diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-09-07 16:01:07 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-09-07 17:52:42 -0400 |
commit | 47040da3c7524facd542f37ffeadedac4f228601 (patch) | |
tree | dafa9db999b5c56b32b85fb86cd67849d5cc94b2 /fs/nfs/nfs4namespace.c | |
parent | 41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316 (diff) |
NFSv4: Allow security autonegotiation for submounts
In cases where the parent super block was not mounted with a 'sec=' line,
allow autonegotiation of security for the submounts.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/nfs/nfs4namespace.c')
-rw-r--r-- | fs/nfs/nfs4namespace.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c index cdb0b41a481..2288cd3c927 100644 --- a/fs/nfs/nfs4namespace.c +++ b/fs/nfs/nfs4namespace.c @@ -11,6 +11,7 @@ #include <linux/mount.h> #include <linux/namei.h> #include <linux/nfs_fs.h> +#include <linux/nfs_mount.h> #include <linux/slab.h> #include <linux/string.h> #include <linux/sunrpc/clnt.h> @@ -369,21 +370,33 @@ out: struct vfsmount *nfs4_submount(struct nfs_server *server, struct dentry *dentry, struct nfs_fh *fh, struct nfs_fattr *fattr) { + rpc_authflavor_t flavor = server->client->cl_auth->au_flavor; struct dentry *parent = dget_parent(dentry); + struct inode *dir = parent->d_inode; + struct qstr *name = &dentry->d_name; struct rpc_clnt *client; struct vfsmount *mnt; /* Look it up again to get its attributes and sec flavor */ - client = nfs4_proc_lookup_mountpoint(parent->d_inode, &dentry->d_name, fh, fattr); + client = nfs4_proc_lookup_mountpoint(dir, name, fh, fattr); dput(parent); if (IS_ERR(client)) return ERR_CAST(client); - if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL) + if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL) { mnt = nfs_do_refmount(client, dentry); - else - mnt = nfs_do_submount(dentry, fh, fattr, client->cl_auth->au_flavor); + goto out; + } + if (client->cl_auth->au_flavor != flavor) + flavor = client->cl_auth->au_flavor; + else if (!(server->flags & NFS_MOUNT_SECFLAVOUR)) { + rpc_authflavor_t new = nfs4_negotiate_security(dir, name); + if ((int)new >= 0) + flavor = new; + } + mnt = nfs_do_submount(dentry, fh, fattr, flavor); +out: rpc_shutdown_client(client); return mnt; } |