| Message ID | 1378595893-60395-4-git-send-email-Trond.Myklebust@netapp.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Sep 7, 2013, at 7:18 PM, Trond Myklebust <Trond.Myklebust@netapp.com> wrote: > NFSv4 security auto-negotiation has been broken since > commit 4580a92d44e2b21c2254fa5fef0f1bfb43c82318 (NFS: > Use server-recommended security flavor by default (NFSv3)) > because nfs4_try_mount() will automatically select AUTH_SYS > if it sees no auth flavours. nfs(5) says this: sec=mode The RPCGSS security flavor to use for accessing files on this mount point. If the sec option is not specified, or if sec=sys is specified, the NFS client uses the AUTH_SYS security flavor for all NFS requests on this mount point. If NFSv4 can negotiate security now, nfs(5) should be updated. > Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> > Cc: Chuck Lever <chuck.lever@oracle.com> > --- > fs/nfs/internal.h | 2 +- > fs/nfs/nfs4_fs.h | 2 +- > fs/nfs/nfs4client.c | 19 +++++++++++++------ > fs/nfs/nfs4getroot.c | 4 ++-- > fs/nfs/nfs4proc.c | 17 +++++++++++++---- > fs/nfs/nfs4super.c | 4 ---- > 6 files changed, 30 insertions(+), 18 deletions(-) > > diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h > index 23ec6e8..d388302c 100644 > --- a/fs/nfs/internal.h > +++ b/fs/nfs/internal.h > @@ -358,7 +358,7 @@ extern struct dentry *nfs_get_root(struct super_block *, struct nfs_fh *, > extern struct dentry *nfs4_get_root(struct super_block *, struct nfs_fh *, > const char *); > > -extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh); > +extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool); > #endif > > struct nfs_pgio_completion_ops; > diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h > index d2db3ce..f520a11 100644 > --- a/fs/nfs/nfs4_fs.h > +++ b/fs/nfs/nfs4_fs.h > @@ -221,7 +221,7 @@ struct vfsmount *nfs4_submount(struct nfs_server *, struct dentry *, > /* nfs4proc.c */ > extern int nfs4_proc_setclientid(struct nfs_client *, u32, unsigned short, struct rpc_cred *, struct nfs4_setclientid_res *); > extern int nfs4_proc_setclientid_confirm(struct nfs_client *, struct nfs4_setclientid_res *arg, struct rpc_cred *); > -extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *); > +extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *, bool); > extern int nfs4_proc_bind_conn_to_session(struct nfs_client *, struct rpc_cred *cred); > extern int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred); > extern int nfs4_destroy_clientid(struct nfs_client *clp); > diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c > index f798925..cc80085 100644 > --- a/fs/nfs/nfs4client.c > +++ b/fs/nfs/nfs4client.c > @@ -885,7 +885,7 @@ static void nfs4_session_set_rwsize(struct nfs_server *server) > } > > static int nfs4_server_common_setup(struct nfs_server *server, > - struct nfs_fh *mntfh) > + struct nfs_fh *mntfh, bool auth_probe) > { > struct nfs_fattr *fattr; > int error; > @@ -917,7 +917,7 @@ static int nfs4_server_common_setup(struct nfs_server *server, > > > /* Probe the root fh to retrieve its FSID and filehandle */ > - error = nfs4_get_rootfh(server, mntfh); > + error = nfs4_get_rootfh(server, mntfh, auth_probe); > if (error < 0) > goto out; > > @@ -949,6 +949,7 @@ out: > static int nfs4_init_server(struct nfs_server *server, > const struct nfs_parsed_mount_data *data) > { > + rpc_authflavor_t pseudoflavor = RPC_AUTH_UNIX; > struct