diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 707d1f67fb32a28a4093911fbce9c79dd838b63b..e93a6e95c031e21add44911aa57bce8c42c65938 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c @@ -279,6 +279,7 @@ static match_table_t nfs_vers_tokens = { struct nfs_mount_info { void (*fill_super)(struct super_block *, struct nfs_mount_info *); + int (*set_security)(struct super_block *, struct dentry *, struct nfs_mount_info *); struct nfs_parsed_mount_data *parsed; struct nfs_clone_mount *cloned; }; @@ -2312,6 +2313,22 @@ static int nfs_bdi_register(struct nfs_server *server) return bdi_register_dev(&server->backing_dev_info, server->s_dev); } +static int nfs_set_sb_security(struct super_block *s, struct dentry *mntroot, + struct nfs_mount_info *mount_info) +{ + return security_sb_set_mnt_opts(s, &mount_info->parsed->lsm_opts); +} + +static int nfs_clone_sb_security(struct super_block *s, struct dentry *mntroot, + struct nfs_mount_info *mount_info) +{ + /* clone any lsm security options from the parent to the new sb */ + security_sb_clone_mnt_opts(mount_info->cloned->sb, s); + if (mntroot->d_inode->i_op != NFS_SB(s)->nfs_client->rpc_ops->dir_inode_ops) + return -ESTALE; + return 0; +} + static struct dentry *nfs_fs_mount_common(struct file_system_type *fs_type, struct nfs_server *server, int flags, const char *dev_name, @@ -2355,14 +2372,14 @@ static struct dentry *nfs_fs_mount_common(struct file_system_type *fs_type, if (!s->s_root) { /* initial superblock/root creation */ mount_info->fill_super(s, mount_info); - nfs_get_cache_cookie(s, mount_info->parsed, NULL); + nfs_get_cache_cookie(s, mount_info->parsed, mount_info->cloned); } mntroot = nfs_get_root(s, mntfh, dev_name); if (IS_ERR(mntroot)) goto error_splat_super; - error = security_sb_set_mnt_opts(s, &mount_info->parsed->lsm_opts); + error = mount_info->set_security(s, mntroot, mount_info); if (error) goto error_splat_root; @@ -2393,6 +2410,7 @@ static struct dentry *nfs_fs_mount(struct file_system_type *fs_type, struct nfs_parsed_mount_data *data = NULL; struct nfs_mount_info mount_info = { .fill_super = nfs_fill_super, + .set_security = nfs_set_sb_security, }; struct nfs_fh *mntfh; struct dentry *mntroot = ERR_PTR(-ENOMEM); @@ -2463,13 +2481,8 @@ nfs_xdev_mount_common(struct file_system_type *fs_type, int flags, const char *dev_name, struct nfs_mount_info *mount_info) { struct nfs_clone_mount *data = mount_info->cloned; - struct super_block *s; struct nfs_server *server; - struct dentry *mntroot; - int (*compare_super)(struct super_block *, void *) = nfs_compare_super; - struct nfs_sb_mountdata sb_mntdata = { - .mntflags = flags, - }; + struct dentry *mntroot = ERR_PTR(-ENOMEM); int error; dprintk("--> nfs_xdev_mount_common()\n"); @@ -2478,71 +2491,17 @@ nfs_xdev_mount_common(struct file_system_type *fs_type, int flags, server = nfs_clone_server(NFS_SB(data->sb), data->fh, data->fattr, data->authflavor); if (IS_ERR(server)) { error = PTR_ERR(server); - goto out_err_noserver; - } - sb_mntdata.server = server; - - if (server->flags & NFS_MOUNT_UNSHARED) - compare_super = NULL; - - /* -o noac implies -o sync */ - if (server->flags & NFS_MOUNT_NOAC) - sb_mntdata.mntflags |= MS_SYNCHRONOUS; - - /* Get a superblock - note that we may end up sharing one that already exists */ - s = sget(&nfs_fs_type, compare_super, nfs_set_super, &sb_mntdata); - if (IS_ERR(s)) { - error = PTR_ERR(s); - goto out_err_nosb; - } - - if (s->s_fs_info != server) { - nfs_free_server(server); - server = NULL; - } else { - error = nfs_bdi_register(server); - if (error) - goto error_splat_bdi; - } - - if (!s->s_root) { - /* initial superblock/root creation */ - mount_info->fill_super(s, mount_info); - nfs_get_cache_cookie(s, NULL, data); - } - - mntroot = nfs_get_root(s, data->fh, dev_name); - if (IS_ERR(mntroot)) { - error = PTR_ERR(mntroot); - goto error_splat_super; - } - if (mntroot->d_inode->i_op != NFS_SB(s)->nfs_client->rpc_ops->dir_inode_ops) { - dput(mntroot); - error = -ESTALE; - goto error_splat_super; + goto out_err; } - s->s_flags |= MS_ACTIVE; - - /* clone any lsm security options from the parent to the new sb */ - security_sb_clone_mnt_opts(data->sb, s); - + mntroot = nfs_fs_mount_common(fs_type, server, flags, dev_name, data->fh, mount_info); dprintk("<-- nfs_xdev_mount_common() = 0\n"); +out: return mntroot; -out_err_nosb: - nfs_free_server(server); -out_err_noserver: +out_err: dprintk("<-- nfs_xdev_mount_common() = %d [error]\n", error); - return ERR_PTR(error); - -error_splat_super: - if (server && !s->s_root) - bdi_unregister(&server->backing_dev_info); -error_splat_bdi: - deactivate_locked_super(s); - dprintk("<-- nfs_xdev_mount_common() = %d [splat]\n", error); - return ERR_PTR(error); + goto out; } /* @@ -2554,6 +2513,7 @@ nfs_xdev_mount(struct file_system_type *fs_type, int flags, { struct nfs_mount_info mount_info = { .fill_super = nfs_clone_super, + .set_security = nfs_clone_sb_security, .cloned = raw_data, }; return nfs_xdev_mount_common(&nfs_fs_type, flags, dev_name, &mount_info); @@ -2740,6 +2700,7 @@ nfs4_remote_mount(struct file_system_type *fs_type, int flags, { struct nfs_mount_info mount_info = { .fill_super = nfs4_fill_super, + .set_security = nfs_set_sb_security, .parsed = raw_data, }; struct nfs_server *server; @@ -2949,6 +2910,7 @@ nfs4_xdev_mount(struct file_system_type *fs_type, int flags, { struct nfs_mount_info mount_info = { .fill_super = nfs4_clone_super, + .set_security = nfs_clone_sb_security, .cloned = raw_data, }; return nfs_xdev_mount_common(&nfs4_fs_type, flags, dev_name, &mount_info);