Add the nfserr_wrongsec declaration. fill_good_export will return nfserr_wrongsec if the request pseudoflavor is not supported by the export. find_good_export is called on mount (exp_pseudofs) and in fh_verify(). Signed-off-by: Andy Adamson --- --- linux-2.6.18-rc5-andros/fs/nfsd/nfsfh.c | 7 ++++++- linux-2.6.18-rc5-andros/include/linux/nfsd/nfsd.h | 1 + 2 files changed, 7 insertions(+), 1 deletion(-) diff -puN fs/nfsd/nfsfh.c~nfsd-wrong-sec fs/nfsd/nfsfh.c --- linux-2.6.18-rc5/fs/nfsd/nfsfh.c~nfsd-wrong-sec 2006-10-11 17:36:42.000000000 -0400 +++ linux-2.6.18-rc5-andros/fs/nfsd/nfsfh.c 2006-10-11 17:36:42.000000000 -0400 @@ -152,7 +152,7 @@ find_good_export(struct svc_rqst *rqstp, if (EX_ACCESS(exp, rqstp->rq_pflavindex)) goto out; else - error = nfserr_perm; + error = nfserr_wrongsec; gss_old_authdomain: if (strcmp(rqstp->rq_authop->name, "rpcsec_gss")) @@ -322,6 +322,11 @@ fh_verify(struct svc_rqst *rqstp, struct } cache_get(&exp->h); + /* ANDROS: do i need to check access here ? */ + if (!EX_ACCESS(exp, rqstp->rq_pflavindex)) { + error = nfserr_wrongsec; + goto out; + } error = nfsd_mode_check(rqstp, dentry->d_inode->i_mode, type); if (error) diff -puN include/linux/nfsd/nfsd.h~nfsd-wrong-sec include/linux/nfsd/nfsd.h --- linux-2.6.18-rc5/include/linux/nfsd/nfsd.h~nfsd-wrong-sec 2006-10-11 17:36:42.000000000 -0400 +++ linux-2.6.18-rc5-andros/include/linux/nfsd/nfsd.h 2006-10-11 17:36:42.000000000 -0400 @@ -232,6 +232,7 @@ void nfsd_lockd_shutdown(void); #define nfserr_badname __constant_htonl(NFSERR_BADNAME) #define nfserr_cb_path_down __constant_htonl(NFSERR_CB_PATH_DOWN) #define nfserr_locked __constant_htonl(NFSERR_LOCKED) +#define nfserr_wrongsec __constant_htonl(NFSERR_WRONGSEC) /* error codes for internal use */ /* if a request fails due to kmalloc failure, it gets dropped. _