Message ID | 42751e1fef65485a5441618bc39735f8b62b3a46.1679988298.git.geert+renesas@glider.be |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp2031618vqo; Tue, 28 Mar 2023 00:31:11 -0700 (PDT) X-Google-Smtp-Source: AKy350Z2dNiQBhgxnmzUVCzDhUR+kgLafjt2ktcP1xaNFw8zmmQu/FHU8F/502KO3ARv5gvPJbHl X-Received: by 2002:a17:907:248c:b0:931:bbcf:eb6b with SMTP id zg12-20020a170907248c00b00931bbcfeb6bmr15772158ejb.63.1679988671257; Tue, 28 Mar 2023 00:31:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679988671; cv=none; d=google.com; s=arc-20160816; b=qu6lWFV2/X0Kf2CTE2ZyJJuTHjgx9IfqM1OhTPsrtZqvnTKyXx6UOD3cFqfg/ANPqe GDLq/A7v1i6zLFBJjhREiIpNJNukmhkdqYl4lYJwfuWVav3HEp7oRNSnZ4fRDx5J8uze syk43gup+0vuJLRZHSlNY7iI1Beu5+5iO3ptIuDZ9bH/TPrufo2uZLSJNwlUv5k4Mreh Irs6r8vQz4TAiE2Ck60W1xpfZHgVPcq11u2MpCGipZbsDeqpEQX6mlMWK3o5qge/6wDL CLvM5+VEeouBzRuaVh/hL8nGFuUZOLDXysAKTRbDxRl8lNnEzoLIcV9982u1MqFTGIIH C/AA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=zpTgjF47lFJRF0nU3eVtcbsDN5oYzAQ7UVMjuyNWMA0=; b=nlIoaUKPXJX2fI56m1csg6IW7pWzlXLqMUV6g1LolMkbTVdLetDVSYG4cUjj3y1ms6 0J64YZnwMmpquB4ujrwVpdSR8yJhpPhjwSI/KjWeK5LyBJ4HiCe4l3y6lp8+lgFtiEzU KEEWuF7o2oubBAAuiWcc50rsR10ins5W/OY5PgNe55nybszQaomERVXrOz7oBAdAoYx7 yMVVTyfzN5G/LonN38C3VEzQDghNx9ANgN6pcej6DrJJAFpUyZIaAR6LlxYss7l92RrN 3U+tMUMEXUZTkqIwK8jW8Cz/MK00LgxcMwvhENogcwPC7DEhucr2QmNXeg4sW3AX8KQV ykhA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o26-20020a170906861a00b009332ffacd59si13533608ejx.765.2023.03.28.00.30.47; Tue, 28 Mar 2023 00:31:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229507AbjC1H0J (ORCPT <rfc822;kartikey406@gmail.com> + 99 others); Tue, 28 Mar 2023 03:26:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229496AbjC1H0H (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Tue, 28 Mar 2023 03:26:07 -0400 Received: from baptiste.telenet-ops.be (baptiste.telenet-ops.be [IPv6:2a02:1800:120:4::f00:13]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 44EE013E for <linux-kernel@vger.kernel.org>; Tue, 28 Mar 2023 00:26:05 -0700 (PDT) Received: from ramsan.of.borg ([84.195.187.55]) by baptiste.telenet-ops.be with bizsmtp id djS22900B1C8whw01jS2wD; Tue, 28 Mar 2023 09:26:03 +0200 Received: from rox.of.borg ([192.168.97.57]) by ramsan.of.borg with esmtp (Exim 4.95) (envelope-from <geert@linux-m68k.org>) id 1ph3hm-00F2J5-HC; Tue, 28 Mar 2023 09:26:02 +0200 Received: from geert by rox.of.borg with local (Exim 4.95) (envelope-from <geert@linux-m68k.org>) id 1ph3iU-004B34-0N; Tue, 28 Mar 2023 09:26:02 +0200 From: Geert Uytterhoeven <geert+renesas@glider.be> To: Chuck Lever <chuck.lever@oracle.com>, Trond Myklebust <trond.myklebust@hammerspace.com>, Anna Schumaker <anna@kernel.org> Cc: linux-nfs@vger.kernel.org, linux-renesas-soc@vger.kernel.org, linux-kernel@vger.kernel.org, Geert Uytterhoeven <geert+renesas@glider.be>, kernel test robot <lkp@intel.com>, =?utf-8?q?Niklas_S=C3=B6derlund?= <niklas.soderlund@ragnatech.se> Subject: [PATCH] NFSv4: Fix NFS_V4 select RPCSEC_GSS_KRB5 Date: Tue, 28 Mar 2023 09:25:57 +0200 Message-Id: <42751e1fef65485a5441618bc39735f8b62b3a46.1679988298.git.geert+renesas@glider.be> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.4 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761595800706698253?= X-GMAIL-MSGID: =?utf-8?q?1761595800706698253?= |