rpc_timeout timeparms; > int error; > > @@ -961,13 +962,16 @@ static int nfs4_init_server(struct nfs_server *server, > server->flags = data->flags; > server->options = data->options; > > + if (data->auth_flavor_len >= 1) > + pseudoflavor = data->auth_flavors[0]; > + > /* Get a client record */ > error = nfs4_set_client(server, > data->nfs_server.hostname, > (const struct sockaddr *)&data->nfs_server.address, > data->nfs_server.addrlen, > data->client_address, > - data->auth_flavors[0], > + pseudoflavor, > data->nfs_server.protocol, > &timeparms, > data->minorversion, > @@ -987,7 +991,7 @@ static int nfs4_init_server(struct nfs_server *server, > > server->port = data->nfs_server.port; > > - error = nfs_init_server_rpcclient(server, &timeparms, data->auth_flavors[0]); > + error = nfs_init_server_rpcclient(server, &timeparms, pseudoflavor); > > error: > /* Done */ > @@ -1005,6 +1009,7 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, > struct nfs_subversion *nfs_mod) > { > struct nfs_server *server; > + bool auth_probe; > int error; > > dprintk("--> nfs4_create_server()\n"); > @@ -1013,12 +1018,14 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, > if (!server) > return ERR_PTR(-ENOMEM); > > + auth_probe = mount_info->parsed->auth_flavor_len < 1; > + > /* set up the general RPC client */ > error = nfs4_init_server(server, mount_info->parsed); > if (error < 0) > goto error; > > - error = nfs4_server_common_setup(server, mount_info->mntfh); > + error = nfs4_server_common_setup(server, mount_info->mntfh, auth_probe); > if (error < 0) > goto error; > > @@ -1071,7 +1078,7 @@ struct nfs_server *nfs4_create_referral_server(struct nfs_clone_mount *data, > if (error < 0) > goto error; > > - error = nfs4_server_common_setup(server, mntfh); > + error = nfs4_server_common_setup(server, mntfh, false); > if (error < 0) > goto error; > > diff --git a/fs/nfs/nfs4getroot.c b/fs/nfs/nfs4getroot.c > index 549462e..c0b3a16 100644 > --- a/fs/nfs/nfs4getroot.c > +++ b/fs/nfs/nfs4getroot.c > @@ -9,7 +9,7 @@ > > #define NFSDBG_FACILITY NFSDBG_CLIENT > > -int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) > +int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool auth_probe) > { > struct nfs_fsinfo fsinfo; > int ret = -ENOMEM; > @@ -21,7 +21,7 @@ int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) > goto out; > > /* Start by getting the root filehandle from the server */ > - ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo); > + ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo, auth_probe); > if (ret < 0) { > dprintk("nfs4_get_rootfh: getroot error = %d\n", -ret); > goto out; > diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c > index cb56102..68551ea 100644 > --- a/fs/nfs/nfs4proc.c > +++ b/fs/nfs/nfs4proc.c > @@ -2884,18 +2884,27 @@ static int nfs4_do_find_root_sec(struct nfs_server *server, > * @server: initialized nfs_server handle > * @fhandle: we fill in the pseudo-fs root file handle > * @info: we fill in an FSINFO struct > + * @auth_probe: probe the auth flavours > * > * Returns zero on success, or a negative errno. > */ > int nfs4_proc_get_rootfh(struct nfs_server *server, struct nfs_fh *fhandle, > - struct nfs_fsinfo *info) > + struct nfs_fsinfo *info, > + bool auth_probe) > { > int status; > > - status = nfs4_lookup_root(server, fhandle, info); > - if ((status == -NFS4ERR_WRONGSEC) && > - !(server->flags & NFS_MOUNT_SECFLAVOUR)) > + switch (auth_probe) { > + case false: > + status = nfs4_lookup_root(server, fhandle, info); > + if (status != -NFS4ERR_WRONGSEC) > + break; > + /* Did user force a 'sec=' mount option? */ > + if (server->flags & NFS_MOUNT_SECFLAVOUR) > + break; > + default: > status = nfs4_do_find_root_sec(server, fhandle, info); > + } > > if (status == 0) > status = nfs4_server_capabilities(server, fhandle); > diff --git a/fs/nfs/nfs4super.c b/fs/nfs/nfs4super.c > index 4ad837c..e26acdd 100644 > --- a/fs/nfs/nfs4super.c > +++ b/fs/nfs/nfs4super.c > @@ -253,10 +253,6 @@ struct dentry *nfs4_try_mount(int flags, const char *dev_name, > > dfprintk(MOUNT, "--> nfs4_try_mount()\n"); > > - if (data->auth_flavor_len < 1) { > - data->auth_flavors[0] = RPC_AUTH_UNIX; > - data->auth_flavor_len = 1; > - } > export_path = data->nfs_server.export_path; > data->nfs_server.export_path = "/"; > root_mnt = nfs_do_root_mount(&nfs4_remote_fs_type, flags, mount_info, > -- > 1.8.3.1 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Chuck Lever chuck[dot]lever[at]oracle[dot]com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
T24gU3VuLCAyMDEzLTA5LTA4IGF0IDE2OjIyIC0wNDAwLCBDaHVjayBMZXZlciB3cm90ZToNCj4g T24gU2VwIDcsIDIwMTMsIGF0IDc6MTggUE0sIFRyb25kIE15a2xlYnVzdCA8VHJvbmQuTXlrbGVi dXN0QG5ldGFwcC5jb20+IHdyb3RlOg0KPiANCj4gPiBORlN2NCBzZWN1cml0eSBhdXRvLW5lZ290 aWF0aW9uIGhhcyBiZWVuIGJyb2tlbiBzaW5jZQ0KPiA+IGNvbW1pdCA0NTgwYTkyZDQ0ZTJiMjFj MjI1NGZhNWZlZjBmMWJmYjQzYzgyMzE4IChORlM6DQo+ID4gVXNlIHNlcnZlci1yZWNvbW1lbmRl ZCBzZWN1cml0eSBmbGF2b3IgYnkgZGVmYXVsdCAoTkZTdjMpKQ0KPiA+IGJlY2F1c2UgbmZzNF90 cnlfbW91bnQoKSB3aWxsIGF1dG9tYXRpY2FsbHkgc2VsZWN0IEFVVEhfU1lTDQo+ID4gaWYgaXQg c2VlcyBubyBhdXRoIGZsYXZvdXJzLg0KPiANCj4gbmZzKDUpIHNheXMgdGhpczoNCj4gDQo+ICAg ICAgICBzZWM9bW9kZSAgICAgICBUaGUgIFJQQ0dTUyAgc2VjdXJpdHkgZmxhdm9yIHRvIHVzZSBm b3IgYWNjZXNzaW5nIGZpbGVzIG9uIHRoaXMNCj4gICAgICAgICAgICAgICAgICAgICAgIG1vdW50 IHBvaW50LiAgSWYgdGhlIHNlYyBvcHRpb24gaXMgbm90IHNwZWNpZmllZCwgb3IgaWYgc2VjPXN5 cw0KPiAgICAgICAgICAgICAgICAgICAgICAgaXMgIHNwZWNpZmllZCwgdGhlIE5GUyBjbGllbnQg dXNlcyB0aGUgQVVUSF9TWVMgc2VjdXJpdHkgZmxhdm9yDQo+ICAgICAgICAgICAgICAgICAgICAg ICBmb3IgYWxsIE5GUyByZXF1ZXN0cyBvbiB0aGlzIG1vdW50IHBvaW50LiAgDQo+IA0KPiBJZiBO RlN2NCBjYW4gbmVnb3RpYXRlIHNlY3VyaXR5IG5vdywgbmZzKDUpIHNob3VsZCBiZSB1cGRhdGVk Lg0KDQpJIHN1Z2dlc3QgdGhhdCB5b3UgcHVsbCBhZ2Fpbi4gTXkgY29weSBvZiBuZnMoNSkgc2F5 cw0KDQogICAgICAgc2VjPWZsYXZvciAgICAgVGhlICBzZWN1cml0eSAgZmxhdm9yIHRvIHVzZSBm b3IgYWNjZXNzaW5nIGZpbGVzIG9uIHRoaXMNCiAgICAgICAgICAgICAgICAgICAgICBtb3VudCBw b2ludC4gIElmIHRoZSBzZXJ2ZXIgZG9lcyBub3Qgc3VwcG9ydCAgdGhpcyAgZmxh4oCQDQogICAg ICAgICAgICAgICAgICAgICAgdm9yLCAgdGhlICBtb3VudCBvcGVyYXRpb24gZmFpbHMuICBJZiBz ZWM9IGlzIG5vdCBzcGVjaeKAkA0KICAgICAgICAgICAgICAgICAgICAgIGZpZWQsIHRoZSBjbGll bnQgYXR0ZW1wdHMgdG8gZmluZCBhIHNlY3VyaXR5IGZsYXZvciB0aGF0DQogICAgICAgICAgICAg ICAgICAgICAgYm90aCAgdGhlIGNsaWVudCBhbmQgdGhlIHNlcnZlciBzdXBwb3J0cy4gIFZhbGlk IGZsYXZvcnMNCiAgICAgICAgICAgICAgICAgICAgICBhcmUgbm9uZSwgc3lzLCBrcmI1LCBrcmI1 aSwgYW5kICBrcmI1cC4gICBSZWZlciAgdG8gIHRoZQ0KICAgICAgICAgICAgICAgICAgICAgIFNF Q1VSSVRZIENPTlNJREVSQVRJT05TIHNlY3Rpb24gZm9yIGRldGFpbHMuDQoNCg0KLS0gDQpUcm9u ZCBNeWtsZWJ1c3QNCkxpbnV4IE5GUyBjbGllbnQgbWFpbnRhaW5lcg0KDQpOZXRBcHANClRyb25k Lk15a2xlYnVzdEBuZXRhcHAuY29tDQp3d3cubmV0YXBwLmNvbQ0K -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h index 23ec6e8..d388302c 100644 --- a/fs/nfs/internal.h +++ b/fs/nfs/internal.h @@ -358,7 +358,7 @@ extern struct dentry *nfs_get_root(struct super_block *, struct nfs_fh *, extern struct dentry *nfs4_get_root(struct super_block *, struct nfs_fh *, const char *); -extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh); +extern int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool); #endif struct nfs_pgio_completion_ops; diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h index d2db3ce..f520a11 100644 --- a/fs/nfs/nfs4_fs.h +++ b/fs/nfs/nfs4_fs.h @@ -221,7 +221,7 @@ struct vfsmount *nfs4_submount(struct nfs_server *, struct dentry *, /* nfs4proc.c */ extern int nfs4_proc_setclientid(struct nfs_client *, u32, unsigned short, struct rpc_cred *, struct nfs4_setclientid_res *); extern int nfs4_proc_setclientid_confirm(struct nfs_client *, struct nfs4_setclientid_res *arg, struct rpc_cred *); -extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *); +extern int nfs4_proc_get_rootfh(struct nfs_server *, struct nfs_fh *, struct nfs_fsinfo *, bool); extern int nfs4_proc_bind_conn_to_session(struct nfs_client *, struct rpc_cred *cred); extern int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred); extern int nfs4_destroy_clientid(struct nfs_client *clp); diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c index f798925..cc80085 100644 --- a/fs/nfs/nfs4client.c +++ b/fs/nfs/nfs4client.c @@ -885,7 +885,7 @@ static void nfs4_session_set_rwsize(struct nfs_server *server) } static int nfs4_server_common_setup(struct nfs_server *server, - struct nfs_fh *mntfh) + struct nfs_fh *mntfh, bool auth_probe) { struct nfs_fattr *fattr; int error; @@ -917,7 +917,7 @@ static int nfs4_server_common_setup(struct nfs_server *server, /* Probe the root fh to retrieve its FSID and filehandle */ - error = nfs4_get_rootfh(server, mntfh); + error = nfs4_get_rootfh(server, mntfh, auth_probe); if (error < 0) goto out; @@ -949,6 +949,7 @@ out: static int nfs4_init_server(struct nfs_server *server, const struct nfs_parsed_mount_data *data) { + rpc_authflavor_t pseudoflavor = RPC_AUTH_UNIX; struct rpc_timeout timeparms; int error; @@ -961,13 +962,16 @@ static int nfs4_init_server(struct nfs_server *server, server->flags = data->flags; server->options = data->options; + if (data->auth_flavor_len >= 1) + pseudoflavor = data->auth_flavors[0]; + /* Get a client record */ error = nfs4_set_client(server, data->nfs_server.hostname, (const struct sockaddr *)&data->nfs_server.address, data->nfs_server.addrlen, data->client_address, - data->auth_flavors[0], + pseudoflavor, data->nfs_server.protocol, &timeparms, data->minorversion, @@ -987,7 +991,7 @@ static int nfs4_init_server(struct nfs_server *server, server->port = data->nfs_server.port; - error = nfs_init_server_rpcclient(server, &timeparms, data->auth_flavors[0]); + error = nfs_init_server_rpcclient(server, &timeparms, pseudoflavor); error: /* Done */ @@ -1005,6 +1009,7 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, struct nfs_subversion *nfs_mod) { struct nfs_server *server; + bool auth_probe; int error; dprintk("--> nfs4_create_server()\n"); @@ -1013,12 +1018,14 @@ struct nfs_server *nfs4_create_server(struct nfs_mount_info *mount_info, if (!server) return ERR_PTR(-ENOMEM); + auth_probe = mount_info->parsed->auth_flavor_len < 1; + /* set up the general RPC client */ error = nfs4_init_server(server, mount_info->parsed); if (error < 0) goto