From: "Chuck Lever" <cel@kernel.org>
To: "Amir Goldstein" <amir73il@gmail.com>,
"Christian Brauner" <brauner@kernel.org>
Cc: "Chuck Lever" <chuck.lever@oracle.com>,
"Jeff Layton" <jlayton@kernel.org>,
"Christoph Hellwig" <hch@lst.de>, NeilBrown <neil@brown.name>,
"Jan Kara" <jack@suse.cz>,
linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org
Subject: Re: [PATCH v3 2/2] nfsd: do not allow exporting of special kernel filesystems
Date: Wed, 28 Jan 2026 11:11:10 -0500 [thread overview]
Message-ID: <dce0e412-1a56-44b3-b910-29247ca23325@app.fastmail.com> (raw)
In-Reply-To: <20260128111645.902932-3-amir73il@gmail.com>
On Wed, Jan 28, 2026, at 6:16 AM, Amir Goldstein wrote:
> pidfs and nsfs recently gained support for encode/decode of file handles
> via name_to_handle_at(2)/opan_by_handle_at(2).
s/opan/open
One more below:
> These special kernel filesystems have custom ->open() and ->permission()
> export methods, which nfsd does not respect and it was never meant to be
> used for exporting those filesystems by nfsd.
>
> Therefore, do not allow nfsd to export filesystems with custom ->open()
> or ->permission() methods.
>
> Fixes: b3caba8f7a34a ("pidfs: implement file handle support")
> Fixes: 5222470b2fbb3 ("nsfs: support file handles")
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>
> ---
> fs/nfsd/export.c | 8 +++++---
> include/linux/exportfs.h | 9 +++++++++
> 2 files changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c
> index 2a1499f2ad196..09fe268fe2c76 100644
> --- a/fs/nfsd/export.c
> +++ b/fs/nfsd/export.c
> @@ -427,7 +427,8 @@ static int check_export(const struct path *path,
> int *flags, unsigned char *uuid
> * either a device number (so FS_REQUIRES_DEV needed)
> * or an FSID number (so NFSEXP_FSID or ->uuid is needed).
> * 2: We must be able to find an inode from a filehandle.
> - * This means that s_export_op must be set.
> + * This means that s_export_op must be set and comply with
> + * the requirements for remote filesystem export.
> * 3: We must not currently be on an idmapped mount.
> */
> if (!(inode->i_sb->s_type->fs_flags & FS_REQUIRES_DEV) &&
> @@ -437,8 +438,9 @@ static int check_export(const struct path *path,
> int *flags, unsigned char *uuid
> return -EINVAL;
> }
>
> - if (!exportfs_can_decode_fh(inode->i_sb->s_export_op)) {
> - dprintk("exp_export: export of invalid fs type.\n");
> + if (!exportfs_may_export(inode->i_sb->s_export_op)) {
> + dprintk("exp_export: export of invalid fs type (%s).\n",
> + inode->i_sb->s_type->name);
> return -EINVAL;
> }
>
> diff --git a/include/linux/exportfs.h b/include/linux/exportfs.h
> index fafd22ed4c648..bf3dee2ad5f97 100644
> --- a/include/linux/exportfs.h
> +++ b/include/linux/exportfs.h
> @@ -340,6 +340,15 @@ static inline bool exportfs_can_decode_fh(const
> struct export_operations *nop)
> return nop && nop->fh_to_dentry;
> }
>
> +static inline bool exportfs_may_export(const struct export_operations *nop)
> +{
> + /*
> + * Do not allow nfs export for filesystems with custom ->open() and
> + * ->permission() ops, which nfsd does not respect (e.g. pidfs, nsfs).
> + */
The comment says "with custom ->open() and ->permission() ops" but the
code blocks export if either one is set. The commit message correctly
says "or" - should the comment be updated to match?
> + return exportfs_can_decode_fh(nop) && !nop->open && !nop->permission;
> +}
> +
> static inline bool exportfs_can_encode_fh(const struct export_operations *nop,
> int fh_flags)
> {
> --
> 2.52.0
--
Chuck Lever
next prev parent reply other threads:[~2026-01-28 16:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-28 11:16 [PATCH v3 0/2] nfsd and special kernel filesystems Amir Goldstein
2026-01-28 11:16 ` [PATCH v3 1/2] exportfs: clarify the documentation of open()/permission() expotrfs ops Amir Goldstein
2026-01-28 16:09 ` Chuck Lever
2026-01-28 19:27 ` Amir Goldstein
2026-01-28 11:16 ` [PATCH v3 2/2] nfsd: do not allow exporting of special kernel filesystems Amir Goldstein
2026-01-28 16:11 ` Chuck Lever [this message]
2026-01-28 19:28 ` Amir Goldstein
2026-01-28 11:30 ` [PATCH v3 0/2] nfsd and " Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dce0e412-1a56-44b3-b910-29247ca23325@app.fastmail.com \
--to=cel@kernel.org \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=hch@lst.de \
--cc=jack@suse.cz \
--cc=jlayton@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=neil@brown.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox