aboutsummaryrefslogtreecommitdiffstats
path: root/fs/lockd
diff options
context:
space:
mode:
authorTrond Myklebust <Trond.Myklebust@netapp.com>2008-04-02 14:44:05 -0400
committerTrond Myklebust <Trond.Myklebust@netapp.com>2008-04-19 16:54:43 -0400
commitd11d10cc05c94a32632d6928d15a1034200dd9a5 (patch)
tree8d6aec826f4673cf0aea98dda2c5ce39185a5d0b /fs/lockd
parentc4d7c402b788b73dc24f1e54a57f89d3dc5eb7bc (diff)
NLM/lockd: Ensure client locking calls use correct credentials
Now that we've added the 'generic' credentials (that are independent of the rpc_client) to the nfs_open_context, we can use those in the NLM client to ensure that the lock/unlock requests are authenticated to whoever originally opened the file. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/lockd')
-rw-r--r--fs/lockd/clntproc.c23
1 files changed, 14 insertions, 9 deletions
diff --git a/fs/lockd/clntproc.c b/fs/lockd/clntproc.c
index 37d1aa20a607..40b16f23e49a 100644
--- a/fs/lockd/clntproc.c
+++ b/fs/lockd/clntproc.c
@@ -247,7 +247,7 @@ static int nlm_wait_on_grace(wait_queue_head_t *queue)
247 * Generic NLM call 247 * Generic NLM call
248 */ 248 */
249static int 249static int
250nlmclnt_call(struct nlm_rqst *req, u32 proc) 250nlmclnt_call(struct rpc_cred *cred, struct nlm_rqst *req, u32 proc)
251{ 251{
252 struct nlm_host *host = req->a_host; 252 struct nlm_host *host = req->a_host;
253 struct rpc_clnt *clnt; 253 struct rpc_clnt *clnt;
@@ -256,6 +256,7 @@ nlmclnt_call(struct nlm_rqst *req, u32 proc)
256 struct rpc_message msg = { 256 struct rpc_message msg = {
257 .rpc_argp = argp, 257 .rpc_argp = argp,
258 .rpc_resp = resp, 258 .rpc_resp = resp,
259 .rpc_cred = cred,
259 }; 260 };
260 int status; 261 int status;
261 262
@@ -390,11 +391,12 @@ int nlm_async_reply(struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *t
390 * completion in order to be able to correctly track the lock 391 * completion in order to be able to correctly track the lock
391 * state. 392 * state.
392 */ 393 */
393static int nlmclnt_async_call(struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *tk_ops) 394static int nlmclnt_async_call(struct rpc_cred *cred, struct nlm_rqst *req, u32 proc, const struct rpc_call_ops *tk_ops)
394{ 395{
395 struct rpc_message msg = { 396 struct rpc_message msg = {
396 .rpc_argp = &req->a_args, 397 .rpc_argp = &req->a_args,
397 .rpc_resp = &req->a_res, 398 .rpc_resp = &req->a_res,
399 .rpc_cred = cred,
398 }; 400 };
399 struct rpc_task *task; 401 struct rpc_task *task;
400 int err; 402 int err;
@@ -415,7 +417,7 @@ nlmclnt_test(struct nlm_rqst *req, struct file_lock *fl)
415{ 417{
416 int status; 418 int status;
417 419
418 status = nlmclnt_call(req, NLMPROC_TEST); 420 status = nlmclnt_call(nfs_file_cred(fl->fl_file), req, NLMPROC_TEST);
419 if (status < 0) 421 if (status < 0)
420 goto out; 422 goto out;
421 423
@@ -506,6 +508,7 @@ static int do_vfs_lock(struct file_lock *fl)
506static int 508static int
