Re: kern/31507 (getcwd returns ERANGE after directory move across null mount)

[David Holland <dholland-bugs%netbsd.org@localhost>]

The following reply was made to PR kern/31507; it has been noted by GNATS.

From: David Holland <dholland-bugs%netbsd.org@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/31507 (getcwd returns ERANGE after directory move across
 null mount)
Date: Sun, 1 May 2011 01:40:43 +0000

 On Sun, May 01, 2011 at 12:35:40AM +0000, dholland%NetBSD.org@localhost wrote:
  > No answer to my question. But, without knowing what FS was under the null
  > mount, it's hard to know what steps to take. FFS in -4 should yield EXDEV
  > in this case... or so I believe anyway, but I might be wrong...
 
 Nope, I'm wrong. It appears that because the EXDEV checks are under
 the VFS interface, and because layer_bypass is too permissive, you can
 set up like this:
 
    mkdir /tmp/tree
    mkdir /tmp/tree/oak
    mkdir /tmp/tree/oak/leaf
    mkdir /tmp/null
    mount -t null /tmp/tree /tmp/null
    cd /tmp/null/oak/leaf
 
 then do:
 
    mv /tmp/null/oak/leaf /tmp/tree/
 
 and it will succeed. This doesn't crash -current, even if the moved
 directory is your working directory; it leaves you in the same state
 as if your working directory is rmdir'd under you.
 
 However, it ought not to be allowed.
 
 There is no legitimate reason to allow operations like this, so I'm
 highly inclined to add cross-device checks to do_sys_rename (like
 rmind recently did for link) and then pull them up to -4 and -5.
 
 -- 
 David A. Holland
 dholland%netbsd.org@localhost