diff options
author | Trond Myklebust <trondmy@gmail.com> | 2019-04-09 18:13:39 +0200 |
---|---|---|
committer | J. Bruce Fields <bfields@redhat.com> | 2019-04-24 15:46:35 +0200 |
commit | 40373b125de6bab186e71d5ea5498bb2b845398b (patch) | |
tree | 729dd4fc2bf1ae22ed7ac579799b8e4165ba60da | |
parent | SUNRPC: Temporary sockets should inherit the cred from their parent (diff) | |
download | linux-40373b125de6bab186e71d5ea5498bb2b845398b.tar.xz linux-40373b125de6bab186e71d5ea5498bb2b845398b.zip |
lockd: Pass the user cred from knfsd when starting the lockd server
When starting up a new knfsd server, pass the user cred to the
supporting lockd server.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
-rw-r--r-- | fs/lockd/clntlock.c | 4 | ||||
-rw-r--r-- | fs/lockd/svc.c | 28 | ||||
-rw-r--r-- | fs/nfs/client.c | 1 | ||||
-rw-r--r-- | fs/nfsd/nfssvc.c | 2 | ||||
-rw-r--r-- | include/linux/lockd/bind.h | 3 |
5 files changed, 22 insertions, 16 deletions
diff --git a/fs/lockd/clntlock.c b/fs/lockd/clntlock.c index c2a128678e6e..d61b72b693cf 100644 --- a/fs/lockd/clntlock.c +++ b/fs/lockd/clntlock.c @@ -56,7 +56,7 @@ struct nlm_host *nlmclnt_init(const struct nlmclnt_initdata *nlm_init) u32 nlm_version = (nlm_init->nfs_version == 2) ? 1 : 4; int status; - status = lockd_up(nlm_init->net); + status = lockd_up(nlm_init->net, nlm_init->cred); if (status < 0) return ERR_PTR(status); @@ -241,7 +241,7 @@ reclaimer(void *ptr) allow_signal(SIGKILL); down_write(&host->h_rwsem); - lockd_up(net); /* note: this cannot fail as lockd is already running */ + lockd_up(net, NULL); /* note: this cannot fail as lockd is already running */ dprintk("lockd: reclaiming locks for host %s\n", host->h_name); diff --git a/fs/lockd/svc.c b/fs/lockd/svc.c index 82aa0f35e43d..3056f3a0c270 100644 --- a/fs/lockd/svc.c +++ b/fs/lockd/svc.c @@ -188,9 +188,9 @@ lockd(void *vrqstp) static int create_lockd_listener(struct svc_serv *serv, const char *name, struct net *net, const int family, - const unsigned short port) + const unsigned short port, + const struct cred *cred) { - const struct cred *cred = current_cred(); struct svc_xprt *xprt; xprt = svc_find_xprt(serv, name, net, family, 0); @@ -202,15 +202,17 @@ static int create_lockd_listener(struct svc_serv *serv, const char *name, } static int create_lockd_family(struct svc_serv *serv, struct net *net, - const int family) + const int family, const struct cred *cred) { int err; - err = create_lockd_listener(serv, "udp", net, family, nlm_udpport); + err = create_lockd_listener(serv, "udp", net, family, nlm_udpport, + cred); if (err < 0) return err; - return create_lockd_listener(serv, "tcp", net, family, nlm_tcpport); + return create_lockd_listener(serv, "tcp", net, family, nlm_tcpport, + cred); } /* @@ -223,16 +225,17 @@ static int create_lockd_family(struct svc_serv *serv, struct net *net, * Returns zero if all listeners are available; otherwise a * negative errno value is returned. */ -static int make_socks(struct svc_serv *serv, struct net *net) +static int make_socks(struct svc_serv *serv, struct net *net, + const struct cred *cred) { static int warned; int err; - err = create_lockd_family(serv, net, PF_INET); + err = create_lockd_family(serv, net, PF_INET, cred); if (err < 0) goto out_err; - err = create_lockd_family(serv, net, PF_INET6); + err = create_lockd_family(serv, net, PF_INET6, cred); if (err < 0 && err != -EAFNOSUPPORT) goto out_err; @@ -247,7 +250,8 @@ out_err: return err; } -static int lockd_up_net(struct svc_serv *serv, struct net *net) +static int lockd_up_net(struct svc_serv *serv, struct net *net, + const struct cred *cred) { struct lockd_net *ln = net_generic(net, lockd_net_id); int error; @@ -259,7 +263,7 @@ static int lockd_up_net(struct svc_serv *serv, struct net *net) if (error) goto err_bind; - error = make_socks(serv, net); + error = make_socks(serv, net, cred); if (error < 0) goto err_bind; set_grace_period(net); @@ -462,7 +466,7 @@ static struct svc_serv *lockd_create_svc(void) /* * Bring up the lockd process if it's not already up. */ -int lockd_up(struct net *net) +int lockd_up(struct net *net, const struct cred *cred) { struct svc_serv *serv; int error; @@ -475,7 +479,7 @@ int lockd_up(struct net *net) goto err_create; } - error = lockd_up_net(serv, net); + error = lockd_up_net(serv, net, cred); if (error < 0) { lockd_unregister_notifiers(); goto err_put; diff --git a/fs/nfs/client.c b/fs/nfs/client.c index 90d71fda65ce..92d07d99829d 100644 --- a/fs/nfs/client.c +++ b/fs/nfs/client.c @@ -552,6 +552,7 @@ static int nfs_start_lockd(struct nfs_server *server) 1 : 0, .net = clp->cl_net, .nlmclnt_ops = clp->cl_nfs_mod->rpc_ops->nlmclnt_ops, + .cred = current_cred(), }; if (nlm_init.nfs_version > 3) diff --git a/fs/nfsd/nfssvc.c b/fs/nfsd/nfssvc.c index 32e4d8a334e3..18d94ea984ba 100644 --- a/fs/nfsd/nfssvc.c +++ b/fs/nfsd/nfssvc.c @@ -364,7 +364,7 @@ static int nfsd_startup_net(int nrservs, struct net *net, const struct cred *cre goto out_socks; if (nfsd_needs_lockd(nn) && !nn->lockd_up) { - ret = lockd_up(net); + ret = lockd_up(net, cred); if (ret) goto out_socks; nn->lockd_up = 1; diff --git a/include/linux/lockd/bind.h b/include/linux/lockd/bind.h index 053a4ef3d431..0520c0cd73f4 100644 --- a/include/linux/lockd/bind.h +++ b/include/linux/lockd/bind.h @@ -46,6 +46,7 @@ struct nlmclnt_initdata { int noresvport; struct net *net; const struct nlmclnt_operations *nlmclnt_ops; + const struct cred *cred; }; /* @@ -75,7 +76,7 @@ struct nlmclnt_operations { }; extern int nlmclnt_proc(struct nlm_host *host, int cmd, struct file_lock *fl, void *data); -extern int lockd_up(struct net *net); +extern int lockd_up(struct net *net, const struct cred *cred); extern void lockd_down(struct net *net); #endif /* LINUX_LOCKD_BIND_H */ |