aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* Merge branch 'audit.b50' of ↵Linus Torvalds2008-04-29
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current * 'audit.b50' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] new predicate - AUDIT_FILETYPE [patch 2/2] Use find_task_by_vpid in audit code [patch 1/2] audit: let userspace fully control TTY input auditing [PATCH 2/2] audit: fix sparse shadowed variable warnings [PATCH 1/2] audit: move extern declarations to audit.h Audit: MAINTAINERS update Audit: increase the maximum length of the key field Audit: standardize string audit interfaces Audit: stop deadlock from signals under load Audit: save audit_backlog_limit audit messages in case auditd comes back Audit: collect sessionid in netlink messages Audit: end printk with newline
| * Audit: collect sessionid in netlink messagesEric Paris2008-04-28
| | | | | | | | | | | | | | | | | | | | Previously I added sessionid output to all audit messages where it was available but we still didn't know the sessionid of the sender of netlink messages. This patch adds that information to netlink messages so we can audit who sent netlink messages. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* | Remove duplicated unlikely() in IS_ERR()Hirofumi Nakagawa2008-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some drivers have duplicated unlikely() macros. IS_ERR() already has unlikely() in itself. This patch cleans up such pointless code. Signed-off-by: Hirofumi Nakagawa <hnakagawa@miraclelinux.com> Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Jeff Garzik <jeff@garzik.org> Cc: Paul Clements <paul.clements@steeleye.com> Cc: Richard Purdie <rpurdie@rpsys.net> Cc: Alessandro Zummo <a.zummo@towertech.it> Cc: David Brownell <david-b@pacbell.net> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Cc: Anton Altaparmakov <aia21@cantab.net> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Carsten Otte <cotte@de.ibm.com> Cc: Patrick McHardy <kaber@trash.net> Cc: Paul Mundt <lethal@linux-sh.org> Cc: Jaroslav Kysela <perex@perex.cz> Cc: Takashi Iwai <tiwai@suse.de> Acked-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | proc: switch /proc/irda/irnet to seq_file interfaceAlexey Dobriyan2008-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Probably interface misuse, because of the way iterating over hashbin is done. However! Printing of socket number ("IrNET socket %d - ", i++") made conversion to proper ->start/->next difficult enough to do blindly without hardware. Said that, please apply. Remove useless comment while I am it. Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Cc: Samuel Ortiz <samuel@sortiz.org> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2008-04-28
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: iwlwifi: Allow building iwl3945 without iwl4965. wireless: Fix compile error with wifi & leds tcp: Fix slab corruption with ipv6 and tcp6fuzz ipv4/ipv6 compat: Fix SSM applications on 64bit kernels. [IPSEC]: Use digest_null directly for auth sunrpc: fix missing kernel-doc can: Fix copy_from_user() results interpretation Revert "ipv6: Fix typo in net/ipv6/Kconfig" tipc: endianness annotations ipv6: result of csum_fold() is already 16bit, no need to cast [XFRM] AUDIT: Fix flowlabel text format ambibuity.
| * wireless: Fix compile error with wifi & ledsLuca Tettamanti2008-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | Fix build error caused by commit e82404ad612ebabc65d15c3d59b971cb35c3ff36 ("iwlwifi: Select LEDS_CLASS.") from David Miller: Since MAC80211_LEDS is selected by wireless drivers it must select its own dependencies otherwise a build error may occur (kbuild will select the symbol regardless of "depends" constraints). Signed-off-By: Luca Tettamanti <kronos.it@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * tcp: Fix slab corruption with ipv6 and tcp6fuzzEvgeniy Polyakov2008-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From: Evgeniy Polyakov <johnpol@2ka.mipt.ru> This fixes a regression added by ec3c0982a2dd1e671bad8e9d26c28dcba0039d87 ("[TCP]: TCP_DEFER_ACCEPT updates - process as established") tcp_v6_do_rcv()->tcp_rcv_established(), the latter goes to step5, where eventually skb can be freed via tcp_data_queue() (drop: label), then if check for tcp_defer_accept_check() returns true and thus tcp_rcv_established() returns -1, which forces tcp_v6_do_rcv() to jump to reset: label, which in turn will pass through discard: label and free the same skb again. Tested by Eric Sesterhenn. Signed-off-by: David S. Miller <davem@davemloft.net> Acked-By: Patrick McManus <mcmanus@ducksong.com>
| * ipv4/ipv6 compat: Fix SSM applications on 64bit kernels.David L Stevens2008-04-27
| | | | | | | | | | | | | | | | Add support on 64-bit kernels for seting 32-bit compatible MCAST* socket options. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPSEC]: Use digest_null directly for authHerbert Xu2008-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously digest_null had no setkey function which meant that we used hmac(digest_null) for IPsec since IPsec always calls setkey. Now that digest_null has a setkey we no longer need to do that. In fact when only confidentiality is specified for ESP we already use digest_null directly. However, when the null algorithm is explicitly specified by the user we still opt for hmac(digest_null). This patch removes this discrepancy. I have not added a new compat name for it because by chance it wasn't actualy possible for the user to specify the name hmac(digest_null) due to a key length check in xfrm_user (which I found out when testing that compat name :) Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| * sunrpc: fix missing kernel-docRandy Dunlap2008-04-27
| | | | | | | | | | | | | | | | | | Fix missing sunrpc kernel-doc: Warning(linux-2.6.25-git7//net/sunrpc/xprt.c:451): No description found for parameter 'action' Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * can: Fix copy_from_user() results interpretationSam Ravnborg2008-04-27
| | | | | | | | | | | | | | | | | | | | | | Both copy_to_ and _from_user return the number of bytes, that failed to reach their destination, not the 0/-EXXX values. Based on patch from Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> Acked-by: Oliver Hartkopp <oliver.hartkopp@volkswagen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
| * Revert "ipv6: Fix typo in net/ipv6/Kconfig"David S. Miller2008-04-27
| | | | | | | | | | | | | | | | This reverts commit 5b3f129c5592ca35b3fe8916767c58b98710478c. As requested by Maciej W. Rozycki. Signed-off-by: David S. Miller <davem@davemloft.net>
| * tipc: endianness annotationsAl Viro2008-04-27
| | | | | | | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
| * ipv6: result of csum_fold() is already 16bit, no need to castAl Viro2008-04-27
| | | | | | | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [XFRM] AUDIT: Fix flowlabel text format ambibuity.YOSHIFUJI Hideaki2008-04-27
| | | | | | | | | | | | | | | | | | Flowlabel text format was not correct and thus ambiguous. For example, 0x00123 or 0x01203 are formatted as 0x123. This is not what audit tools want. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | asm/unaligned.h doesn't work well as the very first includeAl Viro2008-04-27
| | | | | | | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2008-04-25
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (48 commits) net: Fix wrong interpretation of some copy_to_user() results. xfrm: alg_key_len & alg_icv_len should be unsigned [netdrvr] tehuti: move ioctl perm check closer to function start ipv6: Fix typo in net/ipv6/Kconfig via-velocity: fix vlan receipt tg3: sparse cleanup forcedeth: realtek phy crossover detection ibm_newemac: Increase MDIO timeouts gianfar: Fix skb allocation strategy netxen: reduce stack usage of netxen_nic_flash_print smc911x: test after postfix decrement fails in smc911x_{reset,drop_pkt} net drivers: fix platform driver hotplug/coldplug forcedeth: new backoff implementation ehea: make things static phylib: Add support for board-level PHY fixups [netdrvr] atlx: code movement: move atl1 parameter parsing atlx: remove flash vendor parameter korina: misc cleanup korina: fix misplaced return statement WAN: Fix confusing insmod error code for C101 too. ...
| * net: Fix wrong interpretation of some copy_to_user() results.Pavel Emelyanov2008-04-25
| | | | | | | | | | | | | | | | | | | | I found some places, that erroneously return the value obtained from the copy_to_user() call: if some amount of bytes were not able to get to the user (this is what this one returns) the proper behavior is to return the -EFAULT error, not that number itself. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * ipv6: Fix typo in net/ipv6/KconfigMichael Beasley2008-04-25
| | | | | | | | | | | | | | | | | | Two is used in the wrong context here, as you are connecting to an IPv6 network over IPv4; not connecting two IPv6 networks to an IPv4 one. Signed-off-by: Michael Beasley <youvegotmoxie@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * ipv6 RAW: Disallow IPPROTO_IPV6-level IPV6_CHECKSUM socket option on ICMPv6 ↵YOSHIFUJI Hideaki2008-04-25
| | | | | | | | | | | | | | | | | | | | | | sockets. RFC3542 tells that IPV6_CHECKSUM socket option in the IPPROTO_IPV6 level is not allowed on ICMPv6 sockets. IPPROTO_RAW level IPV6_CHECKSUM socket option (a Linux extension) is still allowed. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * tcp: tcp_probe buffer overflow and incorrect return valueTom Quetchenbach2008-04-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tcp_probe has a bounds-checking bug that causes many programs (less, python) to crash reading /proc/net/tcp_probe. When it outputs a log line to the reader, it only checks if that line alone will fit in the reader's buffer, rather than that line and all the previous lines it has already written. tcpprobe_read also returns the wrong value if copy_to_user fails--it just passes on the return value of copy_to_user (number of bytes not copied), which makes a failure look like a success. This patch fixes the buffer overflow and sets the return value to -EFAULT if copy_to_user fails. Patch is against latest net-2.6; tested briefly and seems to fix the crashes in less and python. Signed-off-by: Tom Quetchenbach <virtualphtn@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * ethtool: EEPROM dump no longer works for tg3 and natsemiMandeep Singh Baines2008-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the ethtool user-space application, tg3 and natsemi over-ride the default implementation of dump_eeprom(). In both tg3_dump_eeprom() and natsemi_dump_eeprom(), there is a magic number check which is not present in the default implementation. Commit b131dd5d ("[ETHTOOL]: Add support for large eeproms") snipped the code which copied the ethtool_eeprom structure back to user-space. tg3 and natsemi are over-writing the magic number field and then checking it in user-space. With the ethtool_eeprom copy removed, the check is failing. The fix is simple. Add the ethtool_eeprom copy back. Signed-off-by: Mandeep Singh Baines <msb@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * af_key: Fix af_key.c compiler warningBrian Haley2008-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | net/key/af_key.c: In function ‘pfkey_spddelete’: net/key/af_key.c:2359: warning: ‘pol_ctx’ may be used uninitialized in this function When CONFIG_SECURITY_NETWORK_XFRM isn't set, security_xfrm_policy_alloc() is an inline that doesn't set pol_ctx, so this seemed like the easiest fix short of using *uninitialized_var(pol_ctx). Signed-off-by: Brian Haley <brian.haley@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | RxRPC: Fix a regression in the RXKAD security moduleDavid Howells2008-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a regression in the RXKAD security module introduced in: commit 91e916cffec7c0153c5cbaa447151862a7a9a047 Author: Al Viro <viro@ftp.linux.org.uk> Date: Sat Mar 29 03:08:38 2008 +0000 net/rxrpc trivial annotations A variable was declared as a 16-bit type rather than a 32-bit type. Signed-off-by: David Howells <dhowells@redhat.com> Acked-with-apologies-by: Al Viro <viro@ZenIV.linux.org.uk> Signed-of-by: Linus Torvalds <torvalds@linux-foundation.org>
* | Merge git://git.linux-nfs.org/projects/trondmy/nfs-2.6Linus Torvalds2008-04-24
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.linux-nfs.org/projects/trondmy/nfs-2.6: (80 commits) SUNRPC: Invalidate the RPCSEC_GSS session if the server dropped the request make nfs_automount_list static NFS: remove duplicate flags assignment from nfs_validate_mount_data NFS - fix potential NULL pointer dereference v2 SUNRPC: Don't change the RPCSEC_GSS context on a credential that is in use SUNRPC: Fix a race in gss_refresh_upcall() SUNRPC: Don't disconnect more than once if retransmitting NFSv4 requests SUNRPC: Remove the unused export of xprt_force_disconnect SUNRPC: remove XS_SENDMSG_RETRY SUNRPC: Protect creds against early garbage collection NFSv4: Attempt to use machine credentials in SETCLIENTID calls NFSv4: Reintroduce machine creds NFSv4: Don't use cred->cr_ops->cr_name in nfs4_proc_setclientid() nfs: fix printout of multiword bitfields nfs: return negative error value from nfs{,4}_stat_to_errno NLM/lockd: Ensure client locking calls use correct credentials NFS: Remove the buggy lock-if-signalled case from do_setlk() NLM/lockd: Fix a race when cancelling a blocking lock NLM/lockd: Ensure that nlmclnt_cancel() returns results of the CANCEL call NLM: Remove the signal masking in nlmclnt_proc/nlmclnt_cancel ...
| * \ Merge branch 'devel'Trond Myklebust2008-04-24
| |\ \
| | * | SUNRPC: Invalidate the RPCSEC_GSS session if the server dropped the requestTrond Myklebust2008-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC 2203 requires the server to drop the request if it believes the RPCSEC_GSS context is out of sequence. The problem is that we have no way on the client to know why the server dropped the request. In order to avoid spinning forever trying to resend the request, the safe approach is therefore to always invalidate the RPCSEC_GSS context on every major timeout. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Don't change the RPCSEC_GSS context on a credential that is in useTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a server rejects our credential with an AUTH_REJECTEDCRED or similar, we need to refresh the credential and then retry the request. However, we do want to allow any requests that are in flight to finish executing, so that we can at least attempt to process the replies that depend on this instance of the credential. The solution is to ensure that gss_refresh() looks up an entirely new RPCSEC_GSS credential instead of attempting to create a context for the existing invalid credential. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Fix a race in gss_refresh_upcall()Trond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If the downcall completes before we get the spin_lock then we currently fail to refresh the credential. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Don't disconnect more than once if retransmitting NFSv4 requestsTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NFSv4 requires us to ensure that we break the TCP connection before we're allowed to retransmit a request. However in the case where we're retransmitting several requests that have been sent on the same connection, we need to ensure that we don't interfere with the attempt to reconnect and/or break the connection again once it has been established. We therefore introduce a 'connection' cookie that is bumped every time a connection is broken. This allows requests to track if they need to force a disconnection. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Remove the unused export of xprt_force_disconnectTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: remove XS_SENDMSG_RETRYTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The condition for exiting from the loop in xs_tcp_send_request() should be that we find we're not making progress (i.e. number of bytes sent is 0). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Protect creds against early garbage collectionTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | NFSv4: Reintroduce machine credsTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need to try to ensure that we always use the same credentials whenever we re-establish the clientid on the server. If not, the server won't recognise that we're the same client, and so may not allow us to recover state. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | NFSv4: Don't use cred->cr_ops->cr_name in nfs4_proc_setclientid()Trond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the recent change to generic creds, we can no longer use cred->cr_ops->cr_name to distinguish between RPCSEC_GSS principals and AUTH_SYS/AUTH_NULL identities. Replace it with the rpc_authops->au_name instead... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Fix read ordering problems with req->rq_private_buf.lenTrond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We want to ensure that req->rq_private_buf.len is updated before req->rq_received, so that call_decode() doesn't use an old value for req->rq_rcv_buf.len. In 'call_decode()' itself, instead of using task->tk_status (which is set using req->rq_received) must use the actual value of req->rq_private_buf.len when deciding whether or not the received RPC reply is too short. Finally ensure that we set req->rq_rcv_buf.len to zero when retrying a request. A typo meant that we were resetting req->rq_private_buf.len in call_decode(), and then clobbering that value with the old rq_rcv_buf.len again in xprt_transmit(). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Don't attempt to destroy expired RPCSEC_GSS credentials..Trond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ..and always destroy using a 'soft' RPC call. Destroying GSS credentials isn't mandatory; the server can always cope with a few credentials not getting destroyed in a timely fashion. This actually fixes a hang situation. Basically, some servers will decide that the client is crazy if it tries to destroy an RPC context for which they have sent an RPCSEC_GSS_CREDPROBLEM, and so will refuse to talk to it for a while. The regression therefor probably was introduced by commit 0df7fb74fbb709591301871a38aac7735a1d6583. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Fix up xprt_write_space()Trond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The rest of the networking layer uses SOCK_ASYNC_NOSPACE to signal whether or not we have someone waiting for buffer memory. Convert the SUNRPC layer to use the same idiom. Remove the unlikely()s in xs_udp_write_space and xs_tcp_write_space. In fact, the most common case will be that there is nobody waiting for buffer space. SOCK_NOSPACE is there to tell the TCP layer whether or not the cwnd was limited by the application window. Ensure that we follow the same idiom as the rest of the networking layer here too. Finally, ensure that we clear SOCK_ASYNC_NOSPACE once we wake up, so that write_space() doesn't keep waking things up on xprt->pending. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | SUNRPC: Fix a bug in call_decode()Trond Myklebust2008-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | call_verify() can, under certain circumstances, free the RPC slot. In that case, our cached pointer 'req = task->tk_rqstp' is invalid. Bug was introduced in commit 220bcc2afd7011b3e0569fc178331fa983c92c1b (SUNRPC: Don't call xprt_release in call refresh). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | Merge branch 'hotfixes' into develTrond Myklebust2008-03-19
| | |\ \
| | * | | SUNRPC: Add a helper rpcauth_lookup_generic_cred()Trond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The NFSv4 protocol allows clients to negotiate security protocols on the fly in the case where an administrator on the server changes the export settings and/or in the case where we may have a filesystem migration event. Instead of having the NFS client code cache credentials that are tied to a particular AUTH method it is therefore preferable to have a generic credential that can be converted into whatever AUTH is in use by the RPC client when the read/write/sillyrename/... is put on the wire. We do this by means of the new "generic" credential, which basically just caches the minimal information that is needed to look up an RPCSEC_GSS, AUTH_SYS, or AUTH_NULL credential. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | SUNRPC: Add an rpc_credop callback for binding a credential to an rpc_taskTrond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We need the ability to treat 'generic' creds specially, since they want to bind instances of the auth cred instead of binding themselves. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | SUNRPC: Add a generic RPC credentialTrond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an rpc credential that is not tied to any particular auth mechanism, but that can be cached by NFS, and later used to look up a cred for whichever auth mechanism that turns out to be valid when the RPC call is being made. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | SUNRPC: Clean up rpcauth_bindcred()Trond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | SUNRPC: Fix RPCAUTH_LOOKUP_ROOTCREDSTrond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current RPCAUTH_LOOKUP_ROOTCREDS flag only works for AUTH_SYS authentication, and then only as a special case in the code. This patch removes the auth_sys special casing, and replaces it with generic code. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | SUNRPC: Fix a bug in rpcauth_lookup_credcache()Trond Myklebust2008-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The hash bucket is for some reason always being set to zero. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | Merge commit 'origin' into develTrond Myklebust2008-03-08
| | |\ \ \
| | * \ \ \ Merge branch 'cleanups' into nextTrond Myklebust2008-02-29
| | |\ \ \ \
| | | * | | | SUNRPC: Declare as const the rpc_message arguments to rpc_call_sync/asyncTrond Myklebust2008-02-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| | * | | | | SUNRPC: Remove now-redundant RCU-safe rpc_task free pathTrond Myklebust2008-02-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that we've tightened up the locking rules for RPC queue wakeups, we can remove the RCU-safe kfree calls... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>