Return-Path: linux-nfs-owner@vger.kernel.org Received: from aserp1040.oracle.com ([141.146.126.69]:35171 "EHLO aserp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751156Ab3IHUWo convert rfc822-to-8bit (ORCPT ); Sun, 8 Sep 2013 16:22:44 -0400 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: [PATCH 3/6] NFSv4: Fix security auto-negotiation From: Chuck Lever In-Reply-To: <1378595893-60395-4-git-send-email-Trond.Myklebust@netapp.com> Date: Sun, 8 Sep 2013 16:22:38 -0400 Cc: Message-Id: <198C66BF-35E7-40E8-91BB-1239CA6E89D7@oracle.com> References: <1378595893-60395-1-git-send-email-Trond.Myklebust@netapp.com> <1378595893-60395-2-git-send-email-Trond.Myklebust@netapp.com> <1378595893-60395-3-git-send-email-Trond.Myklebust@netapp.com> <1378595893-60395-4-git-send-email-Trond.Myklebust@netapp.com> To: Trond Myklebust Sender: linux-nfs-owner@vger.kernel.org List-ID: On Sep 7, 2013, at 7:18 PM, Trond Myklebust wrote: > NFSv4 security auto-negotiation has been broken since > commit 4580a92d44e2b21c2254fa5fef0f1bfb43c82318 (NFS: > Use server-recommended security flavor by default (NFSv3)) > because nfs4_try_mount() will automatically select AUTH_SYS > if it sees no auth flavours. nfs(5) says this: sec=mode The RPCGSS security flavor to use for accessing files on this mount point. If the sec option is not specified, or if sec=sys is specified, the NFS client uses the AUTH_SYS security flavor for all NFS requests on this mount point. If NFSv4 can negotiate security now, nfs(5) should be updated. > Signed-off-by: Trond Myklebust > Cc: Chuck Lever > --- > fs/nfs/internal.h | 2 +- > fs/nfs/nfs4_fs.h | 2 +- > fs/nfs/nfs4client.c | 19 +++++++++++++------ > fs/nfs/nfs4getroot.c | 4 ++-- > fs/nfs/nfs4proc.c | 17 +++++++++++++---- > fs/nfs/nfs4super.c | 4 ---- > 6 files changed, 30 insertions(+), 18 deletions(-) > > diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h > index 23ec6e8..d388302c 100644 > --- a/fs/nfs/internal.h > +++ b/fs/nfs/internal.h > @@ -358,7 +358,7 @@ extern struct dentry *nfs_get_root(struct super_block *, struct nfs_fh *, > extern struct dentry *nfs4_get_root(struct super_block *, struct nfs_fh *, > const char *); > > -extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh); > +extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool); > #endif > > struct nfs_pgio_completion_ops; > diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h > index d2db3ce..f520a11 100644 > --- a/fs/nfs/nfs4_fs.h > +++ b/fs/nfs/nfs4_fs.h > @@ -221,7 +221,7 @@ struct vfsmount *nfs4_submount(struct nfs_server *, struct dentry *, > /* nfs4proc.c */ > extern int nfs4_proc_setclientid(struct nfs_client *, u32, unsigned short, struct rpc_cred *, struct nfs4_setclientid_res *); > extern int nfs4_proc_setclientid_confirm(struct nfs_client *, struct nfs4_setclientid_res *arg, struct rpc_cred *); > -extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *); > +extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *, bool); > extern int nfs4_proc_bind_conn_to_session(struct nfs_client *, struct rpc_cred *cred); > extern int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred); > extern int nfs4_destroy_clientid(struct nfs_client *clp); > diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c > index f798925..cc80085 100644 > --- a/fs/nfs/nfs4client.c > +++ b/fs/nfs/nfs4client.c > @@ -885,7 +885,7 @@ static void nfs4_session_set_rwsize(struct nfs_server *server) > } > > static int nfs4_server_common_setup(struct nfs_server *server, > - struct nfs_fh *mntfh) > + struct nfs_fh *mntfh, bool auth_probe) > { > struct nfs_fattr *fattr; > int error; > @@ -917,7 +917,7 @@ static int nfs4_server_common_setup(struct nfs_server *server, > > > /* Probe the root fh to retrieve its FSID and filehandle */ > - error = nfs4_get_rootfh(server, mntfh); > + error = nfs4_get_rootfh(server, mntfh, auth_probe); > if (error < 0) > goto out; > > @@ -949,6 +949,7 @@ out: > static int nfs4_init_server(struct nfs_server *server, > const struct nfs_parsed_mount_data *data) > { > + rpc_authflavor_t pseudoflavor = RPC_AUTH_UNIX; > struct rpc_timeout timeparms; > int error; > > @@ -961,13 +962,16 @@ static int nfs4_init_server(struct nfs_server *server, > server->flags = data->flags; > server->options = data->options; > > + if (data->auth_flavor_len >= 1) > + pseudoflavor = data->auth_flavors[0]; > + > /* Get a client record */ > error = nfs4_set_client(server, > data->nfs_server.hostname, > (const struct sockaddr *)&data->nfs_server.address, > data->nfs_server.addrlen, > data->client_address, > - data->auth_flavors[0], > + pseudoflavor, > data->nfs_server.protocol, > &timeparms, > data->minorversion, > @@ -987,7 +991,7 @@ static int nfs4_init_server(struct nfs_server *server, > > server->port = data->nfs_server.port; > > - error = nfs_init_server_rpcclient(server, &timeparms, data->auth_flavors[0]); > + error = nfs_init_server_rpcclient(server, &timeparms, pseudoflavor); > > error: > /* Done */ > @@ -1005,6 +1009,7 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, > struct nfs_subversion *nfs_mod) > { > struct nfs_server *server; > + bool auth_probe; > int error; > > dprintk("--> nfs4_create_server()\n"); > @@ -1013,12 +1018,14 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, > if (!server) > return ERR_PTR(-ENOMEM); > > + auth_probe = mount_info->parsed->auth_flavor_len < 1; > + > /* set up the general RPC client */ > error = nfs4_init_server(server, mount_info->parsed); > if (error < 0) > goto error; > > - error = nfs4_server_common_setup(server, mount_info->mntfh); > + error = nfs4_server_common_setup(server, mount_info->mntfh, auth_probe); > if (error < 0) > goto error; > > @@ -1071,7 +1078,7 @@ struct nfs_server *nfs4_create_referral_server(struct nfs_clone_mount *data, > if (error < 0) > goto error; > > - error = nfs4_server_common_setup(server, mntfh); > + error = nfs4_server_common_setup(server, mntfh, false); > if (error < 0) > goto error; > > diff --git a/fs/nfs/nfs4getroot.c b/fs/nfs/nfs4getroot.c > index 549462e..c0b3a16 100644 > --- a/fs/nfs/nfs4getroot.c > +++ b/fs/nfs/nfs4getroot.c > @@ -9,7 +9,7 @@ > > #define NFSDBG_FACILITY NFSDBG_CLIENT > > -int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) > +int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool auth_probe) > { > struct nfs_fsinfo fsinfo; > int ret = -ENOMEM; > @@ -21,7 +21,7 @@ int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) > goto out; > > /* Start by getting the root filehandle from the server */ > - ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo); > + ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo, auth_probe); > if (ret < 0) { > dprintk("nfs4_get_rootfh: getroot error = %d\n", -ret); > goto out; > diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c > index cb56102..68551ea 100644 > --- a/fs/nfs/nfs4proc.c > +++ b/fs/nfs/nfs4proc.c > @@ -2884,18 +2884,27 @@ static int nfs4_do_find_root_sec(struct nfs_server *server, > * @server: initialized nfs_server handle > * @fhandle: we fill in the pseudo-fs root file handle > * @info: we fill in an FSINFO struct > + * @auth_probe: probe the auth flavours > * > * Returns zero on success, or a negative errno. > */ > int nfs4_proc_get_rootfh(struct nfs_server *server, struct nfs_fh *fhandle, > - struct nfs_fsinfo *info) > + struct nfs_fsinfo *info, > + bool auth_probe) > { > int status; > > - status = nfs4_lookup_root(server, fhandle, info); > - if ((status == -NFS4ERR_WRONGSEC) && > - !(server->flags & NFS_MOUNT_SECFLAVOUR)) > + switch (auth_probe) { > + case false: > + status = nfs4_lookup_root(server, fhandle, info); > + if (status != -NFS4ERR_WRONGSEC) > + break; > + /* Did user force a 'sec=' mount option? */ > + if (server->flags & NFS_MOUNT_SECFLAVOUR) > + break; > + default: > status = nfs4_do_find_root_sec(server, fhandle, info); > + } > > if (status == 0) > status = nfs4_server_capabilities(server, fhandle); > diff --git a/fs/nfs/nfs4super.c b/fs/nfs/nfs4super.c > index 4ad837c..e26acdd 100644 > --- a/fs/nfs/nfs4super.c > +++ b/fs/nfs/nfs4super.c > @@ -253,10 +253,6 @@ struct dentry *nfs4_try_mount(int flags, const char *dev_name, > > dfprintk(MOUNT, "--> nfs4_try_mount()\n"); > > - if (data->auth_flavor_len < 1) { > - data->auth_flavors[0] = RPC_AUTH_UNIX; > - data->auth_flavor_len = 1; > - } > export_path = data->nfs_server.export_path; > data->nfs_server.export_path = "/"; > root_mnt = nfs_do_root_mount(&nfs4_remote_fs_type, flags, mount_info, > -- > 1.8.3.1 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Chuck Lever chuck[dot]lever[at]oracle[dot]com