From nobody Tue Dec 13 22:19:39 2022
X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NWtGL3cJcz4jhLR
	for <freebsd-current@mlmmj.nyi.freebsd.org>; Tue, 13 Dec 2022 22:19:54 +0000 (UTC)
	(envelope-from rick.macklem@gmail.com)
Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4NWtGK6G5xz3ns1
	for <freebsd-current@freebsd.org>; Tue, 13 Dec 2022 22:19:53 +0000 (UTC)
	(envelope-from rick.macklem@gmail.com)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=qd7Y3sRx;
	spf=pass (mx1.freebsd.org: domain of rick.macklem@gmail.com designates 2607:f8b0:4864:20::102c as permitted sender) smtp.mailfrom=rick.macklem@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
Received: by mail-pj1-x102c.google.com with SMTP id hd14-20020a17090b458e00b0021909875bccso2291740pjb.1
        for <freebsd-current@freebsd.org>; Tue, 13 Dec 2022 14:19:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=+HmsmmAOuJPq20Vzz3rIqWxQrnMSsnXxjhAALcU5XPY=;
        b=qd7Y3sRxrrAEVlGD9EjZb4twv8THnuAJE8Ua4w4VQ+tpIpvweySk5S8bALsWs54dTx
         91sAf3mcWNQkI+kYUbN8UKxUZ5Gvc19FBCucjSzgUpRXsTg0GpWKUcoupB084i2Nhr23
         gbpOvJTTjJSn56s5XrO0syHxmqX1xzIJ2Nk5yj4T1oC9P9BRX7A4GS1HlBRg9Ph9AsC4
         hcfqUd5d+R60s1c/2P4kl3dvsDRCQfVXdXf3XK3Cbvwcz82vyQE9u1IR+2apXy0MwExn
         zJi+kxW2XMAFKrgbowyU3aboYlKgXkDEYGxK+oF57du1MWRl9hYG9Br0QU7iwS2IPxDT
         m+6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=+HmsmmAOuJPq20Vzz3rIqWxQrnMSsnXxjhAALcU5XPY=;
        b=KKZjQyTldUDF+8kQLw/ACC6fuPJKuyMAm9mBWJSo31eq49bbVVf06rHQR7FNl/77U0
         LNCxsCLNpB7DeQN0dlEeBdtDnF3iGmr+76JtF1mtMwVUHWckgRvMIjyn2yKuxBqrSo0l
         lZhYY2bMM3XbVBAhgUBj9Brl8PU9zTAFeefLkweoggP8U466lv1VrqWISkH/DEWIX1Gq
         dVQeXn8A8wh6UrVpg5f1kMxE9MfZlmfw76KO3scwHdZ4EXHvxRT+PPf4zRgn2XK3QRx4
         eTpLqMWLW3NpPGtrHsPH+F+766xMlugyyf4BCAwNfxf8dqdf4cxxllzKBmOdEdBDVsUx
         8Wdw==
X-Gm-Message-State: AFqh2krCAI42e3dtNToofi7W/OpBCCYX74vz142bJzky0Ihb+WY6pqnR
	YhgUzEmI6wvE8Vofpxpkw4CSmeciQsUQTc8LYQci4lP8dWom
X-Google-Smtp-Source: AA0mqf4csZbByUYYH56lamZi/lF2+m8E3OHN+Mllq7LriwXVgObheI/oYt2QwjabZcxDShuy72mr9SNaPhpok/Psoks=
X-Received: by 2002:a17:90a:7e0a:b0:219:661f:9916 with SMTP id
 i10-20020a17090a7e0a00b00219661f9916mr31876pjl.200.1670969992586; Tue, 13 Dec
 2022 14:19:52 -0800 (PST)
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@freebsd.org
MIME-Version: 1.0
From: Rick Macklem <rick.macklem@gmail.com>
Date: Tue, 13 Dec 2022 14:19:39 -0800
Message-ID: <CAM5tNy7DM__tj4CQ0L_-ugo5krmEvLJgbU-WFLs47MrRBuGaNQ@mail.gmail.com>
Subject: What to do about a few lines in vfs_domount() never executed?
To: FreeBSD CURRENT <freebsd-current@freebsd.org>
Content-Type: multipart/alternative; boundary="000000000000d6a85d05efbd0464"
X-Spamd-Result: default: False [-0.55 / 15.00];
	SUBJECT_ENDS_QUESTION(1.00)[];
	NEURAL_SPAM_MEDIUM(0.94)[0.942];
	NEURAL_HAM_SHORT(-0.94)[-0.936];
	NEURAL_HAM_LONG(-0.55)[-0.551];
	DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
	R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112];
	R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
	MIME_GOOD(-0.10)[multipart/alternative,text/plain];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	RCVD_TLS_LAST(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org];
	RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::102c:from];
	FROM_HAS_DN(0.00)[];
	FREEMAIL_FROM(0.00)[gmail.com];
	DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
	MLMMJ_DEST(0.00)[freebsd-current@freebsd.org];
	DKIM_TRACE(0.00)[gmail.com:+];
	TO_DN_ALL(0.00)[];
	MID_RHS_MATCH_FROMTLD(0.00)[];
	ARC_NA(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	FREEMAIL_ENVFROM(0.00)[gmail.com];
	MIME_TRACE(0.00)[0:+,1:+,2:~];
	TAGGED_FROM(0.00)[];
	ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
	RCVD_COUNT_TWO(0.00)[2]
X-Rspamd-Queue-Id: 4NWtGK6G5xz3ns1
X-Spamd-Bar: /
X-ThisMailContainsUnwantedMimeParts: N

--000000000000d6a85d05efbd0464
Content-Type: text/plain; charset="UTF-8"

Hi,

While working on getting mountd/nfsd to run in a vnet
prison, I came across the following lines near the
beginning of vfs_domount() in sys/kern/vfs_mount.c:

if (fsflags & MNT_EXPORTED) {
     error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED);
     if (error)
           return (error);
}

#1 - Since MNT_EXPORTED is never set in fsflags, this code never
     gets executed.
     --> I am asking what to do with the above code, since that
         changes for the patch that allows mountd to run in a vnet
         prison.
#2 - priv_check(td, PRIV_VFS_MOUNT_EXPORTED) always returns 0
     because nothing in sys/kern/kern_priv.c checks
     PRIV_VFS_MOUNT_EXPORTED.

