From: "Matt W. Benjamin" <matt@linuxbox.com>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Jeff Layton <jlayton@redhat.com>,
linux-nfs@vger.kernel.org,
Trond Myklebust <Trond.Myklebust@netapp.com>
Subject: Re: [PATCH] nfsd4: use auth_unix unconditionally on backchannel
Date: Thu, 29 Mar 2012 10:29:32 -0400 (EDT) [thread overview]
Message-ID: <1996969981.63.1333031372979.JavaMail.root@thunderbeast.private.linuxbox.com> (raw)
In-Reply-To: <20120328234617.GB13231@fieldses.org>
Hi,
Am I correct that this limitation is only with respect to v40 (that's how I read the comment and the code in fs/nfs/callback.c)?
Thanks,
Matt
----- "J. Bruce Fields" <bfields@fieldses.org> wrote:
> On Wed, Mar 28, 2012 at 11:16:49PM +0000, Myklebust, Trond wrote:
> > On Wed, 2012-03-28 at 19:09 -0400, J. Bruce Fields wrote:
> > > This is a bandaid.
> > >
> > > I have a series of patches that actually implement the correct
> behavior,
> > > but that may not quite be ready for 3.4.
> > >
> > > --b.
> > >
> > > commit 2f026867c76171d26f003b211063ff0562097d5e
> > > Author: J. Bruce Fields <bfields@redhat.com>
> > > Date: Wed Mar 28 14:18:16 2012 -0400
> > >
> > > nfsd4: use auth_unix unconditionally on backchannel
> > >
> > > This isn't actually correct, but it works with the Linux
> client, and
> > > agrees with the behavior we used to have before commit
> 80fc015bdfe.
> >
> > Question: does the Linux client ever send you anything other than
> > AUTH_SYS credentials for the csa_sec_parms argument in
> CREATE_SESSION?
> > Anything other than that would be a bug, since our client doesn't
> > actually support RPCSEC_GSS in the callback channel.
>
> Right, I've never seen anything else, so I think the client's
> behaving
> as expected.
>
> But the server needs to be fixed to deal with the range of possible
> csa_sec_parms possibilities regardless.
>
> The only thing I find odd about the client behavior is why it even
> bothers with auth_sys when auth_null would work just as well and be
> even
> slightly simpler.
>
> --b.
>
> >
> > > Later patches will implement the spec-mandated behavior (which
> is to use
> > > the security parameters explicitly given by the client in
> create_session
> > > or backchannel_ctl).
> > >
> >
> >
> > --
> > Trond Myklebust
> > Linux NFS client maintainer
> >
> > NetApp
> > Trond.Myklebust@netapp.com
> > www.netapp.com
> >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs"
> in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Matt Benjamin
The Linux Box
206 South Fifth Ave. Suite 150
Ann Arbor, MI 48104
http://linuxbox.com
tel. 734-761-4689
fax. 734-769-8938
cel. 734-216-5309
next prev parent reply other threads:[~2012-03-29 14:29 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-21 13:52 [PATCH v10 0/8] nfsd: overhaul the client name tracking code Jeff Layton
2012-03-21 13:52 ` [PATCH v10 1/8] nfsd: convert nfs4_client->cl_cb_flags to a generic flags field Jeff Layton
2012-03-21 20:41 ` J. Bruce Fields
2012-03-21 20:52 ` Jeff Layton
2012-03-21 21:05 ` J. Bruce Fields
2012-03-21 13:52 ` [PATCH v10 2/8] nfsd: add nfsd4_client_tracking_ops struct and a way to set it Jeff Layton
2012-03-21 20:42 ` [PATCH v11 " Jeff Layton
2012-03-21 23:59 ` [PATCH v10 " Jeff Layton
2012-03-21 13:52 ` [PATCH v10 3/8] sunrpc: create nfsd dir in rpc_pipefs Jeff Layton
2012-03-23 12:12 ` J. Bruce Fields
2012-03-23 13:31 ` J. Bruce Fields
2012-03-23 15:20 ` Myklebust, Trond
2012-03-23 15:22 ` J. Bruce Fields
2012-03-23 15:34 ` Myklebust, Trond
2012-03-23 15:53 ` Jeff Layton
2012-03-23 16:12 ` Jeff Layton
2012-03-23 17:04 ` J. Bruce Fields
2012-03-28 23:09 ` [PATCH] nfsd4: use auth_unix unconditionally on backchannel J. Bruce Fields
2012-03-28 23:16 ` Myklebust, Trond
2012-03-28 23:46 ` J. Bruce Fields
2012-03-29 14:29 ` Matt W. Benjamin [this message]
2012-03-29 14:29 ` Matt W. Benjamin
2012-03-29 14:48 ` J. Bruce Fields
2012-03-23 16:00 ` [PATCH v10 3/8] sunrpc: create nfsd dir in rpc_pipefs J. Bruce Fields
2012-03-21 13:52 ` [PATCH v10 4/8] nfsd: add a per-net-namespace struct for nfsd Jeff Layton
2012-03-21 13:52 ` [PATCH v10 5/8] nfsd: add a header describing upcall to nfsdcld Jeff Layton
2012-03-21 13:52 ` [PATCH v10 6/8] nfsd: add the infrastructure to handle the cld upcall Jeff Layton
2012-03-21 13:52 ` [PATCH v10 7/8] nfsd: add notifier to handle mount/unmount of rpc_pipefs sb Jeff Layton
2012-03-21 13:52 ` [PATCH v10 8/8] nfsd: don't allow legacy client tracker init for anything but init_net Jeff Layton
2012-03-23 17:06 ` [PATCH v10 0/8] nfsd: overhaul the client name tracking code J. Bruce Fields
2012-03-23 17:26 ` Jeff Layton
2012-03-26 20:02 ` J. Bruce Fields
2012-03-27 15:06 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1996969981.63.1333031372979.JavaMail.root@thunderbeast.private.linuxbox.com \
--to=matt@linuxbox.com \
--cc=Trond.Myklebust@netapp.com \
--cc=bfields@fieldses.org \
--cc=jlayton@redhat.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.