Author: freqlabs Date: Tue Jun 16 21:30:30 2020 New Revision: 362252 URL: https://svnweb.freebsd.org/changeset/base/362252
Log: Apply default security flavor in vfs_export There may be some version of mountd out there that does not supply a default security flavor when none is given for an export. Set the default security flavor in vfs_export if none is given, and remove the workaround for oexport compat. Reported by: npn Reviewed by: rmacklem Approved by: mav (mentor) MFC after: 3 days Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D25300 Modified: head/sys/kern/vfs_export.c head/sys/kern/vfs_mount.c Modified: head/sys/kern/vfs_export.c ============================================================================== --- head/sys/kern/vfs_export.c Tue Jun 16 21:29:02 2020 (r362251) +++ head/sys/kern/vfs_export.c Tue Jun 16 21:30:30 2020 (r362252) @@ -61,6 +61,9 @@ __FBSDID("$FreeBSD$"); #include <netinet/in.h> #include <net/radix.h> +#include <rpc/types.h> +#include <rpc/auth.h> + static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structure"); #if defined(INET) || defined(INET6) @@ -303,7 +306,7 @@ vfs_export(struct mount *mp, struct export_args *argp) return (EINVAL); if ((argp->ex_flags & MNT_EXPORTED) != 0 && - (argp->ex_numsecflavors <= 0 + (argp->ex_numsecflavors < 0 || argp->ex_numsecflavors >= MAXSECFLAVORS)) return (EINVAL); @@ -340,6 +343,10 @@ vfs_export(struct mount *mp, struct export_args *argp) MNT_ILOCK(mp); mp->mnt_flag |= MNT_EXPUBLIC; MNT_IUNLOCK(mp); + } + if (argp->ex_numsecflavors == 0) { + argp->ex_numsecflavors = 1; + argp->ex_secflavors[0] = AUTH_SYS; } if ((error = vfs_hang_addrlist(mp, nep, argp))) goto out; Modified: head/sys/kern/vfs_mount.c ============================================================================== --- head/sys/kern/vfs_mount.c Tue Jun 16 21:29:02 2020 (r362251) +++ head/sys/kern/vfs_mount.c Tue Jun 16 21:30:30 2020 (r362252) @@ -70,9 +70,6 @@ __FBSDID("$FreeBSD$"); #include <machine/stdarg.h> -#include <rpc/types.h> -#include <rpc/auth.h> - #include <security/audit/audit.h> #include <security/mac/mac_framework.h> @@ -1131,8 +1128,6 @@ vfs_domount_update( switch (len) { case (sizeof(struct oexport_args)): bzero(&o2export, sizeof(o2export)); - o2export.ex_numsecflavors = 1; - o2export.ex_secflavors[0] = AUTH_SYS; /* FALLTHROUGH */ case (sizeof(o2export)): bcopy(bufp, &o2export, len); _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
