From patchwork Fri Jan 24 12:09:28 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jeff Layton <jlayton@redhat.com>
X-Patchwork-Id: 3533901
Return-Path: <linux-nfs-owner@kernel.org>
X-Original-To: patchwork-linux-nfs@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.19.201])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 1C7EBC02DC
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Fri, 24 Jan 2014 12:09:46 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 7F4D720173
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Fri, 24 Jan 2014 12:09:41 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 2653D20161
	for <patchwork-linux-nfs@patchwork.kernel.org>;
	Fri, 24 Jan 2014 12:09:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752521AbaAXMJj (ORCPT
	<rfc822;patchwork-linux-nfs@patchwork.kernel.org>);
	Fri, 24 Jan 2014 07:09:39 -0500
Received: from mail-bk0-f44.google.com ([209.85.214.44]:49867 "EHLO
	mail-bk0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752497AbaAXMJi (ORCPT
	<rfc822; linux-nfs@vger.kernel.org>); Fri, 24 Jan 2014 07:09:38 -0500
Received: by mail-bk0-f44.google.com with SMTP id mz12so1107982bkb.31
	for <linux-nfs@vger.kernel.org>; Fri, 24 Jan 2014 04:09:37 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=eFcfjlFxekEWZd/eGDK3uWYf5l5qv6VnP+RmUcIPSuQ=;
	b=NlKcAHK4XKq2QQTa1WtSeVlY9XrYAVCLMjTBZWaK3jn99xDoQOVU1jnb6viPpweMCa
	RFaRALPQq0amWVeW2wpwjwFj5lEmGYPjZtGi0AqmuWiLfmMf24BfuRgIZ2VT1qAVkWjn
	LDquAvbFId3nqALfxhfYPgu7WsomaqURCvwmGuAdLRlx0cJ17wbYCpYkwA3xmKOjSUoN
	4fnfWJiMKHSVN8jMxI8l9sLyI4C4ZK59uGhp/vjmU4Ey40kg2RgrNjaOlOX9iIuuUtqV
	VhpiEZZWDXjwvx3ISiocGutBRtoyR9LDgI1fBVW00aimqm2PKCMHXP01XP76rY86Zw3n
	Kw6w==
X-Gm-Message-State: 
 ALoCoQkZKVrDdtPN9b4dnwQcn6X0139RNoE80ebAqLOA10RDlZfZ/BhJ7MdUeuUOUhdQG6zmU5xp
X-Received: by 10.205.86.137 with SMTP id as9mr1735257bkc.89.1390565377223;
	Fri, 24 Jan 2014 04:09:37 -0800 (PST)
Received: from tlielax.poochiereds.net ([2001:470:8:d63:3a60:77ff:fe93:a95d])
	by mx.google.com with ESMTPSA id
	ch4sm2541134bkc.8.2014.01.24.04.09.34 for <multiple recipients>
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Fri, 24 Jan 2014 04:09:36 -0800 (PST)
From: Jeff Layton <jlayton@redhat.com>
To: trond.myklebust@primarydata.com
Cc: dros@netapp.com, linux-nfs@vger.kernel.org
Subject: [PATCH] nfs: don't attempt auth methods that require upcall unless
	we know that gssd is running
Date: Fri, 24 Jan 2014 07:09:28 -0500
Message-Id: <1390565368-17597-1-git-send-email-jlayton@redhat.com>
X-Mailer: git-send-email 1.8.5.3
Sender: linux-nfs-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org
X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Currently, if the server lists krb5 as an allowed auth method, but gssd isn't
running, you'll get the infamous "AUTH_GSS upcall failed" message, even if
you didn't request sec=krb5.

This is because nfs4_find_root_sec() establishes a default list of auth
methods to try when the admin didn't supply one, and that list contains
AUTH_GSS methods first. Skip those methods if gssd isn't running since
they won't succeed anyway.

Cc: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
---
 fs/nfs/nfs4proc.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index 15052b8..468a581 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -2900,6 +2900,13 @@ static int nfs4_find_root_sec(struct nfs_server *server, struct nfs_fh *fhandle,
 	} else {
 		/* no flavors specified by user, try default list */
 		for (i = 0; i < ARRAY_SIZE(flav_array); i++) {
+			/*
+			 * Don't attempt to upcall with the default list
+			 * unless we know that gssd is running.
+			 */
+			if (!gssd_running(server->nfs_client->cl_net))
+				continue;
+
 			status = nfs4_lookup_root_sec(server, fhandle, info,
 						      flav_array[i]);
 			if (status == -NFS4ERR_WRONGSEC || status == -EACCES)