SUNRPC handle EKEYEXPIRED in call_refreshresult

Currently, when an RPCSEC_GSS context has expired or is non-existent
and the users (Kerberos) credentials have also expired or are non-existent,
the client receives the -EKEYEXPIRED error and tries to refresh the context
forever.  If an application is performing I/O, or other work against the share,
the application hangs, and the user is not prompted to refresh/establish their
credentials. This can result in a denial of service for other users.

Users are expected to manage their Kerberos credential lifetimes to mitigate
this issue.

Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number
of times to refresh the gss_context, and then return -EACCES to the application.

Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

1 files changed, 0 insertions, 23 deletions

diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index 78e90a80fc3a..8dcbd9a0367d 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c
@@ -1437,14 +1437,6 @@ restart:
                                 /* Mark the file as being 'closed' */
                                 state->state = 0;
                                 break;
-                        case -EKEYEXPIRED:
-                                /*
-                                 * User RPCSEC_GSS context has expired.
-                                 * We cannot recover this stateid now, so
-                                 * skip it and allow recovery thread to
-                                 * proceed.
-                                 */
-                                break;
                         case -NFS4ERR_ADMIN_REVOKED:
                         case -NFS4ERR_STALE_STATEID:
                         case -NFS4ERR_BAD_STATEID:
@@ -1597,14 +1589,6 @@ static void nfs4_state_start_reclaim_nograce(struct nfs_client *clp)
         nfs4_state_mark_reclaim_helper(clp, nfs4_state_mark_reclaim_nograce);
 }
 
-static void nfs4_warn_keyexpired(const char *s)
-{
-        printk_ratelimited(KERN_WARNING "Error: state manager"
-                        " encountered RPCSEC_GSS session"
-                        " expired against NFSv4 server %s.\n",
-                        s);
-}
-
 static int nfs4_recovery_handle_error(struct nfs_client *clp, int error)
 {
         switch (error) {
@@ -1638,10 +1622,6 @@ static int nfs4_recovery_handle_error(struct nfs_client *clp, int error)
                 case -NFS4ERR_CONN_NOT_BOUND_TO_SESSION:
                         set_bit(NFS4CLNT_BIND_CONN_TO_SESSION, &clp->cl_state);
                         break;
-                case -EKEYEXPIRED:
-                        /* Nothing we can do */
-                        nfs4_warn_keyexpired(clp->cl_hostname);
-                        break;
                 default:
                         dprintk("%s: failed to handle error %d for server %s\n",
                                         __func__, error, clp->cl_hostname);
@@ -1758,8 +1738,6 @@ static int nfs4_handle_reclaim_lease_error(struct nfs_client *clp, int status)
                 dprintk("%s: exit with error %d for server %s\n",
                                 __func__, -EPROTONOSUPPORT, clp->cl_hostname);
                 return -EPROTONOSUPPORT;
-        case -EKEYEXPIRED:
-                nfs4_warn_keyexpired(clp->cl_hostname);
         case -NFS4ERR_NOT_SAME: /* FixMe: implement recovery
                                  * in nfs4_exchange_id */
         default:
@@ -1912,7 +1890,6 @@ again:
                 break;
 
         case -EKEYEXPIRED:
-                nfs4_warn_keyexpired(clp->cl_hostname);
         case -NFS4ERR_NOT_SAME: /* FixMe: implement recovery
                                  * in nfs4_exchange_id */
                 status = -EKEYEXPIRED;