diff options
| author | Weston Andros Adamson <dros@netapp.com> | 2013-10-18 15:15:16 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-10-28 15:36:58 -0400 |
| commit | a3f73c27afff9590a4432879b7145289cb89cf0a (patch) | |
| tree | 6d010e25f69bbcee77e22285b280a5f446add578 /fs/nfs | |
| parent | 47fd88e6b79c55e6acccaf832078ed1a340672fa (diff) | |
NFS: separate passed security flavs from selected
When filling parsed_mount_data, store the parsed sec= mount option in
the new struct nfs_auth_info and the chosen flavor in selected_flavor.
This patch lays the groundwork for supporting multiple sec= options.
Signed-off-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/nfs')
| -rw-r--r-- | fs/nfs/client.c | 3 | ||||
| -rw-r--r-- | fs/nfs/internal.h | 4 | ||||
| -rw-r--r-- | fs/nfs/nfs4client.c | 16 | ||||
| -rw-r--r-- | fs/nfs/super.c | 47 |
4 files changed, 35 insertions, 35 deletions
diff --git a/fs/nfs/client.c b/fs/nfs/client.c index 692fd0e9362f..f5a7f7f9cd59 100644 --- a/fs/nfs/client.c +++ b/fs/nfs/client.c | |||
| @@ -787,7 +787,8 @@ static int nfs_init_server(struct nfs_server *server, | |||
| 787 | 787 | ||
| 788 | server->port = data->nfs_server.port; | 788 | server->port = data->nfs_server.port; |
| 789 | 789 | ||
| 790 | error = nfs_init_server_rpcclient(server, &timeparms, data->auth_flavors[0]); | 790 | error = nfs_init_server_rpcclient(server, &timeparms, |
| 791 | data->selected_flavor); | ||
| 791 | if (error < 0) | 792 | if (error < 0) |
| 792 | goto error; | 793 | goto error; |
| 793 | 794 | ||
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index e5a6bd12562a..c8cd044f0982 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h | |||
| @@ -88,8 +88,8 @@ struct nfs_parsed_mount_data { | |||
| 88 | unsigned int namlen; | 88 | unsigned int namlen; |
| 89 | unsigned int options; | 89 | unsigned int options; |
| 90 | unsigned int bsize; | 90 | unsigned int bsize; |
| 91 | unsigned int auth_flavor_len; | 91 | struct nfs_auth_info auth_info; |
| 92 | rpc_authflavor_t auth_flavors[1]; | 92 | rpc_authflavor_t selected_flavor; |
| 93 | char *client_address; | 93 | char *client_address; |
| 94 | unsigned int version; | 94 | unsigned int version; |
| 95 | unsigned int minorversion; | 95 | unsigned int minorversion; |
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c index 0cde95e9bd6a..d65090e5d00f 100644 --- a/fs/nfs/nfs4client.c +++ b/fs/nfs/nfs4client.c | |||
| @@ -949,9 +949,8 @@ out: | |||
| 949 | * Create a version 4 volume record | 949 | * Create a version 4 volume record |
| 950 | */ | 950 | */ |
| 951 | static int nfs4_init_server(struct nfs_server *server, | 951 | static int nfs4_init_server(struct nfs_server *server, |
| 952 | const struct nfs_parsed_mount_data *data) | 952 | struct nfs_parsed_mount_data *data) |
| 953 | { | 953 | { |
| 954 | rpc_authflavor_t pseudoflavor = RPC_AUTH_UNIX; | ||
| 955 | struct rpc_timeout timeparms; | 954 | struct rpc_timeout timeparms; |
| 956 | int error; | 955 | int error; |
| 957 | 956 | ||
| @@ -964,8 +963,10 @@ static int nfs4_init_server(struct nfs_server *server, | |||
