| Message ID | 20130514142620.37841.9591.stgit@seurat.1015granger.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
This is build-tested only. Darrick, can you give it a whirl? -- Chuck Lever chuck.lever@oracle.com On May 14, 2013, at 10:26 AM, Chuck Lever <chuck.lever@oracle.com> wrote: > Commit 4580a92d44 "NFS: Use server-recommended security flavor by > default (NFSv3)" introduced a behavior regression for NFS mounts > done via a legacy binary mount(2) call. > > Darrick J. Wong <darrick.wong@oracle.com> reports: > >> I have a kvm-based testing setup that netboots VMs over NFS, the >> client end of which seems to have broken somehow in 3.10-rc1. The >> server's exports file looks like this: >> >> /storage/mtr/x64 192.168.122.0/24(ro,sync,no_root_squash,no_subtree_check) >> >> On the client end (inside the VM), the initrd runs the following >> command to try to mount the rootfs over NFS: >> >> # mount -o nolock -o ro -o retrans=10 192.168.122.1:/storage/mtr/x64/ /root >> >> (Note: This is the busybox mount command.) >> >> The mount fails with -EINVAL. > > Ensure that a default security flavor is specified for legacy binary > mounts, since they do not invoke nfs_select_flavor() in the kernel. > > Reported-by: Darrick J. Wong <darrick.wong@oracle.com> > Signed-off-by: Chuck Lever <chuck.lever@oracle.com> > --- > fs/nfs/super.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/nfs/super.c b/fs/nfs/super.c > index a366107..2d7525f 100644 > --- a/fs/nfs/super.c > +++ b/fs/nfs/super.c > @@ -1942,6 +1942,7 @@ static int nfs23_validate_mount_data(void *options, > args->namlen = data->namlen; > args->bsize = data->bsize; > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->flags & NFS_MOUNT_SECFLAVOUR) > args->auth_flavors[0] = data->pseudoflavor; > if (!args->nfs_server.hostname) > @@ -2637,6 +2638,7 @@ static int nfs4_validate_mount_data(void *options, > goto out_no_address; > args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->auth_flavourlen) { > if (data->auth_flavourlen > 1) > goto out_inval_auth; > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, May 14, 2013 at 10:26:20AM -0400, Chuck Lever wrote: > Commit 4580a92d44 "NFS: Use server-recommended security flavor by > default (NFSv3)" introduced a behavior regression for NFS mounts > done via a legacy binary mount(2) call. NFS mount with klibc nfsmount is working again with this patch, thank you! You may add: Tested-by: Darrick J. Wong <darrick.wong@oracle.com> Though you might want to clarify in the commit message that it's really the klibc nfsmount command, since that was really what was being called by busybox & friends. --D > > Darrick J. Wong <darrick.wong@oracle.com> reports: > > > I have a kvm-based testing setup that netboots VMs over NFS, the > > client end of which seems to have broken somehow in 3.10-rc1. The > > server's exports file looks like this: > > > > /storage/mtr/x64 192.168.122.0/24(ro,sync,no_root_squash,no_subtree_check) > > > > On the client end (inside the VM), the initrd runs the following > > command to try to mount the rootfs over NFS: > > > > # mount -o nolock -o ro -o retrans=10 192.168.122.1:/storage/mtr/x64/ /root > > > > (Note: This is the busybox mount command.) > > > > The mount fails with -EINVAL. > > Ensure that a default security flavor is specified for legacy binary > mounts, since they do not invoke nfs_select_flavor() in the kernel. > > Reported-by: Darrick J. Wong <darrick.wong@oracle.com> > Signed-off-by: Chuck Lever <chuck.lever@oracle.com> > --- > fs/nfs/super.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/nfs/super.c b/fs/nfs/super.c > index a366107..2d7525f 100644 > --- a/fs/nfs/super.c > +++ b/fs/nfs/super.c > @@ -1942,6 +1942,7 @@ static int nfs23_validate_mount_data(void *options, > args->namlen = data->namlen; > args->bsize = data->bsize; > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->flags & NFS_MOUNT_SECFLAVOUR) > args->auth_flavors[0] = data->pseudoflavor; > if (!args->nfs_server.hostname) > @@ -2637,6 +2638,7 @@ static int nfs4_validate_mount_data(void *options, > goto out_no_address; > args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->auth_flavourlen) { > if (data->auth_flavourlen > 1) > goto out_inval_auth; > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Acked-by: Weston Andros Adamson <dros@netapp.com> -dros On May 14, 2013, at 10:26 AM, Chuck Lever <chuck.lever@oracle.com> wrote: > Commit 4580a92d44 "NFS: Use server-recommended security flavor by > default (NFSv3)" introduced a behavior regression for NFS mounts > done via a legacy binary mount(2) call. > > Darrick J. Wong <darrick.wong@oracle.com> reports: > >> I have a kvm-based testing setup that netboots VMs over NFS, the >> client end of which seems to have broken somehow in 3.10-rc1. The >> server's exports file looks like this: >> >> /storage/mtr/x64 192.168.122.0/24(ro,sync,no_root_squash,no_subtree_check) >> >> On the client end (inside the VM), the initrd runs the following >> command to try to mount the rootfs over NFS: >> >> # mount -o nolock -o ro -o retrans=10 192.168.122.1:/storage/mtr/x64/ /root >> >> (Note: This is the busybox mount command.) >> >> The mount fails with -EINVAL. > > Ensure that a default security flavor is specified for legacy binary > mounts, since they do not invoke nfs_select_flavor() in the kernel. > > Reported-by: Darrick J. Wong <darrick.wong@oracle.com> > Signed-off-by: Chuck Lever <chuck.lever@oracle.com> > --- > fs/nfs/super.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/nfs/super.c b/fs/nfs/super.c > index a366107..2d7525f 100644 > --- a/fs/nfs/super.c > +++ b/fs/nfs/super.c > @@ -1942,6 +1942,7 @@ static int nfs23_validate_mount_data(void *options, > args->namlen = data->namlen; > args->bsize = data->bsize; > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->flags & NFS_MOUNT_SECFLAVOUR) > args->auth_flavors[0] = data->pseudoflavor; > if (!args->nfs_server.hostname) > @@ -2637,6 +2638,7 @@ static int nfs4_validate_mount_data(void *options, > goto out_no_address; > args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); > > + args->auth_flavors[0] = RPC_AUTH_UNIX; > if (data->auth_flavourlen) { > if (data->auth_flavourlen > 1) > goto out_inval_auth; > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfs/super.c b/fs/nfs/super.c index a366107..2d7525f 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c @@ -1942,6 +1942,7 @@ static int nfs23_validate_mount_data(void *options, args->namlen = data->namlen; args->bsize = data->bsize; + args->auth_flavors[0] = RPC_AUTH_UNIX; if (data->flags & NFS_MOUNT_SECFLAVOUR) args->auth_flavors[0] = data->pseudoflavor; if (!args->nfs_server.hostname) @@ -2637,6 +2638,7 @@ static int nfs4_validate_mount_data(void *options, goto out_no_address; args->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); + args->auth_flavors[0] = RPC_AUTH_UNIX; if (data->auth_flavourlen) { if (data->auth_flavourlen > 1) goto out_inval_auth;