Linux-2.6.12-rc2v2.6.12-rc2

Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
author: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
committer: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
commit: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree: 0bba044c4ce775e45a88a51686b5d9f90697ea9d /net/sunrpc/auth.c
1 files changed, 395 insertions, 0 deletions
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
new file mode 100644
index 000000000000..9bcec9b927b9
--- /dev/null
+++ b/net/sunrpc/auth.c
@@ -0,0 +1,395 @@
+/*
+ * linux/net/sunrpc/auth.c
+ *
+ * Generic RPC client authentication API.
+ *
+ * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
+ */
+#include <linux/types.h>
+#include <linux/sched.h>
+#include <linux/module.h>
+#include <linux/slab.h>
+#include <linux/errno.h>
+#include <linux/socket.h>
+#include <linux/sunrpc/clnt.h>
+#include <linux/spinlock.h>
+#ifdef RPC_DEBUG
+# define RPCDBG_FACILITY        RPCDBG_AUTH
+#endif
+static struct rpc_authops *     auth_flavors[RPC_AUTH_MAXFLAVOR] = {
+        &authnull_ops,          /* AUTH_NULL */
+        &authunix_ops,          /* AUTH_UNIX */
+        NULL,                   /* others can be loadable modules */
+};
+static u32
+pseudoflavor_to_flavor(u32 flavor) {
+        if (flavor >= RPC_AUTH_MAXFLAVOR)
+                return RPC_AUTH_GSS;
+        return flavor;
+}
+int
+rpcauth_register(struct rpc_authops *ops)
+{
+        rpc_authflavor_t flavor;
+        if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
+                return -EINVAL;
+        if (auth_flavors[flavor] != NULL)
+                return -EPERM;          /* what else? */
+        auth_flavors[flavor] = ops;
+        return 0;
+}
+int
+rpcauth_unregister(struct rpc_authops *ops)
+{
+        rpc_authflavor_t flavor;
+        if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
+                return -EINVAL;
+        if (auth_flavors[flavor] != ops)
+                return -EPERM;          /* what else? */
+        auth_flavors[flavor] = NULL;
+        return 0;
+}
+struct rpc_auth *
+rpcauth_create(rpc_authflavor_t pseudoflavor, struct rpc_clnt *clnt)
+{
+        struct rpc_auth         *auth;
+        struct rpc_authops      *ops;
+        u32                     flavor = pseudoflavor_to_flavor(pseudoflavor);
+        if (flavor >= RPC_AUTH_MAXFLAVOR || !(ops = auth_flavors[flavor]))
+                return NULL;
+        auth = ops->create(clnt, pseudoflavor);
+        if (!auth)
+                return NULL;
+        if (clnt->cl_auth)
+                rpcauth_destroy(clnt->cl_auth);
+        clnt->cl_auth = auth;
+        return auth;
+}
+void
+rpcauth_destroy(struct rpc_auth *auth)
+{
+        if (!atomic_dec_and_test(&auth->au_count))
+                return;
+        auth->au_ops->destroy(auth);
+}
+static DEFINE_SPINLOCK(rpc_credcache_lock);
+/*
+ * Initialize RPC credential cache
+ */
+int
+rpcauth_init_credcache(struct rpc_auth *auth, unsigned long expire)
+{
+        struct rpc_cred_cache *new;
+        int i;
+        new = (struct rpc_cred_cache *)kmalloc(sizeof(*new), GFP_KERNEL);
+        if (!new)
+                return -ENOMEM;
+        for (i = 0; i < RPC_CREDCACHE_NR; i++)
+                INIT_HLIST_HEAD(&new->hashtable[i]);
+        new->expire = expire;
+        new->nextgc = jiffies + (expire >> 1);
+        auth->au_credcache = new;
+        return 0;
+}
+/*
+ * Destroy a list of credentials
+ */
+static inline
+void rpcauth_destroy_credlist(struct hlist_head *head)
+{
+        struct rpc_cred *cred;
+        while (!hlist_empty(head)) {
+                cred = hlist_entry(head->first, struct rpc_cred, cr_hash);
+                hlist_del_init(&cred->cr_hash);
+                put_rpccred(cred);
+        }
+}
+/*
+ * Clear the RPC credential cache, and delete those credentials
+ * that are not referenced.
