| Message ID | 1374511328-49579-3-git-send-email-andros@netapp.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
T24gTW9uLCAyMDEzLTA3LTIyIGF0IDEyOjQyIC0wNDAwLCBhbmRyb3NAbmV0YXBwLmNvbSB3cm90 ZToNCj4gRnJvbTogQW5keSBBZGFtc29uIDxhbmRyb3NAbmV0YXBwLmNvbT4NCj4gDQo+IEFzIHBl ciBSRkMgMzUzMCBhbmQgUkZDIDU2NjEgU2VjdXJpdHkgQ29uc2lkZXJhdGlvbnMNCg0KUkZDMzUz MC1iaXMsIG5vdCBSRkMzNTMwLi4uDQoNCj4gQ29tbWl0IDRlZGFhMzA4ICJORlM6IFVzZSAia3Ji NWkiIHRvIGVzdGFibGlzaCBORlN2NCBzdGF0ZSB3aGVuZXZlciBwb3NzaWJsZSINCj4gdXNlcyB0 aGUgbmZzX2NsaWVudCBjbF9ycGNjbGllbnQgZm9yIGFsbCBjbGllbnRpZCBtYW5hZ2VtZW50IG9w ZXJhdGlvbnMuDQo+IA0KPiBTaWduZWQtb2ZmLWJ5OiBBbmR5IEFkYW1zb24gPGFuZHJvc0BuZXRh cHAuY29tPg0KPiAtLS0NCj4gIGZzL25mcy9uZnM0cHJvYy5jIHwgMyArKy0NCj4gIDEgZmlsZSBj aGFuZ2VkLCAyIGluc2VydGlvbnMoKyksIDEgZGVsZXRpb24oLSkNCj4gDQo+IGRpZmYgLS1naXQg YS9mcy9uZnMvbmZzNHByb2MuYyBiL2ZzL25mcy9uZnM0cHJvYy5jDQo+IGluZGV4IDc3NjE4MDIu LjZhMzBhNzIgMTAwNjQ0DQo+IC0tLSBhL2ZzL25mcy9uZnM0cHJvYy5jDQo+ICsrKyBiL2ZzL25m cy9uZnM0cHJvYy5jDQo+IEBAIC01ODA2LDkgKzU4MDYsMTAgQEAgc3RhdGljIGludCBfbmZzNF9w cm9jX3NlY2luZm8oc3RydWN0IGlub2RlICpkaXIsIGNvbnN0IHN0cnVjdCBxc3RyICpuYW1lLCBz dHJ1Y3QNCj4gIAkJLnJwY19hcmdwID0gJmFyZ3MsDQo+ICAJCS5ycGNfcmVzcCA9ICZyZXMsDQo+ ICAJfTsNCj4gKwlzdHJ1Y3QgcnBjX2NsbnQgKmNsbnQgPSBORlNfU0VSVkVSKGRpciktPm5mc19j bGllbnQtPmNsX3JwY2NsaWVudDsNCj4gIA0KPiAgCWRwcmludGsoIk5GUyBjYWxsICBzZWNpbmZv ICVzXG4iLCBuYW1lLT5uYW1lKTsNCj4gLQlzdGF0dXMgPSBuZnM0X2NhbGxfc3luYyhORlNfU0VS VkVSKGRpciktPmNsaWVudCwgTkZTX1NFUlZFUihkaXIpLCAmbXNnLCAmYXJncy5zZXFfYXJncywg JnJlcy5zZXFfcmVzLCAwKTsNCj4gKwlzdGF0dXMgPSBuZnM0X2NhbGxfc3luYyhjbG50LCBORlNf U0VSVkVSKGRpciksICZtc2csICZhcmdzLnNlcV9hcmdzLCAmcmVzLnNlcV9yZXMsIDApOw0KPiAg CWRwcmludGsoIk5GUyByZXBseSAgc2VjaW5mbzogJWRcbiIsIHN0YXR1cyk7DQo+ICAJcmV0dXJu IHN0YXR1czsNCj4gIH0NCg0KSGFzIHRoaXMgYmVlbiB0ZXN0ZWQgYWdhaW5zdCBhIHZhcmlldHkg b2Ygc2VydmVyIGltcGxlbWVudGF0aW9ucz8gSSBrbm93DQp3aGF0IHRoZSBzcGVjIHNheXMsIGJ1 dCB0aGUgYmVoYXZpb3VyIHdlJ3JlIHJlbHlpbmcgb24gaGVyZSBpcyBzdWJ0bHkNCmNoYW5nZWQg ZnJvbSB3aGF0IHdhcyBvcmlnaW5hbGx5IGRvY3VtZW50ZWQgaW4gUkZDMzUzMC4NCg0KLS0gDQpU cm9uZCBNeWtsZWJ1c3QNCkxpbnV4IE5GUyBjbGllbnQgbWFpbnRhaW5lcg0KDQpOZXRBcHANClRy b25kLk15a2xlYnVzdEBuZXRhcHAuY29tDQp3d3cubmV0YXBwLmNvbQ0K -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Jul 22, 2013, at 12:58 PM, "Myklebust, Trond" <Trond.Myklebust@netapp.com> wrote: > On Mon, 2013-07-22 at 12:42 -0400, andros@netapp.com wrote: >> From: Andy Adamson <andros@netapp.com> >> >> As per RFC 3530 and RFC 5661 Security Considerations > > RFC3530-bis, not RFC3530... > >> Commit 4edaa308 "NFS: Use "krb5i" to establish NFSv4 state whenever possible" >> uses the nfs_client cl_rpcclient for all clientid management operations. >> >> Signed-off-by: Andy Adamson <andros@netapp.com> >> --- >> fs/nfs/nfs4proc.c | 3 ++- >> 1 file changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c >> index 7761802..6a30a72 100644 >> --- a/fs/nfs/nfs4proc.c >> +++ b/fs/nfs/nfs4proc.c >> @@ -5806,9 +5806,10 @@ static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct >> .rpc_argp = &args, >> .rpc_resp = &res, >> }; >> + struct rpc_clnt *clnt = NFS_SERVER(dir)->nfs_client->cl_rpcclient; >> >> dprintk("NFS call secinfo %s\n", name->name); >> - status = nfs4_call_sync(NFS_SERVER(dir)->client, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); >> + status = nfs4_call_sync(clnt, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); >> dprintk("NFS reply secinfo: %d\n", status); >> return status; >> } > > Has this been tested against a variety of server implementations? I know > what the spec says, but the behaviour we're relying on here is subtly > changed from what was originally documented in RFC3530. Not yet. I'll set up some tests. -->Andy > > -- > Trond Myklebust > Linux NFS client maintainer > > NetApp > Trond.Myklebust@netapp.com > www.netapp.com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, 2013-07-22 at 12:42 -0400, andros@netapp.com wrote: > From: Andy Adamson <andros@netapp.com> > > As per RFC 3530 and RFC 5661 Security Considerations > > Commit 4edaa308 "NFS: Use "krb5i" to establish NFSv4 state whenever possible" > uses the nfs_client cl_rpcclient for all clientid management operations. > > Signed-off-by: Andy Adamson <andros@netapp.com> > --- > fs/nfs/nfs4proc.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c > index 7761802..6a30a72 100644 > --- a/fs/nfs/nfs4proc.c > +++ b/fs/nfs/nfs4proc.c > @@ -5806,9 +5806,10 @@ static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct > .rpc_argp = &args, > .rpc_resp = &res, > }; > + struct rpc_clnt *clnt = NFS_SERVER(dir)->nfs_client->cl_rpcclient; > > dprintk("NFS call secinfo %s\n", name->name); > - status = nfs4_call_sync(NFS_SERVER(dir)->client, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); > + status = nfs4_call_sync(clnt, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); > dprintk("NFS reply secinfo: %d\n", status); > return status; > } This needs a comment in the code. -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@netapp.com www.netapp.com
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 7761802..6a30a72 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -5806,9 +5806,10 @@ static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct .rpc_argp = &args, .rpc_resp = &res, }; + struct rpc_clnt *clnt = NFS_SERVER(dir)->nfs_client->cl_rpcclient; dprintk("NFS call secinfo %s\n", name->name); - status = nfs4_call_sync(NFS_SERVER(dir)->client, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); + status = nfs4_call_sync(clnt, NFS_SERVER(dir), &msg, &args.seq_args, &res.seq_res, 0); dprintk("NFS reply secinfo: %d\n", status); return status; }