From: Bernd Schubert <bernd@bsbernd.com>
To: "Darrick J. Wong" <djwong@kernel.org>
Cc: linux-fsdevel@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>,
Joanne Koong <joannelkoong@gmail.com>,
Bernd Schubert <bschubert@ddn.com>
Subject: Re: [PATCH 15/19] Split the fusermount do_mount function
Date: Tue, 24 Mar 2026 22:05:13 +0100 [thread overview]
Message-ID: <a2ec8f5d-ffa4-4971-b05d-a0c5280c56b9@bsbernd.com> (raw)
In-Reply-To: <20260324001414.GP6202@frogsfrogsfrogs>
On 3/24/26 01:14, Darrick J. Wong wrote:
> On Mon, Mar 23, 2026 at 06:45:10PM +0100, Bernd Schubert wrote:
>> From: Bernd Schubert <bschubert@ddn.com>
>>
>> We will need new API and old API and need to pass the options to
>> two different functions - factor out the option parsing.
>>
>> Signed-off-by: Bernd Schubert <bschubert@ddn.com>
>> ---
>> util/fusermount.c | 298 +++++++++++++++++++++++++++++++++++++-----------------
>> 1 file changed, 205 insertions(+), 93 deletions(-)
>>
>> diff --git a/util/fusermount.c b/util/fusermount.c
>> index f17b44f51142c682b339d0ce2287f7c00d644454..ecf509bb80d5cd129f6e582f1ec666502c55603a 100644
>> --- a/util/fusermount.c
>> +++ b/util/fusermount.c
>> @@ -917,30 +917,132 @@ static int mount_notrunc(const char *source, const char *target,
>> return mount(source, target, filesystemtype, mountflags, data);
>> }
>>
>> +struct mount_params {
>> + /* Input parameters */
>> + int fd; /* /dev/fuse file descriptor */
>> + mode_t rootmode; /* Root mode from stat */
>> + const char *dev; /* Device path (/dev/fuse) */
>>
>> -static int do_mount(const char *mnt, const char **typep, mode_t rootmode,
>> - int fd, const char *opts, const char *dev, char **sourcep,
>> - char **mnt_optsp)
>> + /* Parsed mount options */
>> + unsigned long flags; /* Mount flags (MS_NOSUID, etc.) */
>> + char *optbuf; /* Kernel mount options buffer */
>> + char *fsname; /* Filesystem name from options */
>> + char *subtype; /* Subtype from options */
>> + int blkdev; /* Block device flag */
>> +
>> + /* Generated mount parameters */
>> + char *source; /* Mount source string */
>> + char *type; /* Filesystem type string */
>> + char *mnt_opts; /* Mount table options */
>> +
>> + /* Pointer for optbuf manipulation */
>> + char *optbuf_end; /* Points to end of optbuf for sprintf */
>> +};
>> +
>> +static void free_mount_params(struct mount_params *mp)
>> +{
>> + free(mp->optbuf);
>> + free(mp->fsname);
>> + free(mp->subtype);
>> + free(mp->source);
>> + free(mp->type);
>> + free(mp->mnt_opts);
>> +}
>> +
>> +/*
>> + * Check if option is deprecated large_read.
>> + *
>> + * Returns true if the option should be skipped (large_read on kernel > 2.4),
>> + * false otherwise (all other options or large_read on old kernels).
>> + */
>> +static bool check_large_read(const char *opt, unsigned int len)
>> +{
>> + struct utsname utsname;
>> + unsigned int kmaj, kmin;
>> + int res;
>> +
>> + if (!opt_eq(opt, len, "large_read"))
>> + return false;
>> +
>> + res = uname(&utsname);
>> + if (res == 0 &&
>> + sscanf(utsname.release, "%u.%u", &kmaj, &kmin) == 2 &&
>> + (kmaj > 2 || (kmaj == 2 && kmin > 4))) {
>> + fprintf(stderr,
>> + "%s: note: 'large_read' mount option is deprecated for %i.%i kernels\n",
>> + progname, kmaj, kmin);
>> + return true;
>
> Ugh, you can drop the uname and all that. Nobody's running 2.4 kernels
> anymore, right?
Added a new commit that removes this. If someone complains I can recvert
that
>
>> + }
>> + return false;
>> +}
>> +
>> +/*
>> + * Check if user has permission to use allow_other or allow_root options.