Series |
NFSv4: Fix NFS_V4 select RPCSEC_GSS_KRB5
|
|
Commit Message
Geert Uytterhoeven
March 28, 2023, 7:25 a.m. UTC
If CONFIG_CRYPTO=n (e.g. arm/shmobile_defconfig):
WARNING: unmet direct dependencies detected for RPCSEC_GSS_KRB5
Depends on [n]: NETWORK_FILESYSTEMS [=y] && SUNRPC [=y] && CRYPTO [=n]
Selected by [y]:
- NFS_V4 [=y] && NETWORK_FILESYSTEMS [=y] && NFS_FS [=y]
As NFSv4 can work without crypto enabled, fix this by making the
selection of RPCSEC_GSS_KRB5 conditional on CRYPTO.
Fixes: e57d065277387980 ("NFS & NFSD: Update GSS dependencies")
Reported-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/oe-kbuild-all/202303241307.f6NeW9gZ-lkp@intel.com/
Reported-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>
Link: https://lore.kernel.org/r/ZCG6tIoz0VN6d+oy@sleipner.dyn.berto.se
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
---
Nfsroot ("root=/dev/nfs rw nfsroot=aaa.bbb.ccc.ddd:/path/to/fs,tcp,v4")
works fine without CRYPTO and RPCSEC_GSS_KRB5.
CONFIG_NFSD_V4 selects CRYPTO, so was not affected by the similar change.
---
fs/nfs/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
> On Mar 28, 2023, at 3:25 AM, Geert Uytterhoeven <geert+renesas@glider.be> wrote: > > If CONFIG_CRYPTO=n (e.g. arm/shmobile_defconfig): > > WARNING: unmet direct dependencies detected for RPCSEC_GSS_KRB5 > Depends on [n]: NETWORK_FILESYSTEMS [=y] && SUNRPC [=y] && CRYPTO [=n] > Selected by [y]: > - NFS_V4 [=y] && NETWORK_FILESYSTEMS [=y] && NFS_FS [=y] > > As NFSv4 can work without crypto enabled, fix this by making the > selection of RPCSEC_GSS_KRB5 conditional on CRYPTO. > > Fixes: e57d065277387980 ("NFS & NFSD: Update GSS dependencies") > Reported-by: kernel test robot <lkp@intel.com> > Link: https://lore.kernel.org/oe-kbuild-all/202303241307.f6NeW9gZ-lkp@intel.com/ > Reported-by: Niklas Söderlund <niklas.soderlund@ragnatech.se> > Link: https://lore.kernel.org/r/ZCG6tIoz0VN6d+oy@sleipner.dyn.berto.se > Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> > --- > Nfsroot ("root=/dev/nfs rw nfsroot=aaa.bbb.ccc.ddd:/path/to/fs,tcp,v4") > works fine without CRYPTO and RPCSEC_GSS_KRB5. > CONFIG_NFSD_V4 selects CRYPTO, so was not affected by the similar change. Makes sense to me. I can quickly take this through nfsd-fixes if the NFS maintainers can send me an Acked-by. > --- > fs/nfs/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig > index 450d6c3bc05e27dd..f05c13ce0155bd69 100644 > --- a/fs/nfs/Kconfig > +++ b/fs/nfs/Kconfig > @@ -75,7 +75,7 @@ config NFS_V3_ACL > config NFS_V4 > tristate "NFS client support for NFS version 4" > depends on NFS_FS > - select RPCSEC_GSS_KRB5 > + select RPCSEC_GSS_KRB5 if CRYPTO > select KEYS > help > This option enables support for version 4 of the NFS protocol > -- > 2.34.1 > -- Chuck Lever
> On Mar 28, 2023, at 09:40, Chuck Lever III <chuck.lever@oracle.com> wrote: > > > >> On Mar 28, 2023, at 3:25 AM, Geert Uytterhoeven <geert+renesas@glider.be> wrote: >> >> If CONFIG_CRYPTO=n (e.g. arm/shmobile_defconfig): >> >> WARNING: unmet direct dependencies detected for RPCSEC_GSS_KRB5 >> Depends on [n]: NETWORK_FILESYSTEMS [=y] && SUNRPC [=y] && CRYPTO [=n] >> Selected by [y]: >> - NFS_V4 [=y] && NETWORK_FILESYSTEMS [=y] && NFS_FS [=y] >> >> As NFSv4 can work without crypto enabled, fix this by making the >> selection of RPCSEC_GSS_KRB5 conditional on CRYPTO. >> >> Fixes: e57d065277387980 ("NFS & NFSD: Update GSS dependencies") >> Reported-by: kernel test robot <lkp@intel.com> >> Link: https://lore.kernel.org/oe-kbuild-all/202303241307.f6NeW9gZ-lkp@intel.com/ >> Reported-by: Niklas Söderlund <niklas.soderlund@ragnatech.se> >> Link: https://lore.kernel.org/r/ZCG6tIoz0VN6d+oy@sleipner.dyn.berto.se >> Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> >> --- >> Nfsroot ("root=/dev/nfs rw nfsroot=aaa.bbb.ccc.ddd:/path/to/fs,tcp,v4") >> works fine without CRYPTO and RPCSEC_GSS_KRB5. >> CONFIG_NFSD_V4 selects CRYPTO, so was not affected by the similar change. > > Makes sense to me. > > I can quickly take this through nfsd-fixes if the NFS maintainers > can send me an Acked-by. > > >> --- >> fs/nfs/Kconfig | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig >> index 450d6c3bc05e27dd..f05c13ce0155bd69 100644 >> --- a/fs/nfs/Kconfig >> +++ b/fs/nfs/Kconfig >> @@ -75,7 +75,7 @@ config NFS_V3_ACL >> config NFS_V4 >> tristate "NFS client support for NFS version 4" >> depends on NFS_FS >> - select RPCSEC_GSS_KRB5 >> + select RPCSEC_GSS_KRB5 if CRYPTO >> select KEYS >> help >> This option enables support for version 4 of the NFS protocol >> -- >> 2.34.1 >> Hmm… Perhaps it is time to just remove the above RPCSEC_GSS_KRB5 dependency altogether? It is possible to use the NFSv4.1 client with just AUTH_SYS, and in fact there are plenty of people out there using only that. The fact that RFC5661 gets its knickers in a twist about RPCSEC_GSS support is largely irrelevant to those people. The other issue is that ’select’ enforces the strict dependency that if the NFS client is compiled into the kernel, then the RPCSEC_GSS and kerberos code needs to be compiled in as well: they cannot exist as modules. _________________________________ Trond Myklebust Linux NFS client maintainer, Hammerspace trond.myklebust@hammerspace.com
