diff options
| author | NeilBrown <neilb@suse.com> | 2018-12-02 19:30:30 -0500 |
|---|---|---|
| committer | Anna Schumaker <Anna.Schumaker@Netapp.com> | 2018-12-19 13:52:45 -0500 |
| commit | 5e16923b432bfe79fdfb7cd95ed8e63f6438b663 (patch) | |
| tree | 92c842d96a8cacdead34c4f260bd371077f06793 /fs/nfs/client.c | |
| parent | ecd5f97e1c7cd6124e3c3053beb5f2239aeacf8e (diff) | |
NFS/SUNRPC: don't lookup machine credential until rpcauth_bindcred().
When NFS creates a machine credential, it is a "generic" credential,
not tied to any auth protocol, and is really just a container for
the princpal name.
This doesn't get linked to a genuine credential until rpcauth_bindcred()
is called.
The lookup always succeeds, so various places that test if the machine
credential is NULL, are pointless.
As a step towards getting rid of generic credentials, this patch gets
rid of generic machine credentials. The nfs_client and rpc_client
just hold a pointer to a constant principal name.
When a machine credential is wanted, a special static 'struct rpc_cred'
pointer is used. rpcauth_bindcred() recognizes this, finds the
principal from the client, and binds the correct credential.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Diffstat (limited to 'fs/nfs/client.c')
| -rw-r--r-- | fs/nfs/client.c | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/fs/nfs/client.c b/fs/nfs/client.c index cce151776709..fb1cf1a4bda2 100644 --- a/fs/nfs/client.c +++ b/fs/nfs/client.c | |||
| @@ -151,7 +151,6 @@ EXPORT_SYMBOL_GPL(unregister_nfs_version); | |||
| 151 | struct nfs_client *nfs_alloc_client(const struct nfs_client_initdata *cl_init) | 151 | struct nfs_client *nfs_alloc_client(const struct nfs_client_initdata *cl_init) |
| 152 | { | 152 | { |
| 153 | struct nfs_client *clp; | 153 | struct nfs_client *clp; |
| 154 | struct rpc_cred *cred; | ||
| 155 | int err = -ENOMEM; | 154 | int err = -ENOMEM; |
| 156 | 155 | ||
| 157 | if ((clp = kzalloc(sizeof(*clp), GFP_KERNEL)) == NULL) | 156 | if ((clp = kzalloc(sizeof(*clp), GFP_KERNEL)) == NULL) |
| @@ -182,9 +181,7 @@ struct nfs_client *nfs_alloc_client(const struct nfs_client_initdata *cl_init) | |||
| 182 | clp->cl_proto = cl_init->proto; | 181 | clp->cl_proto = cl_init->proto; |
| 183 | clp->cl_net = get_net(cl_init->net); | 182 | clp->cl_net = get_net(cl_init->net); |
| 184 | 183 | ||
| 185 | cred = rpc_lookup_machine_cred("*"); | 184 | clp->cl_principal = "*"; |
| 186 | if (!IS_ERR(cred)) | ||
| 187 | clp->cl_machine_cred = cred; | ||
| 188 | nfs_fscache_get_client_cookie(clp); | 185 | nfs_fscache_get_client_cookie(clp); |
| 189 | 186 | ||
| 190 | return clp; | 187 | return clp; |
| @@ -246,11 +243,6 @@ void nfs_free_client(struct nfs_client *clp) | |||
| 246 | if (!IS_ERR(clp->cl_rpcclient)) | 243 | if (!IS_ERR(clp->cl_rpcclient)) |
| 247 | rpc_shutdown_client(clp->cl_rpcclient); | 244 | rpc_shutdown_client(clp->cl_rpcclient); |
| 248 | 245 | ||
| 249 | if (clp->cl_machine_cred != NULL) | ||
| 250 | put_rpccred(clp->cl_machine_cred); | ||
| 251 | if (clp->cl_root_cred != NULL) | ||
| 252 | put_rpccred(clp->cl_root_cred); | ||
| 253 | |||
| 254 | put_net(clp->cl_net); | 246 | put_net(clp->cl_net); |
| 255 | put_nfs_version(clp->cl_nfs_mod); | 247 | put_nfs_version(clp->cl_nfs_mod); |
| 256 | kfree(clp->cl_hostname); | 248 | kfree(clp->cl_hostname); |
| @@ -529,6 +521,7 @@ int nfs_create_rpc_client(struct nfs_client *clp, | |||
| 529 | return PTR_ERR(clnt); | 521 | return PTR_ERR(clnt); |
| 530 | } | 522 | } |
| 531 | 523 | ||
| 524 | clnt->cl_principal = clp->cl_principal; | ||
| 532 | clp->cl_rpcclient = clnt; | 525 | clp->cl_rpcclient = clnt; |
| 533 | return 0; | 526 | return 0; |
| 534 | } | 527 | } |