Let's add your fix as a followon patch On Fri, Jul 29, 2016 at 8:31 AM, Sachin Prabhu <sprabhu@xxxxxxxxxx> wrote: > On Fri, 2016-07-29 at 14:11 +0100, Sachin Prabhu wrote: >> On Fri, 2016-06-10 at 17:16 +0200, Aurélien Aptel wrote: >> > >> > On Thu, 9 Jun 2016 21:27:34 +0200 Marcus Hoffmann >> > <marcus.hoffmann@xxxxxxxxxxxx> wrote: >> > > >> > > >> > > Hey Aurélien, >> > > with your script I can reproduce the bug locally now. >> > Good. >> > >> > > >> > > >> > > I can mount the share (which is on a Windows 8.1 vm) with a >> > > Windows >> > > 7 >> > > PC with the restricted user account. (Even in hard mode.) >> > > I can mount the share from Linux-cifs using the admin user but >> > > not >> > > the >> > > restricted user. >> > I've moved some things around. All of the prefix path components >> > are >> > now checked for accessibility in cifs_do_mount(). This is more >> > robust and it lets us set the CIFS_MOUNT_USE_PREFIX_PATH flag >> > earlier. >> > >> > I've updated the cifs_root_iget() to use the prefix path when >> > necessary >> > which should take care of the last case (hard mode). >> > >> > Please test my latest patch (attached). >> > >> > > >> > > >> > > (I noticed though that no user has access to the file in the >> > > shared >> > > dir. But this doesn't really matter for the test.) >> > Indeed. >> > >> >> Hello, >> >> Sorry for the late reply but this has to be a NACK from me. >> >> We need to check for CIFS_MOUNT_USE_PREFIX_PATH >> and if set, check cifs_sb->prepath for both old and new >> in cifs_match_super(). >> >> Else we have the following bug: >> >> Consider 2 different mounts on a server where root access is limited. >> I >> used the reproducer for this case but simply created a separate >> folder >> in the root directory to which the user has access. I then attempt to >> mount the 2 separate folders in 2 different locations. >> >> # mount -t cifs -vvv -o username=wintest1,password=xxx //vm140- >> 52/test2/sub/dir /mnt >> # mount -t cifs -vvv -o username=wintest1,password=xxx //vm140- >> 52/test2/sub2/ /mnt2 >> >> # grep mnt /proc/mounts >> //vm140-52/test2/sub/dir /mnt cifs >> rw,relatime,vers=1.0,cache=strict,username=wintest1,domain=ENG1,uid=0 >> ,n >> oforceuid,gid=0,noforcegid,addr=192.168.140.52,file_mode=0755,dir_mod >> e= >> 0755,nounix,serverino,mapposix,rsize=61440,wsize=16580,echo_interval= >> 60 >> ,actimeo=1 0 0 >> //vm140-52/test2/sub2/ /mnt2 cifs >> rw,relatime,vers=1.0,cache=strict,username=wintest1,domain=ENG1,uid=0 >> ,n >> oforceuid,gid=0,noforcegid,addr=192.168.140.52,file_mode=0755,dir_mod >> e= >> 0755,nounix,serverino,mapposix,rsize=61440,wsize=16580,echo_interval= >> 60 >> ,actimeo=1 0 0 >> >> but since we do not compare the prepath, we end up with the same >> share >> mounted at both mount points. This is the share mounted first. >> >> To confirm. >> >> # date >/mnt/test >> # cat /mnt/test /mnt2/test >> Fri 29 Jul 14:05:19 BST 2016 >> Fri 29 Jul 14:05:19 BST 2016 >> >> Steve, >> >> Can you recall the earlier patch or should I write a fix for this? >> >> Sachin Prabhu > > This bug in the patch was masked by another issue which was fixed by > the patch > > cifs: unbreak TCP session reuse > by Rabin Vincent which has been posted to go into upstream at the same > time as this patch. > > Sachin Prabhu -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
