Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757225Ab3ENIvf (ORCPT ); Tue, 14 May 2013 04:51:35 -0400 Received: from mx1.redhat.com ([209.132.183.28]:55678 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756785Ab3ENIvc (ORCPT ); Tue, 14 May 2013 04:51:32 -0400 Date: Tue, 14 May 2013 10:51:19 +0200 From: Jeff Layton To: Jeff Layton Cc: Miklos Szeredi , linux-cifs@vger.kernel.org, Steve French , Kernel Mailing List , sjayaraman@novell.com Subject: Re: Mount failure due to restricted access to a point along the mount path Message-ID: <20130514105119.66a5bc3f@corrin.poochiereds.net> In-Reply-To: <20130510102754.184cd90d@corrin.poochiereds.net> References: <20130510102754.184cd90d@corrin.poochiereds.net> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2842 Lines: 74 On Fri, 10 May 2013 10:27:54 -0400 Jeff Layton wrote: > On Fri, 10 May 2013 16:13:30 +0200 > Miklos Szeredi wrote: > > > Hi, > > > > A while ago this was discussed: > > > > http://thread.gmane.org/gmane.linux.kernel.cifs/7779 > > > > This is essentially a regression introduced by the shared superblock > > changes in 3.0 and several SUSE customers are complaining about it. > > I've created a temporary fix which reverts 29 commits related to the > > shared superblock changes. It works, but it's obviously not a > > permanent fix, especially since we definitely don't want to diverge > > from mainline. > > > > Is this issue being worked on? Don't other distros have similar reports? > > > > Thanks, > > Miklos > > I don't know of anyone currently working on it. There are a couple of > possible approaches to fixing it, I think: > > 1) if the dentries to get down to the root of the mount don't already > exist, then attach some sort of "placeholder" inode that can be fleshed > out later if and when the dentry is accessed via other means. > > 2) do something like what NFS does (see commit 54ceac45). This becomes > a bit more complicated due to the fact that the server may not hand out > real inode numbers and we sometimes have to fake them up. > > #1 is probably simpler to implement, but I'll confess that I haven't > thought through all of the potential problems with it. > So, giving this some more thought, I think #2 is really the correct way to fix this. Here's the main problem though: Suppose someone mounts: //server/share/foo/bar/baz We make the sb->s_root point to the top level share, and then create a disconnected dentry for "baz" to return from ->mount. Then, a little while later, //server/share gets mounted separately and a user walks down to /foo/bar/baz within the same share. How do we ensure that we don't end up with two "baz" dentries in this situation? With NFS, we can be reasonably sure that there's a 1:1 correspondance of filehandle to inode. Under CIFS, it's possible that it's faking up inode numbers if the server doesn't provide them via a UniqueID field. The only real identifying info we have for the inode in that case is the pathname. Perhaps we'd be best off to just rip out the sb sharing after all. Getting all of the corner cases right when the protocol and server implementations are so problematic is really, really difficult. If we do go that route, then the fscache code will need some work since it uses the sharename as a sb cookie. -- Jeff Layton -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/