| 964 | server->flags = data->flags; | 963 | server->flags = data->flags; |
| 965 | server->options = data->options; | 964 | server->options = data->options; |
| 966 | 965 | ||
| 967 | if (data->auth_flavor_len >= 1) | 966 | if (data->auth_info.flavor_len >= 1) |
| 968 | pseudoflavor = data->auth_flavors[0]; | 967 | data->selected_flavor = data->auth_info.flavors[0]; |
| 968 | else | ||
| 969 | data->selected_flavor = RPC_AUTH_UNIX; | ||
| 969 | 970 | ||
| 970 | /* Get a client record */ | 971 | /* Get a client record */ |
| 971 | error = nfs4_set_client(server, | 972 | error = nfs4_set_client(server, |
| @@ -973,7 +974,7 @@ static int nfs4_init_server(struct nfs_server *server, | |||
| 973 | (const struct sockaddr *)&data->nfs_server.address, | 974 | (const struct sockaddr *)&data->nfs_server.address, |
| 974 | data->nfs_server.addrlen, | 975 | data->nfs_server.addrlen, |
| 975 | data->client_address, | 976 | data->client_address, |
| 976 | pseudoflavor, | 977 | data->selected_flavor, |
| 977 | data->nfs_server.protocol, | 978 | data->nfs_server.protocol, |
| 978 | &timeparms, | 979 | &timeparms, |
| 979 | data->minorversion, | 980 | data->minorversion, |
| @@ -993,7 +994,8 @@ static int nfs4_init_server(struct nfs_server *server, | |||
| 993 | 994 | ||
| 994 | server->port = data->nfs_server.port; | 995 | server->port = data->nfs_server.port; |
| 995 | 996 | ||
| 996 | error = nfs_init_server_rpcclient(server, &timeparms, pseudoflavor); | 997 | error = nfs_init_server_rpcclient(server, &timeparms, |
| 998 | data->selected_flavor); | ||
| 997 | 999 | ||
| 998 | error: | 1000 | error: |
| 999 | /* Done */ | 1001 | /* Done */ |
| @@ -1020,7 +1022,7 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, | |||
| 1020 | if (!server) | 1022 | if (!server) |
| 1021 | return ERR_PTR(-ENOMEM); | 1023 | return ERR_PTR(-ENOMEM); |
| 1022 | 1024 | ||
| 1023 | auth_probe = mount_info->parsed->auth_flavor_len < 1; | 1025 | auth_probe = mount_info->parsed->auth_info.flavor_len < 1; |
| 1024 | 1026 | ||
| 1025 | /* set up the general RPC client */ | 1027 | /* set up the general RPC client */ |
| 1026 | error = nfs4_init_server(server, mount_info->parsed); | 1028 | error = nfs4_init_server(server, mount_info->parsed); |
diff --git a/fs/nfs/super.c b/fs/nfs/super.c index e26647be69ce..b87744fb9dcd 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c | |||
| @@ -923,8 +923,7 @@ static struct nfs_parsed_mount_data *nfs_alloc_parsed_mount_data(void) | |||
| 923 | data->mount_server.port = NFS_UNSPEC_PORT; | 923 | data->mount_server.port = NFS_UNSPEC_PORT; |
| 924 | data->nfs_server.port = NFS_UNSPEC_PORT; | 924 | data->nfs_server.port = NFS_UNSPEC_PORT; |
| 925 | data->nfs_server.protocol = XPRT_TRANSPORT_TCP; | 925 | data->nfs_server.protocol = XPRT_TRANSPORT_TCP; |
| 926 | data->auth_flavors[0] = RPC_AUTH_MAXFLAVOR; | 926 | data->selected_flavor = RPC_AUTH_MAXFLAVOR; |
| 927 | data->auth_flavor_len = 0; | ||
| 928 | data->minorversion = 0; | 927 | data->minorversion = 0; |
| 929 | data->need_mount = true; | 928 | data->need_mount = true; |
