summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* SUNRPC: Ensure rpcauth_prune_expired() respects the nr_to_scan parameterTrond Myklebust2010-05-141-3/+2
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Ensure memory shrinker doesn't waste time in rpcauth_prune_expired()Trond Myklebust2010-05-141-5/+7
| | | | | | | | | The 'cred_unused' list, that is traversed by rpcauth_cache_shrinker is ordered by time. If we hit a credential that is under the 60 second garbage collection moratorium, we should exit because we know at that point that all successive credentials are subject to the same moratorium... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Dont run rpcauth_cache_shrinker() when gfp_mask is GFP_NOFSTrond Myklebust2010-05-141-0/+2
| | | | | | | Under some circumstances, put_rpccred() can end up allocating memory, so check the gfp_mask to prevent deadlocks. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a bug in rpcauth_prune_expiredTrond Myklebust2010-04-221-1/+1
| | | | | | | | Don't want to evict a credential if cred->cr_expire == jiffies, since that means that it was just placed on the cred_unused list. We therefore need to use time_in_range() rather than time_in_range_open(). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* Merge branch 'nfs-for-2.6.33'Trond Myklebust2009-12-131-16/+23
|\
| * RPC: Fix two potential races in put_rpccredTrond Myklebust2009-12-031-16/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is possible for rpcauth_destroy_credcache() to cause the rpc credentials to be unhashed while put_rpccred is waiting for the rpc_credcache_lock on another cpu. Should this happen, then we can end up calling hlist_del_rcu(&cred->cr_hash) a second time in put_rpccred, thus causing list corruption. Should the credential actually be hashed, it is also possible for rpcauth_lookup_credcache to find and reference it before we get round to unhashing it. In this case, the call to rpcauth_unhash_cred will fail, and so we should just exit without destroying the cred. Reported-by: Neil Brown <neilb@suse.de> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | net: Move && and || to end of previous lineJoe Perches2009-11-301-3/+3
|/ | | | | | | | | | | Not including net/atm/ Compiled tested x86 allyesconfig only Added a > 80 column line or two, which I ignored. Existing checkpatch plaints willfully, cheerfully ignored. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* SUNRPC: Defer the auth_gss upcall when the RPC call is asynchronousTrond Myklebust2009-09-161-8/+12
| | | | | | | | Otherwise, the upcall is going to be synchronous, which may not be what the caller wants... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
* Merge branch 'devel' into nextTrond Myklebust2008-12-301-3/+3
|\
| * optimize attribute timeouts for "noac" and "actimeo=0"Peter Staubach2008-12-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hi. I've been looking at a bugzilla which describes a problem where a customer was advised to use either the "noac" or "actimeo=0" mount options to solve a consistency problem that they were seeing in the file attributes. It turned out that this solution did not work reliably for them because sometimes, the local attribute cache was believed to be valid and not timed out. (With an attribute cache timeout of 0, the cache should always appear to be timed out.) In looking at this situation, it appears to me that the problem is that the attribute cache timeout code has an off-by-one error in it. It is assuming that the cache is valid in the region, [read_cache_jiffies, read_cache_jiffies + attrtimeo]. The cache should be considered valid only in the region, [read_cache_jiffies, read_cache_jiffies + attrtimeo). With this change, the options, "noac" and "actimeo=0", work as originally expected. This problem was previously addressed by special casing the attrtimeo == 0 case. However, since the problem is only an off- by-one error, the cleaner solution is address the off-by-one error and thus, not require the special case. Thanx... ps Signed-off-by: Peter Staubach <staubach@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * SUNRPC: Remove the last remnant of the BKL...Trond Myklebust2008-12-231-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Somehow, this escaped the previous purge. There should be no need to keep any extra locks in the XDR callbacks. The NFS client XDR code only writes into private objects, whereas all reads of shared objects are confined to fields that do not change, such as filehandles... Ditto for lockd, the NFSv2/v3 client mount code, and rpcbind. The nfsd XDR code may require the BKL, but since it does a synchronous RPC call from a thread that already holds the lock, that issue is moot. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | CRED: Wrap current->cred and a few other accessorsDavid Howells2008-11-141-6/+8
| | | | | | | | | | | | | | | | | | | | Wrap current->cred and a few other accessors to hide their actual implementation. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