507nlmclnt_lock(struct nlm_rqst *req, struct file_lock *fl) 509nlmclnt_lock(struct nlm_rqst *req, struct file_lock *fl)
508{ 510{
511 struct rpc_cred *cred = nfs_file_cred(fl->fl_file);
509 struct nlm_host *host = req->a_host; 512 struct nlm_host *host = req->a_host;
510 struct nlm_res *resp = &req->a_res; 513 struct nlm_res *resp = &req->a_res;
511 struct nlm_wait *block = NULL; 514 struct nlm_wait *block = NULL;
@@ -534,7 +537,7 @@ again:
534 for(;;) { 537 for(;;) {
535 /* Reboot protection */ 538 /* Reboot protection */
536 fl->fl_u.nfs_fl.state = host->h_state; 539 fl->fl_u.nfs_fl.state = host->h_state;
537 status = nlmclnt_call(req, NLMPROC_LOCK); 540 status = nlmclnt_call(cred, req, NLMPROC_LOCK);
538 if (status < 0) 541 if (status < 0)
539 break; 542 break;
540 /* Did a reclaimer thread notify us of a server reboot? */ 543 /* Did a reclaimer thread notify us of a server reboot? */
@@ -595,7 +598,7 @@ out_unlock:
595 up_read(&host->h_rwsem); 598 up_read(&host->h_rwsem);
596 fl->fl_type = fl_type; 599 fl->fl_type = fl_type;
597 fl->fl_flags = fl_flags; 600 fl->fl_flags = fl_flags;
598 nlmclnt_async_call(req, NLMPROC_UNLOCK, &nlmclnt_unlock_ops); 601 nlmclnt_async_call(cred, req, NLMPROC_UNLOCK, &nlmclnt_unlock_ops);
599 return status; 602 return status;
600} 603}
601 604
@@ -619,8 +622,8 @@ nlmclnt_reclaim(struct nlm_host *host, struct file_lock *fl)
619 nlmclnt_setlockargs(req, fl); 622 nlmclnt_setlockargs(req, fl);
620 req->a_args.reclaim = 1; 623 req->a_args.reclaim = 1;
621 624
622 if ((status = nlmclnt_call(req, NLMPROC_LOCK)) >= 0 625 status = nlmclnt_call(nfs_file_cred(fl->fl_file), req, NLMPROC_LOCK);
623 && req->a_res.status == nlm_granted) 626 if (status >= 0 && req->a_res.status == nlm_granted)
624 return 0; 627 return 0;
625 628
626 printk(KERN_WARNING "lockd: failed to reclaim lock for pid %d " 629 printk(KERN_WARNING "lockd: failed to reclaim lock for pid %d "
@@ -669,7 +672,8 @@ nlmclnt_unlock(struct nlm_rqst *req, struct file_lock *fl)
669 } 672 }
670 673
671 atomic_inc(&req->a_count); 674 atomic_inc(&req->a_count);
672 status = nlmclnt_async_call(req, NLMPROC_UNLOCK, &nlmclnt_unlock_ops); 675 status = nlmclnt_async_call(nfs_file_cred(fl->fl_file), req,
676 NLMPROC_UNLOCK, &nlmclnt_unlock_ops);
673 if (status < 0) 677 if (status < 0)
674 goto out; 678 goto out;
675 679
@@ -738,7 +742,8 @@ static int nlmclnt_cancel(struct nlm_host *host, int block, struct file_lock *fl
738 req->a_args.block = block; 742 req->a_args.block = block;
739 743
740 atomic_inc(&req->a_count); 744 atomic_inc(&req->a_count);
741 status = nlmclnt_async_call(req, NLMPROC_CANCEL, &nlmclnt_cancel_ops); 745 status = nlmclnt_async_call(nfs_file_cred(fl->fl_file), req,
746 NLMPROC_CANCEL, &nlmclnt_cancel_ops);
742 if (status == 0 && req->a_res.status == nlm_lck_denied) 747 if (status == 0 && req->a_res.status == nlm_lck_denied)
743 status = -ENOLCK; 748 status = -ENOLCK;
744 nlm_release_call(req); 749 nlm_release_call(req);