diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-03-12 12:25:28 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-03-14 13:42:49 -0400 |
commit | 98a8e3239427051f5d44f2025b398bdcc3918f37 (patch) | |
tree | aa3e6ba69dbf8575c2c6e10c013aa23d7d638af0 | |
parent | 5c691044ecbca04dd558fca4c754121689fe1b34 (diff) |
SUNRPC: Add a helper rpcauth_lookup_generic_cred()
The NFSv4 protocol allows clients to negotiate security protocols on the
fly in the case where an administrator on the server changes the export
settings and/or in the case where we may have a filesystem migration event.
Instead of having the NFS client code cache credentials that are tied to a
particular AUTH method it is therefore preferable to have a generic credential
that can be converted into whatever AUTH is in use by the RPC client when
the read/write/sillyrename/... is put on the wire.
We do this by means of the new "generic" credential, which basically just
caches the minimal information that is needed to look up an RPCSEC_GSS,
AUTH_SYS, or AUTH_NULL credential.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
-rw-r--r-- | fs/nfs/dir.c | 2 | ||||
-rw-r--r-- | fs/nfs/inode.c | 2 | ||||
-rw-r--r-- | fs/nfs/nfs4proc.c | 8 | ||||
-rw-r--r-- | fs/nfs/unlink.c | 2 | ||||
-rw-r--r-- | net/sunrpc/auth.c | 1 |
5 files changed, 7 insertions, 8 deletions
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 6cea7479c5b4..d583654a0b39 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c | |||
@@ -1966,7 +1966,7 @@ force_lookup: | |||
1966 | if (!NFS_PROTO(inode)->access) | 1966 | if (!NFS_PROTO(inode)->access) |
1967 | goto out_notsup; | 1967 | goto out_notsup; |
1968 | 1968 | ||
1969 | cred = rpcauth_lookupcred(NFS_CLIENT(inode)->cl_auth, 0); | 1969 | cred = rpc_lookup_cred(); |
1970 | if (!IS_ERR(cred)) { | 1970 | if (!IS_ERR(cred)) { |
1971 | res = nfs_do_access(inode, cred, mask); | 1971 | res = nfs_do_access(inode, cred, mask); |
1972 | put_rpccred(cred); | 1972 | put_rpccred(cred); |
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index c49f6d8b42d2..15f787355d27 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c | |||
@@ -613,7 +613,7 @@ int nfs_open(struct inode *inode, struct file *filp) | |||
613 | struct nfs_open_context *ctx; | 613 | struct nfs_open_context *ctx; |
614 | struct rpc_cred *cred; | 614 | struct rpc_cred *cred; |
615 | 615 | ||
616 | cred = rpcauth_lookupcred(NFS_CLIENT(inode)->cl_auth, 0); | 616 | cred = rpc_lookup_cred(); |
617 | if (IS_ERR(cred)) | 617 | if (IS_ERR(cred)) |
618 | return PTR_ERR(cred); | 618 | return PTR_ERR(cred); |
619 | ctx = alloc_nfs_open_context(filp->f_path.mnt, filp->f_path.dentry, cred); | 619 | ctx = alloc_nfs_open_context(filp->f_path.mnt, filp->f_path.dentry, cred); |
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index bbb0d58ee6ac..f38d0573be18 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c | |||
@@ -1408,7 +1408,7 @@ nfs4_atomic_open(struct inode *dir, struct dentry *dentry, struct nameidata *nd) | |||
1408 | BUG_ON(nd->intent.open.flags & O_CREAT); | 1408 | BUG_ON(nd->intent.open.flags & O_CREAT); |