+ */
+void
+rpcauth_free_credcache(struct rpc_auth *auth)
+{
+        struct rpc_cred_cache *cache = auth->au_credcache;
+        HLIST_HEAD(free);
+        struct hlist_node *pos, *next;
+        struct rpc_cred *cred;
+        int             i;
+        spin_lock(&rpc_credcache_lock);
+        for (i = 0; i < RPC_CREDCACHE_NR; i++) {
+                hlist_for_each_safe(pos, next, &cache->hashtable[i]) {
+                        cred = hlist_entry(pos, struct rpc_cred, cr_hash);
+                        __hlist_del(&cred->cr_hash);
+                        hlist_add_head(&cred->cr_hash, &free);
+                }
+        }
+        spin_unlock(&rpc_credcache_lock);
+        rpcauth_destroy_credlist(&free);
+}
+static void
+rpcauth_prune_expired(struct rpc_auth *auth, struct rpc_cred *cred, struct hlist_head *free)
+{
+        if (atomic_read(&cred->cr_count) != 1)
+               return;
+        if (time_after(jiffies, cred->cr_expire + auth->au_credcache->expire))
+                cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
+        if (!(cred->cr_flags & RPCAUTH_CRED_UPTODATE)) {
+                __hlist_del(&cred->cr_hash);
+                hlist_add_head(&cred->cr_hash, free);
+        }
+}
+/*
+ * Remove stale credentials. Avoid sleeping inside the loop.
+ */
+static void
+rpcauth_gc_credcache(struct rpc_auth *auth, struct hlist_head *free)
+{
+        struct rpc_cred_cache *cache = auth->au_credcache;
+        struct hlist_node *pos, *next;
+        struct rpc_cred *cred;
+        int             i;
+        dprintk("RPC: gc'ing RPC credentials for auth %p\n", auth);
+        for (i = 0; i < RPC_CREDCACHE_NR; i++) {
+                hlist_for_each_safe(pos, next, &cache->hashtable[i]) {
+                        cred = hlist_entry(pos, struct rpc_cred, cr_hash);
+                        rpcauth_prune_expired(auth, cred, free);
+                }
+        }
+        cache->nextgc = jiffies + cache->expire;
+}
+/*
+ * Look up a process' credentials in the authentication cache
+ */
+struct rpc_cred *
+rpcauth_lookup_credcache(struct rpc_auth *auth, struct auth_cred * acred,
+                int taskflags)
+{
+        struct rpc_cred_cache *cache = auth->au_credcache;
+        HLIST_HEAD(free);
+        struct hlist_node *pos, *next;
+        struct rpc_cred *new = NULL,
+                        *cred = NULL;
+        int             nr = 0;
+        if (!(taskflags & RPC_TASK_ROOTCREDS))
+                nr = acred->uid & RPC_CREDCACHE_MASK;
+retry:
+        spin_lock(&rpc_credcache_lock);
+        if (time_before(cache->nextgc, jiffies))
+                rpcauth_gc_credcache(auth, &free);
+        hlist_for_each_safe(pos, next, &cache->hashtable[nr]) {
+                struct rpc_cred *entry;
+                entry = hlist_entry(pos, struct rpc_cred, cr_hash);
+                if (entry->cr_ops->crmatch(acred, entry, taskflags)) {
+                        hlist_del(&entry->cr_hash);
+                        cred = entry;
+                        break;
+                }
+                rpcauth_prune_expired(auth, entry, &free);
+        }
+        if (new) {
+                if (cred)
+                        hlist_add_head(&new->cr_hash, &free);
+                else
+                        cred = new;
+        }
+        if (cred) {
