SUNRPC: Add enum svc_auth_status · tjh.dev/kernel@78c542f

+1 -1

fs/lockd/svc.c

··· 506 506 } 507 507 508 508 509 - static int lockd_authenticate(struct svc_rqst *rqstp) 509 + static enum svc_auth_status lockd_authenticate(struct svc_rqst *rqstp) 510 510 { 511 511 rqstp->rq_client = NULL; 512 512 switch (rqstp->rq_authop->flavour) {

+1 -1

fs/nfs/callback.c

··· 372 372 * All other checking done after NFS decoding where the nfs_client can be 373 373 * found in nfs4_callback_compound 374 374 */ 375 - static int nfs_callback_authenticate(struct svc_rqst *rqstp) 375 + static enum svc_auth_status nfs_callback_authenticate(struct svc_rqst *rqstp) 376 376 { 377 377 rqstp->rq_auth_stat = rpc_autherr_badcred; 378 378

+1 -1

include/linux/sunrpc/svc.h

··· 336 336 char * pg_name; /* service name */ 337 337 char * pg_class; /* class name: services sharing authentication */ 338 338 struct svc_stat * pg_stats; /* rpc statistics */ 339 - int (*pg_authenticate)(struct svc_rqst *); 339 + enum svc_auth_status (*pg_authenticate)(struct svc_rqst *rqstp); 340 340 __be32 (*pg_init_request)(struct svc_rqst *, 341 341 const struct svc_program *, 342 342 struct svc_process_info *);

+24 -26

include/linux/sunrpc/svcauth.h

··· 83 83 struct rcu_head rcu_head; 84 84 }; 85 85 86 + enum svc_auth_status { 87 + SVC_GARBAGE = 1, 88 + SVC_SYSERR, 89 + SVC_VALID, 90 + SVC_NEGATIVE, 91 + SVC_OK, 92 + SVC_DROP, 93 + SVC_CLOSE, 94 + SVC_DENIED, 95 + SVC_PENDING, 96 + SVC_COMPLETE, 97 + }; 98 + 86 99 /* 87 100 * Each authentication flavour registers an auth_ops 88 101 * structure. ··· 111 98 * is (probably) already in place. Certainly space is 112 99 * reserved for it. 113 100 * DROP - simply drop the request. It may have been deferred 101 + * CLOSE - like SVC_DROP, but request is definitely lost. 102 + * If there is a tcp connection, it should be closed. 114 103 * GARBAGE - rpc garbage_args error 115 104 * SYSERR - rpc system_err error 116 105 * DENIED - authp holds reason for denial. ··· 126 111 * 127 112 * release() is given a request after the procedure has been run. 128 113 * It should sign/encrypt the results if needed 129 - * It should return: 130 - * OK - the resbuf is ready to be sent 131 - * DROP - the reply should be quitely dropped 132 - * DENIED - authp holds a reason for MSG_DENIED 133 - * SYSERR - rpc system_err 134 114 * 135 115 * domain_release() 136 116 * This call releases a domain. 117 + * 137 118 * set_client() 138 119 * Givens a pending request (struct svc_rqst), finds and assigns 139 120 * an appropriate 'auth_domain' as the client. ··· 138 127 char * name; 139 128 struct module *owner; 140 129 int flavour; 141 - int (*accept)(struct svc_rqst *rq); 142 - int (*release)(struct svc_rqst *rq); 143 - void (*domain_release)(struct auth_domain *); 144 - int (*set_client)(struct svc_rqst *rq); 145 - }; 146 130 147 - #define SVC_GARBAGE 1 148 - #define SVC_SYSERR 2 149 - #define SVC_VALID 3 150 - #define SVC_NEGATIVE 4 151 - #define SVC_OK 5 152 - #define SVC_DROP 6 153 - #define SVC_CLOSE 7 /* Like SVC_DROP, but request is definitely 154 - * lost so if there is a tcp connection, it 155 - * should be closed 156 - */ 157 - #define SVC_DENIED 8 158 - #define SVC_PENDING 9 159 - #define SVC_COMPLETE 10 131 + enum svc_auth_status (*accept)(struct svc_rqst *rqstp); 132 + int (*release)(struct svc_rqst *rqstp); 133 + void (*domain_release)(struct auth_domain *dom); 134 + enum svc_auth_status (*set_client)(struct svc_rqst *rqstp); 135 + }; 160 136 161 137 struct svc_xprt; 162 138 163 - extern int svc_authenticate(struct svc_rqst *rqstp); 139 + extern enum svc_auth_status svc_authenticate(struct svc_rqst *rqstp); 164 140 extern int svc_authorise(struct svc_rqst *rqstp); 165 - extern int svc_set_client(struct svc_rqst *rqstp); 141 + extern enum svc_auth_status svc_set_client(struct svc_rqst *rqstp); 166 142 extern int svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops); 167 143 extern void svc_auth_unregister(rpc_authflavor_t flavor); 168 144 ··· 159 161 extern struct auth_domain *auth_domain_find(char *name); 160 162 extern void svcauth_unix_purge(struct net *net); 161 163 extern void svcauth_unix_info_release(struct svc_xprt *xpt); 162 - extern int svcauth_unix_set_client(struct svc_rqst *rqstp); 164 + extern enum svc_auth_status svcauth_unix_set_client(struct svc_rqst *rqstp); 163 165 164 166 extern int unix_gid_cache_create(struct net *net); 165 167 extern void unix_gid_cache_destroy(struct net *net);

