NFS: Handle a zero-length auth flavor list

Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later) return an
empty auth flavor list if no sec= was specified for the export.  This is
notably broken server behavior.

The new auth flavor list checking added in a recent commit rejects this
case.  The OpenSolaris client does too.

The broken mountd implementation is already widely deployed.  To avoid
a behavioral regression, the kernel's mount client skips flavor checking
(ie reverts to the pre-2.6.32 behavior) if mountd returns an empty
flavor list.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

1 files changed, 10 insertions, 0 deletions

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 9c85cdb353a..f3a95df4b95 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1338,6 +1338,16 @@ static int nfs_walk_authlist(struct nfs_parsed_mount_data *args,
 	unsigned int i, j, server_authlist_len = *(request->auth_flav_len);
 
 	/*
+	 * Certain releases of Linux's mountd return an empty
+	 * flavor list.  To prevent behavioral regression with
+	 * these servers (ie. rejecting mounts that used to
+	 * succeed), revert to pre-2.6.32 behavior (no checking)
+	 * if the returned flavor list is empty.
+	 */
+	if (server_authlist_len == 0)
+		return 0;
+
+	/*
 	 * We avoid sophisticated negotiating here, as there are
 	 * plenty of cases where we can get it wrong, providing
 	 * either too little or too much security.