+                hlist_add_head(&cred->cr_hash, &cache->hashtable[nr]);
+                get_rpccred(cred);
+        }
+        spin_unlock(&rpc_credcache_lock);
+        rpcauth_destroy_credlist(&free);
+        if (!cred) {
+                new = auth->au_ops->crcreate(auth, acred, taskflags);
+                if (!IS_ERR(new)) {
+#ifdef RPC_DEBUG
+                        new->cr_magic = RPCAUTH_CRED_MAGIC;
+#endif
+                        goto retry;
+                } else
+                        cred = new;
+        }
+        return (struct rpc_cred *) cred;
+}
+struct rpc_cred *
+rpcauth_lookupcred(struct rpc_auth *auth, int taskflags)
+{
+        struct auth_cred acred = {
+                .uid = current->fsuid,
+                .gid = current->fsgid,
+                .group_info = current->group_info,
+        };
+        struct rpc_cred *ret;
+        dprintk("RPC:     looking up %s cred\n",
+                auth->au_ops->au_name);
+        get_group_info(acred.group_info);
+        ret = auth->au_ops->lookup_cred(auth, &acred, taskflags);
+        put_group_info(acred.group_info);
+        return ret;
+}
+struct rpc_cred *
+rpcauth_bindcred(struct rpc_task *task)
+{
+        struct rpc_auth *auth = task->tk_auth;
+        struct auth_cred acred = {
+                .uid = current->fsuid,
+                .gid = current->fsgid,
+                .group_info = current->group_info,
+        };
+        struct rpc_cred *ret;
+        dprintk("RPC: %4d looking up %s cred\n",
+                task->tk_pid, task->tk_auth->au_ops->au_name);
+        get_group_info(acred.group_info);
+        ret = auth->au_ops->lookup_cred(auth, &acred, task->tk_flags);
+        if (!IS_ERR(ret))
+                task->tk_msg.rpc_cred = ret;
+        else
+                task->tk_status = PTR_ERR(ret);
+        put_group_info(acred.group_info);
+        return ret;
+}
+void
+rpcauth_holdcred(struct rpc_task *task)
+{
+        dprintk("RPC: %4d holding %s cred %p\n",
+                task->tk_pid, task->tk_auth->au_ops->au_name, task->tk_msg.rpc_cred);
+        if (task->tk_msg.rpc_cred)
+                get_rpccred(task->tk_msg.rpc_cred);
+}
+void
+put_rpccred(struct rpc_cred *cred)
+{
+        cred->cr_expire = jiffies;
+        if (!atomic_dec_and_test(&cred->cr_count))
+                return;
+        cred->cr_ops->crdestroy(cred);
+}
+void
+rpcauth_unbindcred(struct rpc_task *task)
+{
+        struct rpc_auth *auth = task->tk_auth;
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        dprintk("RPC: %4d releasing %s cred %p\n",
+                task->tk_pid, auth->au_ops->au_name, cred);
+        put_rpccred(cred);
+        task->tk_msg.rpc_cred = NULL;
+}
+u32 *
+rpcauth_marshcred(struct rpc_task *task, u32 *p)
+{
+        struct rpc_auth *auth = task->tk_auth;
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        dprintk("RPC: %4d marshaling %s cred %p\n",
+                task->tk_pid, auth->au_ops->au_name, cred);
+        return cred->cr_ops->crmarshal(task, p);
+}
+u32 *
+rpcauth_checkverf(struct rpc_task *task, u32 *p)
+{
+        struct rpc_auth *auth = task->tk_auth;
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        dprintk("RPC: %4d validating %s cred %p\n",
+                task->tk_pid, auth->au_ops->au_name, cred);
+        return cred->cr_ops->crvalidate(task, p);
+}
+int
