git: 6e227714e9a5 - stable/13 - vfs_mount.c: fix vfs_domount() for PRIV_VFS_MOUNT_EXPORTED

From: Rick Macklem <>
Date: Fri, 30 Dec 2022 01:54:16 UTC
The branch stable/13 has been updated by rmacklem:


commit 6e227714e9a58007a30d7afb8f14bfffd321109c
Author:     Rick Macklem <>
AuthorDate: 2022-12-16 21:01:23 +0000
Commit:     Rick Macklem <>
CommitDate: 2022-12-30 01:53:23 +0000

    vfs_mount.c: fix vfs_domount() for PRIV_VFS_MOUNT_EXPORTED
    It appears that, prior to r158857 vfs_domount() checked
    suser() when MNT_EXPORTED was specified.
    r158857 appears to have broken this, since MNT_EXPORTED
    was no longer set when mountd.c was converted to use nmount(2).
    r164033 replaced the suser() check with
    priv_check(td, PRIV_VFS_MOUNT_EXPORTED), which does the
    same thing (ie. checks for effective uid == 0 assuming suses_enabled
    is set).
    This patch restores this check by setting MNT_EXPORTED when the
    "export" mount option is specified to nmount().
    I think this is reasonable since only mountd(8) should be setting
    exports and I doubt any non-root mounted file system would
    be setting its own exports.
    (cherry picked from commit 195f1b124da4bf73d951cd251dffd9485672fe0a)
 sys/kern/vfs_mount.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c
index 6e2945c91e1c..d17e1c7fbbd7 100644
--- a/sys/kern/vfs_mount.c
+++ b/sys/kern/vfs_mount.c
@@ -781,6 +781,8 @@ vfs_donmount(struct thread *td, uint64_t fsflags, struct uio *fsoptions)
 			fsflags |= MNT_SYNCHRONOUS;
 		else if (strcmp(opt->name, "union") == 0)
 			fsflags |= MNT_UNION;
+		else if (strcmp(opt->name, "export") == 0)
+			fsflags |= MNT_EXPORTED;
 		else if (strcmp(opt->name, "automounted") == 0) {
 			fsflags |= MNT_AUTOMOUNTED;
 			do_freeopt = 1;