aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/linux/sunrpc/auth.h10
-rw-r--r--net/sunrpc/auth.c22
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c22
-rw-r--r--net/sunrpc/auth_null.c4
-rw-r--r--net/sunrpc/auth_unix.c4
5 files changed, 32 insertions, 30 deletions
diff --git a/include/linux/sunrpc/auth.h b/include/linux/sunrpc/auth.h
index d5bfc67461fc..8586503d5ebd 100644
--- a/include/linux/sunrpc/auth.h
+++ b/include/linux/sunrpc/auth.h
@@ -36,19 +36,19 @@ struct rpc_cred {
36 struct hlist_node cr_hash; /* hash chain */ 36 struct hlist_node cr_hash; /* hash chain */
37 struct rpc_auth * cr_auth; 37 struct rpc_auth * cr_auth;
38 const struct rpc_credops *cr_ops; 38 const struct rpc_credops *cr_ops;
39 unsigned long cr_expire; /* when to gc */
40 atomic_t cr_count; /* ref count */
41 unsigned short cr_flags; /* various flags */
42#ifdef RPC_DEBUG 39#ifdef RPC_DEBUG
43 unsigned long cr_magic; /* 0x0f4aa4f0 */ 40 unsigned long cr_magic; /* 0x0f4aa4f0 */
44#endif 41#endif
42 unsigned long cr_expire; /* when to gc */
43 unsigned long cr_flags; /* various flags */
44 atomic_t cr_count; /* ref count */
45 45
46 uid_t cr_uid; 46 uid_t cr_uid;
47 47
48 /* per-flavor data */ 48 /* per-flavor data */
49}; 49};
50#define RPCAUTH_CRED_NEW 0x0001 50#define RPCAUTH_CRED_NEW 0
51#define RPCAUTH_CRED_UPTODATE 0x0002 51#define RPCAUTH_CRED_UPTODATE 1
52 52
53#define RPCAUTH_CRED_MAGIC 0x0f4aa4f0 53#define RPCAUTH_CRED_MAGIC 0x0f4aa4f0
54 54
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c
index 2156327da45b..4d7c78b05d1e 100644
--- a/net/sunrpc/auth.c
+++ b/net/sunrpc/auth.c
@@ -190,8 +190,8 @@ rpcauth_prune_expired(struct rpc_auth *auth, struct rpc_cred *cred, struct hlist
190 if (atomic_read(&cred->cr_count) != 1) 190 if (atomic_read(&cred->cr_count) != 1)
191 return; 191 return;
192 if (time_after(jiffies, cred->cr_expire + auth->au_credcache->expire)) 192 if (time_after(jiffies, cred->cr_expire + auth->au_credcache->expire))
193 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 193 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
194 if (!(cred->cr_flags & RPCAUTH_CRED_UPTODATE)) { 194 if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0) {
195 __hlist_del(&cred->cr_hash); 195 __hlist_del(&cred->cr_hash);
196 hlist_add_head(&cred->cr_hash, free); 196 hlist_add_head(&cred->cr_hash, free);
197 } 197 }
@@ -267,7 +267,7 @@ retry:
267 if (!IS_ERR(new)) 267 if (!IS_ERR(new))
268 goto retry; 268 goto retry;
269 cred = new; 269 cred = new;
270 } else if ((cred->cr_flags & RPCAUTH_CRED_NEW) 270 } else if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags)
271 && cred->cr_ops->cr_init != NULL 271 && cred->cr_ops->cr_init != NULL
272 && !(flags & RPCAUTH_LOOKUP_NEW)) { 272 && !(flags & RPCAUTH_LOOKUP_NEW)) {
273 int res = cred->cr_ops->cr_init(auth, cred); 273 int res = cred->cr_ops->cr_init(auth, cred);
@@ -440,17 +440,19 @@ rpcauth_refreshcred(struct rpc_task *task)
440void 440void
441rpcauth_invalcred(struct rpc_task *task) 441rpcauth_invalcred(struct rpc_task *task)
442{ 442{
443 struct rpc_cred *cred = task->tk_msg.rpc_cred;
444
443 dprintk("RPC: %5u invalidating %s cred %p\n", 445 dprintk("RPC: %5u invalidating %s cred %p\n",
444 task->tk_pid, task->tk_auth->au_ops->au_name, task->tk_msg.rpc_cred); 446 task->tk_pid, task->tk_auth->au_ops->au_name, cred);
445 spin_lock(&rpc_credcache_lock); 447 if (cred)
446 if (task->tk_msg.rpc_cred) 448 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
447 task->tk_msg.rpc_cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
448 spin_unlock(&rpc_credcache_lock);
449} 449}
450 450
451int 451int
452rpcauth_uptodatecred(struct rpc_task *task) 452rpcauth_uptodatecred(struct rpc_task *task)
453{ 453{
454 return !(task->tk_msg.rpc_cred) || 454 struct rpc_cred *cred = task->tk_msg.rpc_cred;
455 (task->tk_msg.rpc_cred->cr_flags & RPCAUTH_CRED_UPTODATE); 455
456 return cred == NULL ||
457 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) != 0;
456} 458}
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 766de0a41b22..55c47ae0a258 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -114,8 +114,8 @@ gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx)