+rpcauth_wrap_req(struct rpc_task *task, kxdrproc_t encode, void *rqstp,
+                u32 *data, void *obj)
+{
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        dprintk("RPC: %4d using %s cred %p to wrap rpc data\n",
+                        task->tk_pid, cred->cr_ops->cr_name, cred);
+        if (cred->cr_ops->crwrap_req)
+                return cred->cr_ops->crwrap_req(task, encode, rqstp, data, obj);
+        /* By default, we encode the arguments normally. */
+        return encode(rqstp, data, obj);
+}
+int
+rpcauth_unwrap_resp(struct rpc_task *task, kxdrproc_t decode, void *rqstp,
+                u32 *data, void *obj)
+{
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        dprintk("RPC: %4d using %s cred %p to unwrap rpc data\n",
+                        task->tk_pid, cred->cr_ops->cr_name, cred);
+        if (cred->cr_ops->crunwrap_resp)
+                return cred->cr_ops->crunwrap_resp(task, decode, rqstp,
+                                                   data, obj);
+        /* By default, we decode the arguments normally. */
+        return decode(rqstp, data, obj);
+}
+int
+rpcauth_refreshcred(struct rpc_task *task)
+{
+        struct rpc_auth *auth = task->tk_auth;
+        struct rpc_cred *cred = task->tk_msg.rpc_cred;
+        int err;
+        dprintk("RPC: %4d refreshing %s cred %p\n",
+                task->tk_pid, auth->au_ops->au_name, cred);
+        err = cred->cr_ops->crrefresh(task);
+        if (err < 0)
+                task->tk_status = err;
+        return err;
+}
+void
+rpcauth_invalcred(struct rpc_task *task)
+{
+        dprintk("RPC: %4d invalidating %s cred %p\n",
+                task->tk_pid, task->tk_auth->au_ops->au_name, task->tk_msg.rpc_cred);
+        spin_lock(&rpc_credcache_lock);
+        if (task->tk_msg.rpc_cred)
+                task->tk_msg.rpc_cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
+        spin_unlock(&rpc_credcache_lock);
+}
+int
+rpcauth_uptodatecred(struct rpc_task *task)
+{
+        return !(task->tk_msg.rpc_cred) ||
+                (task->tk_msg.rpc_cred->cr_flags & RPCAUTH_CRED_UPTODATE);
+}
author	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
commit	1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree	0bba044c4ce775e45a88a51686b5d9f90697ea9d /net/sunrpc/auth.c

diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c new file mode 100644 index 000000000000..9bcec9b927b9 --- /dev/null +++ b/net/sunrpc/auth.c
@@ -0,0 +1,395 @@
	1	/*
	2	* linux/net/sunrpc/auth.c
	3	*
	4	* Generic RPC client authentication API.
	5	*
	6	* Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
	7	*/
	8
	9	#include <linux/types.h>
	10	#include <linux/sched.h>
	11	#include <linux/module.h>
	12	#include <linux/slab.h>
	13	#include <linux/errno.h>
	14	#include <linux/socket.h>
	15	#include <linux/sunrpc/clnt.h>
	16	#include <linux/spinlock.h>
	17
	18	#ifdef RPC_DEBUG
	19	# define RPCDBG_FACILITY RPCDBG_AUTH
	20	#endif
	21
	22	static struct rpc_authops * auth_flavors[RPC_AUTH_MAXFLAVOR] = {
	23	&authnull_ops, /* AUTH_NULL */
	24	&authunix_ops, /* AUTH_UNIX */
	25	NULL, /* others can be loadable modules */
	26	};
	27
	28	static u32
	29	pseudoflavor_to_flavor(u32 flavor) {
	30	if (flavor >= RPC_AUTH_MAXFLAVOR)
	31	return RPC_AUTH_GSS;
	32	return flavor;
	33	}
	34
	35	int
	36	rpcauth_register(struct rpc_authops *ops)
	37	{
