diff options
| -rw-r--r-- | include/linux/sunrpc/auth.h | 6 | ||||
| -rw-r--r-- | net/sunrpc/auth.c | 63 | ||||
| -rw-r--r-- | net/sunrpc/auth_gss/auth_gss.c | 3 | ||||
| -rw-r--r-- | net/sunrpc/auth_unix.c | 6 | ||||
| -rw-r--r-- | net/sunrpc/sunrpc_syms.c | 3 |
5 files changed, 52 insertions, 29 deletions
diff --git a/include/linux/sunrpc/auth.h b/include/linux/sunrpc/auth.h index e5a3b5141ed2..7a69ca3bebaf 100644 --- a/include/linux/sunrpc/auth.h +++ b/include/linux/sunrpc/auth.h | |||
| @@ -64,8 +64,6 @@ struct rpc_cred { | |||
| 64 | struct rpc_cred_cache { | 64 | struct rpc_cred_cache { |
| 65 | struct hlist_head hashtable[RPC_CREDCACHE_NR]; | 65 | struct hlist_head hashtable[RPC_CREDCACHE_NR]; |
| 66 | spinlock_t lock; | 66 | spinlock_t lock; |
| 67 | unsigned long nextgc; /* next garbage collection */ | ||
| 68 | unsigned long expire; /* cache expiry interval */ | ||
| 69 | }; | 67 | }; |
| 70 | 68 | ||
| 71 | struct rpc_authops; | 69 | struct rpc_authops; |
| @@ -128,6 +126,8 @@ extern const struct rpc_authops authunix_ops; | |||
| 128 | extern const struct rpc_authops authnull_ops; | 126 | extern const struct rpc_authops authnull_ops; |
| 129 | 127 | ||
| 130 | void __init rpc_init_authunix(void); | 128 | void __init rpc_init_authunix(void); |
| 129 | void __init rpcauth_init_module(void); | ||
| 130 | void __exit rpcauth_remove_module(void); | ||
| 131 | 131 | ||
| 132 | int rpcauth_register(const struct rpc_authops *); | 132 | int rpcauth_register(const struct rpc_authops *); |
| 133 | int rpcauth_unregister(const struct rpc_authops *); | 133 | int rpcauth_unregister(const struct rpc_authops *); |
| @@ -147,7 +147,7 @@ int rpcauth_unwrap_resp(struct rpc_task *task, kxdrproc_t decode, void *rqstp, | |||
| 147 | int rpcauth_refreshcred(struct rpc_task *); | 147 | int rpcauth_refreshcred(struct rpc_task *); |
| 148 | void rpcauth_invalcred(struct rpc_task *); | 148 | void rpcauth_invalcred(struct rpc_task *); |
| 149 | int rpcauth_uptodatecred(struct rpc_task *); | 149 | int rpcauth_uptodatecred(struct rpc_task *); |
| 150 | int rpcauth_init_credcache(struct rpc_auth *, unsigned long); | 150 | int rpcauth_init_credcache(struct rpc_auth *); |
| 151 | void rpcauth_destroy_credcache(struct rpc_auth *); | 151 | void rpcauth_destroy_credcache(struct rpc_auth *); |
| 152 | void rpcauth_clear_credcache(struct rpc_cred_cache *); | 152 | void rpcauth_clear_credcache(struct rpc_cred_cache *); |
| 153 | 153 | ||
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index cf1198d10ee9..81f4c776c558 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c | |||
| @@ -26,6 +26,7 @@ static const struct rpc_authops *auth_flavors[RPC_AUTH_MAXFLAVOR] = { | |||
| 26 | }; | 26 | }; |
| 27 | 27 | ||
| 28 | static LIST_HEAD(cred_unused); | 28 | static LIST_HEAD(cred_unused); |
| 29 | static unsigned long number_cred_unused; | ||
| 29 | 30 | ||
| 30 | static u32 | 31 | static u32 |
| 31 | pseudoflavor_to_flavor(u32 flavor) { | 32 | pseudoflavor_to_flavor(u32 flavor) { |
| @@ -136,7 +137,7 @@ rpcauth_unhash_cred(struct rpc_cred *cred) | |||
| 136 | * Initialize RPC credential cache | 137 | * Initialize RPC credential cache |
| 137 | */ | 138 | */ |
| 138 | int | 139 | int |
| 139 | rpcauth_init_credcache(struct rpc_auth *auth, unsigned long expire) | 140 | rpcauth_init_credcache(struct rpc_auth *auth) |
| 140 | { | 141 | { |
| 141 | struct rpc_cred_cache *new; | 142 | struct rpc_cred_cache *new; |