| 930 | data->net = current->nsproxy->net_ns; | 929 | data->net = current->nsproxy->net_ns; |
| @@ -1019,13 +1018,6 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt) | |||
| 1019 | } | 1018 | } |
| 1020 | } | 1019 | } |
| 1021 | 1020 | ||
| 1022 | static void nfs_set_auth_parsed_mount_data(struct nfs_parsed_mount_data *data, | ||
| 1023 | rpc_authflavor_t pseudoflavor) | ||
| 1024 | { | ||
| 1025 | data->auth_flavors[0] = pseudoflavor; | ||
| 1026 | data->auth_flavor_len = 1; | ||
| 1027 | } | ||
| 1028 | |||
| 1029 | /* | 1021 | /* |
| 1030 | * Parse the value of the 'sec=' option. | 1022 | * Parse the value of the 'sec=' option. |
| 1031 | */ | 1023 | */ |
| @@ -1076,7 +1068,8 @@ static int nfs_parse_security_flavors(char *value, | |||
| 1076 | } | 1068 | } |
| 1077 | 1069 | ||
| 1078 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; | 1070 | mnt->flags |= NFS_MOUNT_SECFLAVOUR; |
| 1079 | nfs_set_auth_parsed_mount_data(mnt, pseudoflavor); | 1071 | mnt->auth_info.flavors[0] = pseudoflavor; |
| 1072 | mnt->auth_info.flavor_len = 1; | ||
| 1080 | return 1; | 1073 | return 1; |
| 1081 | } | 1074 | } |
| 1082 | 1075 | ||
| @@ -1623,7 +1616,7 @@ out_security_failure: | |||
| 1623 | } | 1616 | } |
| 1624 | 1617 | ||
| 1625 | /* | 1618 | /* |
| 1626 | * Ensure that the specified authtype in args->auth_flavors[0] is supported by | 1619 | * Ensure that the specified authtype in args->auth_info is supported by |
| 1627 | * the server. Returns 0 if it's ok, and -EACCES if not. | 1620 | * the server. Returns 0 if it's ok, and -EACCES if not. |
| 1628 | */ | 1621 | */ |
| 1629 | static int nfs_verify_authflavor(struct nfs_parsed_mount_data *args, | 1622 | static int nfs_verify_authflavor(struct nfs_parsed_mount_data *args, |
| @@ -1640,17 +1633,18 @@ static int nfs_verify_authflavor(struct nfs_parsed_mount_data *args, | |||
| 1640 | * can be used. | 1633 | * can be used. |
| 1641 | */ | 1634 | */ |
| 1642 | for (i = 0; i < count; i++) { | 1635 | for (i = 0; i < count; i++) { |
| 1643 | if (args->auth_flavors[0] == server_authlist[i] || | 1636 | if (args->auth_info.flavors[0] == server_authlist[i] || |
| 1644 | server_authlist[i] == RPC_AUTH_NULL) | 1637 | server_authlist[i] == RPC_AUTH_NULL) |
| 1645 | goto out; | 1638 | goto out; |
| 1646 | } | 1639 | } |
| 1647 | 1640 | ||
| 1648 | dfprintk(MOUNT, "NFS: auth flavor %u not supported by server\n", | 1641 | dfprintk(MOUNT, "NFS: auth flavor %u not supported by server\n", |
| 1649 | args->auth_flavors[0]); | 1642 | args->auth_info.flavors[0]); |
| 1650 | return -EACCES; | 1643 | return -EACCES; |
| 1651 | 1644 | ||
| 1652 | out: | 1645 | out: |
| 1653 | dfprintk(MOUNT, "NFS: using auth flavor %u\n", args->auth_flavors[0]); | 1646 | args->selected_flavor = args->auth_info.flavors[0]; |
| 1647 | dfprintk(MOUNT, "NFS: using auth flavor %u\n", args->selected_flavor); | ||
| 1654 | return 0; | 1648 | return 0; |
| 1655 | } | 1649 | } |
| 1656 | 1650 | ||
| @@ -1738,9 +1732,10 @@ static struct nfs_server *nfs_try_mount_request(struct nfs_mount_info *mount_inf | |||
