Unnamed repository; edit this file 'description' to name the repository. https://git.kobert.dev/pm24.git/atom?h=v5.0-rc3 2018-12-19T18:52:46Z 2018-12-19T18:52:46Z NeilBrown neilb@suse.com 2018-12-03T00:30:31Z urn:sha1:04d1532bd0b93cc4d0056f27da1591f086d341a6 Just use ->cr_cred->fsuid directly. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:46Z NeilBrown neilb@suse.com 2018-12-03T00:30:31Z urn:sha1:d6efccd97e6de25e002d658593675ce8e07ceb8c This now always just does get_rpccred(), so we don't need an operation pointer to know to do that. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:46Z NeilBrown neilb@suse.com 2018-12-03T00:30:31Z urn:sha1:89a4f758d9f55f197c2a461f61ffa4a75127b30d This is no longer used. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:46Z NeilBrown neilb@suse.com 2018-12-03T00:30:31Z urn:sha1:a52458b48af142bcc2b72fe810c0db20cfae7fdd SUNRPC has two sorts of credentials, both of which appear as "struct rpc_cred". There are "generic credentials" which are supplied by clients such as NFS and passed in 'struct rpc_message' to indicate which user should be used to authorize the request, and there are low-level credentials such as AUTH_NULL, AUTH_UNIX, AUTH_GSS which describe the credential to be sent over the wires. This patch replaces all the generic credentials by 'struct cred' pointers - the credential structure used throughout Linux. For machine credentials, there is a special 'struct cred *' pointer which is statically allocated and recognized where needed as having a special meaning. A look-up of a low-level cred will map this to a machine credential. Signed-off-by: NeilBrown <neilb@suse.com> Acked-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:354698b7d47165ed2f52d6c2bf682096a4cd71d1 This is no longer used. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:ddf529eeed59184c49dcad1633c11831f822bf6b NFS needs to know when a credential is about to expire so that it can modify write-back behaviour to finish the write inside the expiry time. It currently uses functions in SUNRPC code which make use of a fairly complex callback scheme and flags in the generic credientials. As I am working to discard the generic credentials, this has to change. This patch moves the logic into NFS, in part by finding and caching the low-level credential in the open_context. We then make direct cred-api calls on that. This makes the code much simpler and removes a dependency on generic rpc credentials. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:5e16923b432bfe79fdfb7cd95ed8e63f6438b663 When NFS creates a machine credential, it is a "generic" credential, not tied to any auth protocol, and is really just a container for the princpal name. This doesn't get linked to a genuine credential until rpcauth_bindcred() is called. The lookup always succeeds, so various places that test if the machine credential is NULL, are pointless. As a step towards getting rid of generic credentials, this patch gets rid of generic machine credentials. The nfs_client and rpc_client just hold a pointer to a constant principal name. When a machine credential is wanted, a special static 'struct rpc_cred' pointer is used. rpcauth_bindcred() recognizes this, finds the principal from the client, and binds the correct credential. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:1a80810fbf238e6dbaaaa5262a76d328ace21376 The cred is a machine_cred iff ->principal is set, so there is no need for the extra flag. There is one case which deserves some explanation. nfs4_root_machine_cred() calls rpc_lookup_machine_cred() with a NULL principal name which results in not getting a machine credential, but getting a root credential instead. This appears to be what is expected of the caller, and is clearly the result provided by both auth_unix and auth_gss which already ignore the flag. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:8276c902bbe95d628f48a7fdc13c71e265992085 Use cred->fsuid and cred->fsgid instead. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2018-12-19T18:52:45Z NeilBrown neilb@suse.com 2018-12-03T00:30:30Z urn:sha1:fc0664fd9bccafb00bd2dfe0d5218147994f81ee We can use cred->groupinfo (from the 'struct cred') instead. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>