@@ -864,7 +864,19 @@ static int nfs_probe_fsinfo(struct nfs_server *server, struct nfs_fh *mntfh, str
pathinfo.fattr = fattr;
nfs_fattr_init(fattr);
- if (clp->rpc_ops->pathconf(server, mntfh, &pathinfo) >= 0)
+ error = clp->rpc_ops->pathconf(server, mntfh, &pathinfo);
+ /*
+ * Linux NFS3 server for PATHCONF procedure returns back error
+ * NFS3ERR_ACCESS when selected auth flavor is not enabled for
+ * export. For auth flavors without authentication (none and
+ * sys) propagate error back to nfs_probe_server() caller and
+ * allow to choose different auth flavor.
+ */
+ if (error == -EACCES && (
+ server->client->cl_auth->au_flavor == RPC_AUTH_UNIX ||
+ server->client->cl_auth->au_flavor == RPC_AUTH_NULL))
+ return error;
+ else if (error >= 0)
server->namelen = pathinfo.max_namelen;
}
Linux NFS3 server returns NFS3ERR_ACCESS for PATHCONF procedure if client-selected auth flavor is not enabled for export which is being mounted. Ignoring this error results in choosing wrong auth flavor during mount and so making the mount point inaccessible. It is because Linux NFS3 server allows to call other procedures used during mount time (FSINFO and GETATTR) also with auth flavor which is explicitly disabled on particular export. This is particularly problem with mounting AUTH_NULL-only exports from Linux NFS3 server as kernel client first try to use AUTH_UNIX auth flavor, even when AUTH_UNIX is not announced by the MNTv3 server. Do not propagate this failure for other auth methods, like GSS, as Linux NFS3 server expects that accessing root export GSS dir may be done also by other auth methods. Signed-off-by: Pali Rohár <pali@kernel.org> Cc: stable@vger.kernel.org --- fs/nfs/client.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-)