+6 -3

include/trace/events/sunrpc.h

··· 1706 1706 TRACE_DEFINE_ENUM(SVC_PENDING); 1707 1707 TRACE_DEFINE_ENUM(SVC_COMPLETE); 1708 1708 1709 - #define svc_show_status(status) \ 1709 + #define show_svc_auth_status(status) \ 1710 1710 __print_symbolic(status, \ 1711 1711 { SVC_GARBAGE, "SVC_GARBAGE" }, \ 1712 1712 { SVC_SYSERR, "SVC_SYSERR" }, \ ··· 1743 1743 __entry->xid, __get_sockaddr(server), __get_sockaddr(client) 1744 1744 1745 1745 TRACE_EVENT_CONDITION(svc_authenticate, 1746 - TP_PROTO(const struct svc_rqst *rqst, int auth_res), 1746 + TP_PROTO( 1747 + const struct svc_rqst *rqst, 1748 + enum svc_auth_status auth_res 1749 + ), 1747 1750 1748 1751 TP_ARGS(rqst, auth_res), 1749 1752 ··· 1769 1766 TP_printk(SVC_RQST_ENDPOINT_FORMAT 1770 1767 " auth_res=%s auth_stat=%s", 1771 1768 SVC_RQST_ENDPOINT_VARARGS, 1772 - svc_show_status(__entry->svc_status), 1769 + show_svc_auth_status(__entry->svc_status), 1773 1770 rpc_show_auth_stat(__entry->auth_stat)) 1774 1771 ); 1775 1772

+2 -5

net/sunrpc/auth_gss/svcauth_gss.c

··· 986 986 return -EINVAL; 987 987 } 988 988 989 - static int 989 + static enum svc_auth_status 990 990 svcauth_gss_set_client(struct svc_rqst *rqstp) 991 991 { 992 992 struct gss_svc_data *svcdata = rqstp->rq_auth_data; ··· 1634 1634 * 1635 1635 * The rqstp->rq_auth_stat field is also set (see RFCs 2203 and 5531). 1636 1636 */ 1637 - static int 1637 + static enum svc_auth_status 1638 1638 svcauth_gss_accept(struct svc_rqst *rqstp) 1639 1639 { 1640 1640 struct gss_svc_data *svcdata = rqstp->rq_auth_data; ··· 1945 1945 * %0: the Reply is ready to be sent 1946 1946 * %-ENOMEM: failed to allocate memory 1947 1947 * %-EINVAL: encoding error 1948 - * 1949 - * XXX: These return values do not match the return values documented 1950 - * for the auth_ops ->release method in linux/sunrpc/svcauth.h. 1951 1948 */ 1952 1949 static int 1953 1950 svcauth_gss_release(struct svc_rqst *rqstp)

