git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	J. Bruce Fields <bfields@redhat.com>
	Mon, 11 Jan 2021 21:01:29 +0000 (16:01 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 23 Jan 2021 14:49:55 +0000 (15:49 +0100)
commit	a08c2e586ad047fcea3f75664cca0915c77934fe
tree	10ba68df78d79203d9cfb79a2ff3d9db43246dad	tree
parent	b14b19592c02b8714713ebca2db70bd17c46d670	commit \| diff

nfsd4: readdirplus shouldn't return parent of export

commit 51b2ee7d006a736a9126e8111d1f24e4fd0afaa6 upstream.

If you export a subdirectory of a filesystem, a READDIRPLUS on the root
of that export will return the filehandle of the parent with the ".."
entry.

The filehandle is optional, so let's just not return the filehandle for
".." if we're at the root of an export.

Note that once the client learns one filehandle outside of the export,
they can trivially access the rest of the export using further lookups.

However, it is also not very difficult to guess filehandles outside of
the export. So exporting a subdirectory of a filesystem should
considered equivalent to providing access to the entire filesystem. To
avoid confusion, we recommend only exporting entire filesystems.

Reported-by: Youjipeng <wangzhibei1999@gmail.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>