Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later) return an
empty auth flavor list if no sec= was specified for the export. This is
notably broken server behavior.
The new auth flavor list checking added in a recent commit rejects this
case. The OpenSolaris client does too.
The broken mountd implementation is already widely deployed. To avoid
a behavioral regression, the kernel's mount client skips flavor checking
(ie reverts to the pre-2.6.32 behavior) if mountd returns an empty
flavor list.
Signed-off-by: Chuck Lever <[email protected]>
---
Trond-
First proposal to address the empty flavor list regression.
fs/nfs/super.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 9c85cdb..f3a95df 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1338,6 +1338,16 @@ static int nfs_walk_authlist(struct nfs_parsed_mount_data *args,
unsigned int i, j, server_authlist_len = *(request->auth_flav_len);
/*
+ * Certain releases of Linux's mountd return an empty
+ * flavor list. To prevent behavioral regression with
+ * these servers (ie. rejecting mounts that used to
+ * succeed), revert to pre-2.6.32 behavior (no checking)
+ * if the returned flavor list is empty.
+ */
+ if (server_authlist_len == 0)
+ return 0;
+
+ /*
* We avoid sophisticated negotiating here, as there are
* plenty of cases where we can get it wrong, providing
* either too little or too much security.
On Fri, 2009-08-21 at 17:50 -0400, Chuck Lever wrote:
> Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later) return an
> empty auth flavor list if no sec= was specified for the export. This is
> notably broken server behavior.
>
> The new auth flavor list checking added in a recent commit rejects this
> case. The OpenSolaris client does too.
>
> The broken mountd implementation is already widely deployed. To avoid
> a behavioral regression, the kernel's mount client skips flavor checking
> (ie reverts to the pre-2.6.32 behavior) if mountd returns an empty
> flavor list.
>
> Signed-off-by: Chuck Lever <[email protected]>
> ---
>
> Trond-
>
> First proposal to address the empty flavor list regression.
Looks alright. Do we know that it fixes the problem for Fengguang?
Cheers
Trond
On Aug 22, 2009, at 1:34 PM, Trond Myklebust wrote:
> On Fri, 2009-08-21 at 17:50 -0400, Chuck Lever wrote:
>> Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later)
>> return an
>> empty auth flavor list if no sec= was specified for the export.
>> This is
>> notably broken server behavior.
>>
>> The new auth flavor list checking added in a recent commit rejects
>> this
>> case. The OpenSolaris client does too.
>>
>> The broken mountd implementation is already widely deployed. To
>> avoid
>> a behavioral regression, the kernel's mount client skips flavor
>> checking
>> (ie reverts to the pre-2.6.32 behavior) if mountd returns an empty
>> flavor list.
>>
>> Signed-off-by: Chuck Lever <[email protected]>
>> ---
>>
>> Trond-
>>
>> First proposal to address the empty flavor list regression.
>
> Looks alright. Do we know that it fixes the problem for Fengguang?
Nope, posted only here on linux-nfs for discussion and review first.
Thanks for forwarding.
If this was an issue in 2.6.31-rc, the patch description should
probably read "pre-2.6.31" not "pre-2.6.32".
--
Chuck Lever
chuck[dot]lever[at]oracle[dot]com
On Sun, 2009-08-23 at 14:57 -0400, Chuck Lever wrote:
> If this was an issue in 2.6.31-rc, the patch description should
> probably read "pre-2.6.31" not "pre-2.6.32".
As far as I know, Fengguang was testing with a linux-next kernel which
contains your auth negotiation code. None of this is scheduled to be
merged into the 2.6.31-rc series.
Cheers
Trond