>> + *
>> + * Returns -1 if permission denied, 0 if allowed or option is not
>> + * allow_other/allow_root.
>> + */
>> +static int check_allow_permission(const char *opt, unsigned int len)
>> +{
>> + if (getuid() != 0 && !user_allow_other &&
>> + (opt_eq(opt, len, "allow_other") || opt_eq(opt, len, "allow_root"))) {
>> + fprintf(stderr, "%s: option %.*s only allowed if 'user_allow_other' is set in %s\n",
>> + progname, len, opt, FUSE_CONF);
>> + return -1;
>> + }
>> + return 0;
>> +}
>> +
>> +/*
>> + * Process generic mount option.
>> + *
>> + * Handles mount flags (ro, rw, suid, etc.), kernel options
>> + * (default_permissions, allow_other, max_read, blksize), or exits on
>> + * unknown options.
>> + */
>> +static int process_generic_option(const char *opt, unsigned int len,
>> + unsigned long *flags, char **dest)
>> +{
>> + int on;
>> + int flag;
>> +
>> + if (find_mount_flag(opt, len, &on, &flag)) {
>> + if (on)
>> + *flags |= flag;
>> + else
>> + *flags &= ~flag;
>> + return 0;
>> + }
>> +
>> + if (opt_eq(opt, len, "default_permissions") ||
>> + opt_eq(opt, len, "allow_other") ||
>> + begins_with(opt, "max_read=") ||
>> + begins_with(opt, "blksize=")) {
>> + memcpy(*dest, opt, len);
>> + *dest += len;
>> + **dest = ',';
>> + (*dest)++;
>> + return 0;
>> + }
>> +
>> + fprintf(stderr, "%s: unknown option '%.*s'\n", progname, len, opt);
>> + exit(1);
>> +}
>> +
>> +static int prepare_mount(const char *opts, struct mount_params *mp)
>> {
>> int res;
>> - int flags = MS_NOSUID | MS_NODEV;
>> - char *optbuf;
>> - char *mnt_opts = NULL;
>> const char *s;
>> char *d;
>> - char *fsname = NULL;
>> - char *subtype = NULL;
>> - char *source = NULL;
>> - char *type = NULL;
>> - int blkdev = 0;
>>
>> - optbuf = (char *) malloc(strlen(opts) + 128);
>> - if (!optbuf) {
>> + mp->flags = MS_NOSUID | MS_NODEV;
>> + mp->optbuf = (char *) malloc(strlen(opts) + 128);
>> + if (!mp->optbuf) {
>> fprintf(stderr, "%s: failed to allocate memory\n", progname);
>> return -1;
>> }
>>
>> - for (s = opts, d = optbuf; *s;) {
>> + for (s = opts, d = mp->optbuf; *s;) {
>> unsigned len;
>> const char *fsname_str = "fsname=";
>> const char *subtype_str = "subtype=";
>> @@ -953,10 +1055,10 @@ static int do_mount(const char *mnt, const char **typep, mode_t rootmode,
>> break;
>> }
>> if (begins_with(s, fsname_str)) {
>> - if (!get_string_opt(s, len, fsname_str, &fsname))
>> + if (!get_string_opt(s, len, fsname_str, &mp->fsname))
>> goto err;
>> } else if (begins_with(s, subtype_str)) {
>> - if (!get_string_opt(s, len, subtype_str, &subtype))
>> + if (!get_string_opt(s, len, subtype_str, &mp->subtype))
>> goto err;
>> } else if (opt_eq(s, len, "blkdev")) {
>> if (getuid() != 0) {
>> @@ -965,7 +1067,7 @@ static int do_mount(const char *mnt, const char **typep, mode_t rootmode,
>> progname);
>> goto err;
>> }
>> - blkdev = 1;
>> + mp->blkdev = 1;
>> } else if (opt_eq(s, len, "auto_unmount")) {
>> auto_unmount = 1;
>> } else if (!opt_eq(s, len, "nonempty") &&
>> @@ -973,122 +1075,132 @@ static int do_mount(const char *mnt, const char **typep, mode_t rootmode,