I don't know what the original author's thinking was w.r.t. this.
Setting exports already checks that the mount operation can be
done by the requestor.

So, what do you think should be done with the above code snippet?
- Consider it cruft and delete it.
- Try and figure out what PRIV_VFS_MOUNT_EXPORTED should check?
- Leave it as is. After the patch that allows mountd to run in
  a vnet prison, MNT_EXPORTED will be set in fsflags, but the
  priv_check() call will just return 0. (A little overhead,
  but otherwise no semantics change.)

rick

--000000000000d6a85d05efbd0464
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><div class=3D"gmail_default" style=3D"fon=
t-family:monospace">Hi,</div><div class=3D"gmail_default" style=3D"font-fam=
ily:monospace"><br></div><div class=3D"gmail_default" style=3D"font-family:=
monospace">While working on getting mountd/nfsd to run in a vnet</div><div =
class=3D"gmail_default" style=3D"font-family:monospace">prison, I came acro=
ss the following lines near the</div><div class=3D"gmail_default" style=3D"=
font-family:monospace">beginning of vfs_domount() in sys/kern/vfs_mount.c:<=
/div><div class=3D"gmail_default" style=3D"font-family:monospace"><br></div=
><div class=3D"gmail_default" style=3D"font-family:monospace">if (fsflags &=
amp; MNT_EXPORTED) {</div><div class=3D"gmail_default" style=3D"font-family=
:monospace">=C2=A0 =C2=A0 =C2=A0error =3D priv_check(td, PRIV_VFS_MOUNT_EXP=
ORTED);</div><div class=3D"gmail_default" style=3D"font-family:monospace">=
=C2=A0 =C2=A0 =C2=A0if (error)</div><div class=3D"gmail_default" style=3D"f=
ont-family:monospace">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0return (erro=
r);</div><div class=3D"gmail_default" style=3D"font-family:monospace">}</di=
v><div class=3D"gmail_default" style=3D"font-family:monospace"><br></div><d=
iv class=3D"gmail_default" style=3D"font-family:monospace">#1 - Since MNT_E=
XPORTED is never set in fsflags, this code never</div><div class=3D"gmail_d=
efault" style=3D"font-family:monospace">=C2=A0 =C2=A0 =C2=A0gets executed.<=
/div><div class=3D"gmail_default" style=3D"font-family:monospace">=C2=A0 =
=C2=A0 =C2=A0--&gt; I am asking what to do with the above code, since that<=
/div><div class=3D"gmail_default" style=3D"font-family:monospace">=C2=A0 =
=C2=A0 =C2=A0 =C2=A0 =C2=A0changes for the patch that allows mountd to run =
in a vnet</div><div class=3D"gmail_default" style=3D"font-family:monospace"=
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0prison.</div><div class=3D"gmail_default=
" style=3D"font-family:monospace">#2 - priv_check(td, PRIV_VFS_MOUNT_EXPORT=
ED) always returns 0</div><div class=3D"gmail_default" style=3D"font-family=
:monospace">=C2=A0 =C2=A0 =C2=A0because nothing in sys/kern/kern_priv.c che=
cks</div><div class=3D"gmail_default" style=3D"font-family:monospace">=C2=
=A0 =C2=A0 =C2=A0PRIV_VFS_MOUNT_EXPORTED.</div><div class=3D"gmail_default"=
 style=3D"font-family:monospace"><br></div><div class=3D"gmail_default" sty=
le=3D"font-family:monospace">I don&#39;t know what the original author&#39;=
s thinking was w.r.t. this.</div><div class=3D"gmail_default" style=3D"font=
-family:monospace">Setting exports already checks that the mount operation =
can be</div><div class=3D"gmail_default" style=3D"font-family:monospace">do=
ne by the requestor.</div><div class=3D"gmail_default" style=3D"font-family=
:monospace"><br></div><div class=3D"gmail_default" style=3D"font-family:mon=
ospace">So, what do you think should be done with the above code snippet?</=
div><div class=3D"gmail_default" style=3D"font-family:monospace">- Consider=
 it cruft and delete it.</div><div class=3D"gmail_default" style=3D"font-fa=
mily:monospace">- Try and figure out what PRIV_VFS_MOUNT_EXPORTED should ch=
eck?</div><div class=3D"gmail_default" style=3D"font-family:monospace">- Le=
ave it as is. After the patch that allows mountd to run in</div><div class=
=3D"gmail_default" style=3D"font-family:monospace">=C2=A0 a vnet prison, MN=
T_EXPORTED will be set in fsflags, but the</div><div class=3D"gmail_default=
" style=3D"font-family:monospace">=C2=A0 priv_check() call will just return=
 0. (A little overhead,</div><div class=3D"gmail_default" style=3D"font-fam=
ily:monospace">=C2=A0 but otherwise no semantics change.)</div><div class=
=3D"gmail_default" style=3D"font-family:monospace"><br></div><div class=3D"=
gmail_default" style=3D"font-family:monospace">rick</div><div class=3D"gmai=
l_default" style=3D"font-family:monospace"><br></div></div></div>

--000000000000d6a85d05efbd0464--