diff options
Diffstat (limited to 'net/sunrpc/auth_gss/auth_gss.c')
| -rw-r--r-- | net/sunrpc/auth_gss/auth_gss.c | 27 |
1 files changed, 7 insertions, 20 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index cc12d5f5d5da..834a83199bdf 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
| @@ -63,22 +63,11 @@ static const struct rpc_credops gss_nullops; | |||
| 63 | # define RPCDBG_FACILITY RPCDBG_AUTH | 63 | # define RPCDBG_FACILITY RPCDBG_AUTH |
| 64 | #endif | 64 | #endif |
| 65 | 65 | ||
| 66 | #define NFS_NGROUPS 16 | 66 | #define GSS_CRED_SLACK 1024 |
| 67 | |||
| 68 | #define GSS_CRED_SLACK 1024 /* XXX: unused */ | ||
| 69 | /* length of a krb5 verifier (48), plus data added before arguments when | 67 | /* length of a krb5 verifier (48), plus data added before arguments when |
| 70 | * using integrity (two 4-byte integers): */ | 68 | * using integrity (two 4-byte integers): */ |
| 71 | #define GSS_VERF_SLACK 100 | 69 | #define GSS_VERF_SLACK 100 |
| 72 | 70 | ||
| 73 | /* XXX this define must match the gssd define | ||
| 74 | * as it is passed to gssd to signal the use of | ||
| 75 | * machine creds should be part of the shared rpc interface */ | ||
| 76 | |||
| 77 | #define CA_RUN_AS_MACHINE 0x00000200 | ||
| 78 | |||
| 79 | /* dump the buffer in `emacs-hexl' style */ | ||
| 80 | #define isprint(c) ((c > 0x1f) && (c < 0x7f)) | ||
| 81 | |||
| 82 | struct gss_auth { | 71 | struct gss_auth { |
| 83 | struct kref kref; | 72 | struct kref kref; |
| 84 | struct rpc_auth rpc_auth; | 73 | struct rpc_auth rpc_auth; |
| @@ -146,7 +135,7 @@ simple_get_netobj(const void *p, const void *end, struct xdr_netobj *dest) | |||
| 146 | q = (const void *)((const char *)p + len); | 135 | q = (const void *)((const char *)p + len); |
| 147 | if (unlikely(q > end || q < p)) | 136 | if (unlikely(q > end || q < p)) |
| 148 | return ERR_PTR(-EFAULT); | 137 | return ERR_PTR(-EFAULT); |
| 149 | dest->data = kmemdup(p, len, GFP_KERNEL); | 138 | dest->data = kmemdup(p, len, GFP_NOFS); |
| 150 | if (unlikely(dest->data == NULL)) | 139 | if (unlikely(dest->data == NULL)) |
| 151 | return ERR_PTR(-ENOMEM); | 140 | return ERR_PTR(-ENOMEM); |
| 152 | dest->len = len; | 141 | dest->len = len; |
| @@ -171,7 +160,7 @@ gss_alloc_context(void) | |||
| 171 | { | 160 | { |
| 172 | struct gss_cl_ctx *ctx; | 161 | struct gss_cl_ctx *ctx; |
| 173 | 162 | ||
| 174 | ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); | 163 | ctx = kzalloc(sizeof(*ctx), GFP_NOFS); |
| 175 | if (ctx != NULL) { | 164 | if (ctx != NULL) { |
| 176 | ctx->gc_proc = RPC_GSS_PROC_DATA; | 165 | ctx->gc_proc = RPC_GSS_PROC_DATA; |
| 177 | ctx->gc_seq = 1; /* NetApp 6.4R1 doesn't accept seq. no. 0 */ | 166 | ctx->gc_seq = 1; /* NetApp 6.4R1 doesn't accept seq. no. 0 */ |
| @@ -272,7 +261,7 @@ __gss_find_upcall(struct rpc_inode *rpci, uid_t uid) | |||
| 272 | return NULL; | 261 | return NULL; |
