svn commit: r361797 - in stable: 11/sys/kern 12/sys/kern

[Ryan Moeller]

Author: freqlabs
Date: Thu Jun  4 17:23:49 2020
New Revision: 361797
URL: https://svnweb.freebsd.org/changeset/base/361797

Log:
  MFC r361699, r361711:
  
  Assign default security flavor when converting old export args
  
  vfs_export requires security flavors be explicitly listed when
  exporting as of r360900.
  
  Use the default AUTH_SYS flavor when converting old export args to
  ensure compatibility with the legacy mount syscall.
  
  Reported by:    rmacklem
  Reviewed by:    rmacklem
  Approved by:    mav (mentor)
  Sponsored by:   iXsystems, Inc.
  Differential Revision:  https://reviews.freebsd.org/D25045

Modified:
  stable/11/sys/kern/vfs_mount.c
Directory Properties:
  stable/11/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/12/sys/kern/vfs_mount.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/11/sys/kern/vfs_mount.c
==============================================================================
--- stable/11/sys/kern/vfs_mount.c	Thu Jun  4 17:20:58 2020	(r361796)
+++ stable/11/sys/kern/vfs_mount.c	Thu Jun  4 17:23:49 2020	(r361797)
@@ -65,6 +65,9 @@ __FBSDID("$FreeBSD$");
 
 #include <machine/stdarg.h>
 
+#include <rpc/types.h>
+#include <rpc/auth.h>
+
 #include <security/audit/audit.h>
 #include <security/mac/mac_framework.h>
 
@@ -2049,10 +2052,22 @@ kernel_vmount(int flags, ...)
 	return (error);
 }
 
+/*
+ * Convert the old export args format into new export args.
+ *
+ * The old export args struct does not have security flavors.  Otherwise, the
+ * structs are identical.  The default security flavor 'sys' is applied when
+ * the given args export the filesystem.
+ */
 void
 vfs_oexport_conv(const struct oexport_args *oexp, struct export_args *exp)
 {
 
 	bcopy(oexp, exp, sizeof(*oexp));
-	exp->ex_numsecflavors = 0;
+	if (exp->ex_flags & MNT_EXPORTED) {
+		exp->ex_numsecflavors = 1;
+		exp->ex_secflavors[0] = AUTH_SYS;
+	} else {
+		exp->ex_numsecflavors = 0;
+	}
 }