error; - error = nfs4_server_common_setup(server, mount_info->mntfh); + error = nfs4_server_common_setup(server, mount_info->mntfh, auth_probe); if (error < 0) goto error; @@ -1071,7 +1078,7 @@ struct nfs_server *nfs4_create_referral_server(struct nfs_clone_mount *data, if (error < 0) goto error; - error = nfs4_server_common_setup(server, mntfh); + error = nfs4_server_common_setup(server, mntfh, false); if (error < 0) goto error; diff --git a/fs/nfs/nfs4getroot.c b/fs/nfs/nfs4getroot.c index 549462e..c0b3a16 100644 --- a/fs/nfs/nfs4getroot.c +++ b/fs/nfs/nfs4getroot.c @@ -9,7 +9,7 @@ #define NFSDBG_FACILITY NFSDBG_CLIENT -int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) +int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh, bool auth_probe) { struct nfs_fsinfo fsinfo; int ret = -ENOMEM; @@ -21,7 +21,7 @@ int nfs4_get_rootfh(struct nfs_server *server, struct nfs_fh *mntfh) goto out; /* Start by getting the root filehandle from the server */ - ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo); + ret = nfs4_proc_get_rootfh(server, mntfh, &fsinfo, auth_probe); if (ret < 0) { dprintk("nfs4_get_rootfh: getroot error = %d\n", -ret); goto out; diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index cb56102..68551ea 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -2884,18 +2884,27 @@ static int nfs4_do_find_root_sec(struct nfs_server *server, * @server: initialized nfs_server handle * @fhandle: we fill in the pseudo-fs root file handle * @info: we fill in an FSINFO struct + * @auth_probe: probe the auth flavours * * Returns zero on success, or a negative errno. */ int nfs4_proc_get_rootfh(struct nfs_server *server, struct nfs_fh *fhandle, - struct nfs_fsinfo *info) + struct nfs_fsinfo *info, + bool auth_probe) { int status; - status = nfs4_lookup_root(server, fhandle, info); - if ((status == -NFS4ERR_WRONGSEC) && - !(server->flags & NFS_MOUNT_SECFLAVOUR)) + switch (auth_probe) { + case false: + status = nfs4_lookup_root(server, fhandle, info); + if (status != -NFS4ERR_WRONGSEC) + break; + /* Did user force a 'sec=' mount option? */ + if (server->flags & NFS_MOUNT_SECFLAVOUR) + break; + default: status = nfs4_do_find_root_sec(server, fhandle, info); + } if (status == 0) status = nfs4_server_capabilities(server, fhandle); diff --git a/fs/nfs/nfs4super.c b/fs/nfs/nfs4super.c index 4ad837c..e26acdd 100644 --- a/fs/nfs/nfs4super.c +++ b/fs/nfs/nfs4super.c @@ -253,10 +253,6 @@ struct dentry *nfs4_try_mount(int flags, const char *dev_name, dfprintk(MOUNT, "--> nfs4_try_mount()\n"); - if (data->auth_flavor_len < 1) { - data->auth_flavors[0] = RPC_AUTH_UNIX; - data->auth_flavor_len = 1; - } export_path = data->nfs_server.export_path; data->nfs_server.export_path = "/"; root_mnt = nfs_do_root_mount(&nfs4_remote_fs_type, flags, mount_info,
NFSv4 security auto-negotiation has been broken since commit 4580a92d44e2b21c2254fa5fef0f1bfb43c82318 (NFS: Use server-recommended security flavor by default (NFSv3)) because nfs4_try_mount() will automatically select AUTH_SYS if it sees no auth flavours. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Chuck Lever <chuck.lever@oracle.com> --- fs/nfs/internal.h | 2 +- fs/nfs/nfs4_fs.h | 2 +- fs/nfs/nfs4client.c | 19 +++++++++++++------ fs/nfs/nfs4getroot.c | 4 ++-- fs/nfs/nfs4proc.c | 17 +++++++++++++---- fs/nfs/nfs4super.c | 4 ---- 6 files changed, 30 insertions(+), 18 deletions(-)