NFS: Set security flavor default for NFSv2/3 mounts like other defaults

Set the default security flavor when we set the other mount option default values. After this change, only the legacy user-space mount path needs to set the NFS_MOUNT_SECFLAVOUR flag. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
author: Chuck Lever <chuck.lever@oracle.com> 2008-06-24 16:33:46 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> 2008-07-09 12:09:42 -0400
commit: dd07c94750cb1ee4449fb0db06623e1865b3e26e (patch)
tree: 1174ad17481341baa7841ad9e1219de7c858a1fb /fs
parent: 01060c896e3e1ef53dcb914301c186932cd31b81 (diff)
1 files changed, 5 insertions, 17 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 6eb145ea71ac..2f7e7f20c917 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -856,8 +856,7 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt)
 /*
 * Parse the value of the 'sec=' option.
 *
- * The flags setting is for v2/v3.  The flavor_len setting is for v4.
+ * The flavor_len setting is for v4 mounts.
- * v2/v3 also need to know the difference between NULL and UNIX.
 */
 static int nfs_parse_security_flavors(char *value,
                                      struct nfs_parsed_mount_data *mnt)
@@ -868,57 +867,46 @@ static int nfs_parse_security_flavors(char *value,
        switch (match_token(value, nfs_secflavor_tokens, args)) {
        case Opt_sec_none:
-                mnt->flags &= ~NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 0;
                mnt->auth_flavors[0] = RPC_AUTH_NULL;
                break;
        case Opt_sec_sys:
-                mnt->flags &= ~NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 0;
                mnt->auth_flavors[0] = RPC_AUTH_UNIX;
                break;
        case Opt_sec_krb5:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5;
                break;
        case Opt_sec_krb5i:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I;
                break;
        case Opt_sec_krb5p:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P;
                break;
        case Opt_sec_lkey:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY;
                break;
        case Opt_sec_lkeyi:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI;
                break;
        case Opt_sec_lkeyp:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP;
                break;
        case Opt_sec_spkm:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM;
                break;
        case Opt_sec_spkmi:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI;
                break;
        case Opt_sec_spkmp:
-                mnt->flags |= NFS_MOUNT_SECFLAVOUR;
                mnt->auth_flavor_len = 1;
                mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP;
                break;
@@ -1480,6 +1468,7 @@ static int nfs_validate_mount_data(void *options,
        args->mount_server.port = 0;    /* autobind unless user sets port */
        args->nfs_server.port   = 0;    /* autobind unless user sets port */
        args->nfs_server.protocol = XPRT_TRANSPORT_TCP;
+        args->auth_flavors[0]   = RPC_AUTH_UNIX;
        switch (data->version) {
        case 1:
@@ -1537,7 +1526,9 @@ static int nfs_validate_mount_data(void *options,
                args->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
                args->namlen            = data->namlen;
                args->bsize             = data->bsize;
-                args->auth_flavors[0]   = data->pseudoflavor;
+                if (data->flags & NFS_MOUNT_SECFLAVOUR)
+                        args->auth_flavors[0] = data->pseudoflavor;
                if (!args->nfs_server.hostname)
                        goto out_nomem;
@@ -1601,9 +1592,6 @@ static int nfs_validate_mount_data(void *options,
                }
        }
-        if (!(args->flags & NFS_MOUNT_SECFLAVOUR))
-                args->auth_flavors[0] = RPC_AUTH_UNIX;
 #ifndef CONFIG_NFS_V3
        if (args->flags & NFS_MOUNT_VER3)
                goto out_v3_not_compiled;
author	Chuck Lever <chuck.lever@oracle.com>	2008-06-24 16:33:46 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	2008-07-09 12:09:42 -0400
commit	dd07c94750cb1ee4449fb0db06623e1865b3e26e (patch)
tree	1174ad17481341baa7841ad9e1219de7c858a1fb /fs
parent	01060c896e3e1ef53dcb914301c186932cd31b81 (diff)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 6eb145ea71ac..2f7e7f20c917 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c
@@ -856,8 +856,7 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt)
856	/*	856	/*
857	* Parse the value of the 'sec=' option.	857	* Parse the value of the 'sec=' option.
858	*	858	*
859	* The flags setting is for v2/v3. The flavor_len setting is for v4.	859	* The flavor_len setting is for v4 mounts.
860	* v2/v3 also need to know the difference between NULL and UNIX.