	38	rpc_authflavor_t flavor;
	39
	40	if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
	41	return -EINVAL;
	42	if (auth_flavors[flavor] != NULL)
	43	return -EPERM; /* what else? */
	44	auth_flavors[flavor] = ops;
	45	return 0;
	46	}
	47
	48	int
	49	rpcauth_unregister(struct rpc_authops *ops)
	50	{
	51	rpc_authflavor_t flavor;
	52
	53	if ((flavor = ops->au_flavor) >= RPC_AUTH_MAXFLAVOR)
	54	return -EINVAL;
	55	if (auth_flavors[flavor] != ops)
	56	return -EPERM; /* what else? */
	57	auth_flavors[flavor] = NULL;
	58	return 0;
	59	}
	60
	61	struct rpc_auth *
	62	rpcauth_create(rpc_authflavor_t pseudoflavor, struct rpc_clnt *clnt)
	63	{
	64	struct rpc_auth *auth;
	65	struct rpc_authops *ops;
	66	u32 flavor = pseudoflavor_to_flavor(pseudoflavor);
	67
	68	if (flavor >= RPC_AUTH_MAXFLAVOR \|\| !(ops = auth_flavors[flavor]))
	69	return NULL;
	70	auth = ops->create(clnt, pseudoflavor);
	71	if (!auth)
	72	return NULL;
	73	if (clnt->cl_auth)
	74	rpcauth_destroy(clnt->cl_auth);
	75	clnt->cl_auth = auth;
	76	return auth;
	77	}
	78
	79	void
	80	rpcauth_destroy(struct rpc_auth *auth)
	81	{
	82	if (!atomic_dec_and_test(&auth->au_count))
	83	return;
	84	auth->au_ops->destroy(auth);
	85	}
	86
	87	static DEFINE_SPINLOCK(rpc_credcache_lock);
	88
	89	/*
	90	* Initialize RPC credential cache
	91	*/
	92	int
	93	rpcauth_init_credcache(struct rpc_auth *auth, unsigned long expire)
	94	{
	95	struct rpc_cred_cache *new;
	96	int i;
	97
	98	new = (struct rpc_cred_cache )kmalloc(sizeof(new), GFP_KERNEL);
	99	if (!new)
	100	return -ENOMEM;
	101	for (i = 0; i < RPC_CREDCACHE_NR; i++)
	102	INIT_HLIST_HEAD(&new->hashtable[i]);
	103	new->expire = expire;
	104	new->nextgc = jiffies + (expire >> 1);
	105	auth->au_credcache = new;
	106	return 0;
	107	}
	108
	109	/*
	110	* Destroy a list of credentials
	111	*/
	112	static inline
	113	void rpcauth_destroy_credlist(struct hlist_head *head)
	114	{
	115	struct rpc_cred *cred;
	116
	117	while (!hlist_empty(head)) {
	118	cred = hlist_entry(head->first, struct rpc_cred, cr_hash);
	119	hlist_del_init(&cred->cr_hash);
	120	put_rpccred(cred);
	121	}
	122	}
	123
	124	/*
	125	* Clear the RPC credential cache, and delete those credentials
	126	* that are not referenced.
	127	*/
	128	void
	129	rpcauth_free_credcache(struct rpc_auth *auth)
	130	{
	131	struct rpc_cred_cache *cache = auth->au_credcache;
	132	HLIST_HEAD(free);
	133	struct hlist_node pos, next;
	134	struct rpc_cred *cred;
	135	int i;
	136
	137	spin_lock(&rpc_credcache_lock);
	138	for (i = 0; i < RPC_CREDCACHE_NR; i++) {
	139	hlist_for_each_safe(pos, next, &cache->hashtable[i]) {
	140	cred = hlist_entry(pos, struct rpc_cred, cr_hash);
	141	__hlist_del(&cred->cr_hash);
	142	hlist_add_head(&cred->cr_hash, &free);
	143	}
	144	}
	145	spin_unlock(&rpc_credcache_lock);
	146	rpcauth_destroy_credlist(&free);
	147	}
	148
	149	static void
	150	rpcauth_prune_expired(struct rpc_auth auth, struct rpc_cred cred, struct hlist_head *free)
	151	{
	152	if (atomic_read(&cred->cr_count) != 1)
	153	return;
	154	if (time_after(jiffies, cred->cr_expire + auth->au_credcache->expire))
	155	cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
	156	if (!(cred->cr_flags & RPCAUTH_CRED_UPTODATE)) {
	157	__hlist_del(&cred->cr_hash);
	158	hlist_add_head(&cred->cr_hash, free);
	159	}
	160	}
	161
	162	/*
	163	* Remove stale credentials. Avoid sleeping inside the loop.
