aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-03-23 11:53:47 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2012-03-23 11:53:47 -0400
commitf63d395d47f37a4fe771e6d4b1db9d2cdae5ffc5 (patch)
tree3448a14ae965802adb963762cadeb9989ce4caa2 /security
parent643ac9fc5429e85b8b7f534544b80bcc4f34c367 (diff)
parent5a7c9eec9fde1da0e3adf0a4ddb64ff2a324a492 (diff)
Merge tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
Pull NFS client updates for Linux 3.4 from Trond Myklebust: "New features include: - Add NFS client support for containers. This should enable most of the necessary functionality, including lockd support, and support for rpc.statd, NFSv4 idmapper and RPCSEC_GSS upcalls into the correct network namespace from which the mount system call was issued. - NFSv4 idmapper scalability improvements Base the idmapper cache on the keyring interface to allow concurrent access to idmapper entries. Start the process of migrating users from the single-threaded daemon-based approach to the multi-threaded request-key based approach. - NFSv4.1 implementation id. Allows the NFSv4.1 client and server to mutually identify each other for logging and debugging purposes. - Support the 'vers=4.1' mount option for mounting NFSv4.1 instead of having to use the more counterintuitive 'vers=4,minorversion=1'. - SUNRPC tracepoints. Start the process of adding tracepoints in order to improve debugging of the RPC layer. - pNFS object layout support for autologin. Important bugfixes include: - Fix a bug in rpc_wake_up/rpc_wake_up_status that caused them to fail to wake up all tasks when applied to priority waitqueues. - Ensure that we handle read delegations correctly, when we try to truncate a file. - A number of fixes for NFSv4 state manager loops (mostly to do with delegation recovery)." * tag 'nfs-for-3.4-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs: (224 commits) NFS: fix sb->s_id in nfs debug prints xprtrdma: Remove assumption that each segment is <= PAGE_SIZE xprtrdma: The transport should not bug-check when a dup reply is received pnfs-obj: autologin: Add support for protocol autologin NFS: Remove nfs4_setup_sequence from generic rename code NFS: Remove nfs4_setup_sequence from generic unlink code NFS: Remove nfs4_setup_sequence from generic read code NFS: Remove nfs4_setup_sequence from generic write code NFS: Fix more NFS debug related build warnings SUNRPC/LOCKD: Fix build warnings when CONFIG_SUNRPC_DEBUG is undefined nfs: non void functions must return a value SUNRPC: Kill compiler warning when RPC_DEBUG is unset SUNRPC/NFS: Add Kbuild dependencies for NFS_DEBUG/RPC_DEBUG NFS: Use cond_resched_lock() to reduce latencies in the commit scans NFSv4: It is not safe to dereference lsp->ls_state in release_lockowner NFS: ncommit count is being double decremented SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() Try using machine credentials for RENEW calls NFSv4.1: Fix a few issues in filelayout_commit_pagelist NFSv4.1: Clean ups and bugfixes for the pNFS read/writeback/commit code ...
Diffstat (limited to 'security')
-rw-r--r--security/keys/key.c20
-rw-r--r--security/keys/keyctl.c18
2 files changed, 22 insertions, 16 deletions
diff --git a/security/keys/key.c b/security/keys/key.c
index 7ada8019be1f..06783cffb3af 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -671,6 +671,26 @@ found_kernel_type:
671 return ktype; 671 return ktype;
672} 672}
673 673
674void key_set_timeout(struct key *key, unsigned timeout)
675{
676 struct timespec now;
677 time_t expiry = 0;
678
679 /* make the changes with the locks held to prevent races */
680 down_write(&key->sem);
681
682 if (timeout > 0) {
683 now = current_kernel_time();
684 expiry = now.tv_sec + timeout;
685 }
686
687 key->expiry = expiry;
688 key_schedule_gc(key->expiry + key_gc_delay);
689
690 up_write(&key->sem);
691}
692EXPORT_SYMBOL_GPL(key_set_timeout);
693
674/* 694/*
675 * Unlock a key type locked by key_type_lookup(). 695 * Unlock a key type locked by key_type_lookup().
676 */ 696 */
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 6523599e9ac0..fb767c6cd99f 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -14,6 +14,7 @@
14#include <linux/sched.h> 14#include <linux/sched.h>
15#include <linux/slab.h> 15#include <linux/slab.h>
16#include <linux/syscalls.h> 16#include <linux/syscalls.h>
17#include <linux/key.h>
17#include <linux/keyctl.h> 18#include <linux/keyctl.h>
18#include <linux/fs.h> 19#include <linux/fs.h>
19#include <linux/capability.h> 20#include <linux/capability.h>
@@ -1257,10 +1258,8 @@ error:
1257 */ 1258 */
1258long keyctl_set_timeout(key_serial_t id, unsigned timeout) 1259long keyctl_set_timeout(key_serial_t id, unsigned timeout)
1259{ 1260{
1260 struct timespec now;
1261 struct key *key, *instkey; 1261 struct key *key, *instkey;
1262 key_ref_t key_ref; 1262 key_ref_t key_ref;
1263 time_t expiry;
1264 long ret; 1263 long ret;
1265 1264
1266 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL, 1265 key_ref = lookup_user_key(id, KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL,
@@ -1286,20 +1285,7 @@ long keyctl_set_timeout(key_serial_t id, unsigned timeout)
1286 1285
1287okay: 1286okay:
1288 key = key_ref_to_ptr(key_ref); 1287 key = key_ref_to_ptr(key_ref);
1289 1288 key_set_timeout(key, timeout);
1290 /* make the changes with the locks held to prevent races */
1291 down_write(&key->sem);
1292
1293 expiry = 0;
1294 if (timeout > 0) {
1295 now = current_kernel_time();
1296 expiry = now.tv_sec + timeout;
1297 }
1298
1299 key->expiry = expiry;
1300 key_schedule_gc(key->expiry + key_gc_delay);
1301
1302 up_write(&key->sem);
1303 key_put(key); 1289 key_put(key);
1304 1290
1305 ret = 0; 1291 ret = 0;