+5 -1

net/sunrpc/svc.c

··· 1275 1275 const struct svc_procedure *procp = NULL; 1276 1276 struct svc_serv *serv = rqstp->rq_server; 1277 1277 struct svc_process_info process; 1278 - int auth_res, rc; 1278 + enum svc_auth_status auth_res; 1279 1279 unsigned int aoffset; 1280 + int rc; 1280 1281 __be32 *p; 1281 1282 1282 1283 /* Will be turned off by GSS integrity and privacy services */ ··· 1332 1331 goto dropit; 1333 1332 case SVC_COMPLETE: 1334 1333 goto sendit; 1334 + default: 1335 + pr_warn_once("Unexpected svc_auth_status (%d)\n", auth_res); 1336 + goto err_system_err; 1335 1337 } 1336 1338 1337 1339 if (progp == NULL)

+29 -6

net/sunrpc/svcauth.c

··· 60 60 module_put(aops->owner); 61 61 } 62 62 63 - int 64 - svc_authenticate(struct svc_rqst *rqstp) 63 + /** 64 + * svc_authenticate - Initialize an outgoing credential 65 + * @rqstp: RPC execution context 66 + * 67 + * Return values: 68 + * %SVC_OK: XDR encoding of the result can begin 69 + * %SVC_DENIED: Credential or verifier is not valid 70 + * %SVC_GARBAGE: Failed to decode credential or verifier 71 + * %SVC_COMPLETE: GSS context lifetime event; no further action 72 + * %SVC_DROP: Drop this request; no further action 73 + * %SVC_CLOSE: Like drop, but also close transport connection 74 + */ 75 + enum svc_auth_status svc_authenticate(struct svc_rqst *rqstp) 65 76 { 66 77 struct auth_ops *aops; 67 78 u32 flavor; ··· 100 89 } 101 90 EXPORT_SYMBOL_GPL(svc_authenticate); 102 91 103 - int svc_set_client(struct svc_rqst *rqstp) 92 + /** 93 + * svc_set_client - Assign an appropriate 'auth_domain' as the client 94 + * @rqstp: RPC execution context 95 + * 96 + * Return values: 97 + * %SVC_OK: Client was found and assigned 98 + * %SVC_DENY: Client was explicitly denied 99 + * %SVC_DROP: Ignore this request 100 + * %SVC_CLOSE: Ignore this request and close the connection 101 + */ 102 + enum svc_auth_status svc_set_client(struct svc_rqst *rqstp) 104 103 { 105 104 rqstp->rq_client = NULL; 106 105 return rqstp->rq_authop->set_client(rqstp); 107 106 } 108 107 EXPORT_SYMBOL_GPL(svc_set_client); 109 108 110 - /* A request, which was authenticated, has now executed. 111 - * Time to finalise the credentials and verifier 112 - * and release and resources 109 + /** 110 + * svc_authorise - Finalize credentials/verifier and release resources 111 + * @rqstp: RPC execution context 112 + * 113 + * Returns zero on success, or a negative errno. 113 114 */ 114 115 int svc_authorise(struct svc_rqst *rqstp) 115 116 {

+4 -5

net/sunrpc/svcauth_unix.c

··· 665 665 } 666 666 } 667 667 668 - int 668 + enum svc_auth_status 669 669 svcauth_unix_set_client(struct svc_rqst *rqstp) 670 670 { 671 671 struct sockaddr_in *sin; ··· 736 736 rqstp->rq_auth_stat = rpc_auth_ok; 737 737 return SVC_OK; 738 738 } 739 - 740 739 EXPORT_SYMBOL_GPL(svcauth_unix_set_client); 741 740 742 741 /** ··· 750 751 * 751 752 * rqstp->rq_auth_stat is set as mandated by RFC 5531. 752 753 */ 753 - static int 754 + static enum svc_auth_status 754 755 svcauth_null_accept(struct svc_rqst *rqstp) 755 756 { 756 757 struct xdr_stream *xdr = &rqstp->rq_arg_stream; ··· 827 828 * 828 829 * rqstp->rq_auth_stat is set as mandated by RFC 5531. 829 830 */ 830 - static int 831 + static enum svc_auth_status 831 832 svcauth_tls_accept(struct svc_rqst *rqstp) 832 833 { 833 834 struct xdr_stream *xdr = &rqstp->rq_arg_stream; ··· 912 913 * 913 914 * rqstp->rq_auth_stat is set as mandated by RFC 5531. 914 915 */ 915 - static int 916 + static enum svc_auth_status 916 917 svcauth_unix_accept(struct svc_rqst *rqstp) 917 918 { 918 919 struct xdr_stream *xdr = &rqstp->rq_arg_stream;