diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2013-05-14 14:37:56 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-05-30 16:31:34 -0400 |
| commit | eb54d43707c69340581940e1fcaecb4d7d17b814 (patch) | |
| tree | 8f4e728db4b758a18ae1fe241bd1275df416c214 /fs/nfs | |
| parent | f448badd34700ae728a32ba024249626d49c10e1 (diff) | |
NFS: Fix security flavor negotiation with legacy binary mounts
Darrick J. Wong <darrick.wong@oracle.com> reports:
> I have a kvm-based testing setup that netboots VMs over NFS, the
> client end of which seems to have broken somehow in 3.10-rc1. The
> server's exports file looks like this:
>
> /storage/mtr/x64 192.168.122.0/24(ro,sync,no_root_squash,no_subtree_check)
>
> On the client end (inside the VM), the initrd runs the following
> command to try to mount the rootfs over NFS:
>
> # mount -o nolock -o ro -o retrans=10 192.168.122.1:/storage/mtr/x64/ /root
>
> (Note: This is the busybox mount command.)
>
> The mount fails with -EINVAL.
Commit 4580a92d44 "NFS: Use server-recommended security flavor by
default (NFSv3)" introduced a behavior regression for NFS mounts
done via a legacy binary mount(2) call.
Ensure that a default security flavor is specified for legacy binary
mount requests, since they do not invoke nfs_select_flavor() in the
kernel.
Busybox uses klibc's nfsmount command, which performs NFS mounts
using the legacy binary mount data format. /sbin/mount.nfs is not
affected by this regression.
Reported-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Tested-by: Darrick J. Wong <darrick.wong@oracle.com>
Acked-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/nfs')
| -rw-r--r-- | fs/nfs/super.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c index a366107a7331..2d7525fbcf25 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c | |||
| @@ -1942,6 +1942,7 @@ static int nfs23_validate_mount_data(void *options, | |||
| 1942 | args->namlen = data->namlen; | 1942 | args->namlen = data->namlen; |
| 1943 | args->bsize = data->bsize; | 1943 | args->bsize = data->bsize; |
| 1944 | 1944 | ||
| 1945 | args->auth_flavors[0] = RPC_AUTH_UNIX; | ||
| 1945 | if (data->flags & NFS_MOUNT_SECFLAVOUR) | 1946 | if (data->flags & NFS_MOUNT_SECFLAVOUR) |
| 1946 | args->auth_flavors[0] = data->pseudoflavor; | 1947 | args->auth_flavors[0] = data->pseudoflavor; |
| 1947 | if (!args->nfs_server.hostname) | 1948 | if (!args->nfs_server.hostname) |
| @@ -2637,6 +2638,7 @@ static int nfs4_validate_mount_data(void *options, | |||
| 2637 | goto out_no_address; | 2638 | goto out_no_address; |
| 2638 | args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); | 2639 | args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); |
| 2639 | 2640 | ||
| 2641 | args->auth_flavors[0] = RPC_AUTH_UNIX; | ||
| 2640 | if (data->auth_flavourlen) { | 2642 | if (data->auth_flavourlen) { |
| 2641 | if (data->auth_flavourlen > 1) | 2643 | if (data->auth_flavourlen > 1) |
| 2642 | goto out_inval_auth; | 2644 | goto out_inval_auth; |