diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-04-08 02:50:11 +0200 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-04-19 22:54:56 +0200 |
commit | 7c67db3a8a98045744f06fcd6d8f476d9df0ba5c (patch) | |
tree | 4d0041249b48f9ac66560550e0e96c9c86c37891 /net/sunrpc/auth_generic.c | |
parent | NFSv4: Don't use cred->cr_ops->cr_name in nfs4_proc_setclientid() (diff) | |
download | linux-7c67db3a8a98045744f06fcd6d8f476d9df0ba5c.tar.xz linux-7c67db3a8a98045744f06fcd6d8f476d9df0ba5c.zip |
NFSv4: Reintroduce machine creds
We need to try to ensure that we always use the same credentials whenever
we re-establish the clientid on the server. If not, the server won't
recognise that we're the same client, and so may not allow us to recover
state.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_generic.c')
-rw-r--r-- | net/sunrpc/auth_generic.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/net/sunrpc/auth_generic.c b/net/sunrpc/auth_generic.c index b6f124c85072..d927d9f57412 100644 --- a/net/sunrpc/auth_generic.c +++ b/net/sunrpc/auth_generic.c @@ -17,6 +17,9 @@ # define RPCDBG_FACILITY RPCDBG_AUTH #endif +#define RPC_ANONYMOUS_USERID ((uid_t)-2) +#define RPC_ANONYMOUS_GROUPID ((gid_t)-2) + struct generic_cred { struct rpc_cred gc_base; struct auth_cred acred; @@ -35,6 +38,22 @@ struct rpc_cred *rpc_lookup_cred(void) } EXPORT_SYMBOL_GPL(rpc_lookup_cred); +/* + * Public call interface for looking up machine creds. + */ +struct rpc_cred *rpc_lookup_machine_cred(void) +{ + struct auth_cred acred = { + .uid = RPC_ANONYMOUS_USERID, + .gid = RPC_ANONYMOUS_GROUPID, + .machine_cred = 1, + }; + + dprintk("RPC: looking up machine cred\n"); + return generic_auth.au_ops->lookup_cred(&generic_auth, &acred, 0); +} +EXPORT_SYMBOL_GPL(rpc_lookup_machine_cred); + static void generic_bind_cred(struct rpc_task *task, struct rpc_cred *cred) { @@ -75,8 +94,10 @@ generic_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) gcred->acred.group_info = acred->group_info; if (gcred->acred.group_info != NULL) get_group_info(gcred->acred.group_info); + gcred->acred.machine_cred = acred->machine_cred; - dprintk("RPC: allocated generic cred %p for uid %d gid %d\n", + dprintk("RPC: allocated %s cred %p for uid %d gid %d\n", + gcred->acred.machine_cred ? "machine" : "generic", gcred, acred->uid, acred->gid); return &gcred->gc_base; } @@ -115,7 +136,8 @@ generic_match(struct auth_cred *acred, struct rpc_cred *cred, int flags) if (gcred->acred.uid != acred->uid || gcred->acred.gid != acred->gid || - gcred->acred.group_info != acred->group_info) + gcred->acred.group_info != acred->group_info || + gcred->acred.machine_cred != acred->machine_cred) return 0; return 1; } |