tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

nfsd4: move principal name into svc_cred

Instead of keeping the principal name associated with a request in a
structure that's private to auth_gss and using an accessor function,
move it to svc_cred.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>

J. Bruce Fields 03a4e1f6 631fc9ea

+38 -41
+1 -1
fs/nfs/callback.c
··· 343 343 int 344 344 check_gss_callback_principal(struct nfs_client *clp, struct svc_rqst *rqstp) 345 345 { 346 - char *p = svc_gss_principal(rqstp); 346 + char *p = rqstp->rq_cred.cr_principal; 347 347 348 348 if (rqstp->rq_authop->flavour != RPC_AUTH_GSS) 349 349 return 1;
+3 -2
fs/nfsd/nfs4callback.c
··· 650 650 struct rpc_clnt *client; 651 651 652 652 if (clp->cl_minorversion == 0) { 653 - if (!clp->cl_principal && (clp->cl_flavor >= RPC_AUTH_GSS_KRB5)) 653 + if (!clp->cl_cred.cr_principal && 654 + (clp->cl_flavor >= RPC_AUTH_GSS_KRB5)) 654 655 return -EINVAL; 655 - args.client_name = clp->cl_principal; 656 + args.client_name = clp->cl_cred.cr_principal; 656 657 args.prognumber = conn->cb_prog, 657 658 args.protocol = XPRT_TRANSPORT_TCP; 658 659 args.authflavor = clp->cl_flavor;
+17 -17
fs/nfsd/nfs4state.c
··· 1087 1087 list_del(&ses->se_perclnt); 1088 1088 nfsd4_put_session_locked(ses); 1089 1089 } 1090 - if (clp->cl_cred.cr_group_info) 1091 - put_group_info(clp->cl_cred.cr_group_info); 1092 - kfree(clp->cl_principal); 1090 + free_svc_cred(&clp->cl_cred); 1093 1091 kfree(clp->cl_name.data); 1094 1092 kfree(clp); 1095 1093 } ··· 1168 1170 target->cl_clientid.cl_id = source->cl_clientid.cl_id; 1169 1171 } 1170 1172 1171 - static void copy_cred(struct svc_cred *target, struct svc_cred *source) 1173 + static int copy_cred(struct svc_cred *target, struct svc_cred *source) 1172 1174 { 1175 + if (source->cr_principal) { 1176 + target->cr_principal = 1177 + kstrdup(source->cr_principal, GFP_KERNEL); 1178 + if (target->cr_principal == NULL) 1179 + return -ENOMEM; 1180 + } else 1181 + target->cr_principal = NULL; 1173 1182 target->cr_uid = source->cr_uid; 1174 1183 target->cr_gid = source->cr_gid; 1175 1184 target->cr_group_info = source->cr_group_info; 1176 1185 get_group_info(target->cr_group_info); 1186 + return 0; 1177 1187 } 1178 1188 1179 1189 static int same_name(const char *n1, const char *n2) ··· 1248 1242 { 1249 1243 struct nfs4_client *clp; 1250 1244 struct sockaddr *sa = svc_addr(rqstp); 1251 - char *princ; 1245 + int ret; 1252 1246 1253 1247 clp = alloc_client(name); 1254 1248 if (clp == NULL) 1255 1249 return NULL; 1256 1250 1257 1251 INIT_LIST_HEAD(&clp->cl_sessions); 1258 - 1259 - princ = svc_gss_principal(rqstp); 1260 - if (princ) { 1261 - clp->cl_principal = kstrdup(princ, GFP_KERNEL); 1262 - if (clp->cl_principal == NULL) { 1263 - spin_lock(&client_lock); 1264 - free_client(clp); 1265 - spin_unlock(&client_lock); 1266 - return NULL; 1267 - } 1252 + ret = copy_cred(&clp->cl_cred, &rqstp->rq_cred); 1253 + if (ret) { 1254 + spin_lock(&client_lock); 1255 + free_client(clp); 1256 + spin_unlock(&client_lock); 1257 + return NULL; 1268 1258 } 1269 - 1270 1259 idr_init(&clp->cl_stateids); 1271 1260 memcpy(clp->cl_recdir, recdir, HEXDIR_LEN); 1272 1261 atomic_set(&clp->cl_refcount, 0); ··· 1280 1279 copy_verf(clp, verf); 1281 1280 rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa); 1282 1281 clp->cl_flavor = rqstp->rq_flavor; 1283 - copy_cred(&clp->cl_cred, &rqstp->rq_cred); 1284 1282 gen_confirm(clp); 1285 1283 clp->cl_cb_session = NULL; 1286 1284 return clp;
-1
fs/nfsd/state.h