* | CRED: Separate task security context from task_structDavid Howells2008-11-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Separate the task security context from task_struct. At this point, the security data is temporarily embedded in the task_struct with two pointers pointing to it. Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in entry.S via asm-offsets. With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
* | CRED: Wrap task credential accesses in the SunRPC protocolDavid Howells2008-11-141-2/+2
|/ | | | | | | | | | | | | | | | | | | | Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: J. Bruce Fields <bfields@fieldses.org> Cc: Neil Brown <neilb@suse.de> Cc: linux-nfs@vger.kernel.org Signed-off-by: James Morris <jmorris@namei.org>
* SUNRPC: Fix potential race in put_rpccred()Trond Myklebust2008-10-281-1/+1
| | | | | | | | | We have to be careful when we try to unhash the credential in put_rpccred(), because we're not holding the credcache lock, so the call to rpcauth_unhash_cred() may fail if someone else has looked the cred up, and obtained a reference to it. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix rpcauth_prune_expiredTrond Myklebust2008-10-281-7/+9
| | | | | | | | We need to make sure that we don't remove creds from the cred_unused list if they are still under the moratorium, or else they will never get garbage collected. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* net: Remove CONFIG_KMOD from net/ (towards removing CONFIG_KMOD entirely)Johannes Berg2008-10-171-2/+0
| | | | | | | | | | | Some code here depends on CONFIG_KMOD to not try to load protocol modules or similar, replace by CONFIG_MODULES where more than just request_module depends on CONFIG_KMOD and and also use try_then_request_module in ebtables. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* SUNRPC: Protect creds against early garbage collectionTrond Myklebust2008-04-191-0/+8
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a helper rpcauth_lookup_generic_cred()Trond Myklebust2008-03-141-1/+0
| | | | | | | | | | | | | | | | | The NFSv4 protocol allows clients to negotiate security protocols on the fly in the case where an administrator on the server changes the export settings and/or in the case where we may have a filesystem migration event. Instead of having the NFS client code cache credentials that are tied to a particular AUTH method it is therefore preferable to have a generic credential that can be converted into whatever AUTH is in use by the RPC client when the read/write/sillyrename/... is put on the wire. We do this by means of the new "generic" credential, which basically just caches the minimal information that is needed to look up an RPCSEC_GSS, AUTH_SYS, or AUTH_NULL credential. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add an rpc_credop callback for binding a credential to an rpc_taskTrond Myklebust2008-03-141-2/+3
| | | | | | | We need the ability to treat 'generic' creds specially, since they want to bind instances of the auth cred instead of binding themselves. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Add a generic RPC credentialTrond Myklebust2008-03-141-0/+1
| | | | | | | | | Add an rpc credential that is not tied to any particular auth mechanism, but that can be cached by NFS, and later used to look up a cred for whichever auth mechanism that turns out to be valid when the RPC call is being made. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Clean up rpcauth_bindcred()Trond Myklebust2008-03-141-10/+18
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix RPCAUTH_LOOKUP_ROOTCREDSTrond Myklebust2008-03-141-15/+20
| | | | | | | | The current RPCAUTH_LOOKUP_ROOTCREDS flag only works for AUTH_SYS authentication, and then only as a special case in the code. This patch removes the auth_sys special casing, and replaces it with generic code. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a bug in rpcauth_lookup_credcache()Trond Myklebust2008-03-141-1/+4
| | | | | | The hash bucket is for some reason always being set to zero. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* Merge branch 'task_killable' of ↵Linus Torvalds2008-02-011-3/+0
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/willy/misc * 'task_killable' of git://git.kernel.org/pub/scm/linux/kernel/git/willy/misc: (22 commits) Remove commented-out code copied from NFS NFS: Switch from intr mount option to TASK_KILLABLE Add wait_for_completion_killable Add wait_event_killable Add schedule_timeout_killable Use mutex_lock_killable in vfs_readdir Add mutex_lock_killable Use lock_page_killable Add lock_page_killable Add fatal_signal_pending Add TASK_WAKEKILL exit: Use task_is_* signal: Use task_is_* sched: Use task_contributes_to_load, TASK_ALL and TASK_NORMAL ptrace: Use task_is_* power: Use task_is_* wait: Use TASK_NORMAL proc/base.c: Use task_is_* proc/array.c: Use TASK_REPORT perfmon: Use task_is_* ... Fixed up conflicts in NFS/sunrpc manually..
