summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.com>2018-12-03 01:30:30 +0100
committerAnna Schumaker <Anna.Schumaker@Netapp.com>2018-12-19 19:52:45 +0100
commita534ecb013bfc58a7f03653c7f2976bc341da98f (patch)
tree55d3c1b4a992afc33c28b5d1d4e37943de4b1389
parentSUNRPC: remove machine_cred field from struct auth_cred (diff)
downloadlinux-a534ecb013bfc58a7f03653c7f2976bc341da98f.tar.xz
linux-a534ecb013bfc58a7f03653c7f2976bc341da98f.zip
NFSv4: add cl_root_cred for use when machine cred is not available.
NFSv4 state management tries a root credential when no machine credential is available, as can happen with kerberos. It does this by replacing the cl_machine_cred with a root credential. This means that any user of the machine credential needs to take a lock while getting a reference to the machine credential, which is a little cumbersome. So introduce an explicit cl_root_cred, and never free either credential until client shutdown. This means that no locking is needed to reference these credentials. Future patches will make use of this. This is only a temporary addition. both cl_machine_cred and cl_root_cred will disappear later in the series. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
-rw-r--r--fs/nfs/client.c2
-rw-r--r--fs/nfs/nfs4state.c20
-rw-r--r--include/linux/nfs_fs_sb.h1
3 files changed, 15 insertions, 8 deletions
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index 96d5f8135eb9..cce151776709 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -248,6 +248,8 @@ void nfs_free_client(struct nfs_client *clp)
if (clp->cl_machine_cred != NULL)
put_rpccred(clp->cl_machine_cred);
+ if (clp->cl_root_cred != NULL)
+ put_rpccred(clp->cl_root_cred);
put_net(clp->cl_net);
put_nfs_version(clp->cl_nfs_mod);
diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index d8decf2ec48f..511bcdee98f5 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c
@@ -166,24 +166,28 @@ out:
struct rpc_cred *nfs4_get_machine_cred_locked(struct nfs_client *clp)
{
- struct rpc_cred *cred = NULL;
+ struct rpc_cred *cred = clp->cl_root_cred;
- if (clp->cl_machine_cred != NULL)
- cred = get_rpccred(clp->cl_machine_cred);
+ if (!cred)
+ cred = clp->cl_machine_cred;
+ if (cred)
+ return get_rpccred(cred);
return cred;
}
static void nfs4_root_machine_cred(struct nfs_client *clp)
{
- struct rpc_cred *cred, *new;
+ struct rpc_cred *new;
new = rpc_lookup_machine_cred(NULL);
spin_lock(&clp->cl_lock);
- cred = clp->cl_machine_cred;
- clp->cl_machine_cred = new;
+ if (clp->cl_root_cred == NULL) {
+ clp->cl_root_cred = new;
+ new = NULL;
+ }
spin_unlock(&clp->cl_lock);
- if (cred != NULL)
- put_rpccred(cred);
+ if (new != NULL)
+ put_rpccred(new);
}
static struct rpc_cred *
diff --git a/include/linux/nfs_fs_sb.h b/include/linux/nfs_fs_sb.h
index 0fc0b9135d46..fea51b44fe50 100644
--- a/include/linux/nfs_fs_sb.h
+++ b/include/linux/nfs_fs_sb.h
@@ -59,6 +59,7 @@ struct nfs_client {
u32 cl_minorversion;/* NFSv4 minorversion */
struct rpc_cred *cl_machine_cred;
+ struct rpc_cred *cl_root_cred; /* Use when machine_cred is ineffective */
#if IS_ENABLED(CONFIG_NFS_V4)
struct list_head cl_ds_clients; /* auth flavor data servers */