··· 232 232 time_t cl_time; /* time of last lease renewal */ 233 233 struct sockaddr_storage cl_addr; /* client ipaddress */ 234 234 u32 cl_flavor; /* setclientid pseudoflavor */ 235 - char *cl_principal; /* setclientid principal name */ 236 235 struct svc_cred cl_cred; /* setclientid principal */ 237 236 clientid_t cl_clientid; /* generated by server */ 238 237 nfs4_verifier cl_confirm; /* generated by server */
+9
include/linux/sunrpc/svcauth.h
··· 15 15 #include <linux/sunrpc/msg_prot.h> 16 16 #include <linux/sunrpc/cache.h> 17 17 #include <linux/hash.h> 18 + #include <linux/cred.h> 18 19 19 20 struct svc_cred { 20 21 uid_t cr_uid; 21 22 gid_t cr_gid; 22 23 struct group_info *cr_group_info; 24 + char *cr_principal; /* for gss */ 23 25 }; 26 + 27 + static inline void free_svc_cred(struct svc_cred *cred) 28 + { 29 + if (cred->cr_group_info) 30 + put_group_info(cred->cr_group_info); 31 + kfree(cred->cr_principal); 32 + } 24 33 25 34 struct svc_rqst; /* forward decl */ 26 35 struct in6_addr;
-1
include/linux/sunrpc/svcauth_gss.h
··· 22 22 void gss_svc_shutdown_net(struct net *net); 23 23 int svcauth_gss_register_pseudoflavor(u32 pseudoflavor, char * name); 24 24 u32 svcauth_gss_flavor(struct auth_domain *dom); 25 - char *svc_gss_principal(struct svc_rqst *); 26 25 27 26 #endif /* __KERNEL__ */ 28 27 #endif /* _LINUX_SUNRPC_SVCAUTH_GSS_H */
+6 -19
net/sunrpc/auth_gss/svcauth_gss.c
··· 335 335 struct svc_cred cred; 336 336 struct gss_svc_seq_data seqdata; 337 337 struct gss_ctx *mechctx; 338 - char *client_name; 339 338 }; 340 339 341 340 static struct rsc *rsc_update(struct cache_detail *cd, struct rsc *new, struct rsc *old); ··· 345 346 kfree(rsci->handle.data); 346 347 if (rsci->mechctx) 347 348 gss_delete_sec_context(&rsci->mechctx); 348 - if (rsci->cred.cr_group_info) 349 - put_group_info(rsci->cred.cr_group_info); 350 - kfree(rsci->client_name); 349 + free_svc_cred(&rsci->cred); 351 350 } 352 351 353 352 static void rsc_put(struct kref *ref) ··· 383 386 tmp->handle.data = NULL; 384 387 new->mechctx = NULL; 385 388 new->cred.cr_group_info = NULL; 386 - new->client_name = NULL; 389 + new->cred.cr_principal = NULL; 387 390 } 388 391 389 392 static void ··· 398 401 spin_lock_init(&new->seqdata.sd_lock); 399 402 new->cred = tmp->cred; 400 403 tmp->cred.cr_group_info = NULL; 401 - new->client_name = tmp->client_name; 402 - tmp->client_name = NULL; 404 + new->cred.cr_principal = tmp->cred.cr_principal; 405 + tmp->cred.cr_principal = NULL; 403 406 } 404 407 405 408 static struct cache_head * ··· 493 496 /* get client name */ 494 497 len = qword_get(&mesg, buf, mlen); 495 498 if (len > 0) { 496 - rsci.client_name = kstrdup(buf, GFP_KERNEL); 497 - if (!rsci.client_name) 499 + rsci.cred.cr_principal = kstrdup(buf, GFP_KERNEL); 500 + if (!rsci.cred.cr_principal) 498 501 goto out; 499 502 } 500 503 ··· 923 926 __be32 *verf_start; 924 927 struct rsc *rsci; 925 928 }; 926 - 927 - char *svc_gss_principal(struct svc_rqst *rqstp) 928 - { 929 - struct gss_svc_data *gd = (struct gss_svc_data *)rqstp->rq_auth_data; 930 - 931 - if (gd && gd->rsci) 932 - return gd->rsci->client_name; 933 - return NULL; 934 - } 935 - EXPORT_SYMBOL_GPL(svc_gss_principal); 936 929 937 930 static int 938 931 svcauth_gss_set_client(struct svc_rqst *rqstp)
+2
net/sunrpc/svcauth_unix.c
··· 740 740 struct svc_cred *cred = &rqstp->rq_cred; 741 741 742 742 cred->cr_group_info = NULL; 743 + cred->cr_principal = NULL; 743 744 rqstp->rq_client = NULL; 744 745 745 746 if (argv->iov_len < 3*4) ··· 806 805 int len = argv->iov_len; 807 806 808 807 cred->cr_group_info = NULL; 808 + cred->cr_principal = NULL; 809 809 rqstp->rq_client = NULL; 810 810 811 811 if ((len -= 3*4) < 0)