Re: Mount failure due to restricted access to a point along the mount path

From: Pavel Shilovsky
Date: Thu May 16 2013 - 02:19:29 EST

2013/5/14 Jeff Layton <jlayton@xxxxxxxxxx>:
> On Fri, 10 May 2013 10:27:54 -0400
> Jeff Layton <jlayton@xxxxxxxxxx> wrote:
>> On Fri, 10 May 2013 16:13:30 +0200
>> Miklos Szeredi <miklos@xxxxxxxxxx> wrote:
>> > Hi,
>> >
>> > A while ago this was discussed:
>> >
>> >
>> >
>> > This is essentially a regression introduced by the shared superblock
>> > changes in 3.0 and several SUSE customers are complaining about it.
>> > I've created a temporary fix which reverts 29 commits related to the
>> > shared superblock changes. It works, but it's obviously not a
>> > permanent fix, especially since we definitely don't want to diverge
>> > from mainline.
>> >
>> > Is this issue being worked on? Don't other distros have similar reports?
>> >
>> > Thanks,
>> > Miklos
>> I don't know of anyone currently working on it. There are a couple of
>> possible approaches to fixing it, I think:
>> 1) if the dentries to get down to the root of the mount don't already
>> exist, then attach some sort of "placeholder" inode that can be fleshed
>> out later if and when the dentry is accessed via other means.
>> 2) do something like what NFS does (see commit 54ceac45). This becomes
>> a bit more complicated due to the fact that the server may not hand out
>> real inode numbers and we sometimes have to fake them up.
>> #1 is probably simpler to implement, but I'll confess that I haven't
>> thought through all of the potential problems with it.
> So, giving this some more thought, I think #2 is really the correct way
> to fix this. Here's the main problem though:
> Suppose someone mounts:
> //server/share/foo/bar/baz
> We make the sb->s_root point to the top level share, and then create a
> disconnected dentry for "baz" to return from ->mount.
> Then, a little while later, //server/share gets mounted separately and
> a user walks down to /foo/bar/baz within the same share.
> How do we ensure that we don't end up with two "baz" dentries in this
> situation? With NFS, we can be reasonably sure that there's a 1:1
> correspondance of filehandle to inode.
> Under CIFS, it's possible that it's faking up inode numbers if the
> server doesn't provide them via a UniqueID field. The only real
> identifying info we have for the inode in that case is the pathname.
> Perhaps we'd be best off to just rip out the sb sharing after all.
> Getting all of the corner cases right when the protocol and server
> implementations are so problematic is really, really difficult.
> If we do go that route, then the fscache code will need some work since
> it uses the sharename as a sb cookie.

Another option is to add mount options shared and nonshared (default)
like NFS already has and let users use
sharing capability if the permissions on server allow walking through
a share path to a mount root.

Best regards,
Pavel Shilovsky.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at