nfs: don't share mounts between network namespaces
authorJ. Bruce Fields <bfields@redhat.com>
Tue, 3 May 2016 19:16:02 +0000 (15:16 -0400)
committerAnna Schumaker <Anna.Schumaker@Netapp.com>
Mon, 9 May 2016 13:05:40 +0000 (09:05 -0400)
There's no guarantee that an IP address in a different network namespace
actually represents the same endpoint.

Also, if we allow unprivileged nfs mounts some day then this might allow
an unprivileged user in another network namespace to misdirect somebody
else's nfs mounts.

If sharing between containers is really what's wanted then that could
still be arranged explicitly, for example with bind mounts.

Reported-by: "Eric W. Biederman" <ebiederm@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
fs/nfs/super.c

index f1268280244e4504c175db1844a306eefb1f0d00..ff537a2051888c9a151950b5d8ad0dda9e86a033 100644 (file)
@@ -2408,6 +2408,11 @@ static int nfs_compare_super_address(struct nfs_server *server1,
                                     struct nfs_server *server2)
 {
        struct sockaddr *sap1, *sap2;
+       struct rpc_xprt *xprt1 = server1->client->cl_xprt;
+       struct rpc_xprt *xprt2 = server2->client->cl_xprt;
+
+       if (!net_eq(xprt1->xprt_net, xprt2->xprt_net))
+               return 0;
 
        sap1 = (struct sockaddr *)&server1->nfs_client->cl_addr;
        sap2 = (struct sockaddr *)&server2->nfs_client->cl_addr;