| 142 | int i; | 143 | int i; |
| @@ -147,8 +148,6 @@ rpcauth_init_credcache(struct rpc_auth *auth, unsigned long expire) | |||
| 147 | for (i = 0; i < RPC_CREDCACHE_NR; i++) | 148 | for (i = 0; i < RPC_CREDCACHE_NR; i++) |
| 148 | INIT_HLIST_HEAD(&new->hashtable[i]); | 149 | INIT_HLIST_HEAD(&new->hashtable[i]); |
| 149 | spin_lock_init(&new->lock); | 150 | spin_lock_init(&new->lock); |
| 150 | new->expire = expire; | ||
| 151 | new->nextgc = jiffies + (expire >> 1); | ||
| 152 | auth->au_credcache = new; | 151 | auth->au_credcache = new; |
| 153 | return 0; | 152 | return 0; |
| 154 | } | 153 | } |
| @@ -187,7 +186,11 @@ rpcauth_clear_credcache(struct rpc_cred_cache *cache) | |||
| 187 | while (!hlist_empty(head)) { | 186 | while (!hlist_empty(head)) { |
| 188 | cred = hlist_entry(head->first, struct rpc_cred, cr_hash); | 187 | cred = hlist_entry(head->first, struct rpc_cred, cr_hash); |
| 189 | get_rpccred(cred); | 188 | get_rpccred(cred); |
| 190 | list_move_tail(&cred->cr_lru, &free); | 189 | if (!list_empty(&cred->cr_lru)) { |
| 190 | list_del(&cred->cr_lru); | ||
| 191 | number_cred_unused--; | ||
| 192 | } | ||
| 193 | list_add_tail(&cred->cr_lru, &free); | ||
| 191 | rpcauth_unhash_cred_locked(cred); | 194 | rpcauth_unhash_cred_locked(cred); |
| 192 | } | 195 | } |
| 193 | } | 196 | } |
| @@ -214,18 +217,16 @@ rpcauth_destroy_credcache(struct rpc_auth *auth) | |||
| 214 | /* | 217 | /* |
| 215 | * Remove stale credentials. Avoid sleeping inside the loop. | 218 | * Remove stale credentials. Avoid sleeping inside the loop. |
| 216 | */ | 219 | */ |
| 217 | static void | 220 | static int |
| 218 | rpcauth_prune_expired(struct list_head *free) | 221 | rpcauth_prune_expired(struct list_head *free, int nr_to_scan) |
| 219 | { | 222 | { |
| 220 | spinlock_t *cache_lock; | 223 | spinlock_t *cache_lock; |
| 221 | struct rpc_cred *cred; | 224 | struct rpc_cred *cred; |
| 222 | 225 | ||
| 223 | while (!list_empty(&cred_unused)) { | 226 | while (!list_empty(&cred_unused)) { |
| 224 | cred = list_entry(cred_unused.next, struct rpc_cred, cr_lru); | 227 | cred = list_entry(cred_unused.next, struct rpc_cred, cr_lru); |
| 225 | if (time_after(jiffies, cred->cr_expire + | ||
| 226 | cred->cr_auth->au_credcache->expire)) | ||
| 227 | break; | ||
| 228 | list_del_init(&cred->cr_lru); | 228 | list_del_init(&cred->cr_lru); |
| 229 | number_cred_unused--; | ||
| 229 | if (atomic_read(&cred->cr_count) != 0) | 230 | if (atomic_read(&cred->cr_count) != 0) |
| 230 | continue; | 231 | continue; |
| 231 | cache_lock = &cred->cr_auth->au_credcache->lock; | 232 | cache_lock = &cred->cr_auth->au_credcache->lock; |
| @@ -234,23 +235,32 @@ rpcauth_prune_expired(struct list_head *free) | |||
| 234 | get_rpccred(cred); | 235 | get_rpccred(cred); |
| 235 | list_add_tail(&cred->cr_lru, free); | 236 | list_add_tail(&cred->cr_lru, free); |
| 236 | rpcauth_unhash_cred_locked(cred); | 237 | rpcauth_unhash_cred_locked(cred); |
| 238 | nr_to_scan--; | ||
| 237 | } | 239 | } |
| 238 | spin_unlock(cache_lock); | 240 | spin_unlock(cache_lock); |
| 241 | if (nr_to_scan == 0) | ||
| 242 | break; | ||
| 239 | } | 243 | } |
| 244 | return nr_to_scan; | ||
| 240 | } | 245 | } |
| 241 | 246 | ||
| 242 | /* | 247 | /* |
| 243 | * Run garbage collector. | 248 | * Run memory cache shrinker. |
| 244 | */ | 249 | */ |
| 245 | static void | 250 | static int |