* | SUNRPC: Mask signals across the call to rpc_call_setup() in rpc_run_taskTrond Myklebust2008-01-301-0/+3
| | | | | | | | | | | | To ensure that the RPCSEC_GSS upcall is performed with the correct sigmask. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Restrict sunrpc client exportsTrond Myklebust2008-01-301-9/+9
| | | | | | | | | | | | | | | | The sunrpc client exports are not meant to be part of any official kernel API: they can change at the drop of a hat. Mark them as internal functions using EXPORT_SYMBOL_GPL. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | SUNRPC: Move exported declarations to the function declarationsTrond Myklebust2008-01-301-0/+8
|/ | | | | | Do this for all RPC client related functions and XDR functions. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: move bkl locking and xdr proc invocation into a common helperJ. Bruce Fields2007-07-191-11/+2
| | | | | | | | | Since every invocation of xdr encode or decode functions takes the BKL now, there's a lot of redundant lock_kernel/unlock_kernel pairs that we can pull out into a common function. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* mm: clean up and kernelify shrinker registrationRusty Russell2007-07-171-5/+6
| | | | | | | | | | | | | | | | | | | I can never remember what the function to register to receive VM pressure is called. I have to trace down from __alloc_pages() to find it. It's called "set_shrinker()", and it needs Your Help. 1) Don't hide struct shrinker. It contains no magic. 2) Don't allocate "struct shrinker". It's not helpful. 3) Call them "register_shrinker" and "unregister_shrinker". 4) Call the function "shrink" not "shrinker". 5) Reduce the 17 lines of waffly comments to 13, but document it properly. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: David Chinner <dgc@sgi.com> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* sunrpc: drop BKL around wrap and unwrapJ. Bruce Fields2007-07-111-2/+11
| | | | | | | | | | | We don't need the BKL when wrapping and unwrapping; and experiments by Avishay Traeger have found that permitting multiple encryption and decryption operations to proceed in parallel can provide significant performance improvements. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Cc: Avishay Traeger <atraeger@cs.sunysb.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Remove the tk_auth macro...Trond Myklebust2007-07-111-12/+13
| | | | | | | | We should almost always be deferencing the rpc_auth struct by means of the credential's cr_auth field instead of the rpc_clnt->cl_auth anyway. Fix up that historical mistake, and remove the macro that propagated it. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Convert the credential garbage collector into a shrinker callbackTrond Myklebust2007-07-111-18/+45
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Give credential cache a local spinlockTrond Myklebust2007-07-111-14/+32
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Convert the credcache lookup code to use RCUTrond Myklebust2007-07-111-34/+57
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: cleanup rpc credential cache garbage collectionTrond Myklebust2007-07-111-49/+72
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Enforce atomic updates of rpc_cred->cr_flagsTrond Myklebust2007-07-111-10/+12
| | | | | | Convert to the use of atomic bitops... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Clean up rpc credential initialisationTrond Myklebust2007-07-111-6/+18
| | | | | | Add a helper rpc_cred_init() Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Mark auth and cred operation tables as constant.Trond Myklebust2007-07-111-4/+4
| | | | | | Also do the same for gss_api operation tables. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Rename rpcauth_destroy() to rpcauth_release()Trond Myklebust2007-07-111-2/+2
| | | | Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix races in rpcauth_createTrond Myklebust2007-07-111-11/+24
| | | | | | See the FIXME: auth_flavors[] really needs a lock and module refcounting. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a memory leak in the auth credcache codeTrond Myklebust2007-07-111-2/+16
| | | | | | | | | | | | | | The leak only affects the RPCSEC_GSS caches, since they are the only ones that are dynamically allocated... Rename the existing rpcauth_free_credcache() to rpcauth_clear_credcache() in order to better describe its role, then add a new function rpcauth_destroy_credcache() that actually frees the cache in addition to clearing it out. Also move the call to destroy the credcache in gss_destroy() to come before the rpc upcall pipe is unlinked. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* Merge branch 'master' of /home/trondmy/kernel/linux-2.6/Trond Myklebust2007-02-131-1/+1
|\ | | | | | | | | | | | | | | | | | | Conflicts: net/sunrpc/auth_gss/gss_krb5_crypto.c net/sunrpc/auth_gss/gss_spkm3_token.c net/sunrpc/clnt.c Merge with mainline and fix conflicts.
| * [NET] SUNRPC: Fix whitespace errors.YOSHIFUJI Hideaki2007-02-111-1/+1
| | | | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | SUNRPC: fix print format for tk_pidChuck Lever2007-02-041-12/+13
|/ | | | | | | | | | The tk_pid field is an unsigned short. The proper print format specifier for that type is %5u, not %4d. Also clean up some miscellaneous print formatting nits. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* [SUNRPC]: trivial endianness annotationsAlexey Dobriyan2006-09-291-6/+6
| | | | | | | | | | pure s/u32/__be32/ [AV: large part based on Alexey's patches] Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
* SUNRPC: Auto-load RPC authentication kernel modulesOlaf Kirch2006-03-201-2/+14
| | | | | | | | | | This patch adds a request_module call to rpcauth_create which will try to auto-load the kernel module for the requested authentication flavor. For kernels with modular sunrpc, this reduces the admin overhead for the user. Signed-off-by: Olaf Kirch <okir@suse.de> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Move upcall out of auth->au_ops->crcreate()Trond Myklebust2006-02-011-0/+8
| | | | | | | | | This fixes a bug whereby if two processes try to look up the same auth_gss credential, they may end up creating two creds, and triggering two upcalls because the upcall is performed before the credential is added to the credcache. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* SUNRPC: Fix a lock recursion in the auth_gss downcallTrond Myklebust2006-02-011-7/+10
| | | | | | | | | | | | When we look up a new cred in the auth_gss downcall so that we can stuff the credcache, we do not want that lookup to queue up an upcall in order to initialise it. To do an upcall here not only redundant, but since we are already holding the inode->i_mutex, it will trigger a lock recursion. This patch allows rpcauth cache searches to indicate that they can cope with uninitialised credentials. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* [NET]: Remove more unneeded typecasts on *malloc()Kris Katterjohn2006-01-121-1/+1
| | | | | | | | | This removes more unneeded casts on the return value for kmalloc(), sock_kmalloc(), and vmalloc(). Signed-off-by: Kris Katterjohn <kjak@users.sourceforge.net> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>