - MNT_ILOCK(mp); mp->mnt_flag |= MNT_SYNCHRONOUS; - mp->mnt_data = NULL; MNT_IUNLOCK(mp); /* Get the new options passed to mount */ opts = mp->mnt_optnew; @@ -248,19 +295,6 @@ fuse_vfsop_mount(struct mount *mp) if (!vfs_getopts(opts, "fspath", &err)) return err; - /* `from' contains the device name (eg. /dev/fuse0); REQUIRED */ - fspec = vfs_getopts(opts, "from", &err); - if (!fspec) - return err; - - /* `fd' contains the filedescriptor for this session; REQUIRED */ - if (vfs_scanopt(opts, "fd", "%d", &fd) != 1) - return EINVAL; - - err = fuse_getdevice(fspec, td, &fdev); - if (err != 0) - return err; - /* * With the help of underscored options the mount program * can inform us from the flags it sets by default @@ -287,6 +321,25 @@ fuse_vfsop_mount(struct mount *mp) SDT_PROBE1(fusefs, , vfsops, mntopts, mntopts); + if (mp->mnt_flag & MNT_UPDATE) { + /*dev_rel(fdev);*/ + return fuse_vfs_remount(mp, td, mntopts, max_read, + daemon_timeout); + } + + /* `from' contains the device name (eg. /dev/fuse0); REQUIRED */ + fspec = vfs_getopts(opts, "from", &err); + if (!fspec) + return err; + + /* `fd' contains the filedescriptor for this session; REQUIRED */ + if (vfs_scanopt(opts, "fd", "%d", &fd) != 1) + return EINVAL; + + err = fuse_getdevice(fspec, td, &fdev); + if (err != 0) + return err; + err = fget(td, fd, &cap_read_rights, &fp); if (err != 0) { SDT_PROBE2(fusefs, , vfsops, trace, 1, @@ -330,6 +383,7 @@ fuse_vfsop_mount(struct mount *mp) data->dataflags |= mntopts; data->max_read = max_read; data->daemon_timeout = daemon_timeout; + data->mnt_flag = mp->mnt_flag & MNT_UPDATEMASK; FUSE_UNLOCK(); vfs_getnewfsid(mp); @@ -365,6 +419,7 @@ out: SDT_PROBE4(fusefs, , vfsops, mount_err, "mount failed, destroy device", data, mp, err); data->mp = NULL; + mp->mnt_data = NULL; fdata_trydestroy(data); } FUSE_UNLOCK(); Modified: projects/fuse2/tests/sys/fs/fusefs/Makefile ============================================================================== --- projects/fuse2/tests/sys/fs/fusefs/Makefile Tue May 21 19:23:56 2019 (r348061) +++ projects/fuse2/tests/sys/fs/fusefs/Makefile Tue May 21 19:34:39 2019 (r348062) @@ -25,6 +25,7 @@ GTESTS+= locks GTESTS+= lookup GTESTS+= mkdir GTESTS+= mknod +GTESTS+= mount GTESTS+= open GTESTS+= opendir GTESTS+= read Added: projects/fuse2/tests/sys/fs/fusefs/mount.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/fuse2/tests/sys/fs/fusefs/mount.cc Tue May 21 19:34:39 2019 (r348062) @@ -0,0 +1,152 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2019 The FreeBSD Foundation + * + * This software was developed by BFF Storage Systems, LLC under sponsorship + * from the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +extern "C" { +#include <sys/param.h> +#include <sys/mount.h> +#include <sys/uio.h> + +#include "mntopts.h" // for build_iovec +} + +#include "mockfs.hh" +#include "utils.hh" + +using namespace testing; + +class UpdateOk: public FuseTest, public WithParamInterface<const char*> {}; +class UpdateErr: public FuseTest, public WithParamInterface<const char*> {}; + +int mntflag_from_string(const char *s) +{ + if (0 == strcmp("MNT_RDONLY", s)) + return MNT_RDONLY; + else if (0 == strcmp("MNT_NOEXEC", s)) + return