861	*/	860	*/
862	static int nfs_parse_security_flavors(char *value,	861	static int nfs_parse_security_flavors(char *value,
863	struct nfs_parsed_mount_data *mnt)	862	struct nfs_parsed_mount_data *mnt)
@@ -868,57 +867,46 @@ static int nfs_parse_security_flavors(char *value,
868		867
869	switch (match_token(value, nfs_secflavor_tokens, args)) {	868	switch (match_token(value, nfs_secflavor_tokens, args)) {
870	case Opt_sec_none:	869	case Opt_sec_none:
871	mnt->flags &= ~NFS_MOUNT_SECFLAVOUR;
872	mnt->auth_flavor_len = 0;	870	mnt->auth_flavor_len = 0;
873	mnt->auth_flavors[0] = RPC_AUTH_NULL;	871	mnt->auth_flavors[0] = RPC_AUTH_NULL;
874	break;	872	break;
875	case Opt_sec_sys:	873	case Opt_sec_sys:
876	mnt->flags &= ~NFS_MOUNT_SECFLAVOUR;
877	mnt->auth_flavor_len = 0;	874	mnt->auth_flavor_len = 0;
878	mnt->auth_flavors[0] = RPC_AUTH_UNIX;	875	mnt->auth_flavors[0] = RPC_AUTH_UNIX;
879	break;	876	break;
880	case Opt_sec_krb5:	877	case Opt_sec_krb5:
881	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
882	mnt->auth_flavor_len = 1;	878	mnt->auth_flavor_len = 1;
883	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5;	879	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5;
884	break;	880	break;
885	case Opt_sec_krb5i:	881	case Opt_sec_krb5i:
886	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
887	mnt->auth_flavor_len = 1;	882	mnt->auth_flavor_len = 1;
888	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I;	883	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I;
889	break;	884	break;
890	case Opt_sec_krb5p:	885	case Opt_sec_krb5p:
891	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
892	mnt->auth_flavor_len = 1;	886	mnt->auth_flavor_len = 1;
893	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P;	887	mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P;
894	break;	888	break;
895	case Opt_sec_lkey:	889	case Opt_sec_lkey:
896	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
897	mnt->auth_flavor_len = 1;	890	mnt->auth_flavor_len = 1;
898	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY;	891	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY;
899	break;	892	break;
900	case Opt_sec_lkeyi:	893	case Opt_sec_lkeyi:
901	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
902	mnt->auth_flavor_len = 1;	894	mnt->auth_flavor_len = 1;
903	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI;	895	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI;
904	break;	896	break;
905	case Opt_sec_lkeyp:	897	case Opt_sec_lkeyp:
906	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
907	mnt->auth_flavor_len = 1;	898	mnt->auth_flavor_len = 1;
908	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP;	899	mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP;
909	break;	900	break;
910	case Opt_sec_spkm:	901	case Opt_sec_spkm:
911	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
912	mnt->auth_flavor_len = 1;	902	mnt->auth_flavor_len = 1;
913	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM;	903	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM;
914	break;	904	break;
915	case Opt_sec_spkmi:	905	case Opt_sec_spkmi:
916	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
917	mnt->auth_flavor_len = 1;	906	mnt->auth_flavor_len = 1;
918	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI;	907	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI;
919	break;	908	break;
920	case Opt_sec_spkmp:	909	case Opt_sec_spkmp:
921	mnt->flags \|= NFS_MOUNT_SECFLAVOUR;
922	mnt->auth_flavor_len = 1;	910	mnt->auth_flavor_len = 1;
923	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP;	911	mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP;
924	break;	912	break;
@@ -1480,6 +1468,7 @@ static int nfs_validate_mount_data(void *options,
1480	args->mount_server.port = 0; /* autobind unless user sets port */	1468	args->mount_server.port = 0; /* autobind unless user sets port */
1481	args->nfs_server.port = 0; /* autobind unless user sets port */	1469	args->nfs_server.port = 0; /* autobind unless user sets port */
1482	args->nfs_server.protocol = XPRT_TRANSPORT_TCP;	1470	args->nfs_server.protocol = XPRT_TRANSPORT_TCP;
		1471	args->auth_flavors[0] = RPC_AUTH_UNIX;
1483		1472
1484	switch (data->version) {	1473	switch (data->version) {
1485	case 1:	1474	case 1:
@@ -1537,7 +1526,9 @@ static int nfs_validate_mount_data(void *options,
1537	args->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);	1526	args->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1538	args->namlen = data->namlen;	1527	args->namlen = data->namlen;
1539	args->bsize = data->bsize;	1528	args->bsize = data->bsize;
1540	args->auth_flavors[0] = data->pseudoflavor;	1529
		1530	if (data->flags & NFS_MOUNT_SECFLAVOUR)
		1531	args->auth_flavors[0] = data->pseudoflavor;
1541	if (!args->nfs_server.hostname)	1532	if (!args->nfs_server.hostname)
1542	goto out_nomem;	1533	goto out_nomem;
1543		1534
@@ -1601,9 +1592,6 @@ static int nfs_validate_mount_data(void *options,
1601	}	1592	}
1602	}	1593	}
1603		1594
1604	if (!(args->flags & NFS_MOUNT_SECFLAVOUR))
1605	args->auth_flavors[0] = RPC_AUTH_UNIX;
1606
1607	#ifndef CONFIG_NFS_V3	1595	#ifndef CONFIG_NFS_V3
1608	if (args->flags & NFS_MOUNT_VER3)	1596	if (args->flags & NFS_MOUNT_VER3)
1609	goto out_v3_not_compiled;	1597	goto out_v3_not_compiled;