Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Dec 2022 15:25:27 -0700
From:      Alan Somers <asomers@freebsd.org>
To:        Rick Macklem <rick.macklem@gmail.com>
Cc:        FreeBSD CURRENT <freebsd-current@freebsd.org>
Subject:   Re: What to do about a few lines in vfs_domount() never executed?
Message-ID:  <CAOtMX2hXN%2BG=uag5pfkLQukU2hZUKFax6SpqfnYdA_1zTM14Dg@mail.gmail.com>
In-Reply-To: <CAM5tNy7DM__tj4CQ0L_-ugo5krmEvLJgbU-WFLs47MrRBuGaNQ@mail.gmail.com>
References:  <CAM5tNy7DM__tj4CQ0L_-ugo5krmEvLJgbU-WFLs47MrRBuGaNQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
If you're 100.0% percent sure that it will never be run, you can
delete it.  But if you're only 99.9%, then I suggest converting it
into a KASSERT.

On Tue, Dec 13, 2022 at 3:20 PM Rick Macklem <rick.macklem@gmail.com> wrote:
>
> Hi,
>
> While working on getting mountd/nfsd to run in a vnet
> prison, I came across the following lines near the
> beginning of vfs_domount() in sys/kern/vfs_mount.c:
>
> if (fsflags & MNT_EXPORTED) {
>      error = priv_check(td, PRIV_VFS_MOUNT_EXPORTED);
>      if (error)
>            return (error);
> }
>
> #1 - Since MNT_EXPORTED is never set in fsflags, this code never
>      gets executed.
>      --> I am asking what to do with the above code, since that
>          changes for the patch that allows mountd to run in a vnet
>          prison.
> #2 - priv_check(td, PRIV_VFS_MOUNT_EXPORTED) always returns 0
>      because nothing in sys/kern/kern_priv.c checks
>      PRIV_VFS_MOUNT_EXPORTED.
>
> I don't know what the original author's thinking was w.r.t. this.
> Setting exports already checks that the mount operation can be
> done by the requestor.
>
> So, what do you think should be done with the above code snippet?
> - Consider it cruft and delete it.
> - Try and figure out what PRIV_VFS_MOUNT_EXPORTED should check?
> - Leave it as is. After the patch that allows mountd to run in
>   a vnet prison, MNT_EXPORTED will be set in fsflags, but the
>   priv_check() call will just return 0. (A little overhead,
>   but otherwise no semantics change.)
>
> rick
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2hXN%2BG=uag5pfkLQukU2hZUKFax6SpqfnYdA_1zTM14Dg>