114 write_lock(&gss_ctx_lock); 114 write_lock(&gss_ctx_lock);
115 old = gss_cred->gc_ctx; 115 old = gss_cred->gc_ctx;
116 gss_cred->gc_ctx = ctx; 116 gss_cred->gc_ctx = ctx;
117 cred->cr_flags |= RPCAUTH_CRED_UPTODATE; 117 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
118 cred->cr_flags &= ~RPCAUTH_CRED_NEW; 118 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags);
119 write_unlock(&gss_ctx_lock); 119 write_unlock(&gss_ctx_lock);
120 if (old) 120 if (old)
121 gss_put_ctx(old); 121 gss_put_ctx(old);
@@ -128,7 +128,7 @@ gss_cred_is_uptodate_ctx(struct rpc_cred *cred)
128 int res = 0; 128 int res = 0;
129 129
130 read_lock(&gss_ctx_lock); 130 read_lock(&gss_ctx_lock);
131 if ((cred->cr_flags & RPCAUTH_CRED_UPTODATE) && gss_cred->gc_ctx) 131 if (test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) && gss_cred->gc_ctx)
132 res = 1; 132 res = 1;
133 read_unlock(&gss_ctx_lock); 133 read_unlock(&gss_ctx_lock);
134 return res; 134 return res;
@@ -732,7 +732,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
732 * Note: in order to force a call to call_refresh(), we deliberately 732 * Note: in order to force a call to call_refresh(), we deliberately
733 * fail to flag the credential as RPCAUTH_CRED_UPTODATE. 733 * fail to flag the credential as RPCAUTH_CRED_UPTODATE.
734 */ 734 */
735 cred->gc_base.cr_flags = RPCAUTH_CRED_NEW; 735 cred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_NEW;
736 cred->gc_service = gss_auth->service; 736 cred->gc_service = gss_auth->service;
737 return &cred->gc_base; 737 return &cred->gc_base;
738 738
@@ -764,7 +764,7 @@ gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
764 * we don't really care if the credential has expired or not, 764 * we don't really care if the credential has expired or not,
765 * since the caller should be prepared to reinitialise it. 765 * since the caller should be prepared to reinitialise it.
766 */ 766 */
767 if ((flags & RPCAUTH_LOOKUP_NEW) && (rc->cr_flags & RPCAUTH_CRED_NEW)) 767 if ((flags & RPCAUTH_LOOKUP_NEW) && test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags))
768 goto out; 768 goto out;
769 /* Don't match with creds that have expired. */ 769 /* Don't match with creds that have expired. */
770 if (gss_cred->gc_ctx && time_after(jiffies, gss_cred->gc_ctx->gc_expiry)) 770 if (gss_cred->gc_ctx && time_after(jiffies, gss_cred->gc_ctx->gc_expiry))
@@ -820,7 +820,7 @@ gss_marshal(struct rpc_task *task, __be32 *p)
820 mic.data = (u8 *)(p + 1); 820 mic.data = (u8 *)(p + 1);
821 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic); 821 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
822 if (maj_stat == GSS_S_CONTEXT_EXPIRED) { 822 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
823 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 823 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
824 } else if (maj_stat != 0) { 824 } else if (maj_stat != 0) {
825 printk("gss_marshal: gss_get_mic FAILED (%d)\n", maj_stat); 825 printk("gss_marshal: gss_get_mic FAILED (%d)\n", maj_stat);
826 goto out_put_ctx; 826 goto out_put_ctx;
@@ -873,7 +873,7 @@ gss_validate(struct rpc_task *task, __be32 *p)
873 873
874 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic); 874 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
875 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 875 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
876 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 876 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
877 if (maj_stat) 877 if (maj_stat)
878 goto out_bad; 878 goto out_bad;
879 /* We leave it to unwrap to calculate au_rslack. For now we just 879 /* We leave it to unwrap to calculate au_rslack. For now we just
@@ -927,7 +927,7 @@ gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
927 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic); 927 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
928 status = -EIO; /* XXX? */ 928 status = -EIO; /* XXX? */
929 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 929 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