>> !begins_with(s, "rootmode=") &&
>> !begins_with(s, "user_id=") &&
>> !begins_with(s, "group_id=")) {
>> - int on;
>> - int flag;
>> - int skip_option = 0;
>> - if (opt_eq(s, len, "large_read")) {
>> - struct utsname utsname;
>> - unsigned kmaj, kmin;
>> - res = uname(&utsname);
>> - if (res == 0 &&
>> - sscanf(utsname.release, "%u.%u",
>> - &kmaj, &kmin) == 2 &&
>> - (kmaj > 2 || (kmaj == 2 && kmin > 4))) {
>> - fprintf(stderr, "%s: note: 'large_read' mount option is deprecated for %i.%i kernels\n", progname, kmaj, kmin);
>> - skip_option = 1;
>> - }
>> - }
>> - if (getuid() != 0 && !user_allow_other &&
>> - (opt_eq(s, len, "allow_other") ||
>> - opt_eq(s, len, "allow_root"))) {
>> - fprintf(stderr, "%s: option %.*s only allowed if 'user_allow_other' is set in %s\n", progname, len, s, FUSE_CONF);
>> + bool skip;
>> +
>> + if (check_allow_permission(s, len) == -1)
>> goto err;
>> - }
>> - if (!skip_option) {
>> - if (find_mount_flag(s, len, &on, &flag)) {
>> - if (on)
>> - flags |= flag;
>> - else
>> - flags &= ~flag;
>> - } else if (opt_eq(s, len, "default_permissions") ||
>> - opt_eq(s, len, "allow_other") ||
>> - begins_with(s, "max_read=") ||
>> - begins_with(s, "blksize=")) {
>> - memcpy(d, s, len);
>> - d += len;
>> - *d++ = ',';
>> - } else {
>> - fprintf(stderr, "%s: unknown option '%.*s'\n", progname, len, s);
>> - exit(1);
>> - }
>> - }
>> +
>> + skip = check_large_read(s, len);
>> +
>> + /*
>> + * Skip deprecated large_read to avoid passing it to
>> + * kernel which would reject it as unknown option.
>> + */
>> + if (!skip)
>> + process_generic_option(s, len, &mp->flags, &d);
>> }
>> s += len;
>> if (*s)
>> s++;
>> }
>> *d = '\0';
>> - res = get_mnt_opts(flags, optbuf, &mnt_opts);
>> + res = get_mnt_opts(mp->flags, mp->optbuf, &mp->mnt_opts);
>> if (res == -1)
>> goto err;
>>
>> + mp->optbuf_end = d;
>> +
>> sprintf(d, "fd=%i,rootmode=%o,user_id=%u,group_id=%u",
>> - fd, rootmode, getuid(), getgid());
>> + mp->fd, mp->rootmode, getuid(), getgid());
>>
>> - source = malloc((fsname ? strlen(fsname) : 0) +
>> - (subtype ? strlen(subtype) : 0) + strlen(dev) + 32);
>> + mp->source = malloc((mp->fsname ? strlen(mp->fsname) : 0) +
>> + (mp->subtype ? strlen(mp->subtype) : 0) + strlen(mp->dev) + 32);
>>
>> - type = malloc((subtype ? strlen(subtype) : 0) + 32);
>> - if (!type || !source) {
>> + mp->type = malloc((mp->subtype ? strlen(mp->subtype) : 0) + 32);
>> + if (!mp->type || !mp->source) {
>> fprintf(stderr, "%s: failed to allocate memory\n", progname);
>> goto err;
>> }
>>
>> - if (subtype)
>> - sprintf(type, "%s.%s", blkdev ? "fuseblk" : "fuse", subtype);
>> + if (mp->subtype)
>> + sprintf(mp->type, "%s.%s", mp->blkdev ? "fuseblk" : "fuse", mp->subtype);
>> else
>> - strcpy(type, blkdev ? "fuseblk" : "fuse");
>> + strcpy(mp->type, mp->blkdev ? "fuseblk" : "fuse");
>
> Hrm, maybe the patch adding fuse_mnt_build_source / fuse_mnt_build_type
> should have done something about this code too.
>
> The straight-up conversion looks ok though.
Yeah, I need to do that in a later commit that makes these two functions
more generic.