| 246 | rpcauth_gc_credcache(struct rpc_cred_cache *cache, struct list_head *free) | 251 | rpcauth_cache_shrinker(int nr_to_scan, gfp_t gfp_mask) |
| 247 | { | 252 | { |
| 248 | if (list_empty(&cred_unused) || time_before(jiffies, cache->nextgc)) | 253 | LIST_HEAD(free); |
| 249 | return; | 254 | int res; |
| 255 | |||
| 256 | if (list_empty(&cred_unused)) | ||
| 257 | return 0; | ||
| 250 | spin_lock(&rpc_credcache_lock); | 258 | spin_lock(&rpc_credcache_lock); |
| 251 | cache->nextgc = jiffies + cache->expire; | 259 | nr_to_scan = rpcauth_prune_expired(&free, nr_to_scan); |
| 252 | rpcauth_prune_expired(free); | 260 | res = (number_cred_unused / 100) * sysctl_vfs_cache_pressure; |
| 253 | spin_unlock(&rpc_credcache_lock); | 261 | spin_unlock(&rpc_credcache_lock); |
| 262 | rpcauth_destroy_credlist(&free); | ||
| 263 | return res; | ||
| 254 | } | 264 | } |
| 255 | 265 | ||
| 256 | /* | 266 | /* |
| @@ -318,7 +328,6 @@ found: | |||
| 318 | cred = ERR_PTR(res); | 328 | cred = ERR_PTR(res); |
| 319 | } | 329 | } |
| 320 | } | 330 | } |
| 321 | rpcauth_gc_credcache(cache, &free); | ||
| 322 | rpcauth_destroy_credlist(&free); | 331 | rpcauth_destroy_credlist(&free); |
| 323 | out: | 332 | out: |
| 324 | return cred; | 333 | return cred; |
| @@ -408,13 +417,16 @@ put_rpccred(struct rpc_cred *cred) | |||
| 408 | need_lock: | 417 | need_lock: |
| 409 | if (!atomic_dec_and_lock(&cred->cr_count, &rpc_credcache_lock)) | 418 | if (!atomic_dec_and_lock(&cred->cr_count, &rpc_credcache_lock)) |
| 410 | return; | 419 | return; |
| 411 | if (!list_empty(&cred->cr_lru)) | 420 | if (!list_empty(&cred->cr_lru)) { |
| 421 | number_cred_unused--; | ||
| 412 | list_del_init(&cred->cr_lru); | 422 | list_del_init(&cred->cr_lru); |
| 423 | } | ||
| 413 | if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0) | 424 | if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0) |
| 414 | rpcauth_unhash_cred(cred); | 425 | rpcauth_unhash_cred(cred); |
| 415 | else if (test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags) != 0) { | 426 | else if (test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags) != 0) { |
| 416 | cred->cr_expire = jiffies; | 427 | cred->cr_expire = jiffies; |
| 417 | list_add_tail(&cred->cr_lru, &cred_unused); | 428 | list_add_tail(&cred->cr_lru, &cred_unused); |
| 429 | number_cred_unused++; | ||
| 418 | spin_unlock(&rpc_credcache_lock); | 430 | spin_unlock(&rpc_credcache_lock); |
| 419 | return; | 431 | return; |
| 420 | } | 432 | } |
| @@ -520,3 +532,18 @@ rpcauth_uptodatecred(struct rpc_task *task) | |||
| 520 | return cred == NULL || | 532 | return cred == NULL || |
| 521 | test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0; | 533 | test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0; |
| 522 | } | 534 | } |
| 535 | |||
| 536 | |||
| 537 | static struct shrinker *rpc_cred_shrinker; | ||
| 538 | |||
| 539 | void __init rpcauth_init_module(void) | ||
| 540 | { | ||
| 541 | rpc_init_authunix(); | ||
| 542 | rpc_cred_shrinker = set_shrinker(DEFAULT_SEEKS, rpcauth_cache_shrinker); | ||
| 543 | } | ||
| 544 | |||
| 545 | void __exit rpcauth_remove_module(void) | ||
| 546 | { | ||
| 547 | if (rpc_cred_shrinker != NULL) | ||
| 548 | remove_shrinker(rpc_cred_shrinker); | ||
| 549 | } | ||
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index 068fa6dfb64e..8653a92144ae 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
