[kernel] r12722 - in dists/sid/linux-2.6/debian: . patches/bugfix/all patches/series

Mon Feb 9 00:08:31 UTC 2009

Author: dannf
Date: Mon Feb  9 00:08:29 2009
New Revision: 12722

Log:
Allow authenticated deep NFS mounts, a regression from etch
(Closes: #512031)

Added:
   dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/14

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================

--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Mon Feb  9 00:08:29 2009
@@ -2,6 +2,8 @@
 
   [ Moritz Muehlenhoff ]
   * Add support for Acer Aspire One with ALC269 codec chip. (Closes: #505250)
+  * Allow authenticated deep NFS mounts, a regression from etch
+    (Closes: #512031)
 
   [ dann frazier ]
   * sctp: fix memory overflow (CVE-2009-0065)
@@ -17,7 +19,7 @@
   * [sparc] Revert: Reintroduce dummy PCI host controller to workaround broken
     X.org. Not supportable and breaks to many things.
 
- -- dann frazier <dannf at debian.org>  Mon, 19 Jan 2009 13:11:06 -0700
+ -- dann frazier <dannf at debian.org>  Sun, 08 Feb 2009 16:46:03 -0700
 
 linux-2.6 (2.6.26-13) unstable; urgency=high
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/all/nfs-fix-authenticated-deep-mounting.patch	Mon Feb  9 00:08:29 2009
@@ -0,0 +1,96 @@
+commit 37ca8f5c6041516aac603a5abb89b05675493802
+Author: EG Keizer <keie at few.vu.nl>
+Date:   Tue Aug 19 16:34:36 2008 -0400
+
+    nfs: authenticated deep mounting
+    
+    Allow mount to do authenticated mounts below the root of the exported tree.
+    The wording in RFC 2623, sec 2.3.2. allows fsinfo with UNIX authentication
+    on the root of the export. Mounts are not always done on the root
+    of the exported tree. Especially autoumounts often mount below the root of
+    the exported tree.
+    Some server implementations (justly) require full authentication for the
+    so-called deep mounts. The old code used AUTH_SYS only. This caused deep
+    mounts to fail on systems requiring stronger authentication..
+    The client should try both authentication types and use the first one that
+    succeeds.
+    This method was already partially implemented. This patch completes
+    the implementation for NFS2 and NFS3.
+    This patch was developed to allow Debian systems to automount home directories
+    on Solaris servers with krb5 authentication.
+    
+    Tested on kernel 2.6.24-etchnhalf.1
+    
+    Signed-off-by: E.G. Keizer <keie at few.vu.nl>
+    Signed-off-by: J. Bruce Fields <bfields at citi.umich.edu>
+    Signed-off-by: Trond Myklebust <Trond.Myklebust at netapp.com>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/fs/nfs/nfs3proc.c linux-source-2.6.26/fs/nfs/nfs3proc.c
+--- linux-source-2.6.26.orig/fs/nfs/nfs3proc.c	2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/fs/nfs/nfs3proc.c	2009-02-08 16:43:39.000000000 -0700
+@@ -684,7 +684,7 @@ nfs3_proc_statfs(struct nfs_server *serv
+ }
+ 
+ static int
+-nfs3_proc_fsinfo(struct nfs_server *server, struct nfs_fh *fhandle,
++do_proc_fsinfo(struct rpc_clnt *client, struct nfs_fh *fhandle,
+ 		 struct nfs_fsinfo *info)
+ {
+ 	struct rpc_message msg = {
+@@ -696,11 +696,27 @@ nfs3_proc_fsinfo(struct nfs_server *serv
+ 
+ 	dprintk("NFS call  fsinfo\n");
+ 	nfs_fattr_init(info->fattr);
+-	status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++	status = rpc_call_sync(client, &msg, 0);
+ 	dprintk("NFS reply fsinfo: %d\n", status);
+ 	return status;
+ }
+ 
++/*
++ * Bare-bones access to fsinfo: this is for nfs_get_root/nfs_get_sb via
++ * nfs_create_server
++ */
++static int
++nfs3_proc_fsinfo(struct nfs_server *server, struct nfs_fh *fhandle,
++		   struct nfs_fsinfo *info)
++{
++	int	status;
++
++	status = do_proc_fsinfo(server->client, fhandle, info);
++	if (status && server->nfs_client->cl_rpcclient != server->client)
++		status = do_proc_fsinfo(server->nfs_client->cl_rpcclient, fhandle, info);
++	return status;
++}
++
+ static int
+ nfs3_proc_pathconf(struct nfs_server *server, struct nfs_fh *fhandle,
+ 		   struct nfs_pathconf *info)
+diff -urpN linux-source-2.6.26.orig/fs/nfs/proc.c linux-source-2.6.26/fs/nfs/proc.c
+--- linux-source-2.6.26.orig/fs/nfs/proc.c	2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/fs/nfs/proc.c	2009-02-08 16:43:39.000000000 -0700
+@@ -65,14 +65,20 @@ nfs_proc_get_root(struct nfs_server *ser
+ 
+ 	dprintk("%s: call getattr\n", __func__);
+ 	nfs_fattr_init(fattr);
+-	status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++	status = rpc_call_sync(server->client, &msg, 0);
++	/* Retry with default authentication if different */
++	if (status && server->nfs_client->cl_rpcclient != server->client)
++		status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
+ 	dprintk("%s: reply getattr: %d\n", __func__, status);
+ 	if (status)
+ 		return status;
+ 	dprintk("%s: call statfs\n", __func__);
+ 	msg.rpc_proc = &nfs_procedures[NFSPROC_STATFS];
+ 	msg.rpc_resp = &fsinfo;
+-	status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
++	status = rpc_call_sync(server->client, &msg, 0);
++	/* Retry with default authentication if different */
++	if (status && server->nfs_client->cl_rpcclient != server->client)
++		status = rpc_call_sync(server->nfs_client->cl_rpcclient, &msg, 0);
+ 	dprintk("%s: reply statfs: %d\n", __func__, status);
+ 	if (status)
+ 		return status;

Modified: dists/sid/linux-2.6/debian/patches/series/14
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/14	(original)
+++ dists/sid/linux-2.6/debian/patches/series/14	Mon Feb  9 00:08:29 2009
@@ -50,3 +50,4 @@
 + bugfix/all/sata_mv-fix-8-port-timeouts.patch
 + bugfix/all/sata_mv-init-main-irq-mask.patch
 - bugfix/sparc/arch_pci_hostcontroller_workaround.patch
++ bugfix/all/nfs-fix-authenticated-deep-mounting.patch

