From: Dave Hansen <haveblue@us.ibm.com>
To: linux-fsdevel@vger.kernel.org
Cc: herbert@13thfloor.at, viro@ftp.linux.org.uk, hch@infradead.org,
trond.myklebust@fys.uio.no, Dave Hansen <haveblue@us.ibm.com>
Subject: [RFC][PATCH 27/27] create and pass read-only mnt flag into do_loopback()
Date: Wed, 07 Jun 2006 17:10:39 -0700 [thread overview]
Message-ID: <20060608001039.0CE3F5F2@localhost.localdomain> (raw)
In-Reply-To: <20060608001013.0D041507@localhost.localdomain>
Originally from: Herbert Poetzl <herbert@13thfloor.at>
This is the core of the read-only bind mount patch set.
This patch introduces MNT_RDONLY and ensures that it is
checked before any users may obtain write permissions
for a file through any mount.
Signed-off-by: Dave Hansen <haveblue@us.ibm.com>
---
lxc-dave/fs/file.c | 1 +
lxc-dave/fs/inode.c | 2 +-
lxc-dave/fs/namespace.c | 8 ++++++--
lxc-dave/include/linux/mount.h | 3 +++
lxc-dave/mm/filemap.c | 3 +++
5 files changed, 14 insertions(+), 3 deletions(-)
diff -puN fs/file.c~D8-actually-add-flags fs/file.c
--- lxc/fs/file.c~D8-actually-add-flags 2006-06-07 16:53:29.000000000 -0700
+++ lxc-dave/fs/file.c 2006-06-07 16:53:29.000000000 -0700
@@ -12,6 +12,7 @@
#include <linux/slab.h>
#include <linux/vmalloc.h>
#include <linux/file.h>
+#include <linux/mount.h>
#include <linux/bitops.h>
#include <linux/interrupt.h>
#include <linux/spinlock.h>
diff -puN fs/inode.c~D8-actually-add-flags fs/inode.c
--- lxc/fs/inode.c~D8-actually-add-flags 2006-06-07 16:53:29.000000000 -0700
+++ lxc-dave/fs/inode.c 2006-06-07 16:53:29.000000000 -0700
@@ -1185,7 +1185,7 @@ void touch_atime(struct vfsmount *mnt, s
struct inode *inode = dentry->d_inode;
struct timespec now;
- if (IS_RDONLY(inode))
+ if (IS_RDONLY(inode) || (mnt->mnt_flags & MNT_RDONLY))
return;
if ((inode->i_flags & S_NOATIME) ||
diff -puN fs/namespace.c~D8-actually-add-flags fs/namespace.c
--- lxc/fs/namespace.c~D8-actually-add-flags 2006-06-07 16:53:29.000000000 -0700
+++ lxc-dave/fs/namespace.c 2006-06-07 16:53:29.000000000 -0700
@@ -905,7 +905,8 @@ static int do_change_type(struct nameida
/*
* do loopback mount.
*/
-static int do_loopback(struct nameidata *nd, char *old_name, int recurse)
+static int do_loopback(struct nameidata *nd, char *old_name,
+ int recurse, int mnt_flags)
{
struct nameidata old_nd;
struct vfsmount *mnt = NULL;
@@ -943,6 +944,7 @@ static int do_loopback(struct nameidata
spin_unlock(&vfsmount_lock);
release_mounts(&umount_list);
}
+ mnt->mnt_flags = mnt_flags;
out:
up_write(&namespace_sem);
@@ -1403,6 +1405,8 @@ long do_mount(char *dev_name, char *dir_
((char *)data_page)[PAGE_SIZE - 1] = 0;
/* Separate the per-mountpoint flags */
+ if (flags & MS_RDONLY)
+ mnt_flags |= MNT_RDONLY;
if (flags & MS_NOSUID)
mnt_flags |= MNT_NOSUID;
if (flags & MS_NODEV)
@@ -1430,7 +1434,7 @@ long do_mount(char *dev_name, char *dir_
retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
data_page);
else if (flags & MS_BIND)
- retval = do_loopback(&nd, dev_name, flags & MS_REC);
+ retval = do_loopback(&nd, dev_name, flags & MS_REC, mnt_flags);
else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
retval = do_change_type(&nd, flags);
else if (flags & MS_MOVE)
diff -puN include/linux/mount.h~D8-actually-add-flags include/linux/mount.h
--- lxc/include/linux/mount.h~D8-actually-add-flags 2006-06-07 16:53:29.000000000 -0700
+++ lxc-dave/include/linux/mount.h 2006-06-07 16:53:29.000000000 -0700
@@ -24,6 +24,7 @@
#define MNT_NOEXEC 0x04
#define MNT_NOATIME 0x08
#define MNT_NODIRATIME 0x10
+#define MNT_RDONLY 0x20
#define MNT_SHRINKABLE 0x100
@@ -63,6 +64,8 @@ static inline struct vfsmount *mntget(st
static inline int mnt_want_write(struct vfsmount *mnt)
{
+ if (mnt->mnt_flags & MNT_RDONLY)
+ return -EROFS;
atomic_inc(&mnt->mnt_writers);
return 0;
}
diff -puN mm/filemap.c~D8-actually-add-flags mm/filemap.c
--- lxc/mm/filemap.c~D8-actually-add-flags 2006-06-07 16:53:29.000000000 -0700
+++ lxc-dave/mm/filemap.c 2006-06-07 16:53:29.000000000 -0700
@@ -23,6 +23,7 @@
#include <linux/mman.h>
#include <linux/pagemap.h>
#include <linux/file.h>
+#include <linux/mount.h>
#include <linux/uio.h>
#include <linux/hash.h>
#include <linux/writeback.h>
@@ -1960,6 +1961,8 @@ inline int generic_write_checks(struct f