| 1738 | * Was a sec= authflavor specified in the options? First, verify | 1732 | * Was a sec= authflavor specified in the options? First, verify |
| 1739 | * whether the server supports it, and then just try to use it if so. | 1733 | * whether the server supports it, and then just try to use it if so. |
| 1740 | */ | 1734 | */ |
| 1741 | if (args->auth_flavor_len > 0) { | 1735 | if (args->auth_info.flavor_len > 0) { |
| 1742 | status = nfs_verify_authflavor(args, authlist, authlist_len); | 1736 | status = nfs_verify_authflavor(args, authlist, authlist_len); |
| 1743 | dfprintk(MOUNT, "NFS: using auth flavor %u\n", args->auth_flavors[0]); | 1737 | dfprintk(MOUNT, "NFS: using auth flavor %u\n", |
| 1738 | args->selected_flavor); | ||
| 1744 | if (status) | 1739 | if (status) |
| 1745 | return ERR_PTR(status); | 1740 | return ERR_PTR(status); |
| 1746 | return nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); | 1741 | return nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); |
| @@ -1769,7 +1764,7 @@ static struct nfs_server *nfs_try_mount_request(struct nfs_mount_info *mount_inf | |||
| 1769 | /* Fallthrough */ | 1764 | /* Fallthrough */ |
| 1770 | } | 1765 | } |
| 1771 | dfprintk(MOUNT, "NFS: attempting to use auth flavor %u\n", flavor); | 1766 | dfprintk(MOUNT, "NFS: attempting to use auth flavor %u\n", flavor); |
| 1772 | nfs_set_auth_parsed_mount_data(args, flavor); | 1767 | args->selected_flavor = flavor; |
| 1773 | server = nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); | 1768 | server = nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); |
| 1774 | if (!IS_ERR(server)) | 1769 | if (!IS_ERR(server)) |
| 1775 | return server; | 1770 | return server; |
| @@ -1785,7 +1780,7 @@ static struct nfs_server *nfs_try_mount_request(struct nfs_mount_info *mount_inf | |||
| 1785 | 1780 | ||
| 1786 | /* Last chance! Try AUTH_UNIX */ | 1781 | /* Last chance! Try AUTH_UNIX */ |
| 1787 | dfprintk(MOUNT, "NFS: attempting to use auth flavor %u\n", RPC_AUTH_UNIX); | 1782 | dfprintk(MOUNT, "NFS: attempting to use auth flavor %u\n", RPC_AUTH_UNIX); |
| 1788 | nfs_set_auth_parsed_mount_data(args, RPC_AUTH_UNIX); | 1783 | args->selected_flavor = RPC_AUTH_UNIX; |
| 1789 | return nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); | 1784 | return nfs_mod->rpc_ops->create_server(mount_info, nfs_mod); |
| 1790 | } | 1785 | } |
| 1791 | 1786 | ||
| @@ -1972,9 +1967,9 @@ static int nfs23_validate_mount_data(void *options, | |||
| 1972 | args->bsize = data->bsize; | 1967 | args->bsize = data->bsize; |
| 1973 | 1968 | ||
| 1974 | if (data->flags & NFS_MOUNT_SECFLAVOUR) | 1969 | if (data->flags & NFS_MOUNT_SECFLAVOUR) |
| 1975 | nfs_set_auth_parsed_mount_data(args, data->pseudoflavor); | 1970 | args->selected_flavor = data->pseudoflavor; |
| 1976 | else | 1971 | else |
| 1977 | nfs_set_auth_parsed_mount_data(args, RPC_AUTH_UNIX); | 1972 | args->selected_flavor = RPC_AUTH_UNIX; |
| 1978 | if (!args->nfs_server.hostname) | 1973 | if (!args->nfs_server.hostname) |
| 1979 | goto out_nomem; | 1974 | goto out_nomem; |
| 1980 | 1975 | ||