> On Mar 28, 2023, at 11:02 AM, Trond Myklebust <trondmy@hammerspace.com> wrote: > > > >> On Mar 28, 2023, at 09:40, Chuck Lever III <chuck.lever@oracle.com> wrote: >> >> >> >>> On Mar 28, 2023, at 3:25 AM, Geert Uytterhoeven <geert+renesas@glider.be> wrote: >>> >>> If CONFIG_CRYPTO=n (e.g. arm/shmobile_defconfig): >>> >>> WARNING: unmet direct dependencies detected for RPCSEC_GSS_KRB5 >>> Depends on [n]: NETWORK_FILESYSTEMS [=y] && SUNRPC [=y] && CRYPTO [=n] >>> Selected by [y]: >>> - NFS_V4 [=y] && NETWORK_FILESYSTEMS [=y] && NFS_FS [=y] >>> >>> As NFSv4 can work without crypto enabled, fix this by making the >>> selection of RPCSEC_GSS_KRB5 conditional on CRYPTO. >>> >>> Fixes: e57d065277387980 ("NFS & NFSD: Update GSS dependencies") >>> Reported-by: kernel test robot <lkp@intel.com> >>> Link: https://lore.kernel.org/oe-kbuild-all/202303241307.f6NeW9gZ-lkp@intel.com/ >>> Reported-by: Niklas Söderlund <niklas.soderlund@ragnatech.se> >>> Link: https://lore.kernel.org/r/ZCG6tIoz0VN6d+oy@sleipner.dyn.berto.se >>> Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> >>> --- >>> Nfsroot ("root=/dev/nfs rw nfsroot=aaa.bbb.ccc.ddd:/path/to/fs,tcp,v4") >>> works fine without CRYPTO and RPCSEC_GSS_KRB5. >>> CONFIG_NFSD_V4 selects CRYPTO, so was not affected by the similar change. >> >> Makes sense to me. >> >> I can quickly take this through nfsd-fixes if the NFS maintainers >> can send me an Acked-by. >> >> >>> --- >>> fs/nfs/Kconfig | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig >>> index 450d6c3bc05e27dd..f05c13ce0155bd69 100644 >>> --- a/fs/nfs/Kconfig >>> +++ b/fs/nfs/Kconfig >>> @@ -75,7 +75,7 @@ config NFS_V3_ACL >>> config NFS_V4 >>> tristate "NFS client support for NFS version 4" >>> depends on NFS_FS >>> - select RPCSEC_GSS_KRB5 >>> + select RPCSEC_GSS_KRB5 if CRYPTO >>> select KEYS >>> help >>> This option enables support for version 4 of the NFS protocol >>> -- >>> 2.34.1 >>> > > Hmm… Perhaps it is time to just remove the above RPCSEC_GSS_KRB5 dependency altogether? This is the other reason I was hesitating to address this issue immediately: we might want to take a different approach to dealing with these dependencies, and that new approach might take some time to develop and test. I agree that removing the "select" clause is a good thing to try. > It is possible to use the NFSv4.1 client with just AUTH_SYS, and in fact there are plenty of people out there using only that. The fact that RFC5661 gets its knickers in a twist about RPCSEC_GSS support is largely irrelevant to those people. > > The other issue is that ’select’ enforces the strict dependency that if the NFS client is compiled into the kernel, then the RPCSEC_GSS and kerberos code needs to be compiled in as well: they cannot exist as modules. -- Chuck Lever
diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig index 450d6c3bc05e27dd..f05c13ce0155bd69 100644 --- a/fs/nfs/Kconfig +++ b/fs/nfs/Kconfig @@ -75,7 +75,7 @@ config NFS_V3_ACL config NFS_V4 tristate "NFS client support for NFS version 4" depends on NFS_FS - select RPCSEC_GSS_KRB5 + select RPCSEC_GSS_KRB5 if CRYPTO select KEYS help This option enables support for version 4 of the NFS protocol