diff options
| author | J. Bruce Fields <bfields@redhat.com> | 2011-04-08 17:00:50 -0400 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2011-04-29 20:47:51 -0400 |
| commit | 68d93184352f2e723f135b0a9bad93b58f9d120b (patch) | |
| tree | edf66ceadd6ce4559a53355b83265dc65a7d7694 /fs/nfsd/export.c | |
| parent | 29a78a3ed7fc9c4ee49962751eb321b038c190a2 (diff) | |
nfsd4: fix wrongsec handling for PUTFH + op cases
When PUTFH is followed by an operation that uses the filehandle, and
when the current client is using a security flavor that is inconsistent
with the given filehandle, we have a choice: we can return WRONGSEC
either when the current filehandle is set using the PUTFH, or when the
filehandle is first used by the following operation.
Follow the recommendations of RFC 5661 in making this choice.
(Our current behavior prevented the client from doing security
negotiation by returning WRONGSEC on PUTFH+SECINFO_NO_NAME.)
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/export.c')
| -rw-r--r-- | fs/nfsd/export.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c index ad000aeb21a2..b9566e46219f 100644 --- a/fs/nfsd/export.c +++ b/fs/nfsd/export.c | |||
| @@ -1354,12 +1354,6 @@ exp_pseudoroot(struct svc_rqst *rqstp, struct svc_fh *fhp) | |||
| 1354 | if (IS_ERR(exp)) | 1354 | if (IS_ERR(exp)) |
| 1355 | return nfserrno(PTR_ERR(exp)); | 1355 | return nfserrno(PTR_ERR(exp)); |
| 1356 | rv = fh_compose(fhp, exp, exp->ex_path.dentry, NULL); | 1356 | rv = fh_compose(fhp, exp, exp->ex_path.dentry, NULL); |
| 1357 | if (rv) | ||
| 1358 | goto out; | ||
| 1359 | rv = check_nfsd_access(exp, rqstp); | ||
| 1360 | if (rv) | ||
| 1361 | fh_put(fhp); | ||
| 1362 | out: | ||
| 1363 | exp_put(exp); | 1357 | exp_put(exp); |
| 1364 | return rv; | 1358 | return rv; |
| 1365 | } | 1359 | } |