MNT_NOEXEC; + else if (0 == strcmp("MNT_NOSUID", s)) + return MNT_NOSUID; + else if (0 == strcmp("MNT_NOATIME", s)) + return MNT_NOATIME; + else if (0 == strcmp("MNT_SUIDDIR", s)) + return MNT_SUIDDIR; + else if (0 == strcmp("MNT_USER", s)) + return MNT_USER; + else + return 0; +} + +/* Some mount options can be changed by mount -u */ +TEST_P(UpdateOk, update) +{ + struct statfs statbuf; + struct iovec *iov = NULL; + int iovlen = 0; + int flag; + int newflags = MNT_UPDATE | MNT_SYNCHRONOUS; + + flag = mntflag_from_string(GetParam()); + if (flag == MNT_NOSUID && 0 != geteuid()) + GTEST_SKIP() << "Only root may clear MNT_NOSUID"; + if (flag == MNT_SUIDDIR && 0 != geteuid()) + GTEST_SKIP() << "Only root may set MNT_SUIDDIR"; + + EXPECT_CALL(*m_mock, process( + ResultOf([](auto in) { + return (in->header.opcode == FUSE_STATFS); + }, Eq(true)), + _) + ).WillRepeatedly(Invoke(ReturnImmediate([=](auto in __unused, auto out) { + /* + * All of the fields except f_flags are don't care, and f_flags is set by + * the VFS + */ + SET_OUT_HEADER_LEN(out, statfs); + }))); + + ASSERT_EQ(0, statfs("mountpoint", &statbuf)) << strerror(errno); + newflags = (statbuf.f_flags | MNT_UPDATE) ^ flag; + + build_iovec(&iov, &iovlen, "fstype", (void*)statbuf.f_fstypename, -1); + build_iovec(&iov, &iovlen, "fspath", (void*)statbuf.f_mntonname, -1); + build_iovec(&iov, &iovlen, "from", __DECONST(void *, "/dev/fuse"), -1); + ASSERT_EQ(0, nmount(iov, iovlen, newflags)) << strerror(errno); + + ASSERT_EQ(0, statfs("mountpoint", &statbuf)) << strerror(errno); + EXPECT_FALSE((newflags ^ statbuf.f_flags) & flag); +} + +/* Some mount options cannnot be changed by mount -u */ +TEST_P(UpdateErr, update) +{ + struct statfs statbuf; + struct iovec *iov = NULL; + int iovlen = 0; + int flag; + int newflags = MNT_UPDATE | MNT_SYNCHRONOUS; + + flag = mntflag_from_string(GetParam()); + EXPECT_CALL(*m_mock, process( + ResultOf([](auto in) { + return (in->header.opcode == FUSE_STATFS); + }, Eq(true)), + _) + ).WillRepeatedly(Invoke(ReturnImmediate([=](auto in __unused, auto out) { + /* + * All of the fields except f_flags are don't care, and f_flags is set by + * the VFS + */ + SET_OUT_HEADER_LEN(out, statfs); + }))); + + ASSERT_EQ(0, statfs("mountpoint", &statbuf)) << strerror(errno); + newflags = (statbuf.f_flags | MNT_UPDATE) ^ flag; + + build_iovec(&iov, &iovlen, "fstype", (void*)statbuf.f_fstypename, -1); + build_iovec(&iov, &iovlen, "fspath", (void*)statbuf.f_mntonname, -1); + build_iovec(&iov, &iovlen, "from", __DECONST(void *, "/dev/fuse"), -1); + /* + * Don't check nmount's return value, because vfs_domount may "fix" the + * options for us. The important thing is to check the final value of + * statbuf.f_flags below. + */ + (void)nmount(iov, iovlen, newflags); + + ASSERT_EQ(0, statfs("mountpoint", &statbuf)) << strerror(errno); + EXPECT_TRUE((newflags ^ statbuf.f_flags) & flag); +} + +INSTANTIATE_TEST_CASE_P(Mount, UpdateOk, + ::testing::Values("MNT_RDONLY", "MNT_NOEXEC", "MNT_NOSUID", "MNT_NOATIME", + "MNT_SUIDDIR") +); + +INSTANTIATE_TEST_CASE_P(Mount, UpdateErr, + ::testing::Values( "MNT_USER"); +);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201905211934.x4LJYdgd084408>