• Chuck Lever's avatar
    NFS: Use static list of security flavors during root FH lookup recovery · 9a744ba3
    Chuck Lever authored
    If the Linux NFS client receives an NFS4ERR_WRONGSEC error while
    trying to look up an NFS server's root file handle, it retries the
    lookup operation with various security flavors to see what flavor
    the NFS server will accept for pseudo-fs access.
    
    The list of flavors the client uses during retry consists only of
    flavors that are currently registered in the kernel RPC client.
    This list may not include any GSS pseudoflavors if auth_rpcgss.ko
    has not yet been loaded.
    
    Let's instead use a static list of security flavors that the NFS
    standard requires the server to implement (RFC 3530bis, section
    3.2.1).  The RPC client should now be able to load support for
    these dynamically; if not, they are skipped.
    
    Recovery behavior here is prescribed by RFC 3530bis, section
    15.33.5:
    
    > For LOOKUPP, PUTROOTFH and PUTPUBFH, the client will be unable to
    > use the SECINFO operation since SECINFO requires a current
    > filehandle and none exist for these two [sic] operations.  Therefore,
    > the client must iterate through the security triples available at
    > the client and reattempt the PUTROOTFH or PUTPUBFH operation.  In
    > the unfortunate event none of the MANDATORY security triples are
    > supported by the client and server, the client SHOULD try using
    > others that support integrity.  Failing that, the client can try
    > using AUTH_NONE, but because such forms lack integrity checks,
    > this puts the client at risk.
    Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
    Cc: Bryan Schumaker <bjschuma@netapp.com>
    Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
    9a744ba3
nfs4proc.c 187 KB