Thanks,
Bernd
next prev parent reply other threads:[~2026-03-24 21:05 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-23 17:44 [PATCH 00/19] libfuse: Add support for synchronous init Bernd Schubert
2026-03-23 17:44 ` [PATCH 01/19] ci-build: Add environment logging Bernd Schubert
2026-03-23 17:44 ` [PATCH 02/19] Add 'STRCPY' to the checkpatch ignore option Bernd Schubert
2026-03-23 21:03 ` Darrick J. Wong
2026-03-23 17:44 ` [PATCH 03/19] checkpatch.pl: Add _Atomic to $Attribute patttern Bernd Schubert
2026-03-23 21:09 ` Darrick J. Wong
2026-03-23 17:44 ` [PATCH 04/19] Add a new daemonize API Bernd Schubert
2026-03-23 22:28 ` Darrick J. Wong
2026-03-24 17:36 ` Bernd Schubert
2026-03-24 22:20 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 05/19] Sync fuse_kernel.h with linux-6.18 Bernd Schubert
2026-03-23 21:16 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 06/19] mount.c: Split fuse_mount_sys to prepare privileged sync FUSE_INIT Bernd Schubert
2026-03-23 22:34 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 07/19] Add FUSE_MOUNT_FALLBACK_NEEDED define for -2 mount errors Bernd Schubert
2026-03-23 22:36 ` Darrick J. Wong
2026-03-24 18:03 ` Bernd Schubert
2026-03-23 17:45 ` [PATCH 08/19] Refactor mount code / move common functions to mount_util.c Bernd Schubert
2026-03-23 22:40 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 09/19] Move mount flags to mount_i.h Bernd Schubert
2026-03-23 22:45 ` Darrick J. Wong
2026-03-24 18:40 ` Bernd Schubert
2026-03-23 17:45 ` [PATCH 10/19] conftest.py: Add more valgrind filter patterns Bernd Schubert
2026-03-23 17:45 ` [PATCH 11/19] Add support for the new linux mount API Bernd Schubert
2026-03-23 23:42 ` Darrick J. Wong
2026-03-24 20:16 ` Bernd Schubert
2026-03-24 22:46 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 12/19] fuse mount: Support synchronous FUSE_INIT (privileged daemon) Bernd Schubert
2026-03-24 0:03 ` Darrick J. Wong
2026-03-24 20:42 ` Bernd Schubert
2026-03-24 22:50 ` Darrick J. Wong
2026-03-25 7:52 ` Bernd Schubert
2026-03-25 16:42 ` Darrick J. Wong
2026-03-26 19:32 ` Bernd Schubert
2026-03-26 22:33 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 13/19] Add fuse_session_set_debug() to enable debug output without foreground Bernd Schubert
2026-03-24 0:04 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 14/19] Move more generic mount code to mount_util.{c,h} Bernd Schubert
2026-03-24 0:06 ` Darrick J. Wong
2026-03-24 20:57 ` Bernd Schubert
2026-03-23 17:45 ` [PATCH 15/19] Split the fusermount do_mount function Bernd Schubert
2026-03-24 0:14 ` Darrick J. Wong
2026-03-24 21:05 ` Bernd Schubert [this message]
2026-03-24 22:53 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 16/19] fusermount: Refactor extract_x_options Bernd Schubert
2026-03-24 0:18 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 17/19] Make fusermount work bidirectional for sync init Bernd Schubert
2026-03-24 19:35 ` Darrick J. Wong
2026-03-24 21:24 ` Bernd Schubert
2026-03-24 22:59 ` Darrick J. Wong
2026-03-25 19:48 ` Bernd Schubert
2026-03-25 22:03 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 18/19] New mount API: Filter out "user=" Bernd Schubert
2026-03-24 19:51 ` Darrick J. Wong
2026-03-24 20:01 ` Bernd Schubert
2026-03-24 23:02 ` Darrick J. Wong
2026-03-23 17:45 ` [PATCH 19/19] Add support for sync-init of unprivileged daemons Bernd Schubert
2026-03-24 20:21 ` Darrick J. Wong
2026-03-24 21:53 ` Bernd Schubert
2026-03-24 23:13 ` Darrick J. Wong
2026-03-24 0:19 ` [PATCH 00/19] libfuse: Add support for synchronous init Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a2ec8f5d-ffa4-4971-b05d-a0c5280c56b9@bsbernd.com \
--to=bernd@bsbernd.com \
--cc=bschubert@ddn.com \
--cc=djwong@kernel.org \
--cc=joannelkoong@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox