diff options
| author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-09-07 17:49:05 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2013-09-07 17:52:42 -0400 |
| commit | 41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316 (patch) | |
| tree | 80900e3b227b98a56e6220e86763361765be1b16 /fs/nfs | |
| parent | 5e6b19901b763f502e62b5fd4f583778df983ce7 (diff) | |
| download | linux-41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316.tar.gz linux-41d058c3ba7bd16c3a91b9ec4d89fb6e7d4b4316.tar.xz | |
NFSv4: Disallow security negotiation for lookups when 'sec=' is specified
Ensure that nfs4_proc_lookup_common respects the NFS_MOUNT_SECFLAVOUR
flag.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/nfs')
| -rw-r--r-- | fs/nfs/nfs4proc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 68551ea0b673..122b9340e6ef 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -3154,7 +3154,9 @@ static int nfs4_proc_lookup_common(struct rpc_clnt **clnt, struct inode *dir, err = -EPERM; if (client != *clnt) goto out; - + /* No security negotiation if the user specified 'sec=' */ + if (NFS_SERVER(dir)->flags & NFS_MOUNT_SECFLAVOUR) + goto out; client = nfs4_create_sec_client(client, dir, name); if (IS_ERR(client)) return PTR_ERR(client); |