NFSv4: Allow security autonegotiation for submounts

In cases where the parent super block was not mounted with a 'sec=' line, allow autonegotiation of security for the submounts. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
author: Trond Myklebust <Trond.Myklebust@netapp.com> 2013-09-07 16:01:07 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> 2013-09-07 17:52:42 -0400
commit: 47040da3c7524facd542f37ffeadedac4f228601 (patch)
tree: dafa9db999b5c56b32b85fb86cd67849d5cc94b2 /fs
parent: 41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316 (diff)
2 files changed, 19 insertions, 5 deletions
diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
index cc80085c4de4..a860ab566d6e 100644
--- a/fs/nfs/nfs4client.c
+++ b/fs/nfs/nfs4client.c
@@ -1078,7 +1078,8 @@ struct nfs_server *nfs4_create_referral_server(struct nfs_clone_mount *data,
        if (error < 0)
                goto error;
-        error = nfs4_server_common_setup(server, mntfh, false);
+        error = nfs4_server_common_setup(server, mntfh,
+                        !(parent_server->flags & NFS_MOUNT_SECFLAVOUR));
        if (error < 0)
                goto error;
diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c
index cdb0b41a4810..2288cd3c9278 100644
--- a/fs/nfs/nfs4namespace.c
+++ b/fs/nfs/nfs4namespace.c
@@ -11,6 +11,7 @@
 #include <linux/mount.h>
 #include <linux/namei.h>
 #include <linux/nfs_fs.h>
+#include <linux/nfs_mount.h>
 #include <linux/slab.h>
 #include <linux/string.h>
 #include <linux/sunrpc/clnt.h>
@@ -369,21 +370,33 @@ out:
 struct vfsmount *nfs4_submount(struct nfs_server *server, struct dentry *dentry,
                               struct nfs_fh *fh, struct nfs_fattr *fattr)
 {
+        rpc_authflavor_t flavor = server->client->cl_auth->au_flavor;
        struct dentry *parent = dget_parent(dentry);
+        struct inode *dir = parent->d_inode;
+        struct qstr *name = &dentry->d_name;
        struct rpc_clnt *client;
        struct vfsmount *mnt;
        /* Look it up again to get its attributes and sec flavor */
-        client = nfs4_proc_lookup_mountpoint(parent->d_inode, &dentry->d_name, fh, fattr);
+        client = nfs4_proc_lookup_mountpoint(dir, name, fh, fattr);
        dput(parent);
        if (IS_ERR(client))
                return ERR_CAST(client);
-        if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL)
+        if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL) {
                mnt = nfs_do_refmount(client, dentry);
-        else
+                goto out;
-                mnt = nfs_do_submount(dentry, fh, fattr, client->cl_auth->au_flavor);
+        }
+        if (client->cl_auth->au_flavor != flavor)
+                flavor = client->cl_auth->au_flavor;
+        else if (!(server->flags & NFS_MOUNT_SECFLAVOUR)) {
+                rpc_authflavor_t new = nfs4_negotiate_security(dir, name);
+                if ((int)new >= 0)
+                        flavor = new;
+        }
+        mnt = nfs_do_submount(dentry, fh, fattr, flavor);
+out:
        rpc_shutdown_client(client);
        return mnt;
 }
author	Trond Myklebust <Trond.Myklebust@netapp.com>	2013-09-07 16:01:07 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	2013-09-07 17:52:42 -0400
commit	47040da3c7524facd542f37ffeadedac4f228601 (patch)
tree	dafa9db999b5c56b32b85fb86cd67849d5cc94b2 /fs
parent	41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316 (diff)