1409 | } | 1409 | } |
1410 | 1410 | ||
1411 | cred = rpcauth_lookupcred(NFS_CLIENT(dir)->cl_auth, 0); | 1411 | cred = rpc_lookup_cred(); |
1412 | if (IS_ERR(cred)) | 1412 | if (IS_ERR(cred)) |
1413 | return (struct dentry *)cred; | 1413 | return (struct dentry *)cred; |
1414 | parent = dentry->d_parent; | 1414 | parent = dentry->d_parent; |
@@ -1443,7 +1443,7 @@ nfs4_open_revalidate(struct inode *dir, struct dentry *dentry, int openflags, st | |||
1443 | struct rpc_cred *cred; | 1443 | struct rpc_cred *cred; |
1444 | struct nfs4_state *state; | 1444 | struct nfs4_state *state; |
1445 | 1445 | ||
1446 | cred = rpcauth_lookupcred(NFS_CLIENT(dir)->cl_auth, 0); | 1446 | cred = rpc_lookup_cred(); |
1447 | if (IS_ERR(cred)) | 1447 | if (IS_ERR(cred)) |
1448 | return PTR_ERR(cred); | 1448 | return PTR_ERR(cred); |
1449 | state = nfs4_do_open(dir, &path, openflags, NULL, cred); | 1449 | state = nfs4_do_open(dir, &path, openflags, NULL, cred); |
@@ -1660,7 +1660,7 @@ nfs4_proc_setattr(struct dentry *dentry, struct nfs_fattr *fattr, | |||
1660 | 1660 | ||
1661 | nfs_fattr_init(fattr); | 1661 | nfs_fattr_init(fattr); |
1662 | 1662 | ||
1663 | cred = rpcauth_lookupcred(NFS_CLIENT(inode)->cl_auth, 0); | 1663 | cred = rpc_lookup_cred(); |
1664 | if (IS_ERR(cred)) | 1664 | if (IS_ERR(cred)) |
1665 | return PTR_ERR(cred); | 1665 | return PTR_ERR(cred); |
1666 | 1666 | ||
@@ -1896,7 +1896,7 @@ nfs4_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr, | |||
1896 | struct rpc_cred *cred; | 1896 | struct rpc_cred *cred; |
1897 | int status = 0; | 1897 | int status = 0; |
1898 | 1898 | ||
1899 | cred = rpcauth_lookupcred(NFS_CLIENT(dir)->cl_auth, 0); | 1899 | cred = rpc_lookup_cred(); |
1900 | if (IS_ERR(cred)) { | 1900 | if (IS_ERR(cred)) { |
1901 | status = PTR_ERR(cred); | 1901 | status = PTR_ERR(cred); |
1902 | goto out; | 1902 | goto out; |
diff --git a/fs/nfs/unlink.c b/fs/nfs/unlink.c index 757415363422..3adf8b266461 100644 --- a/fs/nfs/unlink.c +++ b/fs/nfs/unlink.c | |||
@@ -234,7 +234,7 @@ nfs_async_unlink(struct inode *dir, struct dentry *dentry) | |||
234 | if (data == NULL) | 234 | if (data == NULL) |
235 | goto out; | 235 | goto out; |
236 | 236 | ||
237 | data->cred = rpcauth_lookupcred(NFS_CLIENT(dir)->cl_auth, 0); | 237 | data->cred = rpc_lookup_cred(); |
238 | if (IS_ERR(data->cred)) { | 238 | if (IS_ERR(data->cred)) { |
239 | status = PTR_ERR(data->cred); | 239 | status = PTR_ERR(data->cred); |
240 | goto out_free; | 240 | goto out_free; |
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index d65dd7940102..0632cd0a1ad7 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c | |||
@@ -356,7 +356,6 @@ rpcauth_lookupcred(struct rpc_auth *auth, int flags) | |||
356 | put_group_info(acred.group_info); | 356 | put_group_info(acred.group_info); |
357 | return ret; | 357 | return ret; |
358 | } | 358 | } |
359 | EXPORT_SYMBOL_GPL(rpcauth_lookupcred); | ||
360 | 359 | ||
361 | void | 360 | void |
362 | rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred, | 361 | rpcauth_init_cred(struct rpc_cred *cred, const struct auth_cred *acred, |