diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2008-06-24 16:33:46 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-07-09 12:09:42 -0400 |
commit | dd07c94750cb1ee4449fb0db06623e1865b3e26e (patch) | |
tree | 1174ad17481341baa7841ad9e1219de7c858a1fb | |
parent | 01060c896e3e1ef53dcb914301c186932cd31b81 (diff) |
NFS: Set security flavor default for NFSv2/3 mounts like other defaults
Set the default security flavor when we set the other mount option default
values. After this change, only the legacy user-space mount path needs to
set the NFS_MOUNT_SECFLAVOUR flag.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
-rw-r--r-- | fs/nfs/super.c | 22 |
1 files changed, 5 insertions, 17 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 6eb145ea71ac..2f7e7f20c917 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c | |||
@@ -856,8 +856,7 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt) | |||
856 | /* | 856 | /* |
857 | * Parse the value of the 'sec=' option. | 857 | * Parse the value of the 'sec=' option. |
858 | * | 858 | * |
859 | * The flags setting is for v2/v3. The flavor_len setting is for v4. | 859 | * The flavor_len setting is for v4 mounts. |
860 | * v2/v3 also need to know the difference between NULL and UNIX. | ||
861 | */ | 860 | */ |
862 | static int nfs_parse_security_flavors(char *value, | 861 | static int nfs_parse_security_flavors(char *value, |
863 | struct nfs_parsed_mount_data *mnt) | 862 | struct nfs_parsed_mount_data *mnt) |
@@ -868,57 +867,46 @@ static int nfs_parse_security_flavors(char *value, | |||
868 | 867 | ||
869 | switch (match_token(value, nfs_secflavor_tokens, args)) { | 868 | switch (match_token(value, nfs_secflavor_tokens, args)) { |
870 | case Opt_sec_none: | 869 | case Opt_sec_none: |
871 | mnt->flags &= ~NFS_MOUNT_SECFLAVOUR; | ||
872 | mnt->auth_flavor_len = 0; | 870 | mnt->auth_flavor_len = 0; |
873 | mnt->auth_flavors[0] = RPC_AUTH_NULL; | 871 | mnt->auth_flavors[0] = RPC_AUTH_NULL; |
874 | break; | 872 | break; |
875 | case Opt_sec_sys: | 873 | case Opt_sec_sys: |
876 | mnt->flags &= ~NFS_MOUNT_SECFLAVOUR; | ||
877 | mnt->auth_flavor_len = 0; | 874 | mnt->auth_flavor_len = 0; |
878 | mnt->auth_flavors[0] = RPC_AUTH_UNIX; | 875 | mnt->auth_flavors[0] = RPC_AUTH_UNIX; |
879 | break; | 876 | break; |
880 | case Opt_sec_krb5: | 877 | case Opt_sec_krb5: |
881 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
882 | mnt->auth_flavor_len = 1; | 878 | mnt->auth_flavor_len = 1; |
883 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5; | 879 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5; |
884 | break; | 880 | break; |
885 | case Opt_sec_krb5i: | 881 | case Opt_sec_krb5i: |
886 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
887 | mnt->auth_flavor_len = 1; | 882 | mnt->auth_flavor_len = 1; |
888 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I; | 883 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I; |
889 | break; | 884 | break; |
890 | case Opt_sec_krb5p: | 885 | case Opt_sec_krb5p: |
891 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
892 | mnt->auth_flavor_len = 1; | 886 | mnt->auth_flavor_len = 1; |
893 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P; | 887 | mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P; |
894 | break; | 888 | break; |
895 | case Opt_sec_lkey: | 889 | case Opt_sec_lkey: |
896 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
897 | mnt->auth_flavor_len = 1; | 890 | mnt->auth_flavor_len = 1; |
898 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY; | 891 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY; |
899 | break; | 892 | break; |
900 | case Opt_sec_lkeyi: | 893 | case Opt_sec_lkeyi: |
901 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
902 | mnt->auth_flavor_len = 1; | 894 | mnt->auth_flavor_len = 1; |
903 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI; | 895 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI; |
904 | break; | 896 | break; |
905 | case Opt_sec_lkeyp: | 897 | case Opt_sec_lkeyp: |
906 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
907 | mnt->auth_flavor_len = 1; | 898 | mnt->auth_flavor_len = 1; |
908 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP; | 899 | mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP; |
909 | break; | 900 | break; |
910 | case Opt_sec_spkm: | 901 | case Opt_sec_spkm: |
911 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
912 | mnt->auth_flavor_len = 1; | 902 | mnt->auth_flavor_len = 1; |
913 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM; | 903 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM; |
914 | break; | 904 | break; |
915 | case Opt_sec_spkmi: | 905 | case Opt_sec_spkmi: |
916 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
917 | mnt->auth_flavor_len = 1; | 906 | mnt->auth_flavor_len = 1; |
918 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI; | 907 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI; |
919 | break; | 908 | break; |
920 | case Opt_sec_spkmp: | 909 | case Opt_sec_spkmp: |
921 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | ||
922 | mnt->auth_flavor_len = 1; | 910 | mnt->auth_flavor_len = 1; |
923 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP; | 911 | mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP; |
924 | break; | 912 | break; |
@@ -1480,6 +1468,7 @@ static int nfs_validate_mount_data(void *options, | |||
1480 | args->mount_server.port = 0; /* autobind unless user sets port */ | 1468 | args->mount_server.port = 0; /* autobind unless user sets port */ |
1481 | args->nfs_server.port = 0; /* autobind unless user sets port */ | 1469 | args->nfs_server.port = 0; /* autobind unless user sets port */ |
1482 | args->nfs_server.protocol = XPRT_TRANSPORT_TCP; | 1470 | args->nfs_server.protocol = XPRT_TRANSPORT_TCP; |
1471 | args->auth_flavors[0] = RPC_AUTH_UNIX; | ||
1483 | 1472 | ||
1484 | switch (data->version) { | 1473 | switch (data->version) { |
1485 | case 1: | 1474 | case 1: |
@@ -1537,7 +1526,9 @@ static int nfs_validate_mount_data(void *options, | |||
1537 | args->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); | 1526 | args->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); |
1538 | args->namlen = data->namlen; | 1527 | args->namlen = data->namlen; |
1539 | args->bsize = data->bsize; | 1528 | args->bsize = data->bsize; |
1540 | args->auth_flavors[0] = data->pseudoflavor; | 1529 | |
1530 | if (data->flags & NFS_MOUNT_SECFLAVOUR) | ||
1531 | args->auth_flavors[0] = data->pseudoflavor; | ||
1541 | if (!args->nfs_server.hostname) | 1532 | if (!args->nfs_server.hostname) |
1542 | goto out_nomem; | 1533 | goto out_nomem; |
1543 | 1534 | ||
@@ -1601,9 +1592,6 @@ static int nfs_validate_mount_data(void *options, | |||
1601 | } | 1592 | } |
1602 | } | 1593 | } |
1603 | 1594 | ||
1604 | if (!(args->flags & NFS_MOUNT_SECFLAVOUR)) | ||
1605 | args->auth_flavors[0] = RPC_AUTH_UNIX; | ||
1606 | |||
1607 | #ifndef CONFIG_NFS_V3 | 1595 | #ifndef CONFIG_NFS_V3 |
1608 | if (args->flags & NFS_MOUNT_VER3) | 1596 | if (args->flags & NFS_MOUNT_VER3) |
1609 | goto out_v3_not_compiled; | 1597 | goto out_v3_not_compiled; |