| 273 | } | 262 | } |
| 274 | 263 | ||
| 275 | /* Try to add a upcall to the pipefs queue. | 264 | /* Try to add an upcall to the pipefs queue. |
| 276 | * If an upcall owned by our uid already exists, then we return a reference | 265 | * If an upcall owned by our uid already exists, then we return a reference |
| 277 | * to that upcall instead of adding the new upcall. | 266 | * to that upcall instead of adding the new upcall. |
| 278 | */ | 267 | */ |
| @@ -341,7 +330,7 @@ gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid) | |||
| 341 | { | 330 | { |
| 342 | struct gss_upcall_msg *gss_msg; | 331 | struct gss_upcall_msg *gss_msg; |
| 343 | 332 | ||
| 344 | gss_msg = kzalloc(sizeof(*gss_msg), GFP_KERNEL); | 333 | gss_msg = kzalloc(sizeof(*gss_msg), GFP_NOFS); |
| 345 | if (gss_msg != NULL) { | 334 | if (gss_msg != NULL) { |
| 346 | INIT_LIST_HEAD(&gss_msg->list); | 335 | INIT_LIST_HEAD(&gss_msg->list); |
| 347 | rpc_init_wait_queue(&gss_msg->rpc_waitqueue, "RPCSEC_GSS upcall waitq"); | 336 | rpc_init_wait_queue(&gss_msg->rpc_waitqueue, "RPCSEC_GSS upcall waitq"); |
| @@ -493,7 +482,6 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen) | |||
| 493 | { | 482 | { |
| 494 | const void *p, *end; | 483 | const void *p, *end; |
| 495 | void *buf; | 484 | void *buf; |
| 496 | struct rpc_clnt *clnt; | ||
| 497 | struct gss_upcall_msg *gss_msg; | 485 | struct gss_upcall_msg *gss_msg; |
| 498 | struct inode *inode = filp->f_path.dentry->d_inode; | 486 | struct inode *inode = filp->f_path.dentry->d_inode; |
| 499 | struct gss_cl_ctx *ctx; | 487 | struct gss_cl_ctx *ctx; |
| @@ -503,11 +491,10 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen) | |||
| 503 | if (mlen > MSG_BUF_MAXSIZE) | 491 | if (mlen > MSG_BUF_MAXSIZE) |
| 504 | goto out; | 492 | goto out; |
| 505 | err = -ENOMEM; | 493 | err = -ENOMEM; |
| 506 | buf = kmalloc(mlen, GFP_KERNEL); | 494 | buf = kmalloc(mlen, GFP_NOFS); |
| 507 | if (!buf) | 495 | if (!buf) |
| 508 | goto out; | 496 | goto out; |
| 509 | 497 | ||
| 510 | clnt = RPC_I(inode)->private; | ||
| 511 | err = -EFAULT; | 498 | err = -EFAULT; |
| 512 | if (copy_from_user(buf, src, mlen)) | 499 | if (copy_from_user(buf, src, mlen)) |
| 513 | goto err; | 500 | goto err; |
| @@ -806,7 +793,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | |||
| 806 | dprintk("RPC: gss_create_cred for uid %d, flavor %d\n", | 793 | dprintk("RPC: gss_create_cred for uid %d, flavor %d\n", |
| 807 | acred->uid, auth->au_flavor); | 794 | acred->uid, auth->au_flavor); |
| 808 | 795 | ||
| 809 | if (!(cred = kzalloc(sizeof(*cred), GFP_KERNEL))) | 796 | if (!(cred = kzalloc(sizeof(*cred), GFP_NOFS))) |
| 810 | goto out_err; | 797 | goto out_err; |
| 811 | 798 | ||
| 812 | rpcauth_init_cred(&cred->gc_base, acred, auth, &gss_credops); | 799 | rpcauth_init_cred(&cred->gc_base, acred, auth, &gss_credops); |