| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Aug 2010 20:36:59 +1000 From: Neil Brown <neilb@...e.de> To: Uwe Kleine-König <u.kleine-koenig@...gutronix.de> Cc: Randy Dunlap <randy.dunlap@...cle.com>, Trond Myklebust <Trond.Myklebust@...app.com>, Linus Torvalds <torvalds@...ux-foundation.org>, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, "J. Bruce Fields" <bfields@...ldses.org>, linux-nfs@...r.kernel.org Subject: Re: [REGRESSION PATCH] NFS: let NFS_V4 and NFSD_V4 enforce CRYPTO On Mon, 30 Aug 2010 10:26:18 +0200 Uwe Kleine-König <u.kleine-koenig@...gutronix.de> wrote: > [extending Cc: to contain Neil and linux-nfs] > > On Fri, Aug 27, 2010 at 08:11:39AM +0200, Uwe Kleine-König wrote: > > On Wed, Aug 25, 2010 at 11:05:19AM +0200, Uwe Kleine-König wrote: I would tend to wait more than 2 days between pings.. > > > This is a follow up to > > > > > > df486a2 (NFS: Fix the selection of security flavours in Kconfig) > > > > > > which broke (among others) arm/mx1_defconfig. > > > > > > Moreover let NFS_V4 select RPCSEC_GSS_KRB5 again as it was before > > > df486a2. This make the dependency more explicit than relying on the no > > > prompt + default y if !(NFS_V4 || NFSD_V4). Maybe if you said a little bit about how it broke? And I'm not sure of the point of the "recursive dependency" comment below... I don't fully understand all the issues behind choosing between 'depends' and 'select' (why isn't is 'selects' I wonder - that would be more consistent...) But that patch seems to make sense to me. NeilBrown > > > > > > Signed-off-by: Uwe Kleine-König <u.kleine-koenig@...gutronix.de> > > ping > ping^2 > > > > > --- > > > fs/nfs/Kconfig | 2 ++ > > > fs/nfsd/Kconfig | 2 ++ > > > net/sunrpc/Kconfig | 2 +- > > > 3 files changed, 5 insertions(+), 1 deletions(-) > > > > > > diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig > > > index 6c2aad4..5b9f870 100644 > > > --- a/fs/nfs/Kconfig > > > +++ b/fs/nfs/Kconfig > > > @@ -63,6 +63,8 @@ config NFS_V3_ACL > > > config NFS_V4 > > > bool "NFS client support for NFS version 4" > > > depends on NFS_FS > > > + select CRYPTO # recursive select: RPCSEC_GSS_KRB5 depends on CRYPTO > > > + select RPCSEC_GSS_KRB5 > > > help > > > This option enables support for version 4 of the NFS protocol > > > (RFC 3530) in the kernel's NFS client. > > > diff --git a/fs/nfsd/Kconfig b/fs/nfsd/Kconfig > > > index 95932f5..3678a16 100644 > > > --- a/fs/nfsd/Kconfig > > > +++ b/fs/nfsd/Kconfig > > > @@ -69,6 +69,8 @@ config NFSD_V4 > > > depends on NFSD && PROC_FS && EXPERIMENTAL > > > select NFSD_V3 > > > select FS_POSIX_ACL > > > + select CRYPTO # recursive select: RPCSEC_GSS_KRB5 depends on CRYPTO > > > + select RPCSEC_GSS_KRB5 > > > help > > > This option enables support in your system's NFS server for > > > version 4 of the NFS protocol (RFC 3530). > > > diff --git a/net/sunrpc/Kconfig b/net/sunrpc/Kconfig > > > index 3376d76..6b661e3 100644 > > > --- a/net/sunrpc/Kconfig > > > +++ b/net/sunrpc/Kconfig > > > @@ -20,7 +20,7 @@ config SUNRPC_XPRT_RDMA > > > config RPCSEC_GSS_KRB5 > > > tristate > > > depends on SUNRPC && CRYPTO > > > - prompt "Secure RPC: Kerberos V mechanism" if !(NFS_V4 || NFSD_V4) > > > + prompt "Secure RPC: Kerberos V mechanism" > > > default y > > > select SUNRPC_GSS > > > select CRYPTO_MD5 > > > -- > > > 1.7.1 > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists