xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

NFS/NFSD/SUNRPC: replace generic creds with 'struct cred'.

Browse Source 
SUNRPC has two sorts of credentials, both of which appear as
"struct rpc_cred".
There are "generic credentials" which are supplied by clients
such as NFS and passed in 'struct rpc_message' to indicate
which user should be used to authorize the request, and there
are low-level credentials such as AUTH_NULL, AUTH_UNIX, AUTH_GSS
which describe the credential to be sent over the wires.

This patch replaces all the generic credentials by 'struct cred'
pointers - the credential structure used throughout Linux.

For machine credentials, there is a special 'struct cred *' pointer
which is statically allocated and recognized where needed as
having a special meaning.  A look-up of a low-level cred will
map this to a machine credential.

Signed-off-by: NeilBrown <neilb@suse.com>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
This commit is contained in:
NeilBrown
2018-12-03 11:30:31 +11:00
committed by Anna Schumaker
parent 684f39b4cf
commit a52458b48a
33 changed files with 261 additions and 343 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
fs/nfsd/nfs4callback.c
View File

@@ -844,18 +844,15 @@ static int max_cb_time(struct net *net)
return max(nn->nfsd4_lease/10, (time_t)1) * HZ;
}
static struct rpc_cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc_clnt *client, struct nfsd4_session *ses)
static const struct cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc_clnt *client, struct nfsd4_session *ses)
{
if (clp->cl_minorversion == 0) {
client->cl_principal = clp->cl_cred.cr_targ_princ ?
clp->cl_cred.cr_targ_princ : "nfs";
return get_rpccred(rpc_machine_cred());
return get_cred(rpc_machine_cred());
} else {
struct rpc_auth *auth = client->cl_auth;
struct auth_cred acred = {};
struct cred *kcred;
struct rpc_cred *ret;
kcred = prepare_kernel_cred(NULL);
if (!kcred)
@@ -863,10 +860,7 @@ static struct rpc_cred *get_backchannel_cred(struct nfs4_client *clp, struct rpc
kcred->uid = ses->se_cb_sec.uid;
kcred->gid = ses->se_cb_sec.gid;
acred.cred = kcred;
ret = auth->au_ops->lookup_cred(client->cl_auth, &acred, 0);
put_cred(kcred);
return ret;
return kcred;
}
}
@@ -889,7 +883,7 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c
.flags = (RPC_CLNT_CREATE_NOPING | RPC_CLNT_CREATE_QUIET),
};
struct rpc_clnt *client;
struct rpc_cred *cred;
const struct cred *cred;
if (clp->cl_minorversion == 0) {
if (!clp->cl_cred.cr_principal &&
@@ -1219,7 +1213,7 @@ static void nfsd4_process_cb_update(struct nfsd4_callback *cb)
if (clp->cl_cb_client) {
rpc_shutdown_client(clp->cl_cb_client);
clp->cl_cb_client = NULL;
put_rpccred(clp->cl_cb_cred);
put_cred(clp->cl_cb_cred);
clp->cl_cb_cred = NULL;
}
if (clp->cl_cb_conn.cb_xprt) {