From nobody Thu Oct 9 23:02:20 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cjQPS2wDNz6CHLx; Thu, 09 Oct 2025 23:02:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cjQPS1GmCz3sf1; Thu, 09 Oct 2025 23:02:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760050940; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tUtSV7CT8/enH69T38orFZtGJk27V6uiuW0/793l0To=; b=lFSlnHObdg8Pc7p8GJnNY+5SdbNnJDKdjHDSteMxDDss2vMBD/8Upou1fmhFE+KpbwLFxI dXtWF94prmaIyPzID+PJTf3HZVmeQJxiWlK9zOzGVCL1mh9InsYAn+s3Uuy/iu1e+9C1Ay PSpHCGeOdCn+4qWJ96WiOGKNsSUAvxD3Bz8UbUXn9z2520024pnEOOd2NG/ncqbVwfLTlh P+CEAUwsGkANmNNksytBRf8h9BQImMKx2VQtxYNzzfYxeHEPElRHwCL8F2uRUwpKrOXYiW 2l24qAvstsBKOVj3P26zG4OQ0Juh0TQWtpnM0oaxCqrZOc/6qiYB7IsHX+NUjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1760050940; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tUtSV7CT8/enH69T38orFZtGJk27V6uiuW0/793l0To=; b=LTjrZB0/FCYfQ8yF+Jj+HB+qO3mze+66w4AP4PvnQ0Wv8wM01WbhBbbxIVi+XECDaeEkz6 22RMaxCcEs+zBnMjr1nH5CqzlQsfT5a8vnGOuQ1GNJrJ2YeAtvo3QwmlA1gZVCUjpD+AZ1 3tD5Nlm+UNgrxN1zzOMyilDaG8KZA5GMiKWrcmiV4b4GYG7lYb/v7yGpTbq43qAVcmN3pW HIZng6XZbwhFKjh3I0WY4FEMgjJF0pVr5xVITsr+nAA9H7oz3Z4ddlE00idYNLY8Fb6FSt gyoFA39MISrBc3XHA+uktz60gLDrfZDhTegRc/38rLqwWs3yGD0rkYut1jBzQw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1760050940; a=rsa-sha256; cv=none; b=x6SZzPVCrZcV/SKQOviovMCt3JqDqA0Oe2lp3nsEt3P3riI/bJ/ErgMYglDF1j7g0vSNgl FLuAl5meH1r4oiXjZXaDSiWSGPzxZPtpPeYtKutom1LYsWXRDdyJIcmP0DQSo+W0q5cGXA I3w1m/JqfqayYkgsqqco6SdmM+FujhnCDQh0/xaBrDHoUtbsSPUD6YZvLFI1wEPOQKY5r7 7pSB3kKkS6p9J7vm/p3CerblsYRhR6YY7iSrMEC1PeIBKdJIc6TKsullC+owwJ/yK+la8S 7JgfXCG3mINI1qO9Tu7tBkQoD7bw/8ofmI37Fe0KKXR02I+AgdurbW/VyTgfqw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cjQPS0tcszfBW; Thu, 09 Oct 2025 23:02:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 599N2KCK056330; Thu, 9 Oct 2025 23:02:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 599N2Koi056327; Thu, 9 Oct 2025 23:02:20 GMT (envelope-from git) Date: Thu, 9 Oct 2025 23:02:20 GMT Message-Id: <202510092302.599N2Koi056327@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 6fa205a6233f - main - nullfs: add nounixbypass mount option List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6fa205a6233fea7c41ba0306c778bc5cab37ce7d Auto-Submitted: auto-generated The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=6fa205a6233fea7c41ba0306c778bc5cab37ce7d commit 6fa205a6233fea7c41ba0306c778bc5cab37ce7d Author: Konstantin Belousov AuthorDate: 2025-10-08 15:47:15 +0000 Commit: Konstantin Belousov CommitDate: 2025-10-09 22:47:36 +0000 nullfs: add nounixbypass mount option The option, when set, disables bypassing the unix socket vnode down to the lower mp, effectively preventing connection to nullfs unix socket from being acceptable from the lower mp (and vice versa). This is done by providing a vop vector that stops bypass for unp-related VOPs. I believe that VFS_VOP_VECTOR_REGISTER() does the right thing there regardless of the order of initialization. Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D52983 --- sys/fs/nullfs/null.h | 3 ++- sys/fs/nullfs/null_subr.c | 4 +++- sys/fs/nullfs/null_vfsops.c | 9 +++++++++ sys/fs/nullfs/null_vnops.c | 8 ++++++++ 4 files changed, 22 insertions(+), 2 deletions(-) diff --git a/sys/fs/nullfs/null.h b/sys/fs/nullfs/null.h index 17fd90203174..7bfdc20a3f67 100644 --- a/sys/fs/nullfs/null.h +++ b/sys/fs/nullfs/null.h @@ -39,6 +39,7 @@ #include #define NULLM_CACHE 0x0001 +#define NULLM_NOUNPBYPASS 0x0002 struct null_mount { struct mount *nullm_vfs; @@ -90,7 +91,7 @@ null_is_nullfs_vnode(struct vnode *vp) const struct vop_vector *op; op = vp->v_op; - return (op == &null_vnodeops); + return (op == &null_vnodeops || op == &null_vnodeops_no_unp_bypass); } extern uma_zone_t null_node_zone; diff --git a/sys/fs/nullfs/null_subr.c b/sys/fs/nullfs/null_subr.c index d7f847d449d0..a843ae44f121 100644 --- a/sys/fs/nullfs/null_subr.c +++ b/sys/fs/nullfs/null_subr.c @@ -240,7 +240,9 @@ null_nodeget(struct mount *mp, struct vnode *lowervp, struct vnode **vpp) */ xp = uma_zalloc_smr(null_node_zone, M_WAITOK); - error = getnewvnode("nullfs", mp, &null_vnodeops, &vp); + error = getnewvnode("nullfs", mp, (MOUNTTONULLMOUNT(mp)->nullm_flags & + NULLM_NOUNPBYPASS) != 0 ? &null_vnodeops_no_unp_bypass : + &null_vnodeops, &vp); if (error) { vput(lowervp); uma_zfree_smr(null_node_zone, xp); diff --git a/sys/fs/nullfs/null_vfsops.c b/sys/fs/nullfs/null_vfsops.c index 483d4182e65e..170a3dd51cd8 100644 --- a/sys/fs/nullfs/null_vfsops.c +++ b/sys/fs/nullfs/null_vfsops.c @@ -87,6 +87,8 @@ nullfs_mount(struct mount *mp) bool isvnunlocked; static const char cache_opt_name[] = "cache"; static const char nocache_opt_name[] = "nocache"; + static const char unixbypass_opt_name[] = "unixbypass"; + static const char nounixbypass_opt_name[] = "nounixbypass"; NULLFSDEBUG("nullfs_mount(mp = %p)\n", (void *)mp); @@ -222,6 +224,13 @@ nullfs_mount(struct mount *mp) &xmp->notify_node); } + if (vfs_getopt(mp->mnt_optnew, unixbypass_opt_name, NULL, NULL) == 0) { + ; + } else if (vfs_getopt(mp->mnt_optnew, nounixbypass_opt_name, NULL, + NULL) == 0) { + xmp->nullm_flags |= NULLM_NOUNPBYPASS; + } + if (lowerrootvp == mp->mnt_vnodecovered) { vn_lock(lowerrootvp, LK_EXCLUSIVE | LK_RETRY | LK_CANRECURSE); lowerrootvp->v_vflag |= VV_CROSSLOCK; diff --git a/sys/fs/nullfs/null_vnops.c b/sys/fs/nullfs/null_vnops.c index 4b9342f43870..d4baabeb40ab 100644 --- a/sys/fs/nullfs/null_vnops.c +++ b/sys/fs/nullfs/null_vnops.c @@ -1256,3 +1256,11 @@ struct vop_vector null_vnodeops = { .vop_copy_file_range = VOP_PANIC, }; VFS_VOP_VECTOR_REGISTER(null_vnodeops); + +struct vop_vector null_vnodeops_no_unp_bypass = { + .vop_default = &null_vnodeops, + .vop_unp_bind = vop_stdunp_bind, + .vop_unp_connect = vop_stdunp_connect, + .vop_unp_detach = vop_stdunp_detach, +}; +VFS_VOP_VECTOR_REGISTER(null_vnodeops_no_unp_bypass);