From: "J. Bruce Fields" <bfields@xxxxxxxxxx>
Kinglong Mee noted that the loop in seicnfo_addflavor (which sets the
security flavors allowed on the v4 pseudoroot) was adding flavors 1 and
0 twice; this is because flav_map ends with these entries:
{ "unix", AUTH_UNIX },
{ "sys", AUTH_SYS },
{ "null", AUTH_NULL },
{ "none", AUTH_NONE },
where AUTH_UNIX == AUTH_SYS == 1 and AUTH_NULL == AUTH_NONE == 1. We
need to allow two names for each of those two security flavors for
historical reasons.
The patch correctly fixed this by fixing the check for a duplicate
flavor number in secinfo_addflavor(). However it also went one step
further and rejected the flavor number 0. This is unnecessary and
causes the kernel to fail any NFSv4 mounts using AUTH_NULL.
The fact that we've apparently gone a few years without anyone noticing
this suggests AUTH_NULL isn't used very much! Still, this should be
fixed....
Fixes: e69eaaf93626
Cc: Kinglong Mee <kinglongmee@xxxxxxxxx>
Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxx>
---
utils/mountd/v4root.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c
index d735dbfe192d..c93bd4db51c8 100644
--- a/utils/mountd/v4root.c
+++ b/utils/mountd/v4root.c
@@ -69,9 +69,6 @@ set_pseudofs_security(struct exportent *pseudo, int flags)
for (flav = flav_map; flav < flav_map + flav_map_size; flav++) {
struct sec_entry *new;
- if (!flav->fnum)
- continue;
-
i = secinfo_addflavor(flav, pseudo);
new = &pseudo->e_secinfo[i];
--
2.17.1
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