return -EINVAL;
if (!isblk) {
+ if (file->f_vfsmnt->mnt_flags & MNT_RDONLY)
+ return -EROFS;
/* FIXME: this is for backwards compatibility with 2.4 */
if (file->f_flags & O_APPEND)
*pos = i_size_read(inode);
_
next prev parent reply other threads:[~2006-06-08 0:10 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-08 0:10 [RFC][PATCH 00/27] Read-only bind mounts Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 01/27] Add vfsmount writer count Dave Hansen
2006-06-08 10:33 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 02/27] vfs_rmdir: change if() into goto Dave Hansen
2006-06-08 10:37 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 04/27] elevate mnt writers for vfs_unlink() callers Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 03/27] do_rmdir(): elevate write count Dave Hansen
2006-06-08 10:42 ` Herbert Poetzl
2006-06-08 15:04 ` Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 05/27] elevate mnt writers for nfsd caller of vfs_mkdir() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 06/27] elevate write count during entire ncp_ioctl() Dave Hansen
2006-06-08 10:44 ` Herbert Poetzl
2006-06-08 15:07 ` Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 07/27] sys_mkdirat(): collapse if() Dave Hansen
2006-06-08 10:46 ` Herbert Poetzl
2006-06-08 15:10 ` Dave Hansen
2006-06-08 15:54 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 09/27] elevate mnt writers for sys_mkdirat() call of vfs_mkdir() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 08/27] sys_mkdirat(): one more goto Dave Hansen
2006-06-08 10:48 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 10/27] sys_symlinkat() collapse if()s Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 11/27] sys_symlinkat() collapse one more if () Dave Hansen
2006-06-08 10:49 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 13/27] sys_linkat(): elevate write count around vfs_link() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 12/27] sys_symlinkat() elevate write count around vfs_symlink() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 14/27] tricky: elevate write count files are open()ed Dave Hansen
2006-06-08 10:54 ` Herbert Poetzl
2006-06-08 15:12 ` Dave Hansen
2006-06-08 16:07 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 15/27] elevate writer count for do_sys_truncate() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 16/27] elevate write count for do_sys_utime() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 17/27] elevate write count for do_utimes() Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 18/27] sys_faccessat(): collapse if() Dave Hansen
2006-06-08 11:05 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 19/27] sys_faccessat() elevate writer count Dave Hansen
2006-06-08 11:03 ` Herbert Poetzl
2006-06-08 15:15 ` Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 20/27] unix_find_other() elevate write count for touch_atime() Dave Hansen
2006-06-08 11:07 ` Herbert Poetzl
2006-06-08 0:10 ` [RFC][PATCH 21/27] mount_is_safe(): add comment Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 22/27] sys_mknodat(): elevate write count for vfs_mknod/create() Dave Hansen
2006-06-08 11:16 ` Herbert Poetzl
2006-06-08 15:23 ` Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 23/27] elevate write count over calls to vfs_rename() Dave Hansen
2006-06-08 11:23 ` Herbert Poetzl
2006-06-08 15:24 ` Dave Hansen
2006-06-12 18:18 ` Al Viro
2006-06-12 18:29 ` Dave Hansen
2006-06-12 19:03 ` Al Viro
2006-06-08 0:10 ` [RFC][PATCH 24/27] elevate mount count for extended attributes Dave Hansen
2006-06-08 0:10 ` [RFC][PATCH 25/27] /proc/mounts: prep for flags from sb or mnt Dave Hansen
2006-06-08 11:25 ` Herbert Poetzl
2006-06-08 0:10 ` Dave Hansen [this message]
2006-06-08 0:10 ` [RFC][PATCH 26/27] /proc/mounts: treat ro/rw like the rest Dave Hansen
2006-06-08 11:26 ` Herbert Poetzl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060608001039.0CE3F5F2@localhost.localdomain \
--to=haveblue@us.ibm.com \
--cc=hch@infradead.org \
--cc=herbert@13thfloor.at \
--cc=linux-fsdevel@vger.kernel.org \
--cc=trond.myklebust@fys.uio.no \
--cc=viro@ftp.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).