| @@ -2108,7 +2103,7 @@ static int nfs_validate_text_mount_data(void *options, | |||
| 2108 | 2103 | ||
| 2109 | nfs_set_port(sap, &args->nfs_server.port, port); | 2104 | nfs_set_port(sap, &args->nfs_server.port, port); |
| 2110 | 2105 | ||
| 2111 | if (args->auth_flavor_len > 1) | 2106 | if (args->auth_info.flavor_len > 1) |
| 2112 | goto out_bad_auth; | 2107 | goto out_bad_auth; |
| 2113 | 2108 | ||
| 2114 | return nfs_parse_devname(dev_name, | 2109 | return nfs_parse_devname(dev_name, |
| @@ -2146,7 +2141,7 @@ nfs_compare_remount_data(struct nfs_server *nfss, | |||
| 2146 | data->version != nfss->nfs_client->rpc_ops->version || | 2141 | data->version != nfss->nfs_client->rpc_ops->version || |
| 2147 | data->minorversion != nfss->nfs_client->cl_minorversion || | 2142 | data->minorversion != nfss->nfs_client->cl_minorversion || |
| 2148 | data->retrans != nfss->client->cl_timeout->to_retries || | 2143 | data->retrans != nfss->client->cl_timeout->to_retries || |
| 2149 | data->auth_flavors[0] != nfss->client->cl_auth->au_flavor || | 2144 | data->selected_flavor != nfss->client->cl_auth->au_flavor || |
| 2150 | data->acregmin != nfss->acregmin / HZ || | 2145 | data->acregmin != nfss->acregmin / HZ || |
| 2151 | data->acregmax != nfss->acregmax / HZ || | 2146 | data->acregmax != nfss->acregmax / HZ || |
| 2152 | data->acdirmin != nfss->acdirmin / HZ || | 2147 | data->acdirmin != nfss->acdirmin / HZ || |
| @@ -2191,7 +2186,9 @@ nfs_remount(struct super_block *sb, int *flags, char *raw_data) | |||
| 2191 | data->rsize = nfss->rsize; | 2186 | data->rsize = nfss->rsize; |
| 2192 | data->wsize = nfss->wsize; | 2187 | data->wsize = nfss->wsize; |
| 2193 | data->retrans = nfss->client->cl_timeout->to_retries; | 2188 | data->retrans = nfss->client->cl_timeout->to_retries; |
| 2194 | nfs_set_auth_parsed_mount_data(data, nfss->client->cl_auth->au_flavor); | 2189 | data->selected_flavor = nfss->client->cl_auth->au_flavor; |
| 2190 | data->auth_info.flavors[0] = nfss->client->cl_auth->au_flavor; | ||
| 2191 | data->auth_info.flavor_len = 1; | ||
| 2195 | data->acregmin = nfss->acregmin / HZ; | 2192 | data->acregmin = nfss->acregmin / HZ; |
| 2196 | data->acregmax = nfss->acregmax / HZ; | 2193 | data->acregmax = nfss->acregmax / HZ; |
| 2197 | data->acdirmin = nfss->acdirmin / HZ; | 2194 | data->acdirmin = nfss->acdirmin / HZ; |
| @@ -2718,9 +2715,9 @@ static int nfs4_validate_mount_data(void *options, | |||
| 2718 | data->auth_flavours, | 2715 | data->auth_flavours, |
| 2719 | sizeof(pseudoflavor))) | 2716 | sizeof(pseudoflavor))) |
| 2720 | return -EFAULT; | 2717 | return -EFAULT; |
| 2721 | nfs_set_auth_parsed_mount_data(args, pseudoflavor); | 2718 | args->selected_flavor = pseudoflavor; |
| 2722 | } else | 2719 | } else |
| 2723 | nfs_set_auth_parsed_mount_data(args, RPC_AUTH_UNIX); | 2720 | args->selected_flavor = RPC_AUTH_UNIX; |
| 2724 | 2721 | ||
| 2725 | c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); | 2722 | c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); |
| 2726 | if (IS_ERR(c)) | 2723 | if (IS_ERR(c)) |