	164	*/
	165	static void
	166	rpcauth_gc_credcache(struct rpc_auth auth, struct hlist_head free)
	167	{
	168	struct rpc_cred_cache *cache = auth->au_credcache;
	169	struct hlist_node pos, next;
	170	struct rpc_cred *cred;
	171	int i;
	172
	173	dprintk("RPC: gc'ing RPC credentials for auth %p\n", auth);
	174	for (i = 0; i < RPC_CREDCACHE_NR; i++) {
	175	hlist_for_each_safe(pos, next, &cache->hashtable[i]) {
	176	cred = hlist_entry(pos, struct rpc_cred, cr_hash);
	177	rpcauth_prune_expired(auth, cred, free);
	178	}
	179	}
	180	cache->nextgc = jiffies + cache->expire;
	181	}
	182
	183	/*
	184	* Look up a process' credentials in the authentication cache
	185	*/
	186	struct rpc_cred *
	187	rpcauth_lookup_credcache(struct rpc_auth auth, struct auth_cred acred,
	188	int taskflags)
	189	{
	190	struct rpc_cred_cache *cache = auth->au_credcache;
	191	HLIST_HEAD(free);
	192	struct hlist_node pos, next;
	193	struct rpc_cred *new = NULL,
	194	*cred = NULL;
	195	int nr = 0;
	196
	197	if (!(taskflags & RPC_TASK_ROOTCREDS))
	198	nr = acred->uid & RPC_CREDCACHE_MASK;
	199	retry:
	200	spin_lock(&rpc_credcache_lock);
	201	if (time_before(cache->nextgc, jiffies))
	202	rpcauth_gc_credcache(auth, &free);
	203	hlist_for_each_safe(pos, next, &cache->hashtable[nr]) {
	204	struct rpc_cred *entry;
	205	entry = hlist_entry(pos, struct rpc_cred, cr_hash);
	206	if (entry->cr_ops->crmatch(acred, entry, taskflags)) {
	207	hlist_del(&entry->cr_hash);
	208	cred = entry;
	209	break;
	210	}
	211	rpcauth_prune_expired(auth, entry, &free);
	212	}
	213	if (new) {
	214	if (cred)
	215	hlist_add_head(&new->cr_hash, &free);
	216	else
	217	cred = new;
	218	}
	219	if (cred) {
	220	hlist_add_head(&cred->cr_hash, &cache->hashtable[nr]);
	221	get_rpccred(cred);
	222	}
	223	spin_unlock(&rpc_credcache_lock);
	224
	225	rpcauth_destroy_credlist(&free);
	226
	227	if (!cred) {
	228	new = auth->au_ops->crcreate(auth, acred, taskflags);
	229	if (!IS_ERR(new)) {
	230	#ifdef RPC_DEBUG
	231	new->cr_magic = RPCAUTH_CRED_MAGIC;
	232	#endif
	233	goto retry;
	234	} else
	235	cred = new;
	236	}
	237
	238	return (struct rpc_cred *) cred;
	239	}
	240
	241	struct rpc_cred *
	242	rpcauth_lookupcred(struct rpc_auth *auth, int taskflags)
	243	{
	244	struct auth_cred acred = {
	245	.uid = current->fsuid,
	246	.gid = current->fsgid,
	247	.group_info = current->group_info,
	248	};
	249	struct rpc_cred *ret;
	250
	251	dprintk("RPC: looking up %s cred\n",
	252	auth->au_ops->au_name);
	253	get_group_info(acred.group_info);
	254	ret = auth->au_ops->lookup_cred(auth, &acred, taskflags);
	255	put_group_info(acred.group_info);
	256	return ret;
	257	}
	258
	259	struct rpc_cred *
	260	rpcauth_bindcred(struct rpc_task *task)
	261	{
	262	struct rpc_auth *auth = task->tk_auth;
	263	struct auth_cred acred = {
	264	.uid = current->fsuid,
	265	.gid = current->fsgid,
	266	.group_info = current->group_info,
	267	};
	268	struct rpc_cred *ret;
	269
	270	dprintk("RPC: %4d looking up %s cred\n",
	271	task->tk_pid, task->tk_auth->au_ops->au_name);
	272	get_group_info(acred.group_info);
	273	ret = auth->au_ops->lookup_cred(auth, &acred, task->tk_flags);
	274	if (!IS_ERR(ret))
	275	task->tk_msg.rpc_cred = ret;
	276	else
	277	task->tk_status = PTR_ERR(ret);
	278	put_group_info(acred.group_info);
	279	return ret;
	280	}
	281
	282	void
	283	rpcauth_holdcred(struct rpc_task *task)
	284	{