930 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 930 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
931 else if (maj_stat) 931 else if (maj_stat)
932 return status; 932 return status;
933 q = xdr_encode_opaque(p, NULL, mic.len); 933 q = xdr_encode_opaque(p, NULL, mic.len);
@@ -1026,7 +1026,7 @@ gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1026 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was 1026 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1027 * done anyway, so it's safe to put the request on the wire: */ 1027 * done anyway, so it's safe to put the request on the wire: */
1028 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 1028 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1029 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 1029 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1030 else if (maj_stat) 1030 else if (maj_stat)
1031 return status; 1031 return status;
1032 1032
@@ -1113,7 +1113,7 @@ gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1113 1113
1114 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic); 1114 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1115 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 1115 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1116 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 1116 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1117 if (maj_stat != GSS_S_COMPLETE) 1117 if (maj_stat != GSS_S_COMPLETE)
1118 return status; 1118 return status;
1119 return 0; 1119 return 0;
@@ -1138,7 +1138,7 @@ gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1138 1138
1139 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf); 1139 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf);
1140 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 1140 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1141 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; 1141 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1142 if (maj_stat != GSS_S_COMPLETE) 1142 if (maj_stat != GSS_S_COMPLETE)
1143 return status; 1143 return status;
1144 if (ntohl(*(*p)++) != rqstp->rq_seqno) 1144 if (ntohl(*(*p)++) != rqstp->rq_seqno)
diff --git a/net/sunrpc/auth_null.c b/net/sunrpc/auth_null.c
index fe9b6aaf91eb..6c905fb11c5d 100644
--- a/net/sunrpc/auth_null.c
+++ b/net/sunrpc/auth_null.c
@@ -76,7 +76,7 @@ nul_marshal(struct rpc_task *task, __be32 *p)
76static int 76static int
77nul_refresh(struct rpc_task *task) 77nul_refresh(struct rpc_task *task)
78{ 78{
79 task->tk_msg.rpc_cred->cr_flags |= RPCAUTH_CRED_UPTODATE; 79 set_bit(RPCAUTH_CRED_UPTODATE, &task->tk_msg.rpc_cred->cr_flags);
80 return 0; 80 return 0;
81} 81}
82 82
@@ -136,7 +136,7 @@ struct rpc_cred null_cred = {
136 .cr_auth = &null_auth, 136 .cr_auth = &null_auth,
137 .cr_ops = &null_credops, 137 .cr_ops = &null_credops,
138 .cr_count = ATOMIC_INIT(1), 138 .cr_count = ATOMIC_INIT(1),
139 .cr_flags = RPCAUTH_CRED_UPTODATE, 139 .cr_flags = 1UL << RPCAUTH_CRED_UPTODATE,
140#ifdef RPC_DEBUG 140#ifdef RPC_DEBUG
141 .cr_magic = RPCAUTH_CRED_MAGIC, 141 .cr_magic = RPCAUTH_CRED_MAGIC,
142#endif 142#endif
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c
index f17dabbab1c7..29d50ffa69d6 100644
--- a/net/sunrpc/auth_unix.c
+++ b/net/sunrpc/auth_unix.c
@@ -72,7 +72,7 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
72 return ERR_PTR(-ENOMEM); 72 return ERR_PTR(-ENOMEM);
73 73
74 rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops); 74 rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops);
75 cred->uc_base.cr_flags = RPCAUTH_CRED_UPTODATE; 75 cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE;
76 if (flags & RPCAUTH_LOOKUP_ROOTCREDS) { 76 if (flags & RPCAUTH_LOOKUP_ROOTCREDS) {
77 cred->uc_uid = 0; 77 cred->uc_uid = 0;
78 cred->uc_gid = 0; 78 cred->uc_gid = 0;
@@ -172,7 +172,7 @@ unx_marshal(struct rpc_task *task, __be32 *p)
172static int 172static int
173unx_refresh(struct rpc_task *task) 173unx_refresh(struct rpc_task *task)
174{ 174{
175 task->tk_msg.rpc_cred->cr_flags |= RPCAUTH_CRED_UPTODATE; 175 set_bit(RPCAUTH_CRED_UPTODATE, &task->tk_msg.rpc_cred->cr_flags);
176 return 0; 176 return 0;
177} 177}
178 178