From: Trond Myklebust <trond.myklebust@hammerspace.com> mainline inclusion from mainline-v6.19-rc1 commit 8675c69816e4276b979ff475ee5fac4688f80125 category: bugfix bugzilla: https://atomgit.com/src-openeuler/kernel/issues/13299 CVE: CVE-2025-68764 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i... -------------------------------- When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag. Reported-by: Li Lingfeng <lilingfeng3@huawei.com> Link: https://lore.kernel.org/all/20240604112636.236517-3-lilingfeng@huaweicloud.c... Fixes: f2aedb713c28 ("NFS: Add fs_context support.") Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: Wang Zhaolong <wangzhaolong@huaweicloud.com> --- fs/nfs/namespace.c | 6 ++++++ fs/nfs/super.c | 4 ---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/fs/nfs/namespace.c b/fs/nfs/namespace.c index e7494cdd957e..40d7163bca87 100644 --- a/fs/nfs/namespace.c +++ b/fs/nfs/namespace.c @@ -147,10 +147,11 @@ struct vfsmount *nfs_d_automount(struct path *path) struct nfs_fs_context *ctx; struct fs_context *fc; struct vfsmount *mnt = ERR_PTR(-ENOMEM); struct nfs_server *server = NFS_SB(path->dentry->d_sb); struct nfs_client *client = server->nfs_client; + unsigned long s_flags = path->dentry->d_sb->s_flags; int timeout = READ_ONCE(nfs_mountpoint_expiry_timeout); int ret; if (IS_ROOT(path->dentry)) return ERR_PTR(-ESTALE); @@ -172,10 +173,15 @@ struct vfsmount *nfs_d_automount(struct path *path) if (fc->net_ns != client->cl_net) { put_net(fc->net_ns); fc->net_ns = get_net(client->cl_net); } + /* Inherit the flags covered by NFS_SB_MASK */ + fc->sb_flags_mask |= NFS_SB_MASK; + fc->sb_flags &= ~NFS_SB_MASK; + fc->sb_flags |= s_flags & NFS_SB_MASK; + /* for submounts we want the same server; referrals will reassign */ memcpy(&ctx->nfs_server._address, &client->cl_addr, client->cl_addrlen); ctx->nfs_server.addrlen = client->cl_addrlen; ctx->nfs_server.port = server->port; diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 1c2969cb907e..9fa3d17981bd 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c @@ -1318,14 +1318,10 @@ int nfs_get_tree_common(struct fs_context *fc) /* -o noac implies -o sync */ if (server->flags & NFS_MOUNT_NOAC) fc->sb_flags |= SB_SYNCHRONOUS; - if (ctx->clone_data.sb) - if (ctx->clone_data.sb->s_flags & SB_SYNCHRONOUS) - fc->sb_flags |= SB_SYNCHRONOUS; - /* Get a superblock - note that we may end up sharing one that already exists */ fc->s_fs_info = server; s = sget_fc(fc, compare_super, nfs_set_super); fc->s_fs_info = NULL; if (IS_ERR(s)) { -- 2.34.3