On Thu, 2013-07-18 at 16:04 -0400, Trond Myklebust wrote:
> On Thu, 2013-07-18 at 15:54 -0400, Trond Myklebust wrote:
> > On Thu, 2013-07-18 at 19:49 +0000, Adamson, Dros wrote:
> > > Only supporting operations that have the error code NFS4ERR_WRONG_CRED seems to be wrong. Operations like BIND_CONN_TO_SESSION don't support don't support this error code, but are explicitly mentioned in SP4_MACH_CRED sections of the spec.
> >
> > Looking at the allowed error return values for BIND_CONN_TO_SESSION, I'm
> > at a loss to figure out exactly what it should return in this case. I
> > suspect that the lack of an NFS4ERR_WRONG_CRED is actually a protocol
> > bug.
> >
> > Time to go back to the ietf mailing list...
>
> Hi all,
>
> When attempting to implement the SP4_MACH_CRED state protection, Dros
> ran into an issue. If the BIND_CONN_TO_SESSION operation is listed in
> the "spo_must_enforce" list of operations, what should it not be allowed
> to return NFS4ERR_WRONG_CRED if called with a credential that is not the
> machine or SSV credential?
Ditto question for BACKCHANNEL_CTL, LAYOUTGET, TEST_STATEID, READ and
WRITE.
Finally, should OPEN and WANT_DELEGATION be allowed to return
NFS4ERR_WRONG_CRED in the case when we're doing reboot recovery?
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