| @@ -64,7 +64,6 @@ static const struct rpc_credops gss_credops; | |||
| 64 | 64 | ||
| 65 | #define NFS_NGROUPS 16 | 65 | #define NFS_NGROUPS 16 |
| 66 | 66 | ||
| 67 | #define GSS_CRED_EXPIRE (60 * HZ) /* XXX: reasonable? */ | ||
| 68 | #define GSS_CRED_SLACK 1024 /* XXX: unused */ | 67 | #define GSS_CRED_SLACK 1024 /* XXX: unused */ |
| 69 | /* length of a krb5 verifier (48), plus data added before arguments when | 68 | /* length of a krb5 verifier (48), plus data added before arguments when |
| 70 | * using integrity (two 4-byte integers): */ | 69 | * using integrity (two 4-byte integers): */ |
| @@ -643,7 +642,7 @@ gss_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor) | |||
| 643 | goto err_put_mech; | 642 | goto err_put_mech; |
| 644 | } | 643 | } |
| 645 | 644 | ||
| 646 | err = rpcauth_init_credcache(auth, GSS_CRED_EXPIRE); | 645 | err = rpcauth_init_credcache(auth); |
| 647 | if (err) | 646 | if (err) |
| 648 | goto err_unlink_pipe; | 647 | goto err_unlink_pipe; |
| 649 | 648 | ||
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c index 205878a3caa5..d9c50d810d15 100644 --- a/net/sunrpc/auth_unix.c +++ b/net/sunrpc/auth_unix.c | |||
| @@ -21,8 +21,6 @@ struct unx_cred { | |||
| 21 | }; | 21 | }; |
| 22 | #define uc_uid uc_base.cr_uid | 22 | #define uc_uid uc_base.cr_uid |
| 23 | 23 | ||
| 24 | #define UNX_CRED_EXPIRE (60 * HZ) | ||
| 25 | |||
| 26 | #define UNX_WRITESLACK (21 + (UNX_MAXNODENAME >> 2)) | 24 | #define UNX_WRITESLACK (21 + (UNX_MAXNODENAME >> 2)) |
| 27 | 25 | ||
| 28 | #ifdef RPC_DEBUG | 26 | #ifdef RPC_DEBUG |
| @@ -38,8 +36,7 @@ unx_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor) | |||
| 38 | { | 36 | { |
| 39 | dprintk("RPC: creating UNIX authenticator for client %p\n", | 37 | dprintk("RPC: creating UNIX authenticator for client %p\n", |
| 40 | clnt); | 38 | clnt); |
| 41 | if (atomic_inc_return(&unix_auth.au_count) == 1) | 39 | atomic_inc(&unix_auth.au_count); |
| 42 | unix_cred_cache.nextgc = jiffies + (unix_cred_cache.expire >> 1); | ||
| 43 | return &unix_auth; | 40 | return &unix_auth; |
| 44 | } | 41 | } |
| 45 | 42 | ||
| @@ -232,7 +229,6 @@ const struct rpc_authops authunix_ops = { | |||
| 232 | 229 | ||
| 233 | static | 230 | static |
| 234 | struct rpc_cred_cache unix_cred_cache = { | 231 | struct rpc_cred_cache unix_cred_cache = { |
| 235 | .expire = UNX_CRED_EXPIRE, | ||
| 236 | }; | 232 | }; |
| 237 | 233 | ||
| 238 | static | 234 | static |
diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c index 018065fca84b..384c4ad5ab86 100644 --- a/net/sunrpc/sunrpc_syms.c +++ b/net/sunrpc/sunrpc_syms.c | |||
| @@ -152,7 +152,7 @@ init_sunrpc(void) | |||
| 152 | cache_register(&ip_map_cache); | 152 | cache_register(&ip_map_cache); |
| 153 | cache_register(&unix_gid_cache); | 153 | cache_register(&unix_gid_cache); |
| 154 | init_socket_xprt(); | 154 | init_socket_xprt(); |
| 155 | rpc_init_authunix(); | 155 | rpcauth_init_module(); |
| 156 | out: | 156 | out: |
| 157 | return err; | 157 | return err; |
| 158 | } | 158 | } |
| @@ -160,6 +160,7 @@ out: | |||
| 160 | static void __exit | 160 | static void __exit |
| 161 | cleanup_sunrpc(void) | 161 | cleanup_sunrpc(void) |
| 162 | { | 162 | { |
| 163 | rpcauth_remove_module(); | ||
| 163 | cleanup_socket_xprt(); | 164 | cleanup_socket_xprt(); |
| 164 | unregister_rpc_pipefs(); | 165 | unregister_rpc_pipefs(); |
| 165 | rpc_destroy_mempool(); | 166 | rpc_destroy_mempool(); |