[kernel] r12722 - in dists/sid/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Mon Feb 9 00:08:31 UTC 2009
Author: dannf
Date: Mon Feb 9 00:08:29 2009
New Revision: 12722
Log:
Allow authenticated deep NFS mounts, a regression from etch
(Closes: #512031)
Added:
dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches/series/14
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Mon Feb 9 00:08:29 2009
@@ -2,6 +2,8 @@
[ Moritz Muehlenhoff ]
* Add support for Acer Aspire One with ALC269 codec chip. (Closes: #505250)
+ * Allow authenticated deep NFS mounts, a regression from etch
+ (Closes: #512031)
[ dann frazier ]
* sctp: fix memory overflow (CVE-2009-0065)
@@ -17,7 +19,7 @@
* [sparc] Revert: Reintroduce dummy PCI host controller to workaround broken
X.org. Not supportable and breaks to many things.
- -- dann frazier <dannf at debian.org> Mon, 19 Jan 2009 13:11:06 -0700
+ -- dann frazier <dannf at debian.org> Sun, 08 Feb 2009 16:46:03 -0700
linux-2.6 (2.6.26-13) unstable; urgency=high
Added: dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch Mon Feb 9 00:08:29 2009
@@ -0,0 +1,96 @@
+commit 37ca8f5c6041516aac603a5abb89b05675493802
+Author: EG Keizer <keie at few.vu.nl>
+Date: Tue Aug 19 16:34:36 2008 -0400
+
+ nfs: authenticated deep mounting
+
+ Allow mount to do authenticated mounts below the root of the exported tree.
+ The wording in RFC 2623, sec 2.3.2. allows fsinfo with UNIX authentication
+ on the root of the export. Mounts are not always done on the root
+ of the exported tree. Especially autoumounts often mount below the root of
+ the exported tree.
+ Some server implementations (justly) require full authentication for the
+ so-called deep mounts. The old code used AUTH_SYS only. This caused deep
+ mounts to fail on systems requiring stronger authentication..
+ The client should try both authentication types and use the first one that
+ succeeds.
+ This method was already partially implemented. This patch completes
+ the implementation for NFS2 and NFS3.
+ This patch was developed to allow Debian systems to automount home directories
+ on Solaris servers with krb5 authentication.
+
+ Tested on kernel 2.6.24-etchnhalf.1
+
+ Signed-off-by: E.G. Keizer <keie at few.vu.nl>
+ Signed-off-by: J. Bruce Fields <bfields at citi.umich.edu>
+ Signed-off-by: Trond Myklebust <Trond.Myklebust at netapp.com>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/fs/nfs/nfs3proc.c linux-source-2.6.26/fs/nfs/nfs3proc.c
+--- linux-source-2.6.26.orig/fs/nfs/nfs3proc.c 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/fs/nfs/nfs3proc.c 2009-02-08 16:43:39.000000000 -0700
+@@ -684,7 +684,7 @@ nfs3_proc_statfs(struct nfs_server *serv
+ }
+
+ static int
+-nfs3_proc_fsinfo(struct nfs_server *server, struct nfs_fh *fhandle,
++do_proc_fsinfo(struct rpc_clnt *client, struct nfs_fh *fhandle,
+ struct nfs_fsinfo *info)
+ {
+ struct rpc_message msg = {
+@@ -696,11 +696,27 @@ nfs3_proc_fsinfo(struct nfs_server *serv
+
+ dprintk("NFS call fsinfo\n");
+ nfs_fattr_init(info->fattr);
+- status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++ status = rpc_call_sync(client, &msg, 0);
+ dprintk("NFS reply fsinfo: %d\n", status);
+ return status;
+ }
+
++/*
++ * Bare-bones access to fsinfo: this is for nfs_get_root/nfs_get_sb via
++ * nfs_create_server
++ */
++static int
++nfs3_proc_fsinfo(struct nfs_server *server, struct nfs_fh *fhandle,
++ struct nfs_fsinfo *info)
++{
++ int status;
++
++ status = do_proc_fsinfo(server->client, fhandle, info);
++ if (status && server->nfs_client->cl_rpcclient != server->client)
++ status = do_proc_fsinfo(server->nfs_client->cl_rpcclient, fhandle, info);
++ return status;
++}
++
+ static int
+ nfs3_proc_pathconf(struct nfs_server *server, struct nfs_fh *fhandle,
+ struct nfs_pathconf *info)
+diff -urpN linux-source-2.6.26.orig/fs/nfs/proc.c linux-source-2.6.26/fs/nfs/proc.c
+--- linux-source-2.6.26.orig/fs/nfs/proc.c 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/fs/nfs/proc.c 2009-02-08 16:43:39.000000000 -0700
+@@ -65,14 +65,20 @@ nfs_proc_get_root(struct nfs_server *ser
+
+ dprintk("%s: call getattr\n", __func__);
+ nfs_fattr_init(fattr);
+- status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++ status = rpc_call_sync(server->client, &msg, 0);
++ /* Retry with default authentication if different */
++ if (status && server->nfs_client->cl_rpcclient != server->client)
++ status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
+ dprintk("%s: reply getattr: %d\n", __func__, status);
+ if (status)
+ return status;
+ dprintk("%s: call statfs\n", __func__);
+ msg.rpc_proc = &nfs_procedures[NFSPROC_STATFS];
+ msg.rpc_resp = &fsinfo;
+- status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++ status = rpc_call_sync(server->client, &msg, 0);
++ /* Retry with default authentication if different */
++ if (status && server->nfs_client->cl_rpcclient != server->client)
++ status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
+ dprintk("%s: reply statfs: %d\n", __func__, status);
+ if (status)
+ return status;
Modified: dists/sid/linux-2.6/debian/patches/series/14
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/14 (original)
+++ dists/sid/linux-2.6/debian/patches/series/14 Mon Feb 9 00:08:29 2009
@@ -50,3 +50,4 @@
+ bugfix/all/sata_mv-fix-8-port-timeouts.patch
+ bugfix/all/sata_mv-init-main-irq-mask.patch
- bugfix/sparc/arch_pci_hostcontroller_workaround.patch
++ bugfix/all/nfs-fix-authenticated-deep-mounting.patch
More information about the Kernel-svn-changes
mailing list