diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2012-07-11 16:31:08 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2012-07-16 15:12:15 -0400 |
| commit | 6a1a1e34dc55f17e7bd260809207442dbb7a0296 (patch) | |
| tree | 3a2ce5b9d3c8edc80f6486efc1f9b34cee559f8f /fs | |
| parent | 56d08fef2369d5ca9ad2e1fc697f5379fd8af751 (diff) | |
SUNRPC: Add rpcauth_list_flavors()
The gss_mech_list_pseudoflavors() function provides a list of
currently registered GSS pseudoflavors. This list does not include
any non-GSS flavors that have been registered with the RPC client.
nfs4_find_root_sec() currently adds these extra flavors by hand.
Instead, nfs4_find_root_sec() should be looking at the set of flavors
that have been explicitly registered via rpcauth_register(). And,
other areas of code will soon need the same kind of list that
contains all flavors the kernel currently knows about (see below).
Rather than cloning the open-coded logic in nfs4_find_root_sec() to
those new places, introduce a generic RPC function that generates a
full list of registered auth flavors and pseudoflavors.
A new rpc_authops method is added that lists a flavor's
pseudoflavors, if it has any. I encountered an interesting module
loader loop when I tried to get the RPC client to invoke
gss_mech_list_pseudoflavors() by name.
This patch is a pre-requisite for server trunking discovery, and a
pre-requisite for fixing up the in-kernel mount client to do better
automatic security flavor selection.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/nfs/nfs4proc.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 31369e9b5b04..80bb5055d0b3 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c | |||
| @@ -43,7 +43,6 @@ | |||
| 43 | #include <linux/printk.h> | 43 | #include <linux/printk.h> |
| 44 | #include <linux/slab.h> | 44 | #include <linux/slab.h> |
| 45 | #include <linux/sunrpc/clnt.h> | 45 | #include <linux/sunrpc/clnt.h> |
| 46 | #include <linux/sunrpc/gss_api.h> | ||
| 47 | #include <linux/nfs.h> | 46 | #include <linux/nfs.h> |
| 48 | #include <linux/nfs4.h> | 47 | #include <linux/nfs4.h> |
| 49 | #include <linux/nfs_fs.h> | 48 | #include <linux/nfs_fs.h> |
| @@ -2412,11 +2411,15 @@ static int nfs4_find_root_sec(struct nfs_server *server, struct nfs_fh *fhandle, | |||
| 2412 | int i, len, status = 0; | 2411 | int i, len, status = 0; |
| 2413 | rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS]; | 2412 | rpc_authflavor_t flav_array[NFS_MAX_SECFLAVORS]; |
| 2414 | 2413 | ||
| 2415 | len = gss_mech_list_pseudoflavors(&flav_array[0]); | 2414 | len = rpcauth_list_flavors(flav_array, ARRAY_SIZE(flav_array)); |
| 2416 | flav_array[len] = RPC_AUTH_NULL; | 2415 | BUG_ON(len < 0); |
| 2417 | len += 1; | ||
| 2418 | 2416 | ||
| 2419 | for (i = 0; i < len; i++) { | 2417 | for (i = 0; i < len; i++) { |
| 2418 | /* AUTH_UNIX is the default flavor if none was specified, | ||
| 2419 | * thus has already been tried. */ | ||
| 2420 | if (flav_array[i] == RPC_AUTH_UNIX) | ||
| 2421 | continue; | ||
| 2422 | |||
| 2420 | status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]); | 2423 | status = nfs4_lookup_root_sec(server, fhandle, info, flav_array[i]); |
| 2421 | if (status == -NFS4ERR_WRONGSEC || status == -EACCES) | 2424 | if (status == -NFS4ERR_WRONGSEC || status == -EACCES) |
| 2422 | continue; | 2425 | continue; |