	285	dprintk("RPC: %4d holding %s cred %p\n",
	286	task->tk_pid, task->tk_auth->au_ops->au_name, task->tk_msg.rpc_cred);
	287	if (task->tk_msg.rpc_cred)
	288	get_rpccred(task->tk_msg.rpc_cred);
	289	}
	290
	291	void
	292	put_rpccred(struct rpc_cred *cred)
	293	{
	294	cred->cr_expire = jiffies;
	295	if (!atomic_dec_and_test(&cred->cr_count))
	296	return;
	297	cred->cr_ops->crdestroy(cred);
	298	}
	299
	300	void
	301	rpcauth_unbindcred(struct rpc_task *task)
	302	{
	303	struct rpc_auth *auth = task->tk_auth;
	304	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	305
	306	dprintk("RPC: %4d releasing %s cred %p\n",
	307	task->tk_pid, auth->au_ops->au_name, cred);
	308
	309	put_rpccred(cred);
	310	task->tk_msg.rpc_cred = NULL;
	311	}
	312
	313	u32 *
	314	rpcauth_marshcred(struct rpc_task task, u32 p)
	315	{
	316	struct rpc_auth *auth = task->tk_auth;
	317	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	318
	319	dprintk("RPC: %4d marshaling %s cred %p\n",
	320	task->tk_pid, auth->au_ops->au_name, cred);
	321	return cred->cr_ops->crmarshal(task, p);
	322	}
	323
	324	u32 *
	325	rpcauth_checkverf(struct rpc_task task, u32 p)
	326	{
	327	struct rpc_auth *auth = task->tk_auth;
	328	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	329
	330	dprintk("RPC: %4d validating %s cred %p\n",
	331	task->tk_pid, auth->au_ops->au_name, cred);
	332	return cred->cr_ops->crvalidate(task, p);
	333	}
	334
	335	int
	336	rpcauth_wrap_req(struct rpc_task task, kxdrproc_t encode, void rqstp,
	337	u32 data, void obj)
	338	{
	339	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	340
	341	dprintk("RPC: %4d using %s cred %p to wrap rpc data\n",
	342	task->tk_pid, cred->cr_ops->cr_name, cred);
	343	if (cred->cr_ops->crwrap_req)
	344	return cred->cr_ops->crwrap_req(task, encode, rqstp, data, obj);
	345	/* By default, we encode the arguments normally. */
	346	return encode(rqstp, data, obj);
	347	}
	348
	349	int
	350	rpcauth_unwrap_resp(struct rpc_task task, kxdrproc_t decode, void rqstp,
	351	u32 data, void obj)
	352	{
	353	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	354
	355	dprintk("RPC: %4d using %s cred %p to unwrap rpc data\n",
	356	task->tk_pid, cred->cr_ops->cr_name, cred);
	357	if (cred->cr_ops->crunwrap_resp)
	358	return cred->cr_ops->crunwrap_resp(task, decode, rqstp,
	359	data, obj);
	360	/* By default, we decode the arguments normally. */
	361	return decode(rqstp, data, obj);
	362	}
	363
	364	int
	365	rpcauth_refreshcred(struct rpc_task *task)
	366	{
	367	struct rpc_auth *auth = task->tk_auth;
	368	struct rpc_cred *cred = task->tk_msg.rpc_cred;
	369	int err;
	370
	371	dprintk("RPC: %4d refreshing %s cred %p\n",
	372	task->tk_pid, auth->au_ops->au_name, cred);
	373	err = cred->cr_ops->crrefresh(task);
	374	if (err < 0)
	375	task->tk_status = err;
	376	return err;
	377	}
	378
	379	void
	380	rpcauth_invalcred(struct rpc_task *task)
	381	{
	382	dprintk("RPC: %4d invalidating %s cred %p\n",
	383	task->tk_pid, task->tk_auth->au_ops->au_name, task->tk_msg.rpc_cred);
	384	spin_lock(&rpc_credcache_lock);
	385	if (task->tk_msg.rpc_cred)
	386	task->tk_msg.rpc_cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
	387	spin_unlock(&rpc_credcache_lock);
	388	}
	389
	390	int
	391	rpcauth_uptodatecred(struct rpc_task *task)
	392	{
	393	return !(task->tk_msg.rpc_cred) \|\|
	394	(task->tk_msg.rpc_cred->cr_flags & RPCAUTH_CRED_UPTODATE);
	395	}